Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/BrhbGF7o--IASNIgXhpvWagCPLE.roa
File: BrhbGF7o--IASNIgXhpvWagCPLE.roa (raw, json)
Hash identifier: CHpsWpcWqT1XLFP/x9CcR6IBvonIkyTfBtMrofPUvDg=
Subject key identifier: 06:B8:5B:18:5E:E8:FB:E2:00:48:D2:20:5E:1A:6F:59:A8:02:3C:B1
Certificate issuer: /CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Certificate serial: 0182ED99A6C24740BAF344ACD9EDE08E2350
Authority key identifier: D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/BrhbGF7o--IASNIgXhpvWagCPLE.roa
Signing time: Tue 30 Aug 2022 07:14:06 +0000
ROA not before: Tue 30 Aug 2022 07:14:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 77.74.228.0/24 maxlen: 24
109.105.192.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ed:99:a6:c2:47:40:ba:f3:44:ac:d9:ed:e0:8e:23:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Validity
Not Before: Aug 30 07:14:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=06b85b185ee8fbe20048d2205e1a6f59a8023cb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c2:f3:2e:6b:a6:2c:fb:01:1d:48:11:7d:f6:
31:48:16:3b:3e:fe:d9:15:de:05:c5:e5:8c:cd:09:
a4:22:f1:c7:bb:a7:6f:b2:0c:39:1d:47:d2:2a:d8:
23:dc:8c:0a:2b:14:73:c2:d9:81:4f:c4:98:cf:84:
04:62:fb:bb:1e:31:98:d7:1a:3c:13:1c:a2:52:8c:
a1:01:d7:ae:b6:5e:80:06:0e:19:c1:42:2e:29:45:
cd:68:a4:8a:22:51:53:82:f6:25:da:a9:a7:b4:5c:
2c:4a:3f:13:8f:5b:bc:27:0f:7d:02:dc:1c:19:3d:
d6:3f:db:9c:e1:61:63:eb:70:15:0f:47:e4:68:cc:
df:9f:85:38:97:be:c8:7d:d4:8e:33:93:c6:ce:cd:
e2:85:cf:8c:2e:8d:91:0a:d1:1c:53:2f:ab:3a:21:
a6:b8:4b:4e:d2:c7:4e:c7:85:e5:02:95:12:bc:18:
df:79:a2:94:67:e8:b3:d1:8e:25:88:98:06:ce:57:
cc:63:0a:f2:53:bc:48:39:c3:db:2d:cc:a2:88:48:
f6:a9:c3:5c:75:50:a6:7b:c2:f8:9d:61:f6:28:2c:
ea:bf:e2:90:43:86:b8:69:3d:9c:79:9e:fb:6f:da:
8f:4d:91:18:94:7d:4e:3a:f7:4b:07:b0:2e:0b:c4:
9f:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:B8:5B:18:5E:E8:FB:E2:00:48:D2:20:5E:1A:6F:59:A8:02:3C:B1
X509v3 Authority Key Identifier:
keyid:D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/BrhbGF7o--IASNIgXhpvWagCPLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.74.228.0/24
109.105.192.0/24
Signature Algorithm: sha256WithRSAEncryption
63:e8:27:84:7e:99:65:22:c1:2e:31:70:03:e5:f2:ef:be:a9:
89:4f:72:de:1f:63:52:52:2c:ec:13:76:28:ee:53:1d:4e:bf:
87:32:b6:94:32:79:fb:f7:ce:c6:f8:fe:04:0d:0c:d6:50:07:
28:f6:82:24:e6:8c:93:c2:14:f2:af:43:22:ff:bb:be:22:87:
99:be:f8:54:1d:05:b9:92:0a:26:99:6b:38:93:80:32:9b:05:
ae:d2:2c:a7:fc:93:3c:b4:b9:df:83:82:6f:7c:1f:96:25:40:
7a:70:ca:4f:e3:b3:63:68:59:6c:63:21:a8:82:3d:c7:88:47:
29:bc:13:04:11:5f:cc:33:42:f7:18:0c:fe:c7:52:1c:b0:72:
09:cb:80:3f:31:56:10:60:1a:7f:07:d0:f2:93:13:f9:ac:46:
b0:fc:c1:8a:3f:c7:90:03:af:d5:5e:e6:e7:a0:d7:be:c9:a6:
bf:62:7a:80:1f:0f:40:c8:d0:36:04:90:4d:78:68:f9:ab:8f:
41:6f:4a:38:9d:0f:6a:5e:a1:25:92:a1:53:75:de:51:dd:c4:
f2:72:28:72:d1:55:e1:46:e4:7b:4a:26:c6:bf:ab:e3:b3:47:
9e:17:0a:bd:d7:83:48:86:7b:7d:2a:a2:9b:d5:df:f6:df:2c:
28:36:5a:b6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYLtmabCR0C680Ss2e3gjiNQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YzYwYTBkMmQ3MGE5MzM3ZDBiZGE1NmQxYWQ1OTZhYzFm
NjljZGEwHhcNMjIwODMwMDcxNDA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmI4NWIxODVlZThmYmUyMDA0OGQyMjA1ZTFhNmY1OWE4MDIzY2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8LzLmumLPsBHUgRffYxSBY7Pv7Z
Fd4FxeWMzQmkIvHHu6dvsgw5HUfSKtgj3IwKKxRzwtmBT8SYz4QEYvu7HjGY1xo8
ExyiUoyhAdeutl6ABg4ZwUIuKUXNaKSKIlFTgvYl2qmntFwsSj8Tj1u8Jw99Atwc
GT3WP9uc4WFj63AVD0fkaMzfn4U4l77IfdSOM5PGzs3ihc+MLo2RCtEcUy+rOiGm
uEtO0sdOx4XlApUSvBjfeaKUZ+iz0Y4liJgGzlfMYwryU7xIOcPbLcyiiEj2qcNc
dVCme8L4nWH2KCzqv+KQQ4a4aT2ceZ77b9qPTZEYlH1OOvdLB7AuC8Sf4QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAa4Wxhe6PviAEjSIF4ab1moAjyxMB8GA1UdIwQY
MBaAFNjGCg0tcKkzfQvaVtGtWWrB9pzaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUt
ZGQyOTRjMzc4ZjZjLzEvQnJoYkdGN28tLUlBU05JZ1hocHZXYWdDUExFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUtZGQyOTRjMzc4ZjZj
LzEvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATUrkAwQA
bWnAMA0GCSqGSIb3DQEBCwUAA4IBAQBj6CeEfpllIsEuMXAD5fLvvqmJT3LeH2NS
UizsE3Yo7lMdTr+HMraUMnn7987G+P4EDQzWUAco9oIk5oyTwhTyr0Mi/7u+IoeZ
vvhUHQW5kgommWs4k4AymwWu0iyn/JM8tLnfg4JvfB+WJUB6cMpP47NjaFlsYyGo
gj3HiEcpvBMEEV/MM0L3GAz+x1IcsHIJy4A/MVYQYBp/B9DykxP5rEaw/MGKP8eQ
A6/VXubnoNe+yaa/YnqAHw9AyNA2BJBNeGj5q49Bb0o4nQ9qXqElkqFTdd5R3cTy
cihy0VXhRuR7SibGv6vjs0eeFwq914NIhnt9KqKb1d/23ywoNlq2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:36 2024 by rpki-client on console-fra.rpki-client.org