Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/77yh-4B2XzfmZSGBIFBJdad73gE.roa
File: 77yh-4B2XzfmZSGBIFBJdad73gE.roa (raw, json)
Hash identifier: URqgsvIzxVFSKYEl+UeBmsr96M8ZE1BgBiV9URobNNg=
Subject key identifier: EF:BC:A1:FB:80:76:5F:37:E6:65:21:81:20:50:49:75:A7:7B:DE:01
Certificate issuer: /CN=3474210c28413e26284822abe83ad6d7c0f764fa
Certificate serial: 0EE1EACC
Authority key identifier: 34:74:21:0C:28:41:3E:26:28:48:22:AB:E8:3A:D6:D7:C0:F7:64:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NHQhDChBPiYoSCKr6DrW18D3ZPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/77yh-4B2XzfmZSGBIFBJdad73gE.roa
Signing time: Sat 01 Jan 2022 13:56:00 +0000
ROA not before: Sat 01 Jan 2022 13:56:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203
IP address blocks: 185.161.233.0/24 maxlen: 24
185.161.234.0/24 maxlen: 24
185.161.235.0/24 maxlen: 24
185.68.44.0/24 maxlen: 24
185.68.46.0/24 maxlen: 24
185.68.47.0/24 maxlen: 24
185.68.45.0/24 maxlen: 24
91.206.21.0/24 maxlen: 24
91.206.20.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 249686732 (0xee1eacc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3474210c28413e26284822abe83ad6d7c0f764fa
Validity
Not Before: Jan 1 13:56:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=efbca1fb80765f37e665218120504975a77bde01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:65:85:38:79:ef:b4:66:95:d6:49:5b:11:60:
13:2d:90:f7:f1:6f:b8:cf:c0:e4:bf:ea:58:fb:20:
3d:f1:b0:e2:69:f9:d7:ce:8d:68:18:99:20:1b:a7:
d0:32:4c:f9:29:dc:32:b7:d2:14:01:cc:56:5e:51:
b7:ed:46:ae:19:5d:66:27:36:66:fc:72:bd:37:e1:
c3:d4:50:ac:9f:e0:15:eb:aa:c7:92:27:59:97:3b:
73:3e:70:38:eb:97:4e:99:fd:20:ff:47:5e:3c:70:
89:2c:12:dd:c1:9d:3a:30:7b:8c:0a:53:73:87:0c:
fd:02:2c:01:4b:f4:80:29:f8:53:b4:55:4b:37:85:
f7:19:c2:01:7e:89:71:34:ec:a9:cf:d5:ff:70:e3:
7c:ca:d7:4e:c1:b1:35:51:ea:21:ff:1f:16:1e:75:
7e:f4:03:68:d9:aa:17:47:a8:8d:cb:68:2d:0e:7a:
44:51:91:0d:df:6d:78:4e:5a:01:b1:36:67:42:e7:
af:b9:7b:e8:46:53:3b:0c:a9:d3:04:cf:81:eb:d9:
ad:1b:5c:ff:6a:1a:4e:74:b3:f3:b5:2f:9d:12:c1:
1a:31:fe:1c:a6:61:e5:68:e3:da:6c:a4:d0:f9:58:
7d:26:ff:a3:fa:b8:c6:f1:aa:a2:98:69:ef:70:ba:
26:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:BC:A1:FB:80:76:5F:37:E6:65:21:81:20:50:49:75:A7:7B:DE:01
X509v3 Authority Key Identifier:
keyid:34:74:21:0C:28:41:3E:26:28:48:22:AB:E8:3A:D6:D7:C0:F7:64:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHQhDChBPiYoSCKr6DrW18D3ZPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/77yh-4B2XzfmZSGBIFBJdad73gE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/NHQhDChBPiYoSCKr6DrW18D3ZPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.20.0/23
185.68.44.0/22
185.161.233.0-185.161.235.255
Signature Algorithm: sha256WithRSAEncryption
b5:69:7e:c4:50:31:1e:5d:eb:51:4f:49:65:2c:9b:6b:ad:9f:
99:9e:0f:37:80:10:44:c6:51:96:ff:1b:79:b8:fd:cb:15:ff:
09:1f:39:9d:30:d9:cf:f8:06:c0:cc:13:e9:0a:52:65:68:fc:
0a:43:58:19:38:2a:23:39:a4:47:65:bc:de:a6:0f:a6:03:80:
21:e8:0c:21:28:99:a6:19:61:d4:98:2c:79:da:80:70:c3:ac:
e3:bc:00:6b:6d:ad:66:b8:d3:a3:fa:98:35:79:cd:c1:6c:d5:
96:50:bd:d0:23:2e:5a:f0:9e:91:8b:cf:aa:3f:59:e5:4d:a9:
26:85:55:64:d2:db:e3:ff:1b:7e:f2:b7:86:bb:6a:3f:3b:e5:
ba:bf:67:e6:b3:01:f4:7b:89:31:05:1f:4e:53:8e:93:6f:22:
e4:b4:85:05:c0:54:f0:1c:a1:98:23:be:47:4d:e2:9b:1b:1b:
63:8f:92:f0:7b:ea:2b:c6:dd:80:51:49:77:e4:1b:20:94:c9:
0c:cc:32:63:e7:cc:72:cd:be:0c:bf:d8:24:c5:dd:8c:55:a1:
76:5f:28:49:3b:7a:3a:f7:7f:fb:34:fe:d5:31:e2:06:a7:2a:
bb:f3:82:9d:97:0f:3f:3d:ca:f2:57:fd:48:0f:58:88:c3:22:
ef:49:f7:c9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEDuHqzDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDc0MjEwYzI4NDEzZTI2Mjg0ODIyYWJlODNhZDZkN2MwZjc2NGZhMB4XDTIyMDEw
MTEzNTYwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWZiY2ExZmI4MDc2
NWYzN2U2NjUyMTgxMjA1MDQ5NzVhNzdiZGUwMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOxlhTh577RmldZJWxFgEy2Q9/FvuM/A5L/qWPsgPfGw4mn5
186NaBiZIBun0DJM+SncMrfSFAHMVl5Rt+1GrhldZic2ZvxyvTfhw9RQrJ/gFeuq
x5InWZc7cz5wOOuXTpn9IP9HXjxwiSwS3cGdOjB7jApTc4cM/QIsAUv0gCn4U7RV
SzeF9xnCAX6JcTTsqc/V/3DjfMrXTsGxNVHqIf8fFh51fvQDaNmqF0eojctoLQ56
RFGRDd9teE5aAbE2Z0Lnr7l76EZTOwyp0wTPgevZrRtc/2oaTnSz87UvnRLBGjH+
HKZh5Wjj2myk0PlYfSb/o/q4xvGqophp73C6Jp8CAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBTvvKH7gHZfN+ZlIYEgUEl1p3veATAfBgNVHSMEGDAWgBQ0dCEMKEE+JihI
IqvoOtbXwPdk+jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05IUWhEQ2hCUGlZb1NDS3I2RHJXMThEM1pQby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjMvM2U5OTE2LTRmOGEtNGIwOC04OWM5LWIwYzc0Yjc2ZTE4Mi8x
Lzc3eWgtNEIyWHpmbVpTR0JJRkJKZGFkNzNnRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjMv
M2U5OTE2LTRmOGEtNGIwOC04OWM5LWIwYzc0Yjc2ZTE4Mi8xL05IUWhEQ2hCUGlZ
b1NDS3I2RHJXMThEM1pQby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEAVvOFAMEArlELDAMAwQAuaHpAwQC
uaHoMA0GCSqGSIb3DQEBCwUAA4IBAQC1aX7EUDEeXetRT0llLJtrrZ+Zng83gBBE
xlGW/xt5uP3LFf8JHzmdMNnP+AbAzBPpClJlaPwKQ1gZOCojOaRHZbzepg+mA4Ah
6AwhKJmmGWHUmCx52oBww6zjvABrba1muNOj+pg1ec3BbNWWUL3QIy5a8J6Ri8+q
P1nlTakmhVVk0tvj/xt+8reGu2o/O+W6v2fmswH0e4kxBR9OU46TbyLktIUFwFTw
HKGYI75HTeKbGxtjj5Lwe+orxt2AUUl35BsglMkMzDJj58xyzb4Mv9gkxd2MVaF2
XyhJO3o693/7NP7VMeIGpyq784Kdlw8/PcryV/1ID1iIwyLvSffJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:39 2024 by rpki-client on console-fra.rpki-client.org