Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/y33MDQgJzePCjhvU4r3Brh3uyac.roa
File: y33MDQgJzePCjhvU4r3Brh3uyac.roa (raw, json)
Hash identifier: w7kPHlLhYme33wnWFpaUZryUWUXj+mQQARI+rLJLI7c=
Subject key identifier: CB:7D:CC:0D:08:09:CD:E3:C2:8E:1B:D4:E2:BD:C1:AE:1D:EE:C9:A7
Certificate issuer: /CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Certificate serial: 0181EC2F2DFD7F0C31FDDCDEBD99EF847BC3
Authority key identifier: 68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/y33MDQgJzePCjhvU4r3Brh3uyac.roa
Signing time: Mon 11 Jul 2022 07:35:23 +0000
ROA not before: Mon 11 Jul 2022 07:35:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34342
IP address blocks: 77.79.225.0/25 maxlen: 25
185.2.112.0/22 maxlen: 22
195.167.156.0/24 maxlen: 24
195.167.157.0/24 maxlen: 24
85.232.248.0/24 maxlen: 24
2001:1a68:19:400::/54 maxlen: 54
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:ec:2f:2d:fd:7f:0c:31:fd:dc:de:bd:99:ef:84:7b:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Validity
Not Before: Jul 11 07:35:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cb7dcc0d0809cde3c28e1bd4e2bdc1ae1deec9a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:ac:10:6f:e0:53:40:b8:59:bc:74:ef:59:18:
69:f0:d2:46:5b:56:3f:e2:51:79:30:0d:d2:b6:e5:
a1:38:cf:35:e6:63:3a:0b:b4:8c:8f:6c:d9:64:0f:
12:e3:57:d4:95:b2:37:fe:a4:f9:0e:ca:3b:44:b1:
fa:a0:49:3c:15:ea:e3:9f:d9:a6:c4:cd:80:f4:2c:
9f:8a:2f:0d:b2:32:58:57:59:1d:79:83:3c:b0:d0:
1e:6c:f0:24:87:a2:73:f5:d8:66:6a:ba:6e:26:90:
58:e0:90:fa:8a:0a:30:78:f6:c2:75:d2:7a:dd:c4:
d0:c2:ba:89:b4:c3:90:8c:06:26:f8:b3:38:94:4c:
5e:17:20:a9:64:ba:d3:5b:a9:dc:f2:31:25:5f:22:
e5:ab:dc:8e:d6:32:52:c3:b7:93:2d:1f:86:99:34:
f0:d1:b4:b7:60:ca:3b:66:e9:7a:45:cd:76:57:43:
04:62:c4:31:83:b8:dd:1f:90:ab:71:94:9a:05:9f:
2f:7c:7f:c9:2f:41:e7:a5:88:fe:9a:a9:02:a2:e2:
30:77:24:2e:f1:94:ff:4d:83:06:f9:9b:27:a1:bb:
c0:ca:45:b7:2a:3e:64:7e:24:13:40:ba:32:1b:6f:
af:eb:9f:af:56:a2:3c:63:bb:3a:4a:cd:6e:95:83:
f4:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:7D:CC:0D:08:09:CD:E3:C2:8E:1B:D4:E2:BD:C1:AE:1D:EE:C9:A7
X509v3 Authority Key Identifier:
keyid:68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/y33MDQgJzePCjhvU4r3Brh3uyac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.79.225.0/25
85.232.248.0/24
185.2.112.0/22
195.167.156.0/23
IPv6:
2001:1a68:19:400::/54
Signature Algorithm: sha256WithRSAEncryption
68:35:b0:7d:eb:7e:a7:f3:2a:d3:28:4e:d4:51:72:4d:f3:2a:
ed:89:05:8e:54:69:96:d3:0c:89:8f:26:6b:1b:ed:d9:05:02:
1d:04:af:c8:f6:2a:6c:20:dc:41:af:82:32:6e:2e:de:9a:3f:
b0:22:5e:3c:18:d3:3d:13:f9:9d:2c:c3:94:2d:28:b9:99:87:
1e:1f:8b:15:07:64:15:18:53:36:a8:5d:c3:aa:2e:db:0a:76:
72:bf:ce:cd:79:4c:70:58:50:c6:db:30:72:4e:af:b6:17:91:
7a:0b:57:9e:22:06:35:1b:a0:4e:75:60:0a:9d:52:74:a8:ab:
c0:78:82:6f:91:5b:26:2a:8b:46:8f:2f:60:44:70:2d:a7:6d:
44:08:59:c7:e9:03:44:77:1f:dd:3a:80:05:69:78:8b:0d:0c:
23:04:01:58:53:81:94:7d:3c:37:af:fc:9e:1e:9d:9b:2b:b4:
9e:99:9e:58:68:9b:45:27:a0:60:c7:9c:92:6d:5d:76:34:09:
57:15:df:9c:10:a3:d2:cf:d9:6d:40:7a:4e:09:bf:45:e6:ea:
a4:a6:cc:be:63:81:0d:3e:6e:d2:15:db:5b:60:4d:c5:22:9e:
c0:df:65:96:40:39:9b:93:43:9e:79:fe:e4:1b:2a:6c:b9:28:
95:ed:62:59
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYHsLy39fwwx/dzevZnvhHvDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzUxMGZjOWI4NjVkOTZlM2FmYzdjNTYwNTZlZmFkOWEz
MzBjNWIwHhcNMjIwNzExMDczNTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjdkY2MwZDA4MDljZGUzYzI4ZTFiZDRlMmJkYzFhZTFkZWVjOWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3qwQb+BTQLhZvHTvWRhp8NJGW1Y/
4lF5MA3StuWhOM815mM6C7SMj2zZZA8S41fUlbI3/qT5Dso7RLH6oEk8Ferjn9mm
xM2A9Cyfii8NsjJYV1kdeYM8sNAebPAkh6Jz9dhmarpuJpBY4JD6igowePbCddJ6
3cTQwrqJtMOQjAYm+LM4lExeFyCpZLrTW6nc8jElXyLlq9yO1jJSw7eTLR+GmTTw
0bS3YMo7Zul6Rc12V0MEYsQxg7jdH5CrcZSaBZ8vfH/JL0HnpYj+mqkCouIwdyQu
8ZT/TYMG+ZsnobvAykW3Kj5kfiQTQLoyG2+v65+vVqI8Y7s6Ss1ulYP0yQIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFMt9zA0ICc3jwo4b1OK9wa4d7smnMB8GA1UdIwQY
MBaAFGjFEPybhl2W46/HxWBW762aMwxbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEt
NWQ2NjVlOTk4ZjZhLzEveTMzTURRZ0p6ZVBDamh2VTRyM0JyaDN1eWFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEtNWQ2NjVlOTk4ZjZh
LzEvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAfBAIAATAZAwUHTU/hAAME
AFXo+AMEArkCcAMEAcOnnDAQBAIAAjAKAwgCIAEaaAAZBDANBgkqhkiG9w0BAQsF
AAOCAQEAaDWwfet+p/Mq0yhO1FFyTfMq7YkFjlRpltMMiY8maxvt2QUCHQSvyPYq
bCDcQa+CMm4u3po/sCJePBjTPRP5nSzDlC0ouZmHHh+LFQdkFRhTNqhdw6ou2wp2
cr/OzXlMcFhQxtswck6vtheRegtXniIGNRugTnVgCp1SdKirwHiCb5FbJiqLRo8v
YERwLadtRAhZx+kDRHcf3TqABWl4iw0MIwQBWFOBlH08N6/8nh6dmyu0npmeWGib
RSegYMeckm1ddjQJVxXfnBCj0s/ZbUB6Tgm/RebqpKbMvmOBDT5u0hXbW2BNxSKe
wN9llkA5m5NDnnn+5BsqbLkole1iWQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:57 2024 by rpki-client on console-fra.rpki-client.org