Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/ef2b49-035f-40a4-ae51-d3c55d4fda9d/1/ov0GM-cvpyZORJMNWNNZWzib6Nk.roa
File: ov0GM-cvpyZORJMNWNNZWzib6Nk.roa (raw, json)
Hash identifier: 6wbv31fhawursqaT8sMQLUbL7cjLxMRCRJoGH3yN62U=
Subject key identifier: A2:FD:06:33:E7:2F:A7:26:4E:44:93:0D:58:D3:59:5B:38:9B:E8:D9
Certificate issuer: /CN=77e3c2900b599754283f27f3b4e8d7f6c4510972
Certificate serial: 0264F8
Authority key identifier: 77:E3:C2:90:0B:59:97:54:28:3F:27:F3:B4:E8:D7:F6:C4:51:09:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d-PCkAtZl1QoPyfztOjX9sRRCXI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/ef2b49-035f-40a4-ae51-d3c55d4fda9d/1/ov0GM-cvpyZORJMNWNNZWzib6Nk.roa
Signing time: Tue 22 Mar 2022 09:16:08 +0000
ROA not before: Tue 22 Mar 2022 09:16:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41750
IP address blocks: 185.138.100.0/22 maxlen: 22
92.245.96.0/20 maxlen: 20
92.245.96.0/19 maxlen: 19
109.201.160.0/19 maxlen: 19
92.245.112.0/20 maxlen: 20
158.181.16.0/20 maxlen: 20
158.181.240.0/20 maxlen: 20
77.235.0.0/20 maxlen: 20
77.235.0.0/19 maxlen: 19
77.235.7.0/24 maxlen: 24
77.235.16.0/20 maxlen: 20
77.235.22.0/24 maxlen: 24
158.181.176.0/20 maxlen: 20
158.181.192.0/20 maxlen: 20
158.181.208.0/20 maxlen: 20
158.181.0.0/20 maxlen: 20
158.181.0.0/19 maxlen: 19
158.181.224.0/20 maxlen: 20
158.181.128.0/20 maxlen: 20
158.181.128.0/17 maxlen: 17
158.181.144.0/20 maxlen: 20
158.181.160.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 156920 (0x264f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77e3c2900b599754283f27f3b4e8d7f6c4510972
Validity
Not Before: Mar 22 09:16:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a2fd0633e72fa7264e44930d58d3595b389be8d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:30:9c:1c:e3:c6:0f:59:40:b2:ec:8f:60:25:
c1:e2:69:e0:ca:6b:38:9f:c6:ce:ba:f0:b6:dd:ef:
37:62:c5:72:5c:81:1c:36:fd:d0:ad:57:52:79:9f:
dd:de:63:09:6e:60:f7:b6:ca:c9:3d:63:31:05:78:
e3:5c:c8:0a:78:12:ff:69:a5:d7:90:46:b3:6c:0b:
4c:d2:e7:6c:f6:c7:ca:c4:a2:26:25:1f:17:7e:0f:
ab:f7:d4:d3:04:71:4b:b2:90:13:37:cf:8a:ad:48:
10:9e:68:09:ec:e3:0d:df:98:65:b1:42:7b:2f:45:
cf:84:e4:23:8c:d1:b1:ab:5f:25:ec:cb:e1:ea:c2:
2f:7f:d4:d8:3d:00:5a:b2:aa:b5:ca:ed:8b:dd:c7:
45:bb:87:fa:2a:c7:75:7a:5f:19:bd:b0:f5:29:7e:
70:ba:52:ba:6a:b2:cf:d0:2b:ad:d5:67:1f:39:8c:
0e:16:48:a9:9a:bb:ca:ad:75:e1:15:79:55:ea:72:
92:80:de:b7:02:89:ea:c9:d1:1b:23:4b:67:4f:ec:
72:78:49:ee:8a:c7:11:3b:08:93:db:9e:e8:23:3a:
2f:92:12:6c:ea:cf:14:2a:1d:0f:b2:32:29:f4:8d:
94:99:4a:ab:4c:c1:9c:3c:34:0b:88:47:3d:18:53:
3d:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:FD:06:33:E7:2F:A7:26:4E:44:93:0D:58:D3:59:5B:38:9B:E8:D9
X509v3 Authority Key Identifier:
keyid:77:E3:C2:90:0B:59:97:54:28:3F:27:F3:B4:E8:D7:F6:C4:51:09:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d-PCkAtZl1QoPyfztOjX9sRRCXI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/ef2b49-035f-40a4-ae51-d3c55d4fda9d/1/ov0GM-cvpyZORJMNWNNZWzib6Nk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/ef2b49-035f-40a4-ae51-d3c55d4fda9d/1/d-PCkAtZl1QoPyfztOjX9sRRCXI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.235.0.0/19
92.245.96.0/19
109.201.160.0/19
158.181.0.0/19
158.181.128.0/17
185.138.100.0/22
Signature Algorithm: sha256WithRSAEncryption
72:a8:e4:b4:6b:1f:c0:dc:76:fc:69:bc:dd:c2:b1:34:d6:e3:
30:28:82:a8:8a:3f:54:13:af:60:a9:33:d3:37:f3:3b:4b:02:
a2:d8:79:bc:15:e7:7e:d6:86:59:c0:17:ac:cc:8a:de:be:89:
c6:69:a6:c3:a9:28:93:8e:68:a4:f8:c9:a5:0b:f0:ca:d8:d9:
bc:02:c0:89:2c:28:0a:b9:26:c5:e0:0a:09:c7:0c:29:13:a4:
42:67:6d:8e:e3:2c:cc:fb:91:d7:93:31:32:da:c5:68:bd:9e:
71:fd:f4:43:93:fa:81:39:9d:1b:ab:59:a0:b7:68:cc:1b:6e:
eb:04:d5:ee:90:35:27:83:b1:82:89:a0:82:ed:34:8c:e7:e2:
77:bb:e7:c7:8d:1d:74:5f:fe:67:b0:11:62:b4:21:4c:48:55:
54:d8:c4:57:38:fb:60:0e:ea:a8:cd:63:59:9d:04:34:de:7b:
1e:46:e7:f6:ce:45:61:01:b1:e0:81:6b:e4:58:13:8c:92:70:
5c:8f:fd:09:dd:74:05:5f:1e:e4:7e:32:cb:6f:ef:4b:5f:d3:
34:26:ea:89:15:c4:11:f5:88:f1:bf:0b:2b:24:c1:af:b0:08:
d6:e0:b2:da:a6:a1:46:c2:4e:4d:05:af:da:21:43:54:ec:6b:
be:e5:b5:e6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIDAmT4MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDc3
ZTNjMjkwMGI1OTk3NTQyODNmMjdmM2I0ZThkN2Y2YzQ1MTA5NzIwHhcNMjIwMzIy
MDkxNjA4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhhMmZkMDYzM2U3MmZh
NzI2NGU0NDkzMGQ1OGQzNTk1YjM4OWJlOGQ5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmzCcHOPGD1lAsuyPYCXB4mngyms4n8bOuvC23e83YsVyXIEc
Nv3QrVdSeZ/d3mMJbmD3tsrJPWMxBXjjXMgKeBL/aaXXkEazbAtM0uds9sfKxKIm
JR8Xfg+r99TTBHFLspATN8+KrUgQnmgJ7OMN35hlsUJ7L0XPhOQjjNGxq18l7Mvh
6sIvf9TYPQBasqq1yu2L3cdFu4f6Ksd1el8ZvbD1KX5wulK6arLP0Cut1WcfOYwO
FkipmrvKrXXhFXlV6nKSgN63AonqydEbI0tnT+xyeEnuiscROwiT257oIzovkhJs
6s8UKh0PsjIp9I2UmUqrTMGcPDQLiEc9GFM9TwIDAQABo4ICJzCCAiMwHQYDVR0O
BBYEFKL9BjPnL6cmTkSTDVjTWVs4m+jZMB8GA1UdIwQYMBaAFHfjwpALWZdUKD8n
87To1/bEUQlyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
ZC1QQ2tBdFpsMVFvUHlmenRPalg5c1JSQ1hJLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8xNS9lZjJiNDktMDM1Zi00MGE0LWFlNTEtZDNjNTVkNGZkYTlkLzEv
b3YwR00tY3ZweVpPUkpNTldOTlpXemliNk5rLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9l
ZjJiNDktMDM1Zi00MGE0LWFlNTEtZDNjNTVkNGZkYTlkLzEvZC1QQ2tBdFpsMVFv
UHlmenRPalg5c1JSQ1hJLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMD0G
CCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQFTesAAwQFXPVgAwQFbcmgAwQFnrUA
AwQHnrWAAwQCuYpkMA0GCSqGSIb3DQEBCwUAA4IBAQByqOS0ax/A3Hb8abzdwrE0
1uMwKIKoij9UE69gqTPTN/M7SwKi2Hm8Fed+1oZZwBeszIrevonGaabDqSiTjmik
+MmlC/DK2Nm8AsCJLCgKuSbF4AoJxwwpE6RCZ22O4yzM+5HXkzEy2sVovZ5x/fRD
k/qBOZ0bq1mgt2jMG27rBNXukDUng7GCiaCC7TSM5+J3u+fHjR10X/5nsBFitCFM
SFVU2MRXOPtgDuqozWNZnQQ03nseRuf2zkVhAbHggWvkWBOMknBcj/0J3XQFXx7k
fjLLb+9LX9M0JuqJFcQR9YjxvwsrJMGvsAjW4LLapqFGwk5NBa/aIUNU7Gu+5bXm
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:18 2023 by rpki-client on console-ams.rpki-client.org