Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/LpUcyVCvxN_KxKOjk38YcXaNecI.roa
File: LpUcyVCvxN_KxKOjk38YcXaNecI.roa (raw, json)
Hash identifier: QLGe/WV2VWuTzwkCu6oy91kTLg0m+OprbDph/TE73KE=
Subject key identifier: 2E:95:1C:C9:50:AF:C4:DF:CA:C4:A3:A3:93:7F:18:71:76:8D:79:C2
Certificate issuer: /CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Certificate serial: 2B0E2728
Authority key identifier: B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/LpUcyVCvxN_KxKOjk38YcXaNecI.roa
Signing time: Sat 01 Jan 2022 13:58:06 +0000
ROA not before: Sat 01 Jan 2022 13:58:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202228
IP address blocks: 77.65.128.0/22 maxlen: 24
77.65.132.0/23 maxlen: 24
77.65.131.0/24 maxlen: 24
77.65.133.0/24 maxlen: 24
77.65.204.0/24 maxlen: 24
77.65.200.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 722347816 (0x2b0e2728)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Validity
Not Before: Jan 1 13:58:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2e951cc950afc4dfcac4a3a3937f1871768d79c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:36:61:97:60:62:a6:ab:25:5c:e6:8d:ef:01:
8a:b1:7c:11:61:15:f2:4c:fe:9f:c4:7d:d9:1e:79:
03:a9:11:f6:8d:52:48:f1:9b:22:1f:08:93:35:dc:
06:83:7a:0a:97:42:52:23:e0:11:64:76:39:73:d5:
ac:96:16:60:e5:68:5d:1e:c2:5c:09:db:a3:67:d2:
7d:ca:34:10:3b:1c:20:e9:d7:dd:56:cf:19:18:e4:
0f:8a:6a:80:1d:9f:07:1e:4e:0a:e5:59:73:3d:52:
e8:76:6d:ad:20:36:b0:cf:af:e3:9a:8b:03:dc:3c:
fa:33:1f:d9:97:d7:78:ac:7e:c4:2f:fc:c1:e8:a5:
22:53:4b:0a:6f:51:15:8a:ca:5f:ff:f6:8f:ae:b9:
6c:7f:14:a0:79:10:16:11:af:98:62:41:85:60:ae:
82:f0:cc:3f:ad:52:59:70:07:bc:6e:dd:61:18:d8:
23:06:8d:cf:df:4b:ac:ff:71:e4:91:47:90:06:01:
ec:fc:51:13:df:e5:13:99:d6:f0:45:03:37:8a:d4:
c0:98:61:0f:cf:ad:34:d0:e1:81:53:bf:70:1d:e4:
ab:36:91:57:3c:63:da:17:1e:c3:9d:3d:04:e0:c6:
72:b4:9f:54:f4:bc:52:6a:41:5d:4b:af:50:96:0f:
60:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:95:1C:C9:50:AF:C4:DF:CA:C4:A3:A3:93:7F:18:71:76:8D:79:C2
X509v3 Authority Key Identifier:
keyid:B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/LpUcyVCvxN_KxKOjk38YcXaNecI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.65.128.0-77.65.133.255
77.65.200.0-77.65.204.255
Signature Algorithm: sha256WithRSAEncryption
3b:3b:16:29:46:cb:c1:25:95:ad:23:c6:37:77:8f:62:43:1d:
16:1a:13:d3:dc:0f:7c:67:7b:1c:1e:4b:2e:20:9e:d4:22:e0:
bc:4a:7c:83:60:bf:b9:61:3b:84:5f:75:c5:61:b7:16:ef:04:
d0:cc:9a:d3:3f:25:16:3c:25:07:2a:19:9b:06:7f:7f:38:44:
d8:18:cc:90:67:19:64:c2:3f:96:9c:f6:d7:53:fc:18:d2:07:
e5:47:3f:11:78:bc:a3:82:8a:f5:09:f4:3a:24:c8:08:8a:48:
36:e9:6e:91:25:0b:4c:4d:1f:dc:2b:47:ee:e4:1d:e2:a7:79:
e3:14:60:16:0e:a1:24:43:28:ed:fd:a4:c3:81:80:f8:27:63:
f3:2f:cf:95:48:0f:a6:31:56:ca:35:ad:94:87:9e:e9:88:e5:
6f:eb:54:3e:17:90:89:6c:cb:cb:d6:93:d1:94:12:81:e7:64:
0f:cb:d1:7e:a5:6c:69:eb:38:40:21:42:3d:88:b6:06:51:50:
36:66:06:36:b7:bc:59:bd:ab:b4:ce:a1:86:36:8a:7f:59:d4:
b0:72:a8:91:ce:b4:8d:ea:ec:a8:10:ff:13:39:c5:21:e5:d5:
a9:b1:12:d3:f1:e7:f5:7e:04:42:e6:43:a2:f8:df:ec:9c:a3:
8c:f0:79:4c
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIEKw4nKDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
OTk1NDQ5OTk3NzI3OGE3NTU3MGIzNDAzZjRkM2FhMDBiMWIzNmU4MB4XDTIyMDEw
MTEzNTgwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmU5NTFjYzk1MGFm
YzRkZmNhYzRhM2EzOTM3ZjE4NzE3NjhkNzljMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIc2YZdgYqarJVzmje8BirF8EWEV8kz+n8R92R55A6kR9o1S
SPGbIh8IkzXcBoN6CpdCUiPgEWR2OXPVrJYWYOVoXR7CXAnbo2fSfco0EDscIOnX
3VbPGRjkD4pqgB2fBx5OCuVZcz1S6HZtrSA2sM+v45qLA9w8+jMf2ZfXeKx+xC/8
weilIlNLCm9RFYrKX//2j665bH8UoHkQFhGvmGJBhWCugvDMP61SWXAHvG7dYRjY
IwaNz99LrP9x5JFHkAYB7PxRE9/lE5nW8EUDN4rUwJhhD8+tNNDhgVO/cB3kqzaR
Vzxj2hcew509BODGcrSfVPS8UmpBXUuvUJYPYIcCAwEAAaOCAh8wggIbMB0GA1Ud
DgQWBBQulRzJUK/E38rEo6OTfxhxdo15wjAfBgNVHSMEGDAWgBS5lUSZl3J4p1Vw
s0A/TTqgCxs26DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VaVkVtWmR5ZUtkVmNMTkFQMDA2b0FzYk51Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDcvNzg4ODAzLWJlMTItNDMzZi1hOGQwLTAyNGIxNjU1YzI0Ny8x
L0xwVWN5VkN2eE5fS3hLT2prMzhZY1hhTmVjSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDcv
Nzg4ODAzLWJlMTItNDMzZi1hOGQwLTAyNGIxNjU1YzI0Ny8xL3VaVkVtWmR5ZUtk
VmNMTkFQMDA2b0FzYk51Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA1
BggrBgEFBQcBBwEB/wQmMCQwIgQCAAEwHDAMAwQHTUGAAwQBTUGEMAwDBANNQcgD
BABNQcwwDQYJKoZIhvcNAQELBQADggEBADs7FilGy8Ella0jxjd3j2JDHRYaE9Pc
D3xnexweSy4gntQi4LxKfINgv7lhO4RfdcVhtxbvBNDMmtM/JRY8JQcqGZsGf384
RNgYzJBnGWTCP5ac9tdT/BjSB+VHPxF4vKOCivUJ9DokyAiKSDbpbpElC0xNH9wr
R+7kHeKneeMUYBYOoSRDKO39pMOBgPgnY/Mvz5VID6YxVso1rZSHnumI5W/rVD4X
kIlsy8vWk9GUEoHnZA/L0X6lbGnrOEAhQj2ItgZRUDZmBja3vFm9q7TOoYY2in9Z
1LByqJHOtI3q7KgQ/xM5xSHl1amxEtPx5/V+BELmQ6L43+yco4zweUw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:21 2024 by rpki-client on console-ams.rpki-client.org