Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/fb265f-bbb6-49d8-9b29-57b917ce4765/1/2e7MAbihbWU7INzTiPDeqr1Fb4Q.roa
File: 2e7MAbihbWU7INzTiPDeqr1Fb4Q.roa (raw, json)
Hash identifier: VdTFtTymg4Kcg7OcOA5rB+2txdNlmXGDRlogpypA1I8=
Subject key identifier: D9:EE:CC:01:B8:A1:6D:65:3B:20:DC:D3:88:F0:DE:AA:BD:45:6F:84
Certificate issuer: /CN=65da84dbb4c6a12d3c9b8e21b77304568a03db50
Certificate serial: 0D6251B9
Authority key identifier: 65:DA:84:DB:B4:C6:A1:2D:3C:9B:8E:21:B7:73:04:56:8A:03:DB:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZdqE27TGoS08m44ht3MEVooD21A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/fb265f-bbb6-49d8-9b29-57b917ce4765/1/2e7MAbihbWU7INzTiPDeqr1Fb4Q.roa
Signing time: Sat 01 Jan 2022 04:04:18 +0000
ROA not before: Sat 01 Jan 2022 04:04:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39591
IP address blocks: 77.94.240.0/21 maxlen: 24
79.143.208.0/20 maxlen: 24
79.143.212.0/23 maxlen: 24
79.143.208.0/22 maxlen: 24
79.143.214.0/24 maxlen: 24
79.143.216.0/21 maxlen: 24
185.3.104.0/22 maxlen: 24
2a00:1280::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 224547257 (0xd6251b9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65da84dbb4c6a12d3c9b8e21b77304568a03db50
Validity
Not Before: Jan 1 04:04:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d9eecc01b8a16d653b20dcd388f0deaabd456f84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:8f:46:09:fd:73:26:03:68:6c:46:fd:ca:c0:
e0:bb:77:bf:11:f5:60:8b:fc:3e:79:a9:99:e7:75:
3f:ed:bd:d4:12:53:f1:6d:ee:6e:27:24:cf:40:3f:
db:6e:b2:54:19:2b:57:a8:a9:35:15:a0:46:b1:17:
ae:d9:71:78:6c:7e:dd:dc:d7:82:3e:68:79:99:a2:
a1:aa:91:4f:d9:91:41:01:1a:82:16:68:67:57:d7:
78:9d:fd:bf:8f:3e:67:62:2b:47:e8:7b:37:eb:91:
19:c4:49:d8:c0:11:b7:53:ea:90:2d:7e:4a:dc:17:
8d:d7:30:29:e6:08:e6:4e:c8:b8:c3:ec:63:ad:84:
ee:16:ae:b0:84:94:5f:04:09:6c:04:0e:bf:d8:d7:
ad:fc:d3:02:b7:e3:e5:c8:fe:dc:bb:11:53:3a:5f:
e4:66:cd:06:4d:17:e1:b4:56:42:0e:32:c2:70:2a:
93:64:7e:41:c9:db:53:bd:3b:f6:91:12:86:6c:82:
4d:b6:e0:a6:50:25:20:4a:a7:60:b5:d8:5b:b8:9b:
a2:cc:60:f8:62:f3:3c:fb:a4:3d:5b:ea:03:57:db:
1e:6a:90:e7:3c:61:2e:8d:53:20:3a:b7:45:10:ea:
eb:c2:c8:a7:1e:51:a4:ed:d1:e5:c5:14:95:d4:35:
9f:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:EE:CC:01:B8:A1:6D:65:3B:20:DC:D3:88:F0:DE:AA:BD:45:6F:84
X509v3 Authority Key Identifier:
keyid:65:DA:84:DB:B4:C6:A1:2D:3C:9B:8E:21:B7:73:04:56:8A:03:DB:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZdqE27TGoS08m44ht3MEVooD21A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/fb265f-bbb6-49d8-9b29-57b917ce4765/1/2e7MAbihbWU7INzTiPDeqr1Fb4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/fb265f-bbb6-49d8-9b29-57b917ce4765/1/ZdqE27TGoS08m44ht3MEVooD21A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.94.240.0/21
79.143.208.0/20
185.3.104.0/22
IPv6:
2a00:1280::/32
Signature Algorithm: sha256WithRSAEncryption
a3:d0:17:e5:2b:4b:30:68:2c:a1:5c:f7:fe:78:d5:9b:54:33:
8e:84:a3:6d:d4:b9:33:76:19:74:48:b1:14:88:e9:ca:c2:0f:
eb:63:37:d2:ea:bc:37:91:fe:1e:44:33:08:e4:03:27:73:58:
a0:e0:b4:ee:8d:b1:67:62:50:e6:c3:10:2f:de:bc:cf:13:28:
05:29:46:72:87:fb:db:66:cf:ac:28:63:3d:a2:fb:44:70:6b:
7d:5e:99:22:75:f3:f6:16:0e:f3:d3:fe:6f:81:ee:57:9a:a6:
f7:2d:c9:90:0d:9e:af:0f:c1:67:2a:39:57:f3:d6:bb:29:83:
c0:ef:71:d1:36:00:d1:25:ef:d6:63:49:ea:16:3b:ce:60:97:
29:ef:6c:ec:6e:b1:54:a2:e1:44:4d:ee:02:e4:5d:89:9a:f2:
21:ef:4d:96:ac:e5:e4:2e:6a:9b:c7:de:d0:c0:59:18:ac:76:
15:85:64:bc:26:42:19:2b:a7:cf:f4:99:f0:1b:1a:a2:2e:f6:
73:5b:08:43:28:4e:ca:e0:e5:9d:c7:d1:31:d1:77:33:dd:fe:
6b:4c:8e:9a:6d:66:f4:18:69:30:8b:36:0c:65:fb:91:fb:f6:
e5:61:d0:3f:9c:e2:3b:01:57:62:cb:36:49:e2:32:99:2e:34:
b2:c1:b5:99
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEDWJRuTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NWRhODRkYmI0YzZhMTJkM2M5YjhlMjFiNzczMDQ1NjhhMDNkYjUwMB4XDTIyMDEw
MTA0MDQxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDllZWNjMDFiOGEx
NmQ2NTNiMjBkY2QzODhmMGRlYWFiZDQ1NmY4NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMiPRgn9cyYDaGxG/crA4Lt3vxH1YIv8Pnmpmed1P+291BJT
8W3ubickz0A/226yVBkrV6ipNRWgRrEXrtlxeGx+3dzXgj5oeZmioaqRT9mRQQEa
ghZoZ1fXeJ39v48+Z2IrR+h7N+uRGcRJ2MARt1PqkC1+StwXjdcwKeYI5k7IuMPs
Y62E7hausISUXwQJbAQOv9jXrfzTArfj5cj+3LsRUzpf5GbNBk0X4bRWQg4ywnAq
k2R+QcnbU7079pEShmyCTbbgplAlIEqnYLXYW7ibosxg+GLzPPukPVvqA1fbHmqQ
5zxhLo1TIDq3RRDq68LIpx5RpO3R5cUUldQ1n6MCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBTZ7swBuKFtZTsg3NOI8N6qvUVvhDAfBgNVHSMEGDAWgBRl2oTbtMahLTyb
jiG3cwRWigPbUDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1pkcUUyN1RHb1MwOG00NGh0M01FVm9vRDIxQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTIvZmIyNjVmLWJiYjYtNDlkOC05YjI5LTU3YjkxN2NlNDc2NS8x
LzJlN01BYmloYldVN0lOelRpUERlcXIxRmI0US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTIv
ZmIyNjVmLWJiYjYtNDlkOC05YjI5LTU3YjkxN2NlNDc2NS8xL1pkcUUyN1RHb1Mw
OG00NGh0M01FVm9vRDIxQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEA01e8AMEBE+P0AMEArkDaDANBAIA
AjAHAwUAKgASgDANBgkqhkiG9w0BAQsFAAOCAQEAo9AX5StLMGgsoVz3/njVm1Qz
joSjbdS5M3YZdEixFIjpysIP62M30uq8N5H+HkQzCOQDJ3NYoOC07o2xZ2JQ5sMQ
L968zxMoBSlGcof722bPrChjPaL7RHBrfV6ZInXz9hYO89P+b4HuV5qm9y3JkA2e
rw/BZyo5V/PWuymDwO9x0TYA0SXv1mNJ6hY7zmCXKe9s7G6xVKLhRE3uAuRdiZry
Ie9Nlqzl5C5qm8fe0MBZGKx2FYVkvCZCGSunz/SZ8Bsaoi72c1sIQyhOyuDlncfR
MdF3M93+a0yOmm1m9BhpMIs2DGX7kfv25WHQP5ziOwFXYss2SeIymS40ssG1mQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:06 2023 by rpki-client on console-ams.rpki-client.org