Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/1fAO3juB-l_fnJx0xysKDrLVA3M.roa
File: 1fAO3juB-l_fnJx0xysKDrLVA3M.roa (raw, json)
Hash identifier: /nOcc+kl2tWiSqWoPC0ejYv0pP2yj/qrIBH9Xxho4o0=
Subject key identifier: D5:F0:0E:DE:3B:81:FA:5F:DF:9C:9C:74:C7:2B:0A:0E:B2:D5:03:73
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 1D603E5B
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/1fAO3juB-l_fnJx0xysKDrLVA3M.roa
Signing time: Tue 29 Mar 2022 18:13:37 +0000
ROA not before: Tue 29 Mar 2022 18:13:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 212.111.211.0/24 maxlen: 24
77.47.210.0/23 maxlen: 24
77.47.212.0/23 maxlen: 24
212.111.216.0/23 maxlen: 24
212.111.218.0/23 maxlen: 24
77.47.240.0/23 maxlen: 24
195.178.128.0/22 maxlen: 24
195.178.142.0/23 maxlen: 24
195.178.146.0/23 maxlen: 24
185.143.56.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 492846683 (0x1d603e5b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Mar 29 18:13:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d5f00ede3b81fa5fdf9c9c74c72b0a0eb2d50373
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:1b:4f:02:f0:4e:d6:71:d3:8b:5b:d6:9f:ee:
80:27:7c:2f:12:68:22:fc:ca:70:96:57:2d:0e:59:
0b:26:92:15:3a:0b:33:0f:09:d9:6a:d5:98:1e:2b:
50:75:96:c4:54:de:4a:72:4a:f5:1b:a8:80:2e:37:
c5:fa:b3:70:eb:39:f8:ab:c5:3c:81:77:8f:c5:84:
e1:06:cb:f2:e9:cc:66:5b:4d:a9:e9:47:78:40:f8:
bc:5d:42:48:56:4c:94:b0:36:7c:b4:8d:ad:73:d7:
57:bd:63:12:89:75:09:f0:34:54:60:80:0b:1f:2a:
5e:6c:82:70:93:ac:1d:54:13:f2:09:33:ce:00:bc:
d2:9b:df:4b:8e:97:ad:a4:bd:0f:26:4b:3d:17:ea:
65:c5:45:82:ba:d0:3c:ca:ae:89:2c:5c:42:e9:3b:
53:3e:44:40:9a:fc:73:0d:ae:a4:89:25:7e:d6:0f:
e4:ba:d2:16:55:ee:31:d6:a2:90:c7:dc:c0:54:fa:
59:7a:8c:88:10:d5:4e:a8:e3:2e:d0:65:64:07:0e:
e0:32:3b:a3:25:9f:f4:15:73:1e:0e:29:28:ea:ee:
3c:ef:35:27:5d:54:1f:ce:4e:77:bc:5a:3a:8e:73:
56:2b:97:cf:32:d7:28:d0:2d:81:ac:89:91:ac:6e:
95:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:F0:0E:DE:3B:81:FA:5F:DF:9C:9C:74:C7:2B:0A:0E:B2:D5:03:73
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/1fAO3juB-l_fnJx0xysKDrLVA3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.47.210.0-77.47.213.255
77.47.240.0/23
185.143.56.0/22
195.178.128.0/22
195.178.142.0/23
195.178.146.0/23
212.111.211.0/24
212.111.216.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:9a:1b:98:b0:dd:06:0b:f6:59:12:7f:0e:c8:e6:a6:bf:76:
fa:30:5c:7f:51:f2:d5:80:94:7c:24:13:b2:70:84:ef:28:20:
e7:d0:3d:da:fd:e2:f8:0e:c0:2c:43:a3:7b:54:c5:cf:b3:51:
27:64:f2:23:f5:08:33:f1:b0:ca:0e:32:7c:de:18:72:4c:e1:
a8:5f:21:68:93:d4:93:3b:39:9e:4c:1f:f4:61:5f:b6:73:ad:
43:11:28:3f:1f:33:90:f5:8d:aa:4b:25:41:33:7b:f6:03:54:
27:c3:dc:98:08:39:a5:fd:a4:f2:1e:b6:0b:26:c0:b6:9b:a0:
d2:02:26:61:f3:9b:f3:9a:03:4e:29:16:e3:09:d7:d1:66:c7:
ec:30:cc:71:83:9b:0d:90:c7:39:be:9b:38:62:df:55:38:40:
1d:61:da:a1:77:2d:44:e7:6e:5d:1a:bc:f8:0b:72:87:b1:ec:
f7:ac:86:0b:c0:7e:7a:a0:a3:98:06:a7:ad:b4:b1:80:e7:3b:
8b:05:64:0d:69:f1:1c:48:61:aa:0b:5a:65:41:37:07:91:74:
2c:a4:61:d8:69:ee:b5:15:44:5e:b0:09:09:ad:77:1b:e4:6b:
a4:60:38:de:70:a1:b0:83:c5:68:2a:25:4d:65:8d:ff:46:0a:
30:3c:6c:d1
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIEHWA+WzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
OTQyNjMyNWFjYjhjZTYwOWE2ODZmYTY1NWIwNTg5Njg4MDliMzQ2MB4XDTIyMDMy
OTE4MTMzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDVmMDBlZGUzYjgx
ZmE1ZmRmOWM5Yzc0YzcyYjBhMGViMmQ1MDM3MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJsbTwLwTtZx04tb1p/ugCd8LxJoIvzKcJZXLQ5ZCyaSFToL
Mw8J2WrVmB4rUHWWxFTeSnJK9RuogC43xfqzcOs5+KvFPIF3j8WE4QbL8unMZltN
qelHeED4vF1CSFZMlLA2fLSNrXPXV71jEol1CfA0VGCACx8qXmyCcJOsHVQT8gkz
zgC80pvfS46XraS9DyZLPRfqZcVFgrrQPMquiSxcQuk7Uz5EQJr8cw2upIklftYP
5LrSFlXuMdaikMfcwFT6WXqMiBDVTqjjLtBlZAcO4DI7oyWf9BVzHg4pKOruPO81
J11UH85Od7xaOo5zViuXzzLXKNAtgayJkaxulf8CAwEAAaOCAjswggI3MB0GA1Ud
DgQWBBTV8A7eO4H6X9+cnHTHKwoOstUDczAfBgNVHSMEGDAWgBQZQmMlrLjOYJpo
b6ZVsFiWiAmzRjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dVSmpKYXk0em1DYWFHLW1WYkJZbG9nSnMwWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvOGI2ZmIwLWE4NzUtNDk0Ny04YWU0LTAzZjRjNzExM2MzNC8x
LzFmQU8zanVCLWxfZm5KeDB4eXNLRHJMVkEzTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
OGI2ZmIwLWE4NzUtNDk0Ny04YWU0LTAzZjRjNzExM2MzNC8xL0dVSmpKYXk0em1D
YWFHLW1WYkJZbG9nSnMwWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBR
BggrBgEFBQcBBwEB/wRCMEAwPgQCAAEwODAMAwQBTS/SAwQBTS/UAwQBTS/wAwQC
uY84AwQCw7KAAwQBw7KOAwQBw7KSAwQA1G/TAwQC1G/YMA0GCSqGSIb3DQEBCwUA
A4IBAQBamhuYsN0GC/ZZEn8OyOamv3b6MFx/UfLVgJR8JBOycITvKCDn0D3a/eL4
DsAsQ6N7VMXPs1EnZPIj9Qgz8bDKDjJ83hhyTOGoXyFok9STOzmeTB/0YV+2c61D
ESg/HzOQ9Y2qSyVBM3v2A1Qnw9yYCDml/aTyHrYLJsC2m6DSAiZh85vzmgNOKRbj
CdfRZsfsMMxxg5sNkMc5vps4Yt9VOEAdYdqhdy1E525dGrz4C3KHsez3rIYLwH56
oKOYBqettLGA5zuLBWQNafEcSGGqC1plQTcHkXQspGHYae61FUResAkJrXcb5Guk
YDjecKGwg8VoKiVNZY3/RgowPGzR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:42 2024 by rpki-client on console-fra.rpki-client.org