Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/hcGEBaKjPALttl4Dv8_20McZu_M.roa
File: hcGEBaKjPALttl4Dv8_20McZu_M.roa (raw, json)
Hash identifier: NDbAFNfsdn8Nur2AA0VbSTylQK29ILdP7fqs8gCHvYg=
Subject key identifier: 85:C1:84:05:A2:A3:3C:02:ED:B6:5E:03:BF:CF:F6:D0:C7:19:BB:F3
Certificate issuer: /CN=65816774b7c5665d67a86c20ceb6487b5b78b38d
Certificate serial: 0AE6D98A
Authority key identifier: 65:81:67:74:B7:C5:66:5D:67:A8:6C:20:CE:B6:48:7B:5B:78:B3:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZYFndLfFZl1nqGwgzrZIe1t4s40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/hcGEBaKjPALttl4Dv8_20McZu_M.roa
Signing time: Sat 01 Jan 2022 15:55:03 +0000
ROA not before: Sat 01 Jan 2022 15:55:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31029
IP address blocks: 109.107.72.0/21 maxlen: 21
109.107.88.0/21 maxlen: 21
94.139.208.0/21 maxlen: 21
77.76.184.0/21 maxlen: 21
77.76.128.0/21 maxlen: 21
77.76.138.0/24 maxlen: 24
77.76.137.0/24 maxlen: 24
77.76.139.0/24 maxlen: 24
77.76.140.0/24 maxlen: 24
77.76.141.0/24 maxlen: 24
77.76.143.0/24 maxlen: 24
77.76.142.0/24 maxlen: 24
77.76.152.0/21 maxlen: 21
77.76.152.0/24 maxlen: 24
77.76.154.0/24 maxlen: 24
77.76.153.0/24 maxlen: 24
77.76.155.0/24 maxlen: 24
77.76.157.0/24 maxlen: 24
77.76.156.0/24 maxlen: 24
77.76.159.0/24 maxlen: 24
77.76.158.0/24 maxlen: 24
2a03:2c0:e::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 182901130 (0xae6d98a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65816774b7c5665d67a86c20ceb6487b5b78b38d
Validity
Not Before: Jan 1 15:55:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=85c18405a2a33c02edb65e03bfcff6d0c719bbf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:b7:1c:cd:ac:6e:bd:22:26:bb:23:66:2d:03:
07:80:7b:cb:ee:1e:59:af:f2:48:93:c2:c8:b2:e7:
0c:0c:78:e1:ee:1b:07:21:40:73:e9:b1:4b:0d:5e:
f3:98:78:65:db:0f:ae:0b:1b:b4:70:44:06:12:d6:
56:62:3e:40:71:99:66:3a:7e:0b:61:70:ea:ec:e8:
07:80:ac:4a:96:8a:74:a3:55:60:90:39:6f:bd:8f:
b3:9f:7b:c8:21:c6:ca:4c:62:09:16:85:38:b9:11:
34:e5:13:dd:b1:e8:c6:3e:04:65:e2:86:77:a6:8a:
20:0f:97:d5:35:63:17:50:7d:e3:d7:4c:60:c5:f9:
27:76:09:e5:b6:bb:b9:1e:3a:96:21:0f:3c:11:d9:
8f:9a:22:ac:d9:7b:25:a8:3d:40:79:45:8a:3c:e1:
35:c8:63:4f:12:8e:d0:f3:a1:53:f9:05:25:6c:b0:
2b:85:ba:1c:1f:95:c7:6b:fc:43:41:7d:c9:7e:4a:
58:d2:cb:38:84:2f:4e:42:e8:bb:ce:69:56:c8:d4:
f8:3f:45:d5:63:61:25:40:41:ac:6a:cd:4e:65:06:
8c:94:df:87:44:50:ef:95:69:09:45:fe:44:ab:49:
d3:1b:ac:48:c9:72:64:02:ab:7d:eb:39:b3:bd:88:
db:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:C1:84:05:A2:A3:3C:02:ED:B6:5E:03:BF:CF:F6:D0:C7:19:BB:F3
X509v3 Authority Key Identifier:
keyid:65:81:67:74:B7:C5:66:5D:67:A8:6C:20:CE:B6:48:7B:5B:78:B3:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZYFndLfFZl1nqGwgzrZIe1t4s40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/hcGEBaKjPALttl4Dv8_20McZu_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/ZYFndLfFZl1nqGwgzrZIe1t4s40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.76.128.0/21
77.76.137.0-77.76.143.255
77.76.152.0/21
77.76.184.0/21
94.139.208.0/21
109.107.72.0/21
109.107.88.0/21
IPv6:
2a03:2c0:e::/48
Signature Algorithm: sha256WithRSAEncryption
a4:78:d6:58:4a:cd:cd:1d:f4:5a:3e:27:a0:64:fd:a1:28:cf:
a7:98:be:74:d7:de:5f:60:e2:26:0b:7e:84:83:77:53:72:f7:
e2:7e:a1:28:df:99:f6:c9:9e:da:cb:c2:3b:04:96:99:35:49:
3c:63:0c:c0:11:fc:4b:e2:49:c5:78:84:6a:fa:a7:45:b2:ba:
0a:01:ac:bd:4d:78:c9:a4:27:68:60:59:4b:40:3c:3d:cc:46:
b1:31:ff:2e:be:69:3b:d5:e4:e3:e4:4c:53:a0:5f:60:62:c8:
d1:6b:ca:47:2e:90:ac:5c:d1:28:ef:9e:9a:6f:47:df:e9:f2:
98:d0:9f:04:42:36:43:5e:20:1e:c4:e0:d6:6a:0d:e9:21:82:
0d:6d:29:ab:6a:15:36:c7:d9:cb:84:01:75:01:59:90:e5:33:
05:04:56:ba:24:11:10:6f:b2:17:4a:5b:a4:6f:7d:11:a2:6a:
a2:67:82:2b:b8:c2:76:1e:36:02:27:07:f1:2f:87:25:65:8e:
53:57:6f:a3:7b:28:f9:32:bb:cc:15:e4:bd:38:f0:e6:cc:94:
a4:64:44:15:62:73:5b:3d:ce:4d:23:2e:50:13:d0:0e:a0:37:
bd:66:48:fe:71:a3:d8:b6:2e:dc:4c:fd:3f:ad:61:96:76:50:
a8:4b:fc:fb
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIECubZijANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NTgxNjc3NGI3YzU2NjVkNjdhODZjMjBjZWI2NDg3YjViNzhiMzhkMB4XDTIyMDEw
MTE1NTUwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODVjMTg0MDVhMmEz
M2MwMmVkYjY1ZTAzYmZjZmY2ZDBjNzE5YmJmMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMi3HM2sbr0iJrsjZi0DB4B7y+4eWa/ySJPCyLLnDAx44e4b
ByFAc+mxSw1e85h4ZdsPrgsbtHBEBhLWVmI+QHGZZjp+C2Fw6uzoB4CsSpaKdKNV
YJA5b72Ps597yCHGykxiCRaFOLkRNOUT3bHoxj4EZeKGd6aKIA+X1TVjF1B949dM
YMX5J3YJ5ba7uR46liEPPBHZj5oirNl7Jag9QHlFijzhNchjTxKO0POhU/kFJWyw
K4W6HB+Vx2v8Q0F9yX5KWNLLOIQvTkLou85pVsjU+D9F1WNhJUBBrGrNTmUGjJTf
h0RQ75VpCUX+RKtJ0xusSMlyZAKrfes5s72I21kCAwEAAaOCAkYwggJCMB0GA1Ud
DgQWBBSFwYQFoqM8Au22XgO/z/bQxxm78zAfBgNVHSMEGDAWgBRlgWd0t8VmXWeo
bCDOtkh7W3izjTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1pZRm5kTGZGWmwxbnFHd2d6clpJZTF0NHM0MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWQvZjNiODI1LWNiYzAtNDlkMi04Yjc2LTZiMTQ2OWMzYjk1YS8x
L2hjR0VCYUtqUEFMdHRsNER2OF8yME1jWnVfTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWQv
ZjNiODI1LWNiYzAtNDlkMi04Yjc2LTZiMTQ2OWMzYjk1YS8xL1pZRm5kTGZGWmwx
bnFHd2d6clpJZTF0NHM0MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBc
BggrBgEFBQcBBwEB/wRNMEswOAQCAAEwMgMEA01MgDAMAwQATUyJAwQETUyAAwQD
TUyYAwQDTUy4AwQDXovQAwQDbWtIAwQDbWtYMA8EAgACMAkDBwAqAwLAAA4wDQYJ
KoZIhvcNAQELBQADggEBAKR41lhKzc0d9Fo+J6Bk/aEoz6eYvnTX3l9g4iYLfoSD
d1Ny9+J+oSjfmfbJntrLwjsElpk1STxjDMAR/EviScV4hGr6p0WyugoBrL1NeMmk
J2hgWUtAPD3MRrEx/y6+aTvV5OPkTFOgX2BiyNFrykcukKxc0SjvnppvR9/p8pjQ
nwRCNkNeIB7E4NZqDekhgg1tKatqFTbH2cuEAXUBWZDlMwUEVrokERBvshdKW6Rv
fRGiaqJngiu4wnYeNgInB/EvhyVljlNXb6N7KPkyu8wV5L048ObMlKRkRBVic1s9
zk0jLlAT0A6gN71mSP5xo9i2LtxM/T+tYZZ2UKhL/Ps=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:27 2024 by rpki-client on console-fra.rpki-client.org