Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/jo48VxDJndyQ5RG__jpGnaq0sGQ.roa
File: jo48VxDJndyQ5RG__jpGnaq0sGQ.roa (raw, json)
Hash identifier: NwiDAVJawIKB6+KXnT1P7NUyzEbOkc04lv9g3dgiJO8=
Subject key identifier: 8E:8E:3C:57:10:C9:9D:DC:90:E5:11:BF:FE:3A:46:9D:AA:B4:B0:64
Certificate issuer: /CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Certificate serial: 0184AB7CDA055ECD59A45F89F18E8DA994EA
Authority key identifier: D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/jo48VxDJndyQ5RG__jpGnaq0sGQ.roa
Signing time: Thu 24 Nov 2022 21:13:17 +0000
ROA not before: Thu 24 Nov 2022 21:13:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 77.74.228.0/24 maxlen: 24
109.105.192.0/24 maxlen: 24
109.105.197.0/24 maxlen: 24
109.105.199.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ab:7c:da:05:5e:cd:59:a4:5f:89:f1:8e:8d:a9:94:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Validity
Not Before: Nov 24 21:13:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8e8e3c5710c99ddc90e511bffe3a469daab4b064
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:dc:aa:af:29:3c:7c:9d:13:5c:1f:d2:42:9f:
80:ff:9d:da:67:f5:46:bb:0c:bb:ae:8f:1a:0c:ba:
48:b8:02:6f:9c:55:c9:05:46:b3:72:26:3e:db:ec:
71:ec:eb:87:fa:1f:e6:e2:4f:3b:34:03:2b:77:11:
ae:e5:e6:13:1e:6f:c3:85:01:99:24:55:d7:06:cf:
74:eb:0d:71:06:75:e5:6f:81:58:6f:3f:e0:c8:75:
e1:2d:d3:ab:2b:a1:44:a9:b3:1e:22:0d:92:61:10:
a8:37:ab:ad:42:93:a9:b3:8a:bf:50:8b:9e:01:29:
e3:71:99:9b:7c:f5:c5:22:ec:63:73:46:02:48:d1:
63:15:1a:bd:46:5d:11:87:ba:ef:71:78:99:f7:b4:
11:dd:26:dd:7a:58:ef:27:bf:c7:21:08:ba:df:ea:
0d:be:36:cf:d3:6a:a2:c9:58:a1:9f:c5:c1:03:6d:
5f:c7:d9:ff:08:a3:a7:ce:e2:cc:b8:0a:14:a3:69:
88:90:5a:13:6b:f8:1c:a7:e9:ca:52:f2:6a:5b:55:
d1:e9:13:e4:6f:02:8d:83:22:07:2f:51:85:ca:a0:
f4:a9:51:3f:32:88:f3:21:89:4f:a5:49:18:20:0e:
02:d0:c6:a9:00:56:1a:13:32:fd:55:91:32:a7:b9:
64:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:8E:3C:57:10:C9:9D:DC:90:E5:11:BF:FE:3A:46:9D:AA:B4:B0:64
X509v3 Authority Key Identifier:
keyid:D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/jo48VxDJndyQ5RG__jpGnaq0sGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.74.228.0/24
109.105.192.0/24
109.105.197.0/24
109.105.199.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:aa:f8:1b:08:62:7c:16:49:a6:f8:93:11:11:ad:eb:c3:c1:
f2:8f:ce:05:7a:12:0f:b1:e4:31:a2:c4:ef:a4:55:5d:a5:54:
d5:b5:27:cb:d4:ce:b4:b8:88:31:ec:52:82:80:05:35:3c:ae:
2d:09:93:ab:0c:27:be:be:71:01:6b:68:a4:43:c8:f8:de:8b:
9e:9b:70:d0:fb:41:28:d4:8d:9c:aa:ea:67:a2:ac:56:8b:1a:
d2:d1:13:89:b3:a9:3c:72:32:85:8e:66:b5:8e:7c:bf:c5:89:
49:34:6b:f0:66:a5:fe:d9:2d:02:ce:91:bb:ac:6a:0d:fc:8b:
58:51:9b:92:32:7f:48:e0:35:cf:a0:e2:aa:29:2f:57:9f:64:
a4:57:43:dc:b9:cb:ce:05:d8:f8:ae:da:7e:36:1a:5f:2b:80:
79:df:54:d6:6e:a8:a1:b3:19:86:ee:5e:b1:e3:bb:89:e8:0a:
dd:bb:7f:45:06:18:13:69:69:4d:b3:4e:61:50:83:e4:1e:92:
34:16:ec:bc:dd:8e:63:7e:3c:31:ee:3a:1f:92:f5:58:0a:52:
82:56:1d:ac:7d:09:d0:29:a9:89:44:3f:3b:05:c5:dc:8a:d9:
ef:d1:99:38:23:27:29:d0:c5:78:06:4f:cd:c3:3f:7a:ad:7e:
94:2a:f3:54
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYSrfNoFXs1ZpF+J8Y6NqZTqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YzYwYTBkMmQ3MGE5MzM3ZDBiZGE1NmQxYWQ1OTZhYzFm
NjljZGEwHhcNMjIxMTI0MjExMzE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZThlM2M1NzEwYzk5ZGRjOTBlNTExYmZmZTNhNDY5ZGFhYjRiMDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhdyqryk8fJ0TXB/SQp+A/53aZ/VG
uwy7ro8aDLpIuAJvnFXJBUazciY+2+xx7OuH+h/m4k87NAMrdxGu5eYTHm/DhQGZ
JFXXBs906w1xBnXlb4FYbz/gyHXhLdOrK6FEqbMeIg2SYRCoN6utQpOps4q/UIue
ASnjcZmbfPXFIuxjc0YCSNFjFRq9Rl0Rh7rvcXiZ97QR3SbdeljvJ7/HIQi63+oN
vjbP02qiyVihn8XBA21fx9n/CKOnzuLMuAoUo2mIkFoTa/gcp+nKUvJqW1XR6RPk
bwKNgyIHL1GFyqD0qVE/MojzIYlPpUkYIA4C0MapAFYaEzL9VZEyp7lkqwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFI6OPFcQyZ3ckOURv/46Rp2qtLBkMB8GA1UdIwQY
MBaAFNjGCg0tcKkzfQvaVtGtWWrB9pzaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUt
ZGQyOTRjMzc4ZjZjLzEvam80OFZ4REpuZHlRNVJHX19qcEduYXEwc0dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUtZGQyOTRjMzc4ZjZj
LzEvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATUrkAwQA
bWnAAwQAbWnFAwQAbWnHMA0GCSqGSIb3DQEBCwUAA4IBAQBuqvgbCGJ8Fkmm+JMR
Ea3rw8Hyj84FehIPseQxosTvpFVdpVTVtSfL1M60uIgx7FKCgAU1PK4tCZOrDCe+
vnEBa2ikQ8j43ouem3DQ+0Eo1I2cqupnoqxWixrS0ROJs6k8cjKFjma1jny/xYlJ
NGvwZqX+2S0CzpG7rGoN/ItYUZuSMn9I4DXPoOKqKS9Xn2SkV0PcucvOBdj4rtp+
NhpfK4B531TWbqihsxmG7l6x47uJ6Ardu39FBhgTaWlNs05hUIPkHpI0Fuy83Y5j
fjwx7jofkvVYClKCVh2sfQnQKamJRD87BcXcitnv0Zk4Iycp0MV4Bk/Nwz96rX6U
KvNU
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:28 2024 by rpki-client on console-ams.rpki-client.org