Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/d8i8Lz61C5HUz7Yz13wRu5OnFjc.roa
File: d8i8Lz61C5HUz7Yz13wRu5OnFjc.roa (raw, json)
Hash identifier: 06SSpXRfoHjo0eaVQDi1/JAWbKxqPfOE1fvMMtyUnYA=
Subject key identifier: 77:C8:BC:2F:3E:B5:0B:91:D4:CF:B6:33:D7:7C:11:BB:93:A7:16:37
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 1AFA7DA8
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/d8i8Lz61C5HUz7Yz13wRu5OnFjc.roa
Signing time: Sat 01 Jan 2022 13:05:41 +0000
ROA not before: Sat 01 Jan 2022 13:05:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12849
IP address blocks: 89.237.64.0/18 maxlen: 24
77.137.128.0/18 maxlen: 24
77.138.0.0/15 maxlen: 24
77.137.192.0/22 maxlen: 24
194.242.160.0/20 maxlen: 24
77.137.0.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 452623784 (0x1afa7da8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Jan 1 13:05:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=77c8bc2f3eb50b91d4cfb633d77c11bb93a71637
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:d8:e0:5c:ce:2b:c2:cf:9a:b9:1d:d7:33:ef:
2d:a8:f5:25:25:86:5a:12:85:56:44:8f:47:2f:23:
85:d5:02:d9:75:4e:8d:76:dd:32:8d:74:34:b7:7e:
45:7f:d5:fa:d3:67:d3:ed:b5:6f:1c:1f:44:97:bc:
65:91:45:30:e8:f0:27:97:df:44:70:96:9b:2f:88:
cc:81:8f:27:e8:57:fd:6e:07:92:64:4e:bc:51:42:
60:88:14:e0:6d:0e:42:d2:b4:d9:92:46:07:2e:55:
2b:a5:47:66:90:2f:18:4c:f8:15:e0:ad:b4:d8:f3:
92:8f:8a:7f:f3:80:f4:64:7b:d4:85:f6:1f:66:3c:
f7:16:ca:d2:14:3f:3a:4e:8d:a6:53:26:04:64:47:
5a:cc:40:18:1c:99:4e:2d:73:c8:a9:dc:8c:6e:1a:
d6:8c:8d:8a:a0:80:82:46:0a:06:c7:bd:b1:75:ad:
f5:9a:7c:60:10:64:82:95:6a:bd:31:00:bc:71:dd:
26:30:49:93:65:de:69:8a:75:cb:4a:bd:56:5e:71:
ad:da:7b:14:9d:7b:8a:c3:65:bb:8d:4e:8f:46:9a:
33:81:f5:ab:8a:c1:96:7b:ea:c1:11:bc:f2:4b:fb:
91:74:99:7c:e0:ca:10:41:18:11:80:eb:81:90:9d:
aa:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:C8:BC:2F:3E:B5:0B:91:D4:CF:B6:33:D7:7C:11:BB:93:A7:16:37
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/d8i8Lz61C5HUz7Yz13wRu5OnFjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.137.0.0-77.137.195.255
77.138.0.0/15
89.237.64.0/18
194.242.160.0/20
Signature Algorithm: sha256WithRSAEncryption
7f:a6:6e:ba:24:92:35:14:30:f6:da:07:1d:1b:2f:b7:7f:b9:
af:7a:90:87:10:6e:68:b7:2c:1e:26:48:40:d5:94:71:55:9a:
f0:8c:c5:dc:4e:bf:73:8c:e6:db:58:f0:3a:b4:4d:63:b9:aa:
30:bf:7d:28:80:ae:ff:81:f4:20:78:c2:22:52:6d:79:88:38:
5e:85:33:5a:5a:2c:fb:68:c8:9d:8d:62:cf:a1:6f:28:bf:a8:
b3:cc:fc:55:3f:de:88:af:ac:b8:a9:c4:03:e5:6c:20:b5:bb:
00:97:4d:89:0b:ca:47:d8:69:86:ca:be:5c:44:23:a8:37:e1:
fb:73:07:f0:80:f1:06:4b:67:0a:6d:76:db:74:df:12:95:c4:
c7:80:ca:9d:10:10:ab:db:53:58:23:83:05:03:f1:e1:33:1f:
55:ec:e4:9b:45:5e:d2:67:cb:35:87:0a:32:54:3a:8b:9b:df:
63:b4:18:3b:73:1c:95:fa:b9:a0:28:16:50:8b:b4:56:72:82:
bf:63:4a:fb:60:40:65:b9:38:c1:63:c4:b9:5b:9e:93:07:af:
e9:3a:93:14:7a:9d:f7:2c:da:30:6c:68:55:73:fe:a3:2d:1b:
32:3f:79:05:46:0a:d3:31:41:cc:63:e9:aa:f2:92:3d:4f:8a:
85:9e:b9:7e
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEGvp9qDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MGVmNWZiYmZjYTdhOTNjZmVlOTY1ZWViNmJkZWU2ZmI0M2M0MDNlMB4XDTIyMDEw
MTEzMDU0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzdjOGJjMmYzZWI1
MGI5MWQ0Y2ZiNjMzZDc3YzExYmI5M2E3MTYzNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPbY4FzOK8LPmrkd1zPvLaj1JSWGWhKFVkSPRy8jhdUC2XVO
jXbdMo10NLd+RX/V+tNn0+21bxwfRJe8ZZFFMOjwJ5ffRHCWmy+IzIGPJ+hX/W4H
kmROvFFCYIgU4G0OQtK02ZJGBy5VK6VHZpAvGEz4FeCttNjzko+Kf/OA9GR71IX2
H2Y89xbK0hQ/Ok6NplMmBGRHWsxAGByZTi1zyKncjG4a1oyNiqCAgkYKBse9sXWt
9Zp8YBBkgpVqvTEAvHHdJjBJk2XeaYp1y0q9Vl5xrdp7FJ17isNlu41Oj0aaM4H1
q4rBlnvqwRG88kv7kXSZfODKEEEYEYDrgZCdqgECAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBR3yLwvPrULkdTPtjPXfBG7k6cWNzAfBgNVHSMEGDAWgBSg71+7/KepPP7p
Ze62ve5vtDxAPjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29POWZ1X3lucVR6LTZXWHV0cjN1YjdROFFENC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzIvZmU5MTVjLWJmNzAtNDYwMi04YTNjLTAyOTJiMDIwMTUwYS8x
L2Q4aThMejYxQzVIVXo3WXoxM3dSdTVPbkZqYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzIv
ZmU5MTVjLWJmNzAtNDYwMi04YTNjLTAyOTJiMDIwMTUwYS8xL29POWZ1X3lucVR6
LTZXWHV0cjN1YjdROFFENC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHjALAwMATYkDBAJNicADAwFNigMEBlnt
QAMEBMLyoDANBgkqhkiG9w0BAQsFAAOCAQEAf6ZuuiSSNRQw9toHHRsvt3+5r3qQ
hxBuaLcsHiZIQNWUcVWa8IzF3E6/c4zm21jwOrRNY7mqML99KICu/4H0IHjCIlJt
eYg4XoUzWlos+2jInY1iz6FvKL+os8z8VT/eiK+suKnEA+VsILW7AJdNiQvKR9hp
hsq+XEQjqDfh+3MH8IDxBktnCm1223TfEpXEx4DKnRAQq9tTWCODBQPx4TMfVezk
m0Ve0mfLNYcKMlQ6i5vfY7QYO3Mclfq5oCgWUIu0VnKCv2NK+2BAZbk4wWPEuVue
kwev6TqTFHqd9yzaMGxoVXP+oy0bMj95BUYK0zFBzGPpqvKSPU+KhZ65fg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:55 2024 by rpki-client on console-fra.rpki-client.org