Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/d13658-af7e-4d6e-82ef-6e0696fee8e6/1/Cd7IgbBRrE8W0hXYuzYDxs6jGuc.roa
File: Cd7IgbBRrE8W0hXYuzYDxs6jGuc.roa (raw, json)
Hash identifier: 2gl3FjK6iZBc2rfWTmwQExReA4vVzRwIavq9UBmfh1s=
Subject key identifier: 09:DE:C8:81:B0:51:AC:4F:16:D2:15:D8:BB:36:03:C6:CE:A3:1A:E7
Certificate issuer: /CN=f497673c78efae5f6bd80a25ace3d3c37193e789
Certificate serial: 10F902E5
Authority key identifier: F4:97:67:3C:78:EF:AE:5F:6B:D8:0A:25:AC:E3:D3:C3:71:93:E7:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9JdnPHjvrl9r2AolrOPTw3GT54k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/d13658-af7e-4d6e-82ef-6e0696fee8e6/1/Cd7IgbBRrE8W0hXYuzYDxs6jGuc.roa
Signing time: Sat 01 Jan 2022 15:55:20 +0000
ROA not before: Sat 01 Jan 2022 15:55:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56696
IP address blocks: 77.246.48.0/21 maxlen: 24
217.15.117.0/24 maxlen: 24
217.15.118.0/23 maxlen: 24
217.15.120.0/22 maxlen: 24
217.74.235.0/24 maxlen: 24
217.74.238.0/23 maxlen: 24
217.74.237.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 284754661 (0x10f902e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f497673c78efae5f6bd80a25ace3d3c37193e789
Validity
Not Before: Jan 1 15:55:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=09dec881b051ac4f16d215d8bb3603c6cea31ae7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:4b:28:e6:85:34:10:cd:1c:5d:af:5b:2a:74:
6e:c7:1e:b7:e9:81:fa:d1:5e:57:f0:d7:00:b6:6b:
27:39:13:5b:26:00:6a:66:17:2c:5f:27:b9:fd:96:
09:e1:e1:8b:1b:5a:8e:c3:34:44:c4:12:83:14:b5:
51:59:db:84:a7:73:d6:b2:b2:a6:f6:64:6b:5e:28:
dc:29:00:d4:ae:e7:2c:fd:d3:53:7e:de:a4:b2:67:
ab:9b:89:26:3d:fc:9e:25:eb:94:20:cb:db:7e:18:
8e:ae:99:89:fb:6a:47:db:5c:61:2a:bf:8c:d8:e8:
f1:ab:27:05:f3:15:0d:91:42:ad:b3:61:b0:c9:7d:
92:ce:ed:50:aa:9a:2e:d2:26:e1:a9:6a:24:87:a3:
a6:e5:3f:44:80:0c:ba:5d:83:09:5e:b9:42:41:5f:
41:23:01:b4:b2:2c:01:ce:12:71:e5:16:f3:22:0f:
e4:b6:6c:18:b6:c3:d2:d2:93:35:3d:14:60:32:0f:
bd:d5:22:3d:eb:d3:00:4e:7f:bc:67:cf:0e:e0:c9:
b0:99:ce:3d:ef:41:f2:58:24:70:32:73:93:e3:83:
60:7e:1e:d7:3e:d4:19:b6:cd:2d:a2:93:41:70:26:
fb:5b:54:8e:11:9f:25:07:ac:b6:a9:bf:4b:a2:15:
ef:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:DE:C8:81:B0:51:AC:4F:16:D2:15:D8:BB:36:03:C6:CE:A3:1A:E7
X509v3 Authority Key Identifier:
keyid:F4:97:67:3C:78:EF:AE:5F:6B:D8:0A:25:AC:E3:D3:C3:71:93:E7:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9JdnPHjvrl9r2AolrOPTw3GT54k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/d13658-af7e-4d6e-82ef-6e0696fee8e6/1/Cd7IgbBRrE8W0hXYuzYDxs6jGuc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/d13658-af7e-4d6e-82ef-6e0696fee8e6/1/9JdnPHjvrl9r2AolrOPTw3GT54k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.246.48.0/21
217.15.117.0-217.15.123.255
217.74.235.0/24
217.74.237.0-217.74.239.255
Signature Algorithm: sha256WithRSAEncryption
80:2d:7c:78:a2:fd:36:73:b5:2e:9a:e9:a9:a1:31:af:83:60:
f8:31:58:2a:fa:ab:18:0f:6b:d9:66:52:84:c2:c8:ee:ed:e1:
86:04:06:89:e4:7e:5d:2e:dd:f0:41:f2:7f:88:13:a9:f4:35:
76:c6:62:5f:7f:be:16:71:57:10:93:b2:3e:1f:84:bd:0d:37:
53:33:0c:1b:d0:47:2c:45:00:c3:24:48:70:4d:71:5e:91:59:
f8:5f:d4:1c:48:94:7f:1f:5b:2a:d2:9b:0e:63:f3:42:16:d2:
47:29:68:e2:ac:99:bc:5a:5e:39:95:23:e1:8b:df:0e:0a:d6:
66:61:6c:e7:d5:66:fe:98:09:89:79:a5:fb:c8:cf:b7:86:9c:
0a:ca:e4:08:48:c1:cb:ac:10:3b:5c:36:8d:d6:51:07:4d:99:
f0:4f:aa:35:21:4c:69:20:88:cc:e4:bb:43:9d:32:93:61:91:
1b:bc:58:c4:cd:63:56:df:d6:47:bc:82:55:99:cc:a6:f3:db:
c2:03:5d:1d:c4:c3:cd:9b:7b:ab:ce:86:ed:0a:25:90:25:5a:
4c:77:58:8b:3e:74:2c:43:84:f4:31:e0:2f:ba:9b:e8:4d:e3:
61:cb:87:38:34:b7:8e:d9:bf:83:0d:20:38:a0:41:51:f0:87:
36:b3:8a:56
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIEEPkC5TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NDk3NjczYzc4ZWZhZTVmNmJkODBhMjVhY2UzZDNjMzcxOTNlNzg5MB4XDTIyMDEw
MTE1NTUyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDlkZWM4ODFiMDUx
YWM0ZjE2ZDIxNWQ4YmIzNjAzYzZjZWEzMWFlNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMxLKOaFNBDNHF2vWyp0bscet+mB+tFeV/DXALZrJzkTWyYA
amYXLF8nuf2WCeHhixtajsM0RMQSgxS1UVnbhKdz1rKypvZka14o3CkA1K7nLP3T
U37epLJnq5uJJj38niXrlCDL234Yjq6ZiftqR9tcYSq/jNjo8asnBfMVDZFCrbNh
sMl9ks7tUKqaLtIm4alqJIejpuU/RIAMul2DCV65QkFfQSMBtLIsAc4SceUW8yIP
5LZsGLbD0tKTNT0UYDIPvdUiPevTAE5/vGfPDuDJsJnOPe9B8lgkcDJzk+ODYH4e
1z7UGbbNLaKTQXAm+1tUjhGfJQestqm/S6IV7w8CAwEAAaOCAiswggInMB0GA1Ud
DgQWBBQJ3siBsFGsTxbSFdi7NgPGzqMa5zAfBgNVHSMEGDAWgBT0l2c8eO+uX2vY
CiWs49PDcZPniTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlKZG5QSGp2cmw5cjJBb2xyT1BUdzNHVDU0ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDEvZDEzNjU4LWFmN2UtNGQ2ZS04MmVmLTZlMDY5NmZlZThlNi8x
L0NkN0lnYkJSckU4VzBoWFl1ellEeHM2akd1Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDEv
ZDEzNjU4LWFmN2UtNGQ2ZS04MmVmLTZlMDY5NmZlZThlNi8xLzlKZG5QSGp2cmw5
cjJBb2xyT1BUdzNHVDU0ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwLgQCAAEwKAMEA032MDAMAwQA2Q91AwQC2Q94AwQA
2UrrMAwDBADZSu0DBATZSuAwDQYJKoZIhvcNAQELBQADggEBAIAtfHii/TZztS6a
6amhMa+DYPgxWCr6qxgPa9lmUoTCyO7t4YYEBonkfl0u3fBB8n+IE6n0NXbGYl9/
vhZxVxCTsj4fhL0NN1MzDBvQRyxFAMMkSHBNcV6RWfhf1BxIlH8fWyrSmw5j80IW
0kcpaOKsmbxaXjmVI+GL3w4K1mZhbOfVZv6YCYl5pfvIz7eGnArK5AhIwcusEDtc
No3WUQdNmfBPqjUhTGkgiMzku0OdMpNhkRu8WMTNY1bf1ke8glWZzKbz28IDXR3E
w82be6vOhu0KJZAlWkx3WIs+dCxDhPQx4C+6m+hN42HLhzg0t47Zv4MNIDigQVHw
hzazilY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:20 2023 by rpki-client on console-ams.rpki-client.org