Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/bIdnzvkK7r8IysxxdZdHP-D4Hwo.roa
File: bIdnzvkK7r8IysxxdZdHP-D4Hwo.roa (raw, json)
Hash identifier: pSnVGuMt1HI862HAVkFUDMA+LP6h35OoQT7FFGa+QdM=
Subject key identifier: 6C:87:67:CE:F9:0A:EE:BF:08:CA:CC:71:75:97:47:3F:E0:F8:1F:0A
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 018200F5442037BC01C8F8982E5CEE19B31C
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/bIdnzvkK7r8IysxxdZdHP-D4Hwo.roa
Signing time: Fri 15 Jul 2022 08:24:09 +0000
ROA not before: Fri 15 Jul 2022 08:24:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42117
IP address blocks: 159.20.8.0/21 maxlen: 21
95.175.160.0/19 maxlen: 19
77.233.96.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:00:f5:44:20:37:bc:01:c8:f8:98:2e:5c:ee:19:b3:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Jul 15 08:24:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6c8767cef90aeebf08cacc717597473fe0f81f0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:26:46:80:6c:45:9e:96:c4:35:5a:0b:27:43:
2b:b0:c0:29:72:ac:19:39:4d:c2:f7:e0:69:8a:45:
d3:24:ab:5a:f4:5c:a0:98:e2:b4:8a:fb:96:e6:1e:
39:30:64:fc:ef:33:48:fc:08:2f:ba:d0:ba:b3:f5:
96:02:d4:ce:86:da:be:c2:f3:3b:8a:e0:74:4a:0e:
ca:cf:a6:d3:b2:53:11:15:12:ba:02:59:2e:c8:ff:
c9:ab:1f:b7:17:a7:8d:82:06:d8:2c:1f:b4:8b:a6:
89:9a:91:16:cb:a2:9e:69:54:23:af:93:0d:37:7c:
39:5d:a0:d4:29:43:30:12:00:30:2d:f8:55:1a:aa:
4c:64:95:0b:db:06:31:ac:cd:5b:03:1d:de:f3:a8:
ae:6b:72:73:da:87:f0:08:12:f5:01:97:20:38:1b:
6f:f8:ff:18:c9:f4:d8:20:53:63:3b:ee:ac:fb:df:
0d:78:c1:73:16:49:e8:8c:c6:18:7c:2f:8f:f7:96:
32:8c:b1:41:cd:db:e7:8c:5a:d5:ee:66:34:3d:8c:
b1:ce:4e:b6:1e:5d:35:e5:84:28:39:ee:2f:79:a2:
5e:e8:fd:97:1e:fc:cc:81:e5:a7:ef:f4:a5:03:f1:
71:d7:6b:42:8f:8f:bf:8a:fb:ff:d6:4a:7e:47:2e:
6e:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:87:67:CE:F9:0A:EE:BF:08:CA:CC:71:75:97:47:3F:E0:F8:1F:0A
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/bIdnzvkK7r8IysxxdZdHP-D4Hwo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.233.96.0/19
95.175.160.0/19
159.20.8.0/21
Signature Algorithm: sha256WithRSAEncryption
a1:18:8c:6d:87:cb:ea:e8:72:e3:e5:7c:8d:e0:ca:53:42:1e:
86:d0:1e:2d:36:f8:5b:27:e5:68:33:1e:f8:74:04:d4:61:58:
cd:4d:93:f7:58:92:d3:ed:8e:0c:83:b8:a2:39:7d:d3:2f:b4:
b9:b5:34:4b:75:23:4a:2a:d2:cf:3c:21:ff:6c:89:20:f1:91:
41:72:a5:b0:a1:68:0c:12:05:63:d4:e8:4a:0c:a4:0b:b2:ac:
e6:fa:85:25:cc:e7:9a:b8:54:49:67:0b:03:f7:4c:09:e6:10:
d1:f8:f1:f8:cf:50:8f:23:fe:d8:3a:9f:e7:ff:a2:b5:06:1b:
e2:72:0a:33:7e:81:75:a9:6b:4e:df:96:0f:33:46:33:4d:04:
04:4c:7e:61:91:3e:df:a0:af:c1:1b:74:b2:d8:de:ba:dd:03:
8c:32:39:60:97:d5:d0:7b:8f:82:04:c8:32:bd:79:7f:77:c6:
7c:e3:68:ba:6e:a8:21:c6:95:b8:ed:cf:a5:46:0c:1e:66:82:
d5:86:32:3a:76:f4:2f:b0:13:21:b8:b4:d9:f5:44:21:0f:83:
c5:9a:45:d5:f1:a0:e0:48:ce:71:78:66:91:2b:8c:fe:6f:35:
1c:93:2e:d1:b1:c5:fc:e4:10:22:a6:b6:ae:3e:c2:2a:4a:c9:
86:38:70:59
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYIA9UQgN7wByPiYLlzuGbMcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjIwNzE1MDgyNDA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yzg3NjdjZWY5MGFlZWJmMDhjYWNjNzE3NTk3NDczZmUwZjgxZjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiiZGgGxFnpbENVoLJ0MrsMApcqwZ
OU3C9+BpikXTJKta9FygmOK0ivuW5h45MGT87zNI/AgvutC6s/WWAtTOhtq+wvM7
iuB0Sg7Kz6bTslMRFRK6AlkuyP/Jqx+3F6eNggbYLB+0i6aJmpEWy6KeaVQjr5MN
N3w5XaDUKUMwEgAwLfhVGqpMZJUL2wYxrM1bAx3e86iua3Jz2ofwCBL1AZcgOBtv
+P8YyfTYIFNjO+6s+98NeMFzFknojMYYfC+P95YyjLFBzdvnjFrV7mY0PYyxzk62
Hl015YQoOe4veaJe6P2XHvzMgeWn7/SlA/Fx12tCj4+/ivv/1kp+Ry5uZQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGyHZ875Cu6/CMrMcXWXRz/g+B8KMB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvYklkbnp2a0s3cjhJeXN4eGRaZEhQLUQ0SHdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQFTelgAwQF
X6+gAwQDnxQIMA0GCSqGSIb3DQEBCwUAA4IBAQChGIxth8vq6HLj5XyN4MpTQh6G
0B4tNvhbJ+VoMx74dATUYVjNTZP3WJLT7Y4Mg7iiOX3TL7S5tTRLdSNKKtLPPCH/
bIkg8ZFBcqWwoWgMEgVj1OhKDKQLsqzm+oUlzOeauFRJZwsD90wJ5hDR+PH4z1CP
I/7YOp/n/6K1BhvicgozfoF1qWtO35YPM0YzTQQETH5hkT7foK/BG3Sy2N663QOM
Mjlgl9XQe4+CBMgyvXl/d8Z842i6bqghxpW47c+lRgweZoLVhjI6dvQvsBMhuLTZ
9UQhD4PFmkXV8aDgSM5xeGaRK4z+bzUcky7RscX85BAiprauPsIqSsmGOHBZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:50 2024 by rpki-client on console-ams.rpki-client.org