Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/IblrDS-Pcz65AFV-Ub2GRXZXrSw.roa
File: IblrDS-Pcz65AFV-Ub2GRXZXrSw.roa (raw, json)
Hash identifier: w9Ws3SA5588g+OwQHuY8Ocf5mRLOdS+g1twTkUvHPz4=
Subject key identifier: 21:B9:6B:0D:2F:8F:73:3E:B9:00:55:7E:51:BD:86:45:76:57:AD:2C
Certificate issuer: /CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Certificate serial: 01AB5E1C
Authority key identifier: D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/IblrDS-Pcz65AFV-Ub2GRXZXrSw.roa
Signing time: Sat 05 Feb 2022 10:01:17 +0000
ROA not before: Sat 05 Feb 2022 10:01:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43179
IP address blocks: 77.74.226.0/24 maxlen: 24
77.74.224.0/24 maxlen: 24
77.74.228.0/24 maxlen: 24
77.74.229.0/24 maxlen: 24
77.74.227.0/24 maxlen: 24
109.105.197.0/24 maxlen: 24
109.105.198.0/24 maxlen: 24
109.105.195.0/24 maxlen: 24
109.105.196.0/24 maxlen: 24
109.105.194.0/24 maxlen: 24
109.105.193.0/24 maxlen: 24
109.105.199.0/24 maxlen: 24
109.105.206.0/24 maxlen: 24
109.105.204.0/24 maxlen: 24
109.105.205.0/24 maxlen: 24
109.105.202.0/24 maxlen: 24
109.105.203.0/24 maxlen: 24
109.105.201.0/24 maxlen: 24
109.105.200.0/24 maxlen: 24
109.105.207.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28007964 (0x1ab5e1c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Validity
Not Before: Feb 5 10:01:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=21b96b0d2f8f733eb900557e51bd86457657ad2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:9f:23:f3:1e:9f:f9:de:59:a9:a4:ce:da:bb:
f6:4a:65:4b:02:2f:d4:5b:21:ce:87:f9:a5:9c:ee:
30:be:92:5e:c7:77:cb:3e:24:4a:7f:23:e8:0b:78:
48:03:7b:18:71:a0:f1:a7:f3:82:5e:d9:43:6d:45:
1e:00:31:6c:19:05:d0:c4:92:29:17:26:39:46:c0:
0c:50:24:2f:67:e4:64:bc:7b:19:2a:34:1f:bd:30:
77:95:f8:f5:a2:cc:ad:e3:bd:67:f0:53:38:9f:99:
ed:83:d0:df:72:e9:5c:fb:b1:09:81:76:49:dd:6e:
74:d5:17:60:a8:37:0e:ac:21:3f:1e:d2:2a:a8:f9:
9c:02:57:03:7f:4f:4c:4c:f5:7f:26:94:88:53:4a:
b1:2f:ac:0c:3d:af:b5:09:66:3c:c0:d5:6b:56:40:
25:61:fc:b7:41:29:75:f2:13:d9:18:ab:8d:cd:91:
26:36:84:f9:91:97:0d:ef:f8:ea:17:f1:e9:0f:ed:
dc:f0:6e:9c:87:bb:ae:a0:25:35:80:3c:53:0d:66:
86:c8:b4:ef:85:29:f8:d9:3a:8a:d6:45:bf:ff:c2:
42:de:c5:66:cf:a2:76:eb:a3:cf:aa:c5:12:c8:4c:
22:07:3b:b3:94:6a:32:1d:a3:fe:4a:26:1f:92:10:
6b:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:B9:6B:0D:2F:8F:73:3E:B9:00:55:7E:51:BD:86:45:76:57:AD:2C
X509v3 Authority Key Identifier:
keyid:D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/IblrDS-Pcz65AFV-Ub2GRXZXrSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.74.224.0/24
77.74.226.0-77.74.229.255
109.105.193.0-109.105.207.255
Signature Algorithm: sha256WithRSAEncryption
4b:1d:86:4b:58:59:42:3d:f5:4f:ad:e9:a4:a8:ae:2c:30:a1:
7b:f4:3a:5e:0e:47:ae:78:5a:6c:14:9c:a7:75:52:10:a2:b9:
6d:26:ed:4c:df:51:aa:c8:c5:83:d7:c1:70:e7:5a:13:51:5c:
8f:7f:7a:1c:02:5e:6f:f7:54:1a:a3:98:16:05:e0:68:93:a3:
45:99:ba:52:95:94:90:a5:ce:36:e6:a2:2f:88:62:23:0f:c6:
6f:3d:bb:40:fd:3a:c2:fa:41:df:fb:b6:df:43:17:8a:e4:5d:
0b:0f:81:2f:2c:42:f7:e4:85:82:b9:94:f3:41:df:26:cf:b9:
ed:1d:d9:02:21:75:8f:de:b4:a9:42:52:d7:3a:44:a0:56:bb:
4f:e5:a8:71:1a:3e:6c:74:cb:75:ec:75:35:5a:46:d7:18:67:
f0:de:a9:40:e9:1f:ee:9f:a6:6a:41:87:1d:14:14:12:09:d3:
0e:cb:5b:90:d2:c7:8e:55:7d:d8:70:3b:10:37:35:fc:91:04:
77:e2:5f:a4:3a:2e:0d:66:13:5e:22:a0:a0:ff:aa:42:37:fc:
a4:cc:0f:21:22:28:ba:fd:5e:10:da:96:f8:0c:19:5e:8f:1f:
95:84:42:a7:1a:65:6a:71:79:30:18:07:55:8a:f1:3d:b9:40:
bb:11:06:44
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIEAateHDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OGM2MGEwZDJkNzBhOTMzN2QwYmRhNTZkMWFkNTk2YWMxZjY5Y2RhMB4XDTIyMDIw
NTEwMDExN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjFiOTZiMGQyZjhm
NzMzZWI5MDA1NTdlNTFiZDg2NDU3NjU3YWQyYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKifI/Men/neWamkztq79kplSwIv1Fshzof5pZzuML6SXsd3
yz4kSn8j6At4SAN7GHGg8afzgl7ZQ21FHgAxbBkF0MSSKRcmOUbADFAkL2fkZLx7
GSo0H70wd5X49aLMreO9Z/BTOJ+Z7YPQ33LpXPuxCYF2Sd1udNUXYKg3DqwhPx7S
Kqj5nAJXA39PTEz1fyaUiFNKsS+sDD2vtQlmPMDVa1ZAJWH8t0EpdfIT2Rirjc2R
JjaE+ZGXDe/46hfx6Q/t3PBunIe7rqAlNYA8Uw1mhsi074Up+Nk6itZFv//CQt7F
Zs+iduujz6rFEshMIgc7s5RqMh2j/komH5IQa7MCAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBQhuWsNL49zPrkAVX5RvYZFdletLDAfBgNVHSMEGDAWgBTYxgoNLXCpM30L
2lbRrVlqwfac2jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJNWUtEUzF3cVROOUM5cFcwYTFaYXNIMm5Oby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvYjUxYTg1LWY5OWYtNDIzZi05ZmFlLWRkMjk0YzM3OGY2Yy8x
L0libHJEUy1QY3o2NUFGVi1VYjJHUlhaWHJTdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
YjUxYTg1LWY5OWYtNDIzZi05ZmFlLWRkMjk0YzM3OGY2Yy8xLzJNWUtEUzF3cVRO
OUM5cFcwYTFaYXNIMm5Oby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowKAQCAAEwIgMEAE1K4DAMAwQBTUriAwQBTUrkMAwD
BABtacEDBARtacAwDQYJKoZIhvcNAQELBQADggEBAEsdhktYWUI99U+t6aSoriww
oXv0Ol4OR654WmwUnKd1UhCiuW0m7UzfUarIxYPXwXDnWhNRXI9/ehwCXm/3VBqj
mBYF4GiTo0WZulKVlJClzjbmoi+IYiMPxm89u0D9OsL6Qd/7tt9DF4rkXQsPgS8s
QvfkhYK5lPNB3ybPue0d2QIhdY/etKlCUtc6RKBWu0/lqHEaPmx0y3XsdTVaRtcY
Z/DeqUDpH+6fpmpBhx0UFBIJ0w7LW5DSx45VfdhwOxA3NfyRBHfiX6Q6Lg1mE14i
oKD/qkI3/KTMDyEiKLr9XhDalvgMGV6PH5WEQqcaZWpxeTAYB1WK8T25QLsRBkQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:36 2024 by rpki-client on console-fra.rpki-client.org