Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/5HBny-ngWCMWfhv9W-fKqB5GuP8.roa
File: 5HBny-ngWCMWfhv9W-fKqB5GuP8.roa (raw, json)
Hash identifier: GAVe9mZ1SW/ZbAmNXsUHSWS+lsy0BKjdrXOsanfVwoQ=
Subject key identifier: E4:70:67:CB:E9:E0:58:23:16:7E:1B:FD:5B:E7:CA:A8:1E:46:B8:FF
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 0182646B32D786E9DFCB6EC9C70F24E24DCB
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/5HBny-ngWCMWfhv9W-fKqB5GuP8.roa
Signing time: Wed 03 Aug 2022 15:55:23 +0000
ROA not before: Wed 03 Aug 2022 15:55:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3319
IP address blocks: 212.111.200.0/24 maxlen: 24
77.47.210.0/23 maxlen: 24
77.47.244.0/22 maxlen: 22
195.178.144.0/23 maxlen: 23
195.178.147.0/24 maxlen: 24
195.178.146.0/24 maxlen: 24
195.178.152.0/22 maxlen: 22
77.47.178.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:64:6b:32:d7:86:e9:df:cb:6e:c9:c7:0f:24:e2:4d:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Aug 3 15:55:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e47067cbe9e05823167e1bfd5be7caa81e46b8ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:91:b4:ff:4b:fd:d2:a2:48:5f:a6:b1:3e:94:
be:85:16:f4:05:a1:77:88:1b:65:a6:ea:66:91:77:
a6:64:50:d5:79:6b:ad:c3:be:1f:13:90:f6:4c:0c:
98:c8:dc:fe:9c:ff:6b:10:85:d0:5f:84:96:38:19:
64:e4:76:a8:26:ef:cf:99:53:b1:30:e9:8f:49:5e:
8e:b9:3a:f7:da:1a:e0:ed:81:e8:0a:59:9a:9a:31:
e1:b6:68:6e:3d:66:33:d0:50:48:35:3c:2e:d6:c3:
95:c6:e7:d5:f1:c4:6d:ce:48:72:4a:c0:6b:98:fb:
d7:f1:73:bd:7f:e3:7e:cb:90:73:2d:f1:f4:22:31:
eb:40:40:b1:2b:88:11:e4:9c:e5:1e:d6:97:a5:33:
f5:f8:14:3e:54:01:26:b3:a5:c5:09:73:e4:74:69:
e9:f6:1c:e8:b7:ca:e3:5f:3d:44:b2:53:8a:fe:27:
70:aa:b1:a6:08:34:88:98:38:c9:ea:d8:c1:4a:3a:
3e:c3:a2:98:e0:56:42:8d:db:5a:a1:1a:c0:0b:94:
ea:63:1c:e4:c2:db:29:a6:95:84:23:75:23:eb:c5:
4a:ab:67:8d:62:84:3f:2a:01:df:1b:74:9c:9b:07:
a9:98:a7:55:3d:09:66:2e:98:0b:ad:d8:99:b0:14:
09:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:70:67:CB:E9:E0:58:23:16:7E:1B:FD:5B:E7:CA:A8:1E:46:B8:FF
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/5HBny-ngWCMWfhv9W-fKqB5GuP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.47.178.0/23
77.47.210.0/23
77.47.244.0/22
195.178.144.0/22
195.178.152.0/22
212.111.200.0/24
Signature Algorithm: sha256WithRSAEncryption
35:db:76:4e:8d:74:bf:2a:54:89:e6:f5:1a:a3:2f:c7:28:33:
9d:4d:4e:6e:6a:ec:8c:0d:23:dd:94:d0:78:c1:92:80:7b:39:
a9:c6:02:49:27:c8:2d:fd:57:8b:e6:53:dc:e0:48:c4:4a:08:
e9:74:a5:c4:ef:c9:8c:ae:f2:0a:4e:f9:a1:a7:a4:db:bf:2b:
a7:f8:13:80:17:49:a2:34:d4:08:fe:29:ac:52:0f:b7:9e:cf:
d9:bf:ef:dd:28:50:85:95:33:36:18:1b:86:98:a7:e8:d9:b0:
63:93:2c:f4:f7:80:29:3d:cb:52:f9:04:82:62:7e:de:ef:cf:
fe:4d:20:e8:ae:b5:3a:31:eb:ff:88:22:84:65:c5:fd:85:9e:
99:00:5e:04:5b:36:b6:c5:5f:a5:a6:16:42:73:83:0a:07:a6:
34:d3:49:99:d0:e0:7b:3c:a1:67:48:76:eb:2a:96:80:b3:38:
fb:72:31:b4:88:39:16:cf:cd:45:b7:6d:bd:45:22:02:1e:79:
6d:79:6e:23:6d:10:a0:63:87:3a:7e:19:ba:40:ff:4b:c8:77:
f8:59:96:41:79:55:cd:f9:17:a2:68:b6:f0:c0:68:56:cb:40:
66:56:ba:2f:52:31:27:fb:7f:24:73:57:1d:fd:df:16:46:d4:
9e:84:37:d3
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYJkazLXhunfy27Jxw8k4k3LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjIwODAzMTU1NTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDcwNjdjYmU5ZTA1ODIzMTY3ZTFiZmQ1YmU3Y2FhODFlNDZiOGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw5G0/0v90qJIX6axPpS+hRb0BaF3
iBtlpupmkXemZFDVeWutw74fE5D2TAyYyNz+nP9rEIXQX4SWOBlk5HaoJu/PmVOx
MOmPSV6OuTr32hrg7YHoClmamjHhtmhuPWYz0FBINTwu1sOVxufV8cRtzkhySsBr
mPvX8XO9f+N+y5BzLfH0IjHrQECxK4gR5JzlHtaXpTP1+BQ+VAEms6XFCXPkdGnp
9hzot8rjXz1EslOK/idwqrGmCDSImDjJ6tjBSjo+w6KY4FZCjdtaoRrAC5TqYxzk
wtspppWEI3Uj68VKq2eNYoQ/KgHfG3ScmwepmKdVPQlmLpgLrdiZsBQJHQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFORwZ8vp4FgjFn4b/VvnyqgeRrj/MB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvNUhCbnktbmdXQ01XZmh2OVctZktxQjVHdVA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBTS+yAwQB
TS/SAwQCTS/0AwQCw7KQAwQCw7KYAwQA1G/IMA0GCSqGSIb3DQEBCwUAA4IBAQA1
23ZOjXS/KlSJ5vUaoy/HKDOdTU5uauyMDSPdlNB4wZKAezmpxgJJJ8gt/VeL5lPc
4EjESgjpdKXE78mMrvIKTvmhp6Tbvyun+BOAF0miNNQI/imsUg+3ns/Zv+/dKFCF
lTM2GBuGmKfo2bBjkyz094ApPctS+QSCYn7e78/+TSDorrU6Mev/iCKEZcX9hZ6Z
AF4EWza2xV+lphZCc4MKB6Y000mZ0OB7PKFnSHbrKpaAszj7cjG0iDkWz81Ft229
RSICHnlteW4jbRCgY4c6fhm6QP9LyHf4WZZBeVXN+ReiaLbwwGhWy0BmVrovUjEn
+38kc1cd/d8WRtSehDfT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:42 2024 by rpki-client on console-fra.rpki-client.org