Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/HsTtSWSoAxaDbs3VeFrlR8VRDQY.roa
File: HsTtSWSoAxaDbs3VeFrlR8VRDQY.roa (raw, json)
Hash identifier: 6opa9a8aBluiDq55P7H4OPqocfhOYpFV5R+etVX/jME=
Subject key identifier: 1E:C4:ED:49:64:A8:03:16:83:6E:CD:D5:78:5A:E5:47:C5:51:0D:06
Certificate issuer: /CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Certificate serial: 01F84367
Authority key identifier: D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/HsTtSWSoAxaDbs3VeFrlR8VRDQY.roa
Signing time: Wed 02 Mar 2022 14:53:57 +0000
ROA not before: Wed 02 Mar 2022 14:53:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43179
IP address blocks: 77.74.226.0/24 maxlen: 24
77.74.224.0/24 maxlen: 24
77.74.228.0/24 maxlen: 24
77.74.229.0/24 maxlen: 24
77.74.227.0/24 maxlen: 24
109.105.194.0/24 maxlen: 24
109.105.193.0/24 maxlen: 24
109.105.206.0/24 maxlen: 24
109.105.204.0/24 maxlen: 24
109.105.202.0/24 maxlen: 24
109.105.203.0/24 maxlen: 24
109.105.201.0/24 maxlen: 24
109.105.200.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33047399 (0x1f84367)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Validity
Not Before: Mar 2 14:53:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1ec4ed4964a80316836ecdd5785ae547c5510d06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:57:0c:8e:09:86:c5:03:18:b1:64:cd:42:c8:
78:12:68:3f:9e:ff:7e:41:75:39:98:4b:e4:dc:36:
b3:d6:f8:c4:17:36:ae:fe:04:2b:f5:0d:8b:b9:3d:
c8:5d:c6:cd:3b:17:8d:2f:ab:8a:67:c6:ec:0c:97:
16:59:bd:7c:e5:a8:95:b5:f7:40:9a:17:71:64:b3:
f8:79:cb:e4:40:2d:1b:7c:79:5a:f9:71:f0:e5:66:
ad:77:51:b4:67:e8:ff:1f:68:39:6c:95:e8:1c:bc:
d1:ff:fb:94:f6:36:61:8f:fe:1a:5f:d2:0c:19:f6:
a7:6c:38:6c:6c:5c:c4:45:a5:6c:6b:12:61:17:0d:
a2:8c:9f:c9:ce:2f:9c:fa:3f:47:7a:34:af:64:f6:
8c:8f:a7:b3:4d:46:e6:ed:2f:c6:93:05:db:d6:b3:
b3:97:95:cf:96:2a:b7:21:b8:15:15:31:40:14:6e:
09:fc:b5:06:2b:a8:bf:93:54:c8:ba:90:a6:76:33:
4e:d2:bd:f9:3f:8d:01:f6:b6:a0:07:f2:67:81:dd:
66:3a:7f:88:24:2a:2f:50:1a:a5:74:aa:e3:9d:e7:
01:42:f9:7f:39:eb:56:43:14:95:38:f8:8e:61:64:
2c:d5:b8:e1:4a:c6:1c:67:b1:65:78:62:31:61:44:
72:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:C4:ED:49:64:A8:03:16:83:6E:CD:D5:78:5A:E5:47:C5:51:0D:06
X509v3 Authority Key Identifier:
keyid:D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/HsTtSWSoAxaDbs3VeFrlR8VRDQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.74.224.0/24
77.74.226.0-77.74.229.255
109.105.193.0-109.105.194.255
109.105.200.0-109.105.204.255
109.105.206.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:a5:7c:96:32:70:43:cf:ab:32:30:03:9a:69:67:91:50:c7:
96:40:e9:28:39:17:ff:e6:91:ff:db:4c:8e:d3:60:dd:47:22:
b5:f4:e6:0b:89:fa:78:97:06:26:8a:f0:18:a8:6a:c5:8a:34:
84:b7:f0:63:d0:13:f4:fd:2e:a8:48:8b:8b:c9:1d:8f:00:ab:
34:63:c6:6f:b3:5e:8e:bf:54:8b:08:ea:35:35:2e:19:f3:e1:
fc:dd:fa:69:9b:45:d6:e8:9e:3b:8c:e3:17:e2:12:dc:23:30:
28:77:3e:97:40:bf:15:2b:97:19:36:17:db:11:19:64:99:9b:
9c:26:5c:0e:d6:e0:83:1f:b8:84:01:31:aa:89:41:44:82:a6:
66:a3:23:a1:21:82:0d:0f:a4:b1:a6:35:ce:9a:c8:df:1d:dd:
f4:9e:db:23:bc:fa:00:8b:29:44:16:02:1b:85:73:97:6b:fa:
f1:27:c6:af:fe:c6:a8:3f:19:0f:ff:68:ce:5e:26:a7:84:47:
9e:2e:c1:8f:88:22:58:ce:cc:dc:73:c2:89:62:ec:98:52:08:
ba:f3:77:43:f4:25:48:7e:df:fc:9a:d5:13:a0:ec:8c:c6:c3:
a2:06:2b:ac:d6:fb:09:98:cc:a7:ba:80:c8:68:86:51:26:87:
bc:5c:4a:a9
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEAfhDZzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OGM2MGEwZDJkNzBhOTMzN2QwYmRhNTZkMWFkNTk2YWMxZjY5Y2RhMB4XDTIyMDMw
MjE0NTM1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWVjNGVkNDk2NGE4
MDMxNjgzNmVjZGQ1Nzg1YWU1NDdjNTUxMGQwNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOFXDI4JhsUDGLFkzULIeBJoP57/fkF1OZhL5Nw2s9b4xBc2
rv4EK/UNi7k9yF3GzTsXjS+rimfG7AyXFlm9fOWolbX3QJoXcWSz+HnL5EAtG3x5
Wvlx8OVmrXdRtGfo/x9oOWyV6By80f/7lPY2YY/+Gl/SDBn2p2w4bGxcxEWlbGsS
YRcNooyfyc4vnPo/R3o0r2T2jI+ns01G5u0vxpMF29azs5eVz5YqtyG4FRUxQBRu
Cfy1Biuov5NUyLqQpnYzTtK9+T+NAfa2oAfyZ4HdZjp/iCQqL1AapXSq453nAUL5
fznrVkMUlTj4jmFkLNW44UrGHGexZXhiMWFEcvUCAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBQexO1JZKgDFoNuzdV4WuVHxVENBjAfBgNVHSMEGDAWgBTYxgoNLXCpM30L
2lbRrVlqwfac2jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJNWUtEUzF3cVROOUM5cFcwYTFaYXNIMm5Oby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvYjUxYTg1LWY5OWYtNDIzZi05ZmFlLWRkMjk0YzM3OGY2Yy8x
L0hzVHRTV1NvQXhhRGJzM1ZlRnJsUjhWUkRRWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
YjUxYTg1LWY5OWYtNDIzZi05ZmFlLWRkMjk0YzM3OGY2Yy8xLzJNWUtEUzF3cVRO
OUM5cFcwYTFaYXNIMm5Oby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAE1K4DAMAwQBTUriAwQBTUrkMAwD
BABtacEDBABtacIwDAMEA21pyAMEAG1pzAMEAG1pzjANBgkqhkiG9w0BAQsFAAOC
AQEAnqV8ljJwQ8+rMjADmmlnkVDHlkDpKDkX/+aR/9tMjtNg3UcitfTmC4n6eJcG
JorwGKhqxYo0hLfwY9AT9P0uqEiLi8kdjwCrNGPGb7Nejr9UiwjqNTUuGfPh/N36
aZtF1uieO4zjF+IS3CMwKHc+l0C/FSuXGTYX2xEZZJmbnCZcDtbggx+4hAExqolB
RIKmZqMjoSGCDQ+ksaY1zprI3x3d9J7bI7z6AIspRBYCG4Vzl2v68SfGr/7GqD8Z
D/9ozl4mp4RHni7Bj4giWM7M3HPCiWLsmFIIuvN3Q/QlSH7f/JrVE6DsjMbDogYr
rNb7CZjMp7qAyGiGUSaHvFxKqQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:36 2024 by rpki-client on console-fra.rpki-client.org