Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/reb5qO0QYUrMvyXVx6jemGQRdlk.roa
File: reb5qO0QYUrMvyXVx6jemGQRdlk.roa (raw, json)
Hash identifier: ch/aIlSA+nZzhVOJUhL+x1PUUe7jWvHIImYKMmMpoE4=
Subject key identifier: AD:E6:F9:A8:ED:10:61:4A:CC:BF:25:D5:C7:A8:DE:98:64:11:76:59
Certificate issuer: /CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Certificate serial: 2CB1C306
Authority key identifier: 68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/reb5qO0QYUrMvyXVx6jemGQRdlk.roa
Signing time: Sat 01 Jan 2022 04:59:43 +0000
ROA not before: Sat 01 Jan 2022 04:59:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201615
IP address blocks: 77.79.204.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 749847302 (0x2cb1c306)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Validity
Not Before: Jan 1 04:59:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ade6f9a8ed10614accbf25d5c7a8de9864117659
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:27:0a:45:87:aa:0d:7c:f5:b3:c7:de:8d:be:
6f:b4:35:44:6d:fd:64:7d:ac:7a:07:01:e9:e8:b2:
b7:fe:0e:48:49:49:11:f5:60:7a:d1:a7:db:e8:44:
63:88:20:d0:8a:4b:52:cb:a9:f5:3d:dd:09:03:2e:
fb:ba:fe:4d:e8:fb:25:93:7b:42:e2:20:6b:03:5a:
e2:67:86:0f:f9:f6:54:d9:1f:a2:80:8d:e8:5c:37:
ea:e4:29:82:45:2d:0c:55:8c:98:28:70:76:77:13:
a0:49:f2:73:37:56:04:0a:a4:77:dd:03:4f:a6:08:
e9:59:7e:96:31:46:3a:1a:4a:be:65:e7:41:5f:e8:
67:7a:d5:93:5d:75:66:8e:46:8c:71:1e:3d:d4:0f:
a5:d0:cf:a1:f7:ce:39:71:dc:61:be:e3:6c:35:68:
ba:5a:9c:78:bc:aa:f1:35:b6:89:1a:bc:40:b9:c7:
07:3e:48:ab:16:bf:57:51:47:d9:23:ab:a4:6b:ef:
5a:bf:61:3b:45:bf:70:3e:7d:f6:45:56:78:3b:b6:
c1:9d:8a:fd:35:cf:f2:49:a8:55:4b:31:7a:04:3e:
91:68:35:c0:eb:4c:f5:08:be:52:c0:31:c2:da:c7:
a1:d7:b3:b6:50:b1:8d:dc:ea:76:b0:0a:32:da:aa:
84:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:E6:F9:A8:ED:10:61:4A:CC:BF:25:D5:C7:A8:DE:98:64:11:76:59
X509v3 Authority Key Identifier:
keyid:68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/reb5qO0QYUrMvyXVx6jemGQRdlk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.79.204.0/24
Signature Algorithm: sha256WithRSAEncryption
29:b8:01:f2:c0:7f:81:de:fa:e7:8d:39:65:db:22:8d:cd:be:
80:b7:5b:10:a6:4b:a9:42:60:4b:52:c5:21:9d:33:b4:3d:99:
74:01:bc:63:a5:d3:90:5a:8f:e3:95:6f:fa:43:60:3e:86:b1:
c9:c7:4f:8c:f1:50:6c:e5:7a:4d:5f:60:59:4c:c0:40:7d:a8:
d7:bb:f5:ae:fe:f4:a1:14:30:31:4f:ee:5f:4a:70:6a:6b:a3:
af:8d:41:59:ad:4d:fb:eb:25:bb:60:8e:13:0f:94:e2:af:4f:
3d:17:84:94:18:f4:22:3e:b6:b1:af:82:99:16:d2:65:b7:88:
00:57:ad:6b:20:a8:08:86:6c:e2:f5:56:28:f9:e3:a0:52:6e:
96:b9:aa:f2:26:15:6d:47:fc:50:e6:e9:01:f7:4b:44:0e:07:
20:d4:32:06:a3:a6:c7:6b:6d:bb:d7:f6:63:46:59:2f:3a:f2:
d9:09:6e:40:fb:d3:e2:25:99:5c:65:96:94:cb:67:f5:cc:e1:
ac:cc:63:2f:92:da:09:46:19:dd:48:91:f6:08:b0:90:c4:73:
84:85:76:e7:c5:f6:54:20:e1:1f:71:16:91:a1:68:c9:d6:2f:
18:bf:7b:ce:27:01:72:c6:b8:76:f1:c7:0a:74:37:74:19:9c:
7f:c4:d1:16
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIELLHDBjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
OGM1MTBmYzliODY1ZDk2ZTNhZmM3YzU2MDU2ZWZhZDlhMzMwYzViMB4XDTIyMDEw
MTA0NTk0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWRlNmY5YThlZDEw
NjE0YWNjYmYyNWQ1YzdhOGRlOTg2NDExNzY1OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOYnCkWHqg189bPH3o2+b7Q1RG39ZH2segcB6eiyt/4OSElJ
EfVgetGn2+hEY4gg0IpLUsup9T3dCQMu+7r+Tej7JZN7QuIgawNa4meGD/n2VNkf
ooCN6Fw36uQpgkUtDFWMmChwdncToEnyczdWBAqkd90DT6YI6Vl+ljFGOhpKvmXn
QV/oZ3rVk111Zo5GjHEePdQPpdDPoffOOXHcYb7jbDVoulqceLyq8TW2iRq8QLnH
Bz5Iqxa/V1FH2SOrpGvvWr9hO0W/cD599kVWeDu2wZ2K/TXP8kmoVUsxegQ+kWg1
wOtM9Qi+UsAxwtrHodeztlCxjdzqdrAKMtqqhC8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSt5vmo7RBhSsy/JdXHqN6YZBF2WTAfBgNVHSMEGDAWgBRoxRD8m4ZdluOv
x8VgVu+tmjMMWzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FNVVFfSnVHWFpianI4ZkZZRmJ2clpvekRGcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTgvZTBmMmY2LTNhOGEtNGRhYS04MjcxLTVkNjY1ZTk5OGY2YS8x
L3JlYjVxTzBRWVVyTXZ5WFZ4NmplbUdRUmRsay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgv
ZTBmMmY2LTNhOGEtNGRhYS04MjcxLTVkNjY1ZTk5OGY2YS8xL2FNVVFfSnVHWFpi
anI4ZkZZRmJ2clpvekRGcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAE1PzDANBgkqhkiG9w0BAQsFAAOC
AQEAKbgB8sB/gd765405Zdsijc2+gLdbEKZLqUJgS1LFIZ0ztD2ZdAG8Y6XTkFqP
45Vv+kNgPoaxycdPjPFQbOV6TV9gWUzAQH2o17v1rv70oRQwMU/uX0pwamujr41B
Wa1N++slu2COEw+U4q9PPReElBj0Ij62sa+CmRbSZbeIAFetayCoCIZs4vVWKPnj
oFJulrmq8iYVbUf8UObpAfdLRA4HINQyBqOmx2ttu9f2Y0ZZLzry2QluQPvT4iWZ
XGWWlMtn9czhrMxjL5LaCUYZ3UiR9giwkMRzhIV258X2VCDhH3EWkaFoydYvGL97
zicBcsa4dvHHCnQ3dBmcf8TRFg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:43 2023 by rpki-client on console-fra.rpki-client.org