Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/IXBbka8AaIBjN_oXRTzzgHDTksQ.roa
File: IXBbka8AaIBjN_oXRTzzgHDTksQ.roa (raw, json)
Hash identifier: VMz736Xvs0K99g388eGEG04PPso1j9qVn3GUJRtAPEg=
Subject key identifier: 21:70:5B:91:AF:00:68:80:63:37:FA:17:45:3C:F3:80:70:D3:92:C4
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0184A3D944CF4BA10E2C692D6107FF52A42D
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/IXBbka8AaIBjN_oXRTzzgHDTksQ.roa
Signing time: Wed 23 Nov 2022 09:37:15 +0000
ROA not before: Wed 23 Nov 2022 09:37:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 85.209.120.0/23 maxlen: 24
194.15.52.0/24 maxlen: 24
77.83.38.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a3:d9:44:cf:4b:a1:0e:2c:69:2d:61:07:ff:52:a4:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Nov 23 09:37:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=21705b91af0068806337fa17453cf38070d392c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:cd:c2:db:2a:f4:93:90:6c:b0:e6:be:36:ed:
e4:f6:35:2d:cd:4d:39:ea:a2:f8:f7:de:94:be:56:
77:b5:40:df:dd:80:96:4e:1f:f4:d9:d7:db:37:fe:
2b:1d:13:cc:dd:84:65:5b:35:c1:5a:a7:54:77:09:
2f:38:55:a9:9f:e7:37:16:3e:dc:2a:3b:29:8e:ba:
84:80:94:5e:22:14:24:a0:79:7c:d6:69:86:a5:a8:
80:ab:42:66:15:6f:f4:93:a3:da:68:02:6e:75:43:
3d:98:49:c4:33:0a:1c:c2:8c:bb:27:1d:f5:ec:27:
51:c3:22:5b:b6:d0:82:7f:4a:6b:7c:a7:bc:5e:29:
60:ff:5d:6c:7b:39:5d:ad:0a:22:39:fc:99:13:6d:
71:71:5c:a1:68:fc:0b:78:1d:35:24:d2:e4:74:c8:
66:c8:8e:99:2c:6c:55:c4:f0:3c:1b:7d:14:62:4d:
35:26:fe:b6:8c:88:a9:3e:03:14:0c:12:b6:9c:f5:
6f:e0:ae:0c:cd:0d:3a:e7:21:99:55:44:0c:45:36:
28:f1:1b:e2:9e:03:c9:9c:3c:21:54:e9:39:ef:13:
cb:8c:1d:a7:44:33:66:15:37:bb:d1:d7:23:d8:55:
48:da:04:a6:57:7e:84:ba:ed:3e:89:83:6e:5f:ef:
86:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:70:5B:91:AF:00:68:80:63:37:FA:17:45:3C:F3:80:70:D3:92:C4
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/IXBbka8AaIBjN_oXRTzzgHDTksQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.38.0/24
85.209.120.0/23
194.15.52.0/24
Signature Algorithm: sha256WithRSAEncryption
44:b0:bb:f4:a9:81:c8:f7:bd:7a:58:cf:2f:ae:5f:d3:94:a8:
fe:de:7f:83:88:ce:b3:ea:98:ac:52:8d:7a:3f:9f:23:c0:be:
28:94:b2:31:ea:58:74:40:65:38:63:2f:7b:47:89:3e:90:93:
8a:e2:e1:67:ce:e2:fa:75:97:6e:1a:1a:01:d0:76:07:88:de:
a3:17:d5:56:1c:05:11:76:04:9a:a3:d5:68:95:f9:fb:fc:83:
2f:89:27:56:13:b5:62:35:1f:26:c4:47:74:6e:25:7f:69:68:
3b:c0:57:03:bc:d7:6d:a3:63:f6:be:3a:13:13:3c:41:a1:9c:
64:ea:be:58:ad:d2:de:d5:89:d0:75:ac:fa:44:7b:76:56:db:
34:53:13:02:e4:02:fc:4f:6c:8c:14:92:9f:f1:fe:44:6e:d0:
0f:1d:7a:aa:7d:06:65:b8:e4:64:6c:ab:75:87:5e:49:6d:3f:
7f:44:e9:e8:dd:2b:0f:d2:39:9f:9e:75:3e:17:31:ca:92:39:
02:88:20:96:41:05:c9:66:38:35:d7:98:48:98:7c:23:c7:3e:
35:ad:74:c1:53:03:30:bc:d5:9c:9e:10:b3:8e:47:f0:cb:e0:
57:f8:c5:7e:8f:cf:ca:69:0b:cf:fd:95:49:3f:4f:43:73:4a:
d7:22:2f:50
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYSj2UTPS6EOLGktYQf/UqQtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjIxMTIzMDkzNzE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTcwNWI5MWFmMDA2ODgwNjMzN2ZhMTc0NTNjZjM4MDcwZDM5MmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgc3C2yr0k5BssOa+Nu3k9jUtzU05
6qL4996UvlZ3tUDf3YCWTh/02dfbN/4rHRPM3YRlWzXBWqdUdwkvOFWpn+c3Fj7c
KjspjrqEgJReIhQkoHl81mmGpaiAq0JmFW/0k6PaaAJudUM9mEnEMwocwoy7Jx31
7CdRwyJbttCCf0prfKe8Xilg/11sezldrQoiOfyZE21xcVyhaPwLeB01JNLkdMhm
yI6ZLGxVxPA8G30UYk01Jv62jIipPgMUDBK2nPVv4K4MzQ065yGZVUQMRTYo8Rvi
ngPJnDwhVOk57xPLjB2nRDNmFTe70dcj2FVI2gSmV36Euu0+iYNuX++GkQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCFwW5GvAGiAYzf6F0U884Bw05LEMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvSVhCYmthOEFhSUJqTl9vWFJUenpnSERUa3NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATVMmAwQB
VdF4AwQAwg80MA0GCSqGSIb3DQEBCwUAA4IBAQBEsLv0qYHI9716WM8vrl/TlKj+
3n+DiM6z6pisUo16P58jwL4olLIx6lh0QGU4Yy97R4k+kJOK4uFnzuL6dZduGhoB
0HYHiN6jF9VWHAURdgSao9Volfn7/IMviSdWE7ViNR8mxEd0biV/aWg7wFcDvNdt
o2P2vjoTEzxBoZxk6r5YrdLe1YnQdaz6RHt2Vts0UxMC5AL8T2yMFJKf8f5EbtAP
HXqqfQZluORkbKt1h15JbT9/ROno3SsP0jmfnnU+FzHKkjkCiCCWQQXJZjg115hI
mHwjxz41rXTBUwMwvNWcnhCzjkfwy+BX+MV+j8/KaQvP/ZVJP09Dc0rXIi9Q
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:18 2024 by rpki-client on console-ams.rpki-client.org