Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/20974d-6403-4107-a75b-13fb7a5130ca/1/i-TXlKtOcFI_C5eNxq-dwvKnUDI.roa
File: i-TXlKtOcFI_C5eNxq-dwvKnUDI.roa (raw, json)
Hash identifier: da/sPGn5pj1lxCFsyEB3STVqeRDlfWFqtd3fsKx+ylg=
Subject key identifier: 8B:E4:D7:94:AB:4E:70:52:3F:0B:97:8D:C6:AF:9D:C2:F2:A7:50:32
Certificate issuer: /CN=b4ec6c0a5ebec5817d91b91e79a6bc6132eb9d2c
Certificate serial: 0182EF60EB5D5ADD185AD73E0E89B6CC3F4E
Authority key identifier: B4:EC:6C:0A:5E:BE:C5:81:7D:91:B9:1E:79:A6:BC:61:32:EB:9D:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tOxsCl6-xYF9kbkeeaa8YTLrnSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/20974d-6403-4107-a75b-13fb7a5130ca/1/i-TXlKtOcFI_C5eNxq-dwvKnUDI.roa
Signing time: Tue 30 Aug 2022 15:31:22 +0000
ROA not before: Tue 30 Aug 2022 15:31:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201364
IP address blocks: 185.77.1.0/24 maxlen: 24
185.77.2.0/24 maxlen: 24
2a05:5ec5::/32 maxlen: 32
2a05:5ec0:1::/48 maxlen: 48
2a05:5ec7::/32 maxlen: 32
2a05:5ec0::/29 maxlen: 29
2a05:5ec1::/32 maxlen: 32
2a05:5ec6::/32 maxlen: 32
2a05:5ec4::/32 maxlen: 32
2a05:5ec2::/32 maxlen: 32
2a05:5ec3::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ef:60:eb:5d:5a:dd:18:5a:d7:3e:0e:89:b6:cc:3f:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4ec6c0a5ebec5817d91b91e79a6bc6132eb9d2c
Validity
Not Before: Aug 30 15:31:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8be4d794ab4e70523f0b978dc6af9dc2f2a75032
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:4a:b2:f9:33:71:e3:f3:0e:75:1b:e8:04:87:
c2:0b:f9:d1:58:d5:39:d1:70:9b:8a:85:f1:7e:ff:
63:03:cf:59:2c:03:3a:2a:db:17:e0:4a:54:f3:cf:
1d:82:91:17:27:a9:bc:b2:00:bd:ff:3c:23:ff:66:
cd:a9:15:38:bb:65:c7:7f:7b:89:53:4a:8c:7a:34:
09:e4:4b:64:5a:11:4b:e4:79:dc:95:5a:e0:3f:ae:
4c:25:a9:2d:05:2d:d0:a7:56:67:70:c7:f3:3b:fd:
b5:6b:19:91:2a:61:58:b1:92:14:45:9a:98:c3:90:
d5:7c:49:db:74:64:b8:fc:ff:ff:9a:2a:70:70:4f:
b9:86:8f:99:3c:0e:e7:00:35:67:f2:85:2f:c3:b6:
69:7f:ea:ee:4f:c4:53:10:79:19:86:03:24:7b:ca:
09:9f:e3:ae:ec:6d:52:a7:a2:12:82:af:5b:ba:3e:
97:5a:3d:ef:12:72:46:e4:b9:36:07:ed:a7:0d:0b:
3a:6e:0c:56:be:84:a9:e2:71:de:76:ec:c0:07:f6:
40:7f:bc:26:d1:27:27:d1:3b:0b:9d:de:41:98:5f:
9e:30:5c:c6:30:ed:e2:11:93:1e:8d:a4:85:ca:01:
af:31:d8:df:b1:19:63:f6:ff:28:da:65:5d:7d:d6:
22:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:E4:D7:94:AB:4E:70:52:3F:0B:97:8D:C6:AF:9D:C2:F2:A7:50:32
X509v3 Authority Key Identifier:
keyid:B4:EC:6C:0A:5E:BE:C5:81:7D:91:B9:1E:79:A6:BC:61:32:EB:9D:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tOxsCl6-xYF9kbkeeaa8YTLrnSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/20974d-6403-4107-a75b-13fb7a5130ca/1/i-TXlKtOcFI_C5eNxq-dwvKnUDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/20974d-6403-4107-a75b-13fb7a5130ca/1/tOxsCl6-xYF9kbkeeaa8YTLrnSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.77.1.0-185.77.2.255
IPv6:
2a05:5ec0::/29
Signature Algorithm: sha256WithRSAEncryption
32:19:b7:bf:d0:dc:30:83:31:de:72:32:06:7b:8c:df:cb:c7:
3b:43:37:08:c2:a6:a8:ff:08:b0:3e:00:d4:8d:30:dd:ea:48:
c7:62:17:38:5b:ac:14:15:db:7c:b9:bb:4e:98:98:e8:b9:b9:
2d:ab:47:4c:2d:20:c7:f9:db:53:9d:e4:1f:ad:71:6e:60:1b:
2e:67:dc:03:27:7e:0b:77:e9:b2:2f:73:17:8e:65:20:24:33:
6d:ed:c3:c7:39:78:dd:0e:09:15:13:66:8b:b2:9e:d5:9b:c2:
84:51:66:87:72:db:97:ed:18:8a:77:0c:41:e9:39:04:81:a2:
c2:2a:19:4b:df:67:23:12:70:8b:36:2a:fb:81:d1:d6:22:94:
7f:a1:d9:f3:bc:d3:49:e6:bd:04:be:82:11:35:f3:a1:9a:d5:
54:70:b9:ea:ef:c4:9c:47:6c:9d:dc:cf:22:78:97:3e:04:e1:
ea:02:54:ad:9e:ad:64:0b:6d:0f:04:c3:ef:ce:97:ad:dd:cc:
46:8c:2a:6c:2c:ed:56:db:53:c9:cd:0d:bb:cf:bc:44:2a:75:
b4:50:d1:52:d1:26:f4:3a:42:d8:c1:1d:e6:04:a7:02:3f:20:
9a:c3:e5:f7:e6:04:63:6a:e0:cd:64:b4:3b:aa:0f:42:6f:c4:
17:83:7d:49
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYLvYOtdWt0YWtc+Dom2zD9OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZWM2YzBhNWViZWM1ODE3ZDkxYjkxZTc5YTZiYzYxMzJl
YjlkMmMwHhcNMjIwODMwMTUzMTIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmU0ZDc5NGFiNGU3MDUyM2YwYjk3OGRjNmFmOWRjMmYyYTc1MDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjUqy+TNx4/MOdRvoBIfCC/nRWNU5
0XCbioXxfv9jA89ZLAM6KtsX4EpU888dgpEXJ6m8sgC9/zwj/2bNqRU4u2XHf3uJ
U0qMejQJ5EtkWhFL5HnclVrgP65MJaktBS3Qp1ZncMfzO/21axmRKmFYsZIURZqY
w5DVfEnbdGS4/P//mipwcE+5ho+ZPA7nADVn8oUvw7Zpf+ruT8RTEHkZhgMke8oJ
n+Ou7G1Sp6ISgq9buj6XWj3vEnJG5Lk2B+2nDQs6bgxWvoSp4nHeduzAB/ZAf7wm
0Scn0TsLnd5BmF+eMFzGMO3iEZMejaSFygGvMdjfsRlj9v8o2mVdfdYihwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFIvk15SrTnBSPwuXjcavncLyp1AyMB8GA1UdIwQY
MBaAFLTsbApevsWBfZG5HnmmvGEy650sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE94c0NsNi14WUY5a2JrZWVhYThZVExyblN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8yMDk3NGQtNjQwMy00MTA3LWE3NWIt
MTNmYjdhNTEzMGNhLzEvaS1UWGxLdE9jRklfQzVlTnhxLWR3dktuVURJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8yMDk3NGQtNjQwMy00MTA3LWE3NWItMTNmYjdhNTEzMGNh
LzEvdE94c0NsNi14WUY5a2JrZWVhYThZVExyblN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAC5TQED
BAC5TQIwDQQCAAIwBwMFAyoFXsAwDQYJKoZIhvcNAQELBQADggEBADIZt7/Q3DCD
Md5yMgZ7jN/LxztDNwjCpqj/CLA+ANSNMN3qSMdiFzhbrBQV23y5u06YmOi5uS2r
R0wtIMf521Od5B+tcW5gGy5n3AMnfgt36bIvcxeOZSAkM23tw8c5eN0OCRUTZouy
ntWbwoRRZody25ftGIp3DEHpOQSBosIqGUvfZyMScIs2KvuB0dYilH+h2fO800nm
vQS+ghE186Ga1VRwuervxJxHbJ3czyJ4lz4E4eoCVK2erWQLbQ8Ew+/Ol63dzEaM
Kmws7VbbU8nNDbvPvEQqdbRQ0VLRJvQ6QtjBHeYEpwI/IJrD5ffmBGNq4M1ktDuq
D0JvxBeDfUk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:56 2023 by rpki-client on console-ams.rpki-client.org