Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/KmvE3GxFfEoM7G82JbWDg6vJKIs.roa
File: KmvE3GxFfEoM7G82JbWDg6vJKIs.roa (raw, json)
Hash identifier: 81RrS+ZRR9iGxQGUsMD4NfonaL2SS1GDD4dfC+LMaIk=
Subject key identifier: 2A:6B:C4:DC:6C:45:7C:4A:0C:EC:6F:36:25:B5:83:83:AB:C9:28:8B
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 0184E6E558E9065D52DE839DD51884FAC0A6
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/KmvE3GxFfEoM7G82JbWDg6vJKIs.roa
Signing time: Tue 06 Dec 2022 10:05:00 +0000
ROA not before: Tue 06 Dec 2022 10:05:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48944
IP address blocks: 77.104.108.0/24 maxlen: 24
77.104.109.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e6:e5:58:e9:06:5d:52:de:83:9d:d5:18:84:fa:c0:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Dec 6 10:05:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a6bc4dc6c457c4a0cec6f3625b58383abc9288b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:0b:ea:10:40:e5:dc:c5:1a:82:96:bb:d3:ac:
fd:ed:30:ea:72:d9:41:7b:f5:1c:42:94:06:14:d1:
c7:9d:dd:ff:23:9e:e7:cf:21:a6:d9:f2:04:e7:a7:
c7:ed:fc:df:7a:e0:a5:4d:ff:ae:25:8f:7c:05:e4:
33:b3:8c:8f:8d:4a:78:a6:b1:c0:6e:29:f4:0d:d1:
17:0a:90:17:ee:30:7f:a6:7e:54:4b:e3:98:b0:55:
55:6d:50:2e:df:02:34:6d:9b:e8:67:fa:dc:35:01:
87:92:62:8c:a2:ee:05:6b:d2:5d:98:32:0d:52:84:
71:7f:2b:69:f8:ed:92:e4:35:c1:3e:b0:0c:69:b5:
db:22:9b:5d:88:52:df:b8:f1:61:d7:a4:9b:8d:5a:
26:4c:42:97:f5:74:f7:a8:fb:7d:09:3c:30:41:b8:
44:3e:aa:6d:d0:57:37:92:70:0f:b3:27:6b:51:a2:
1a:83:24:71:3e:3e:71:8b:3e:7b:b5:ab:7a:4d:aa:
35:4d:6e:69:4c:be:b0:48:28:1d:f3:06:14:4c:5e:
82:c4:e6:33:cd:13:db:48:d6:fe:d6:cd:31:a9:e6:
07:9b:53:1b:5f:fa:d2:e2:d8:6e:18:06:a6:fc:6d:
be:ab:4f:fd:a0:04:eb:7d:c6:ff:88:07:4a:ba:3f:
13:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:6B:C4:DC:6C:45:7C:4A:0C:EC:6F:36:25:B5:83:83:AB:C9:28:8B
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/KmvE3GxFfEoM7G82JbWDg6vJKIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.104.108.0/23
Signature Algorithm: sha256WithRSAEncryption
a8:86:c1:fe:6e:7f:ad:05:83:98:88:67:9f:5a:af:27:fd:51:
1a:d0:ed:5f:0b:3d:d9:d5:d4:79:8d:26:6d:e1:e2:bc:0d:4d:
a4:78:e1:82:01:e7:81:c4:6d:ea:6e:43:8d:5f:7f:b9:75:4c:
13:27:1d:c6:34:b1:4c:f3:4e:f2:a0:09:4b:8a:9f:d8:2e:03:
bb:a7:74:89:91:2e:c6:fa:b8:bd:a8:aa:77:85:11:b4:3f:ed:
13:d8:82:d2:e8:da:b6:79:ad:a6:9f:e8:57:a1:34:8d:39:24:
a7:ea:42:d5:77:e9:00:fe:e9:81:5c:6b:e9:d0:af:0c:ed:51:
b9:ca:1e:89:d5:e2:25:19:13:49:ac:27:66:e6:8d:a8:e0:af:
3c:97:5f:ed:cf:57:6a:8a:ee:d9:71:e8:57:a2:c3:57:d0:83:
71:dc:be:e5:2f:57:ce:c0:b0:d8:78:1c:08:c0:05:8d:de:58:
b5:e7:0e:cb:a5:9d:c7:aa:06:88:52:4d:e0:68:91:74:7f:d7:
2d:aa:aa:6d:d3:47:1b:df:a3:54:ae:f9:52:9e:f0:1b:f5:e2:
3e:19:8a:ea:59:c3:42:c8:b3:42:47:96:b6:7c:03:ad:d9:2e:
74:40:2a:7f:02:a4:4b:e3:26:45:c8:c8:6e:32:eb:e3:1d:14:
4b:ea:bd:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTm5VjpBl1S3oOd1RiE+sCmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjIxMjA2MTAwNTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTZiYzRkYzZjNDU3YzRhMGNlYzZmMzYyNWI1ODM4M2FiYzkyODhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwvqEEDl3MUagpa706z97TDqctlB
e/UcQpQGFNHHnd3/I57nzyGm2fIE56fH7fzfeuClTf+uJY98BeQzs4yPjUp4prHA
bin0DdEXCpAX7jB/pn5US+OYsFVVbVAu3wI0bZvoZ/rcNQGHkmKMou4Fa9JdmDIN
UoRxfytp+O2S5DXBPrAMabXbIptdiFLfuPFh16SbjVomTEKX9XT3qPt9CTwwQbhE
Pqpt0Fc3knAPsydrUaIagyRxPj5xiz57tat6Tao1TW5pTL6wSCgd8wYUTF6CxOYz
zRPbSNb+1s0xqeYHm1MbX/rS4thuGAam/G2+q0/9oATrfcb/iAdKuj8TQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCprxNxsRXxKDOxvNiW1g4OrySiLMB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvS212RTNHeEZmRW9NN0c4MkpiV0RnNnZKS0lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBTWhsMA0G
CSqGSIb3DQEBCwUAA4IBAQCohsH+bn+tBYOYiGefWq8n/VEa0O1fCz3Z1dR5jSZt
4eK8DU2keOGCAeeBxG3qbkONX3+5dUwTJx3GNLFM807yoAlLip/YLgO7p3SJkS7G
+ri9qKp3hRG0P+0T2ILS6Nq2ea2mn+hXoTSNOSSn6kLVd+kA/umBXGvp0K8M7VG5
yh6J1eIlGRNJrCdm5o2o4K88l1/tz1dqiu7ZcehXosNX0INx3L7lL1fOwLDYeBwI
wAWN3li15w7LpZ3HqgaIUk3gaJF0f9ctqqpt00cb36NUrvlSnvAb9eI+GYrqWcNC
yLNCR5a2fAOt2S50QCp/AqRL4yZFyMhuMuvjHRRL6r1I
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:31 2024 by rpki-client on console-fra.rpki-client.org