Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/138ce3-f38f-43e9-8dc9-9cd0cae06292/1/_JAHgwSQLsipyvjLLw4JVIIyy0E.roa
File: _JAHgwSQLsipyvjLLw4JVIIyy0E.roa (raw, json)
Hash identifier: UTu76k7Z8Gdn1gFWlse4Nho9z6bd+2SAaCBlshiE2ic=
Subject key identifier: FC:90:07:83:04:90:2E:C8:A9:CA:F8:CB:2F:0E:09:54:82:32:CB:41
Certificate issuer: /CN=9ebcbfeb8fa897374718a9102a4a70671e2aabf9
Certificate serial: 1729274B
Authority key identifier: 9E:BC:BF:EB:8F:A8:97:37:47:18:A9:10:2A:4A:70:67:1E:2A:AB:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nry_64-olzdHGKkQKkpwZx4qq_k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/138ce3-f38f-43e9-8dc9-9cd0cae06292/1/_JAHgwSQLsipyvjLLw4JVIIyy0E.roa
Signing time: Sat 01 Jan 2022 03:53:13 +0000
ROA not before: Sat 01 Jan 2022 03:53:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20650
IP address blocks: 217.145.36.0/24 maxlen: 24
217.145.37.0/24 maxlen: 24
217.145.34.0/24 maxlen: 24
217.145.35.0/24 maxlen: 24
217.145.32.0/20 maxlen: 24
217.145.38.0/24 maxlen: 24
217.145.32.0/23 maxlen: 23
217.145.43.0/24 maxlen: 24
217.145.44.0/24 maxlen: 24
217.145.40.0/23 maxlen: 23
217.145.39.0/24 maxlen: 24
217.145.45.0/24 maxlen: 24
77.72.232.0/21 maxlen: 24
77.72.238.0/24 maxlen: 24
77.72.237.0/24 maxlen: 24
2a01:38::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 388573003 (0x1729274b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ebcbfeb8fa897374718a9102a4a70671e2aabf9
Validity
Not Before: Jan 1 03:53:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fc90078304902ec8a9caf8cb2f0e09548232cb41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:1f:bd:2f:dd:3e:91:9c:a3:05:43:19:a4:14:
8e:b1:08:7f:ec:d4:6c:98:1d:a1:bc:e7:71:99:0e:
f7:05:29:db:ad:25:6b:83:aa:17:43:01:45:cf:16:
6b:a9:18:92:55:e8:7b:51:63:c1:55:88:0c:fb:6a:
85:1f:1c:23:15:62:fd:98:a0:e6:6b:df:bc:43:66:
80:a9:7a:dc:08:fd:3f:87:94:04:4f:d1:d3:4b:4b:
b8:51:cb:a3:79:de:4d:e7:28:b1:50:a8:90:da:1a:
b9:cc:35:97:f9:fa:03:f5:0d:1c:2e:34:fb:3f:e2:
b1:3f:6c:e2:35:da:26:d1:f7:88:0c:47:9f:93:47:
0c:66:4d:6a:f3:a3:26:c9:ac:4c:48:8c:da:d4:ed:
b5:b2:2d:33:2d:6b:f4:ee:89:ef:b6:d6:a8:5e:31:
8a:24:2e:94:a1:16:1d:82:ed:81:5c:0c:e7:06:ac:
96:85:98:f6:22:e8:74:85:3b:31:cb:05:9f:27:6c:
72:35:1b:b0:4e:47:3b:f0:dd:17:d4:1b:44:34:08:
a4:18:b9:2e:59:b1:a8:3d:99:3f:69:a3:5b:4d:9d:
74:66:ec:5f:10:80:ee:24:ec:c7:ae:b8:5f:0e:a7:
bc:3b:55:bd:49:6a:73:4d:4f:ea:94:2b:80:7a:8d:
03:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:90:07:83:04:90:2E:C8:A9:CA:F8:CB:2F:0E:09:54:82:32:CB:41
X509v3 Authority Key Identifier:
keyid:9E:BC:BF:EB:8F:A8:97:37:47:18:A9:10:2A:4A:70:67:1E:2A:AB:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nry_64-olzdHGKkQKkpwZx4qq_k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/138ce3-f38f-43e9-8dc9-9cd0cae06292/1/_JAHgwSQLsipyvjLLw4JVIIyy0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/138ce3-f38f-43e9-8dc9-9cd0cae06292/1/nry_64-olzdHGKkQKkpwZx4qq_k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.72.232.0/21
217.145.32.0/20
IPv6:
2a01:38::/32
Signature Algorithm: sha256WithRSAEncryption
4f:b7:c3:a4:32:59:87:4a:89:0c:7e:78:7e:c0:68:eb:13:8b:
e9:17:e6:66:c0:8b:7f:bc:8f:56:34:7c:7e:85:0a:73:53:1c:
bf:76:a5:eb:8c:33:dc:3f:c8:d7:b9:36:af:e8:1c:82:48:c3:
8f:72:20:b2:1d:f2:f1:71:65:6f:34:f1:65:8a:86:c6:09:8b:
95:f1:f6:c8:3b:67:b7:8f:10:73:5b:8f:8f:3a:f2:ff:b0:dd:
e6:00:6e:bf:31:7a:a1:80:e8:5c:c4:c9:f7:53:46:fc:2c:bf:
9b:95:4d:a3:08:0a:11:89:38:8a:a5:63:6e:0b:b7:da:89:e0:
03:1c:f0:d3:a6:57:28:2b:6b:f8:c0:4a:f3:19:34:b7:90:29:
93:42:89:e3:8a:71:76:0d:6c:03:a8:af:fd:2a:ad:27:2e:34:
de:5e:a1:31:4c:61:37:0b:6d:61:03:ad:a5:2a:6f:46:e1:7a:
84:68:4e:22:50:6a:6f:0a:48:20:43:a1:4c:eb:bf:aa:cb:d4:
d5:f5:86:a3:bf:d4:af:c8:8f:f4:3f:72:c4:05:ab:63:a7:6b:
b9:ae:a2:d2:04:b8:4f:5f:c5:24:e8:e7:6c:4c:51:15:8f:69:
ed:f2:83:2b:5d:c6:cf:04:4a:69:f1:12:ab:57:50:84:c8:bb:
55:a9:83:4e
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEFyknSzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZWJjYmZlYjhmYTg5NzM3NDcxOGE5MTAyYTRhNzA2NzFlMmFhYmY5MB4XDTIyMDEw
MTAzNTMxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmM5MDA3ODMwNDkw
MmVjOGE5Y2FmOGNiMmYwZTA5NTQ4MjMyY2I0MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK4fvS/dPpGcowVDGaQUjrEIf+zUbJgdobzncZkO9wUp260l
a4OqF0MBRc8Wa6kYklXoe1FjwVWIDPtqhR8cIxVi/Zig5mvfvENmgKl63Aj9P4eU
BE/R00tLuFHLo3neTecosVCokNoaucw1l/n6A/UNHC40+z/isT9s4jXaJtH3iAxH
n5NHDGZNavOjJsmsTEiM2tTttbItMy1r9O6J77bWqF4xiiQulKEWHYLtgVwM5was
loWY9iLodIU7McsFnydscjUbsE5HO/DdF9QbRDQIpBi5LlmxqD2ZP2mjW02ddGbs
XxCA7iTsx664Xw6nvDtVvUlqc01P6pQrgHqNAx8CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBT8kAeDBJAuyKnK+MsvDglUgjLLQTAfBgNVHSMEGDAWgBSevL/rj6iXN0cY
qRAqSnBnHiqr+TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25yeV82NC1vbHpkSEdLa1FLa3B3Wng0cXFfay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTIvMTM4Y2UzLWYzOGYtNDNlOS04ZGM5LTljZDBjYWUwNjI5Mi8x
L19KQUhnd1NRTHNpcHl2akxMdzRKVklJeXkwRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTIv
MTM4Y2UzLWYzOGYtNDNlOS04ZGM5LTljZDBjYWUwNjI5Mi8xL25yeV82NC1vbHpk
SEdLa1FLa3B3Wng0cXFfay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEA01I6AMEBNmRIDANBAIAAjAHAwUA
KgEAODANBgkqhkiG9w0BAQsFAAOCAQEAT7fDpDJZh0qJDH54fsBo6xOL6RfmZsCL
f7yPVjR8foUKc1Mcv3al64wz3D/I17k2r+gcgkjDj3Igsh3y8XFlbzTxZYqGxgmL
lfH2yDtnt48Qc1uPjzry/7Dd5gBuvzF6oYDoXMTJ91NG/Cy/m5VNowgKEYk4iqVj
bgu32ongAxzw06ZXKCtr+MBK8xk0t5Apk0KJ44pxdg1sA6iv/SqtJy403l6hMUxh
NwttYQOtpSpvRuF6hGhOIlBqbwpIIEOhTOu/qsvU1fWGo7/Ur8iP9D9yxAWrY6dr
ua6i0gS4T1/FJOjnbExRFY9p7fKDK13GzwRKafESq1dQhMi7VamDTg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:46 2024 by rpki-client on console-fra.rpki-client.org