Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/f6shModOt4uKYRBdCCdbDNi2Dro.roa
File: f6shModOt4uKYRBdCCdbDNi2Dro.roa (raw, json)
Hash identifier: cXPs+ekox9Sgm1i8ldX1bRtaEZF7nVB9nmj6cJhIm6M=
Subject key identifier: 7F:AB:21:32:87:4E:B7:8B:8A:61:10:5D:08:27:5B:0C:D8:B6:0E:BA
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0184BD4C393726AE40E0D0DB003E0935432A
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/f6shModOt4uKYRBdCCdbDNi2Dro.roa
Signing time: Mon 28 Nov 2022 08:13:19 +0000
ROA not before: Mon 28 Nov 2022 08:13:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 77.83.39.0/24 maxlen: 24
45.138.182.0/24 maxlen: 24
45.138.180.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:bd:4c:39:37:26:ae:40:e0:d0:db:00:3e:09:35:43:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Nov 28 08:13:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7fab2132874eb78b8a61105d08275b0cd8b60eba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:22:26:46:62:aa:29:9b:55:73:21:1b:71:07:
74:a6:96:07:08:90:02:9f:4e:09:d0:f9:25:7e:5b:
6d:0b:96:48:c6:0c:6c:dc:65:3f:84:aa:84:6b:43:
8b:c2:96:a2:80:7f:e8:5c:9c:75:2b:5c:39:d9:2c:
65:9c:a8:f2:26:90:58:7b:36:97:c4:95:0e:c9:35:
ff:7c:9d:44:ab:90:b6:9c:bf:e4:b3:75:0e:15:d6:
b6:89:58:14:07:08:15:aa:45:57:51:94:5b:d4:57:
ba:10:6f:46:af:ea:79:f1:1b:47:4e:8c:95:8d:9d:
b1:4a:45:c0:c4:f1:7e:12:8f:43:d3:ca:aa:9a:ad:
b3:52:e1:39:5a:96:4c:1d:33:12:93:47:be:fb:e3:
a9:20:8b:fd:c4:64:62:2d:7c:61:c2:06:93:25:29:
22:00:e5:5b:9d:69:02:d8:75:e1:ad:b2:1f:be:cf:
3d:84:55:c7:70:53:d5:fe:1c:98:b7:85:e6:9b:8f:
5f:d7:a7:bd:2c:d8:33:a6:51:00:2a:a0:3b:0f:b7:
d0:be:8c:d1:90:f4:d2:ed:f1:bc:d3:01:c1:a6:85:
db:79:3e:74:41:c2:39:f0:d2:c6:ea:3f:b1:2d:67:
7b:66:25:c6:14:ed:45:2c:66:bb:a7:0e:61:5b:82:
0b:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:AB:21:32:87:4E:B7:8B:8A:61:10:5D:08:27:5B:0C:D8:B6:0E:BA
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/f6shModOt4uKYRBdCCdbDNi2Dro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.180.0/24
45.138.182.0/24
77.83.39.0/24
Signature Algorithm: sha256WithRSAEncryption
73:30:43:be:65:66:8a:36:f1:e0:fb:cb:ef:ab:a6:69:fb:f2:
30:b5:e8:d3:bc:4a:c9:19:68:a3:6e:ff:67:4a:67:07:ad:49:
92:e7:c3:73:0c:11:08:1e:98:74:56:a9:96:c0:0f:df:08:94:
05:f3:b2:25:99:a7:3b:59:af:db:5c:63:38:b3:79:01:08:c2:
67:87:c4:51:66:b6:eb:d4:ec:3a:95:57:39:6e:07:25:b8:12:
fa:e8:d1:27:8a:c8:1f:ed:b6:bd:d7:c5:be:f8:a6:66:05:e1:
7f:2c:f8:2c:77:59:4f:63:d5:ef:5e:d8:b7:b5:96:92:b4:fe:
5f:d3:df:c7:87:84:32:64:41:d6:21:9e:d0:c6:fb:4f:a8:66:
f6:69:30:2d:c5:10:b7:45:ed:37:e8:c8:e3:ba:83:9b:b1:30:
96:27:4e:6c:8e:e1:53:86:b2:4d:bd:3f:bb:90:26:95:cf:c0:
55:f8:f4:bb:a3:cf:e3:b9:24:5f:63:bb:17:8c:2b:3c:a2:87:
52:9b:7d:3d:e0:5e:97:30:4a:68:30:f1:99:92:ab:98:0c:27:
7b:f9:47:55:97:49:f7:57:dd:37:e4:f2:5f:d5:99:aa:68:fd:
42:a4:7d:f4:d2:3a:32:60:e9:c4:03:65:ae:e2:50:3b:d0:a2:
04:af:0a:39
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYS9TDk3Jq5A4NDbAD4JNUMqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjIxMTI4MDgxMzE5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmFiMjEzMjg3NGViNzhiOGE2MTEwNWQwODI3NWIwY2Q4YjYwZWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmiImRmKqKZtVcyEbcQd0ppYHCJAC
n04J0PklflttC5ZIxgxs3GU/hKqEa0OLwpaigH/oXJx1K1w52SxlnKjyJpBYezaX
xJUOyTX/fJ1Eq5C2nL/ks3UOFda2iVgUBwgVqkVXUZRb1Fe6EG9Gr+p58RtHToyV
jZ2xSkXAxPF+Eo9D08qqmq2zUuE5WpZMHTMSk0e+++OpIIv9xGRiLXxhwgaTJSki
AOVbnWkC2HXhrbIfvs89hFXHcFPV/hyYt4Xmm49f16e9LNgzplEAKqA7D7fQvozR
kPTS7fG80wHBpoXbeT50QcI58NLG6j+xLWd7ZiXGFO1FLGa7pw5hW4ILYQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFH+rITKHTreLimEQXQgnWwzYtg66MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvZjZzaE1vZE90NHVLWVJCZENDZGJETmkyRHJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALYq0AwQA
LYq2AwQATVMnMA0GCSqGSIb3DQEBCwUAA4IBAQBzMEO+ZWaKNvHg+8vvq6Zp+/Iw
tejTvErJGWijbv9nSmcHrUmS58NzDBEIHph0VqmWwA/fCJQF87Ilmac7Wa/bXGM4
s3kBCMJnh8RRZrbr1Ow6lVc5bgcluBL66NEnisgf7ba918W++KZmBeF/LPgsd1lP
Y9XvXti3tZaStP5f09/Hh4QyZEHWIZ7QxvtPqGb2aTAtxRC3Re036MjjuoObsTCW
J05sjuFThrJNvT+7kCaVz8BV+PS7o8/juSRfY7sXjCs8oodSm3094F6XMEpoMPGZ
kquYDCd7+UdVl0n3V9035PJf1ZmqaP1CpH300joyYOnEA2Wu4lA70KIErwo5
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:32 2023 by rpki-client on console-fra.rpki-client.org