Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/000465-83cb-41b4-8e60-08d65b38639d/1/XyVVVS5LNc0a6vBcqN-sUj5DTJc.roa
File: XyVVVS5LNc0a6vBcqN-sUj5DTJc.roa (raw, json)
Hash identifier: ETrFDc7k83BX/Ecl75YetofzBtC4yHOGsbj9k3QxCcI=
Subject key identifier: 5F:25:55:55:2E:4B:35:CD:1A:EA:F0:5C:A8:DF:AC:52:3E:43:4C:97
Certificate issuer: /CN=682c842dfa2a1e714727bccb95f165347103f277
Certificate serial: 168A3144
Authority key identifier: 68:2C:84:2D:FA:2A:1E:71:47:27:BC:CB:95:F1:65:34:71:03:F2:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aCyELfoqHnFHJ7zLlfFlNHED8nc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/000465-83cb-41b4-8e60-08d65b38639d/1/XyVVVS5LNc0a6vBcqN-sUj5DTJc.roa
Signing time: Sat 01 Jan 2022 09:01:34 +0000
ROA not before: Sat 01 Jan 2022 09:01:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59835
IP address blocks: 77.80.253.0/24 maxlen: 24
77.80.255.0/24 maxlen: 24
185.69.168.0/24 maxlen: 24
2a05:2240::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 378155332 (0x168a3144)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=682c842dfa2a1e714727bccb95f165347103f277
Validity
Not Before: Jan 1 09:01:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5f2555552e4b35cd1aeaf05ca8dfac523e434c97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:fa:ac:21:2b:94:51:d4:67:fd:f9:e5:6b:e3:
0c:17:70:0a:94:22:2b:59:5b:32:f5:14:1d:69:d0:
1c:a4:29:45:78:6c:f7:42:95:48:6c:e3:38:e3:62:
e9:3c:33:2e:38:78:8e:d6:2b:ec:f3:71:3e:ee:5f:
a4:a6:53:3b:e1:05:2a:42:0f:c5:97:4e:33:9c:9b:
b5:6c:f5:d5:ed:8b:7e:e5:b9:f3:c9:21:51:93:43:
0e:07:d6:14:d6:45:e9:65:9e:02:50:ed:ef:86:a3:
12:27:29:4e:38:68:08:f7:dd:61:04:10:85:82:e7:
fa:27:96:c1:0e:0a:1d:01:55:1d:82:26:0d:64:da:
e1:81:c4:c8:3c:78:84:07:83:5b:ae:d1:d7:40:21:
28:bd:fd:3a:56:00:c4:78:7a:e0:d6:9a:2a:5f:4c:
4f:1f:d1:07:40:a7:fb:21:98:91:33:97:d0:6c:2d:
f9:82:10:e1:f5:15:0a:e4:27:03:88:ca:c5:72:78:
00:fa:3a:2e:78:22:e2:45:7b:11:1f:a8:38:6e:68:
24:b5:da:c2:a5:2f:6f:ee:fe:0a:b3:e4:a7:60:65:
67:57:15:49:7e:3a:ff:e7:ec:af:b8:c6:cb:16:51:
0c:28:b3:46:fe:b5:80:e7:a9:b6:70:5d:9e:6d:5c:
21:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:25:55:55:2E:4B:35:CD:1A:EA:F0:5C:A8:DF:AC:52:3E:43:4C:97
X509v3 Authority Key Identifier:
keyid:68:2C:84:2D:FA:2A:1E:71:47:27:BC:CB:95:F1:65:34:71:03:F2:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aCyELfoqHnFHJ7zLlfFlNHED8nc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/000465-83cb-41b4-8e60-08d65b38639d/1/XyVVVS5LNc0a6vBcqN-sUj5DTJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/000465-83cb-41b4-8e60-08d65b38639d/1/aCyELfoqHnFHJ7zLlfFlNHED8nc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.80.253.0/24
77.80.255.0/24
185.69.168.0/24
IPv6:
2a05:2240::/32
Signature Algorithm: sha256WithRSAEncryption
1d:71:68:f2:69:9e:aa:33:14:d1:5b:b9:35:46:80:41:87:1a:
de:85:83:de:6d:1d:2d:17:20:db:51:88:52:77:be:21:9b:82:
f5:2f:a5:c9:65:9e:ad:3d:e1:38:6d:ce:c7:08:f7:77:71:e1:
27:30:5b:21:16:20:d5:11:0b:39:8b:24:2c:66:a9:a7:1c:54:
10:d6:88:ff:98:b7:1b:48:12:db:01:15:0b:56:7f:dd:b1:77:
61:5d:e5:bc:bb:a7:0f:05:ea:7d:cb:3e:50:a3:ed:4e:98:70:
1d:7d:a5:bb:d4:dc:f6:9f:3f:f7:24:f3:1a:c8:66:55:6a:cc:
86:00:70:1e:2a:6c:b6:f3:46:60:46:3a:e6:cf:3e:45:c2:11:
14:73:86:78:8e:b0:4c:1a:13:a8:e7:6f:f4:8f:5f:60:e0:02:
a5:22:d3:9c:6e:fe:32:de:10:01:dd:73:0b:ee:e6:d2:d0:11:
72:e7:d5:0f:27:37:fe:65:25:b3:99:4c:b8:b7:d5:92:9b:e9:
29:bf:84:d5:69:e5:dd:e2:81:8c:d7:84:9f:e0:4d:a3:2a:84:
eb:f1:88:76:e1:26:c4:6c:4b:db:86:fa:7e:63:e4:9b:94:b5:
62:67:fd:1a:64:7f:0e:c7:c9:6d:0f:86:6b:f1:68:0d:e0:bd:
64:8a:be:a5
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEFooxRDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ODJjODQyZGZhMmExZTcxNDcyN2JjY2I5NWYxNjUzNDcxMDNmMjc3MB4XDTIyMDEw
MTA5MDEzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWYyNTU1NTUyZTRi
MzVjZDFhZWFmMDVjYThkZmFjNTIzZTQzNGM5NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN36rCErlFHUZ/355WvjDBdwCpQiK1lbMvUUHWnQHKQpRXhs
90KVSGzjOONi6TwzLjh4jtYr7PNxPu5fpKZTO+EFKkIPxZdOM5ybtWz11e2LfuW5
88khUZNDDgfWFNZF6WWeAlDt74ajEicpTjhoCPfdYQQQhYLn+ieWwQ4KHQFVHYIm
DWTa4YHEyDx4hAeDW67R10AhKL39OlYAxHh64NaaKl9MTx/RB0Cn+yGYkTOX0Gwt
+YIQ4fUVCuQnA4jKxXJ4APo6Lngi4kV7ER+oOG5oJLXawqUvb+7+CrPkp2BlZ1cV
SX46/+fsr7jGyxZRDCizRv61gOeptnBdnm1cIRcCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBRfJVVVLks1zRrq8Fyo36xSPkNMlzAfBgNVHSMEGDAWgBRoLIQt+ioecUcn
vMuV8WU0cQPydzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FDeUVMZm9xSG5GSEo3ekxsZkZsTkhFRDhuYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGYvMDAwNDY1LTgzY2ItNDFiNC04ZTYwLTA4ZDY1YjM4NjM5ZC8x
L1h5VlZWUzVMTmMwYTZ2QmNxTi1zVWo1RFRKYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYv
MDAwNDY1LTgzY2ItNDFiNC04ZTYwLTA4ZDY1YjM4NjM5ZC8xL2FDeUVMZm9xSG5G
SEo3ekxsZkZsTkhFRDhuYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAE1Q/QMEAE1Q/wMEALlFqDANBAIA
AjAHAwUAKgUiQDANBgkqhkiG9w0BAQsFAAOCAQEAHXFo8mmeqjMU0Vu5NUaAQYca
3oWD3m0dLRcg21GIUne+IZuC9S+lyWWerT3hOG3Oxwj3d3HhJzBbIRYg1RELOYsk
LGappxxUENaI/5i3G0gS2wEVC1Z/3bF3YV3lvLunDwXqfcs+UKPtTphwHX2lu9Tc
9p8/9yTzGshmVWrMhgBwHipstvNGYEY65s8+RcIRFHOGeI6wTBoTqOdv9I9fYOAC
pSLTnG7+Mt4QAd1zC+7m0tARcufVDyc3/mUls5lMuLfVkpvpKb+E1Wnl3eKBjNeE
n+BNoyqE6/GIduEmxGxL24b6fmPkm5S1Ymf9GmR/DsfJbQ+Ga/FoDeC9ZIq+pQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:59 2024 by rpki-client on console-fra.rpki-client.org