Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/LQQC96r5ZdfWyyycLx2kzhP8jS0.roa
File: LQQC96r5ZdfWyyycLx2kzhP8jS0.roa (raw, json)
Hash identifier: 6lqa0e91oSQyMYB0wm7gaJpvml1lQlJN5lBx2SXQpU0=
Subject key identifier: 2D:04:02:F7:AA:F9:65:D7:D6:CB:2C:9C:2F:1D:A4:CE:13:FC:8D:2D
Certificate issuer: /CN=ad5eda0a1e7479c4ca78fe41c58d17e9d13b67aa
Certificate serial: 15EF52F6
Authority key identifier: AD:5E:DA:0A:1E:74:79:C4:CA:78:FE:41:C5:8D:17:E9:D1:3B:67:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rV7aCh50ecTKeP5BxY0X6dE7Z6o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/LQQC96r5ZdfWyyycLx2kzhP8jS0.roa
Signing time: Sat 01 Jan 2022 04:01:40 +0000
ROA not before: Sat 01 Jan 2022 04:01:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35680
IP address blocks: 77.120.112.0/22 maxlen: 22
77.120.108.0/22 maxlen: 22
82.144.220.0/22 maxlen: 22
77.120.116.0/22 maxlen: 22
77.120.124.0/22 maxlen: 22
77.120.120.0/22 maxlen: 22
77.123.152.0/22 maxlen: 22
77.123.148.0/22 maxlen: 22
77.123.156.0/22 maxlen: 22
77.120.96.0/22 maxlen: 22
77.120.104.0/22 maxlen: 22
77.120.100.0/22 maxlen: 22
77.123.128.0/22 maxlen: 22
77.123.132.0/22 maxlen: 22
77.123.136.0/22 maxlen: 22
77.123.144.0/22 maxlen: 22
77.123.140.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 368005878 (0x15ef52f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad5eda0a1e7479c4ca78fe41c58d17e9d13b67aa
Validity
Not Before: Jan 1 04:01:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2d0402f7aaf965d7d6cb2c9c2f1da4ce13fc8d2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ae:24:55:d4:f1:cf:23:f8:8a:70:ae:44:2b:
ba:0e:b3:6d:33:21:5b:8a:c4:44:0e:47:9b:33:56:
61:60:93:73:a4:b7:f5:c6:9a:da:04:2b:a8:7d:df:
60:b7:c5:26:ad:e7:ae:96:a0:13:ce:24:70:b7:9b:
d6:e1:49:09:e5:c1:16:02:aa:59:8f:e5:74:94:e2:
f7:f4:ec:16:92:67:3b:d4:41:81:75:b2:d7:ec:26:
ce:11:44:d1:63:6d:2c:19:ec:86:5a:27:3a:78:71:
30:23:ec:90:51:0b:a1:e0:25:b1:94:6d:97:69:e1:
22:3d:7f:73:8c:5d:34:62:46:cc:51:a7:44:67:09:
6e:71:ec:56:88:2e:00:2b:13:2e:27:33:a2:ea:66:
90:20:6d:f5:a3:5a:45:fc:06:21:9b:da:0a:52:38:
d0:22:e2:16:e1:34:e0:9b:ca:6b:59:03:4e:32:97:
1f:b1:6a:63:d3:da:e3:74:fe:55:e2:bc:ab:54:c4:
fa:79:14:85:ee:33:34:dd:d4:40:f0:06:a1:71:04:
74:62:06:7e:51:4a:47:57:02:dc:43:79:31:99:da:
2c:5e:48:ed:49:a3:da:c3:e1:a2:39:a4:dc:10:97:
32:a3:57:db:07:e4:bf:3c:8b:ab:11:f6:39:c7:fe:
c4:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:04:02:F7:AA:F9:65:D7:D6:CB:2C:9C:2F:1D:A4:CE:13:FC:8D:2D
X509v3 Authority Key Identifier:
keyid:AD:5E:DA:0A:1E:74:79:C4:CA:78:FE:41:C5:8D:17:E9:D1:3B:67:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rV7aCh50ecTKeP5BxY0X6dE7Z6o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/LQQC96r5ZdfWyyycLx2kzhP8jS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/rV7aCh50ecTKeP5BxY0X6dE7Z6o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.120.96.0/19
77.123.128.0/19
82.144.220.0/22
Signature Algorithm: sha256WithRSAEncryption
35:45:42:8c:c1:f3:7f:0f:42:48:c2:6e:c8:82:7b:f0:d8:dc:
71:1a:d0:bc:ad:8c:a3:82:84:cc:8c:1a:d7:a5:2c:6f:8b:8a:
fe:a3:29:7c:ad:b7:9c:26:d3:3d:f5:9c:4c:4c:ef:68:77:35:
e4:8e:dc:47:a4:b9:71:e0:ab:2c:32:5f:76:e2:b9:95:93:8c:
2b:60:04:b8:c5:20:c1:63:88:8c:bb:fd:c9:c6:0b:7e:f3:d6:
45:38:0c:c2:a5:a7:76:e0:1b:8c:d0:c7:be:6a:11:4e:68:a5:
3e:33:a1:28:e2:5a:62:40:61:bf:56:0c:d1:e9:fb:57:e8:6b:
e3:16:17:40:76:86:91:18:f3:12:49:12:47:44:25:03:99:a9:
1a:56:5d:5d:3a:c3:ed:f0:ec:6e:34:c0:f0:a2:78:c7:02:61:
28:cd:e6:2f:d7:e4:36:c4:bd:d4:bb:11:bd:a4:42:dd:ec:a9:
70:5e:44:83:58:79:c6:14:43:d5:32:a7:86:b3:df:90:65:a4:
94:c3:2f:b8:2f:d0:0a:b6:0a:80:b7:80:fc:b1:f1:64:0f:4c:
8f:4d:04:7e:5d:dd:a3:b7:3d:c9:6b:bf:00:9d:cb:17:ec:8b:
6f:ab:c3:8e:93:4c:20:3e:fe:ab:c4:ad:96:d1:23:dc:0e:73:
c9:b8:c1:b8
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEFe9S9jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZDVlZGEwYTFlNzQ3OWM0Y2E3OGZlNDFjNThkMTdlOWQxM2I2N2FhMB4XDTIyMDEw
MTA0MDE0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmQwNDAyZjdhYWY5
NjVkN2Q2Y2IyYzljMmYxZGE0Y2UxM2ZjOGQyZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANeuJFXU8c8j+IpwrkQrug6zbTMhW4rERA5HmzNWYWCTc6S3
9caa2gQrqH3fYLfFJq3nrpagE84kcLeb1uFJCeXBFgKqWY/ldJTi9/TsFpJnO9RB
gXWy1+wmzhFE0WNtLBnshlonOnhxMCPskFELoeAlsZRtl2nhIj1/c4xdNGJGzFGn
RGcJbnHsVoguACsTLiczoupmkCBt9aNaRfwGIZvaClI40CLiFuE04JvKa1kDTjKX
H7FqY9Pa43T+VeK8q1TE+nkUhe4zNN3UQPAGoXEEdGIGflFKR1cC3EN5MZnaLF5I
7Umj2sPhojmk3BCXMqNX2wfkvzyLqxH2Ocf+xOkCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQtBAL3qvll19bLLJwvHaTOE/yNLTAfBgNVHSMEGDAWgBStXtoKHnR5xMp4
/kHFjRfp0TtnqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JWN2FDaDUwZWNUS2VQNUJ4WTBYNmRFN1o2by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzcvZmViYjE4LWU3OGEtNGQxMi04MGEyLTk0NGNlN2VlYjE1NC8x
L0xRUUM5NnI1WmRmV3l5eWNMeDJremhQOGpTMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzcv
ZmViYjE4LWU3OGEtNGQxMi04MGEyLTk0NGNlN2VlYjE1NC8xL3JWN2FDaDUwZWNU
S2VQNUJ4WTBYNmRFN1o2by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEBU14YAMEBU17gAMEAlKQ3DANBgkq
hkiG9w0BAQsFAAOCAQEANUVCjMHzfw9CSMJuyIJ78NjccRrQvK2Mo4KEzIwa16Us
b4uK/qMpfK23nCbTPfWcTEzvaHc15I7cR6S5ceCrLDJfduK5lZOMK2AEuMUgwWOI
jLv9ycYLfvPWRTgMwqWnduAbjNDHvmoRTmilPjOhKOJaYkBhv1YM0en7V+hr4xYX
QHaGkRjzEkkSR0QlA5mpGlZdXTrD7fDsbjTA8KJ4xwJhKM3mL9fkNsS91LsRvaRC
3eypcF5Eg1h5xhRD1TKnhrPfkGWklMMvuC/QCrYKgLeA/LHxZA9Mj00Efl3do7c9
yWu/AJ3LF+yLb6vDjpNMID7+q8StltEj3A5zybjBuA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:17 2024 by rpki-client on console-ams.rpki-client.org