Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/z8fLWFb6YS2wV_NHXb2JiHfkXj0.roa
File: z8fLWFb6YS2wV_NHXb2JiHfkXj0.roa (raw, json)
Hash identifier: Bg3J1dVlrP6HQeLa3kOLRbiBJgSosuIo+e4e3wdrYPI=
Subject key identifier: CF:C7:CB:58:56:FA:61:2D:B0:57:F3:47:5D:BD:89:88:77:E4:5E:3D
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 0182C451DDCC2C08C2BDEC5CA03A8799B0A3
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/z8fLWFb6YS2wV_NHXb2JiHfkXj0.roa
Signing time: Mon 22 Aug 2022 06:51:15 +0000
ROA not before: Mon 22 Aug 2022 06:51:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3356
IP address blocks: 188.255.229.0/24 maxlen: 24
79.175.66.0/24 maxlen: 24
77.105.4.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:c4:51:dd:cc:2c:08:c2:bd:ec:5c:a0:3a:87:99:b0:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Aug 22 06:51:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cfc7cb5856fa612db057f3475dbd898877e45e3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:38:80:51:81:09:9c:75:4b:6c:53:d9:0a:4a:
f5:9e:09:0a:bf:78:7c:86:0a:3c:f7:a5:3a:ac:90:
0f:d4:9f:e6:2b:0c:9c:c4:5d:21:7a:11:3c:a7:69:
b3:46:90:41:06:f7:6f:08:a1:02:6f:a6:c1:a1:c8:
a4:d3:7b:d6:1a:02:7e:74:67:c8:2e:53:a8:c0:cc:
05:9d:a5:89:cd:24:63:05:6d:d2:c9:47:fb:21:8f:
01:9b:c3:82:91:0e:2b:f8:ef:c7:f5:eb:49:18:26:
94:7c:81:7f:45:bc:b9:9f:e1:ed:56:73:0b:97:d4:
41:08:eb:2e:4c:73:a5:79:3b:1f:83:bf:b6:9c:96:
59:e3:7d:f2:c1:9e:64:d1:45:79:43:9e:5b:4a:10:
ca:7a:8a:ce:98:0e:1f:7a:65:d6:5e:96:1a:90:b4:
57:0c:62:81:a4:e4:68:dd:2e:53:77:12:24:98:3c:
59:c3:1f:69:8a:11:df:10:e6:32:6b:c9:23:b4:09:
05:7c:b2:00:85:e9:5b:8f:12:c4:ee:e5:30:17:1e:
02:42:3f:b8:ad:82:9e:65:80:23:09:ac:9c:a1:49:
23:67:99:3b:65:a4:62:db:c1:06:9d:9a:9d:62:5c:
10:d0:73:ad:e3:91:61:c0:d5:5d:6f:48:c0:36:8a:
77:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:C7:CB:58:56:FA:61:2D:B0:57:F3:47:5D:BD:89:88:77:E4:5E:3D
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/z8fLWFb6YS2wV_NHXb2JiHfkXj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.4.0/24
79.175.66.0/24
188.255.229.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:58:55:3a:c1:17:0b:7d:92:6f:b2:df:53:e7:78:81:b1:5f:
6d:34:4e:b8:ac:6c:7b:7a:a3:21:ef:e3:fb:94:99:6f:55:5b:
04:ce:f6:61:7f:29:e6:9b:22:7a:a3:e9:d8:1a:7d:57:52:39:
aa:06:a8:6d:8e:3c:28:a4:36:e1:31:d3:75:36:a9:2f:0d:0f:
0e:4b:20:2d:da:81:d3:6e:92:c0:dc:f4:11:c6:68:91:a4:70:
ea:ab:64:aa:91:f8:89:6d:1f:2b:71:49:90:3d:13:62:68:f7:
a6:77:e7:0e:bb:ff:34:d9:cf:74:3d:c4:aa:72:d7:98:cf:d2:
e8:81:0d:ff:c8:ad:cc:f2:14:d5:2f:e1:a8:ee:22:9e:5e:77:
ab:e8:30:32:78:64:24:3f:2b:d5:18:f1:7b:29:fa:d0:58:90:
60:92:52:88:9f:aa:d6:37:e1:85:32:10:c8:41:1a:35:0e:db:
77:45:a0:7f:34:1b:22:32:43:0c:5b:b4:e8:96:2e:fc:0b:26:
29:79:f7:87:da:a2:51:23:45:3f:5c:05:73:57:9d:58:fe:38:
2f:33:14:01:df:56:ee:a2:59:75:1b:a5:e8:1d:d2:54:b0:33:
3c:fd:89:9c:d2:2f:28:30:7c:37:e4:24:16:5c:90:cd:12:54:
c1:18:1d:60
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYLEUd3MLAjCvexcoDqHmbCjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjIwODIyMDY1MTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmM3Y2I1ODU2ZmE2MTJkYjA1N2YzNDc1ZGJkODk4ODc3ZTQ1ZTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjiAUYEJnHVLbFPZCkr1ngkKv3h8
hgo896U6rJAP1J/mKwycxF0hehE8p2mzRpBBBvdvCKECb6bBocik03vWGgJ+dGfI
LlOowMwFnaWJzSRjBW3SyUf7IY8Bm8OCkQ4r+O/H9etJGCaUfIF/Rby5n+HtVnML
l9RBCOsuTHOleTsfg7+2nJZZ433ywZ5k0UV5Q55bShDKeorOmA4femXWXpYakLRX
DGKBpORo3S5TdxIkmDxZwx9pihHfEOYya8kjtAkFfLIAhelbjxLE7uUwFx4CQj+4
rYKeZYAjCaycoUkjZ5k7ZaRi28EGnZqdYlwQ0HOt45FhwNVdb0jANop30QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM/Hy1hW+mEtsFfzR129iYh35F49MB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvejhmTFdGYjZZUzJ3Vl9OSFhiMkppSGZrWGowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATWkEAwQA
T69CAwQAvP/lMA0GCSqGSIb3DQEBCwUAA4IBAQAuWFU6wRcLfZJvst9T53iBsV9t
NE64rGx7eqMh7+P7lJlvVVsEzvZhfynmmyJ6o+nYGn1XUjmqBqhtjjwopDbhMdN1
NqkvDQ8OSyAt2oHTbpLA3PQRxmiRpHDqq2SqkfiJbR8rcUmQPRNiaPemd+cOu/80
2c90PcSqcteYz9LogQ3/yK3M8hTVL+Go7iKeXner6DAyeGQkPyvVGPF7KfrQWJBg
klKIn6rWN+GFMhDIQRo1Dtt3RaB/NBsiMkMMW7Toli78CyYpefeH2qJRI0U/XAVz
V51Y/jgvMxQB31buoll1G6XoHdJUsDM8/Ymc0i8oMHw35CQWXJDNElTBGB1g
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:36 2023 by rpki-client on console-fra.rpki-client.org