Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/302863-5689-43fc-872f-fc44a8ace370/1/iyH9dkZ8rPBAEMFU0EMLi1wjxoc.roa
File: iyH9dkZ8rPBAEMFU0EMLi1wjxoc.roa (raw, json)
Hash identifier: /eInQoE+5wGV61hXQkI7FN3fUEA2XnvTAAt6G1Wf6Cw=
Subject key identifier: 8B:21:FD:76:46:7C:AC:F0:40:10:C1:54:D0:43:0B:8B:5C:23:C6:87
Certificate issuer: /CN=864b0e13cf27aff66be730bece98e04b00fdfb9e
Certificate serial: 07FD6CD3
Authority key identifier: 86:4B:0E:13:CF:27:AF:F6:6B:E7:30:BE:CE:98:E0:4B:00:FD:FB:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hksOE88nr_Zr5zC-zpjgSwD9-54.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/302863-5689-43fc-872f-fc44a8ace370/1/iyH9dkZ8rPBAEMFU0EMLi1wjxoc.roa
Signing time: Sat 01 Jan 2022 09:01:40 +0000
ROA not before: Sat 01 Jan 2022 09:01:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8312
IP address blocks: 77.74.48.0/21 maxlen: 21
77.74.48.0/22 maxlen: 22
193.189.149.0/24 maxlen: 24
185.58.56.0/22 maxlen: 22
77.74.52.0/22 maxlen: 22
195.210.56.0/23 maxlen: 23
185.58.59.0/24 maxlen: 24
193.16.154.0/24 maxlen: 24
2a01:310::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 134048979 (0x7fd6cd3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=864b0e13cf27aff66be730bece98e04b00fdfb9e
Validity
Not Before: Jan 1 09:01:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8b21fd76467cacf04010c154d0430b8b5c23c687
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:58:c2:22:46:72:44:d5:b9:4f:ed:c4:49:8e:
0e:e6:84:6c:5a:56:e4:79:44:b7:9f:2a:d3:ca:bf:
0b:60:31:63:60:4a:8e:94:f4:c8:2c:72:87:32:ea:
db:a0:10:85:c1:c9:5e:21:0f:1e:ad:8b:c6:ab:64:
83:4b:aa:2b:69:3c:6d:1e:2f:1b:34:d5:ca:3a:f2:
39:3b:aa:e8:e0:1f:c4:44:73:da:ca:3c:a5:8d:f8:
4a:dd:55:0f:eb:cc:4b:c5:a8:65:df:ae:e9:6c:d5:
45:55:7a:ac:98:a5:8c:a7:14:ca:9e:bb:4e:e9:27:
5e:e6:a2:1d:9d:a9:b7:03:de:36:b9:3d:7f:0f:49:
60:a3:32:6d:aa:b9:92:f1:86:15:71:3c:0c:80:ee:
52:f1:8c:5d:f8:82:3b:c1:78:85:9d:cc:80:ba:0b:
30:13:13:d2:e6:ee:16:53:0e:f4:e0:8a:a6:8c:ca:
7c:9d:71:3e:cf:32:64:d2:55:9e:95:54:ff:8c:f6:
11:66:83:70:37:10:ed:8d:45:04:50:67:b2:b5:02:
3a:85:e9:f9:2c:ec:37:e1:12:da:f9:2c:4d:49:30:
e1:c2:34:b0:9e:62:04:78:0d:af:b9:f6:72:ff:0f:
36:b3:af:39:21:a6:01:df:71:23:ef:06:10:a5:19:
3d:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:21:FD:76:46:7C:AC:F0:40:10:C1:54:D0:43:0B:8B:5C:23:C6:87
X509v3 Authority Key Identifier:
keyid:86:4B:0E:13:CF:27:AF:F6:6B:E7:30:BE:CE:98:E0:4B:00:FD:FB:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hksOE88nr_Zr5zC-zpjgSwD9-54.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/302863-5689-43fc-872f-fc44a8ace370/1/iyH9dkZ8rPBAEMFU0EMLi1wjxoc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/302863-5689-43fc-872f-fc44a8ace370/1/hksOE88nr_Zr5zC-zpjgSwD9-54.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.74.48.0/21
185.58.56.0/22
193.16.154.0/24
193.189.149.0/24
195.210.56.0/23
IPv6:
2a01:310::/32
Signature Algorithm: sha256WithRSAEncryption
3b:ba:38:fd:f2:24:55:73:4e:38:93:13:00:ea:f5:17:af:bb:
0f:1c:0d:68:c6:8b:0c:78:25:5b:09:65:43:44:0c:fe:5e:85:
92:90:8b:e0:63:a6:7f:74:aa:75:3d:95:ac:db:f6:fe:20:ee:
7f:8b:0f:19:c0:eb:6b:88:94:33:0d:b8:53:bf:ef:f7:aa:ba:
c0:a2:e6:d1:05:03:cc:d2:cc:ef:d1:c1:34:39:09:bb:1a:21:
89:24:41:e8:8d:9f:69:50:2d:c6:31:7a:28:e7:9e:71:b0:f8:
54:23:46:7f:33:6a:d6:cc:5b:27:94:76:ee:5b:f8:f9:1a:db:
d3:b7:3e:f3:8c:66:52:e9:b9:8c:e1:b6:80:27:da:29:b5:c6:
8b:4d:d7:9f:ad:68:03:10:64:30:dd:0d:48:e6:37:68:e1:5d:
d1:26:02:d9:77:96:20:4a:62:57:2a:c8:96:25:5f:11:15:d6:
b7:96:31:ad:58:d7:61:13:ea:a6:f4:db:63:26:57:ba:14:e2:
34:8a:27:78:6f:d9:3b:fc:78:5a:60:04:3d:f3:36:f4:0b:9e:
57:29:91:a0:8e:a7:a1:f7:a6:c7:95:df:5f:ba:1d:18:cf:10:
f0:a6:c3:2d:8a:4f:89:be:e7:f9:2c:a8:27:8a:0d:57:de:6f:
ca:18:69:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEB/1s0zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NjRiMGUxM2NmMjdhZmY2NmJlNzMwYmVjZTk4ZTA0YjAwZmRmYjllMB4XDTIyMDEw
MTA5MDE0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGIyMWZkNzY0Njdj
YWNmMDQwMTBjMTU0ZDA0MzBiOGI1YzIzYzY4NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMBYwiJGckTVuU/txEmODuaEbFpW5HlEt58q08q/C2AxY2BK
jpT0yCxyhzLq26AQhcHJXiEPHq2Lxqtkg0uqK2k8bR4vGzTVyjryOTuq6OAfxERz
2so8pY34St1VD+vMS8WoZd+u6WzVRVV6rJiljKcUyp67TuknXuaiHZ2ptwPeNrk9
fw9JYKMybaq5kvGGFXE8DIDuUvGMXfiCO8F4hZ3MgLoLMBMT0ubuFlMO9OCKpozK
fJ1xPs8yZNJVnpVU/4z2EWaDcDcQ7Y1FBFBnsrUCOoXp+SzsN+ES2vksTUkw4cI0
sJ5iBHgNr7n2cv8PNrOvOSGmAd9xI+8GEKUZPc0CAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBSLIf12Rnys8EAQwVTQQwuLXCPGhzAfBgNVHSMEGDAWgBSGSw4Tzyev9mvn
ML7OmOBLAP37njAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hrc09FODhucl9acjV6Qy16cGpnU3dEOS01NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjMvMzAyODYzLTU2ODktNDNmYy04NzJmLWZjNDRhOGFjZTM3MC8x
L2l5SDlka1o4clBCQUVNRlUwRU1MaTF3anhvYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjMv
MzAyODYzLTU2ODktNDNmYy04NzJmLWZjNDRhOGFjZTM3MC8xL2hrc09FODhucl9a
cjV6Qy16cGpnU3dEOS01NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEA01KMAMEArk6OAMEAMEQmgMEAMG9
lQMEAcPSODANBAIAAjAHAwUAKgEDEDANBgkqhkiG9w0BAQsFAAOCAQEAO7o4/fIk
VXNOOJMTAOr1F6+7DxwNaMaLDHglWwllQ0QM/l6FkpCL4GOmf3SqdT2VrNv2/iDu
f4sPGcDra4iUMw24U7/v96q6wKLm0QUDzNLM79HBNDkJuxohiSRB6I2faVAtxjF6
KOeecbD4VCNGfzNq1sxbJ5R27lv4+Rrb07c+84xmUum5jOG2gCfaKbXGi03Xn61o
AxBkMN0NSOY3aOFd0SYC2XeWIEpiVyrIliVfERXWt5YxrVjXYRPqpvTbYyZXuhTi
NIoneG/ZO/x4WmAEPfM29AueVymRoI6nofemx5XfX7odGM8Q8KbDLYpPib7n+Syo
J4oNV95vyhhp3Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:15 2023 by rpki-client on console-fra.rpki-client.org