Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/G7DJozD8lYYnOHh6s_2XRDxCSuo.roa
File: G7DJozD8lYYnOHh6s_2XRDxCSuo.roa (raw, json)
Hash identifier: Ynvlg2YYom3XONcdUGWC2rdEQ009I8zP0Tvsp5lwP3M=
Subject key identifier: 1B:B0:C9:A3:30:FC:95:86:27:38:78:7A:B3:FD:97:44:3C:42:4A:EA
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 1D54549B
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/G7DJozD8lYYnOHh6s_2XRDxCSuo.roa
Signing time: Tue 29 Mar 2022 13:31:01 +0000
ROA not before: Tue 29 Mar 2022 13:31:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3319
IP address blocks: 195.178.144.0/21 maxlen: 21
185.143.56.0/22 maxlen: 24
195.178.152.0/22 maxlen: 22
212.111.220.0/24 maxlen: 24
212.111.222.0/24 maxlen: 24
212.111.221.0/24 maxlen: 24
212.111.223.0/24 maxlen: 24
77.47.244.0/22 maxlen: 22
77.47.248.0/22 maxlen: 24
77.47.252.0/22 maxlen: 24
77.47.152.0/24 maxlen: 24
77.47.154.0/24 maxlen: 24
77.47.153.0/24 maxlen: 24
77.47.155.0/24 maxlen: 24
77.47.182.0/24 maxlen: 24
77.47.181.0/24 maxlen: 24
77.47.183.0/24 maxlen: 24
77.47.180.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 492065947 (0x1d54549b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Mar 29 13:31:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1bb0c9a330fc95862738787ab3fd97443c424aea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a1:08:ab:23:76:29:2e:54:cc:fe:2b:3c:6b:
a2:c7:54:b2:63:61:73:db:5f:59:95:09:70:6b:eb:
93:f6:99:80:a4:24:e4:53:20:51:60:3d:ae:89:9f:
72:36:d1:e0:f7:02:f5:ca:00:2a:b2:b0:f7:48:45:
e1:99:8d:b7:8c:9c:59:51:78:19:af:60:5e:b3:07:
c7:46:bf:b0:95:79:4e:21:02:87:b8:28:33:4f:c6:
74:ac:d4:fc:96:7f:cb:1e:71:ec:70:f5:f6:36:b2:
18:7f:3b:38:61:3c:0c:32:9d:4e:90:d1:18:fb:d8:
43:4f:80:21:47:2c:38:7d:16:8e:40:69:df:14:5f:
5c:7a:16:bc:a8:ed:cf:fc:12:f8:03:33:06:8c:78:
c8:14:bc:67:dc:36:f5:74:e9:2f:53:c1:7c:36:9e:
13:e6:5a:fc:47:bf:bb:40:67:be:34:c9:1e:00:1f:
60:ad:69:f1:13:94:7a:36:06:ce:32:ef:6f:03:68:
a3:34:51:73:28:8c:ae:66:15:ee:67:f2:83:80:3e:
85:8e:65:71:86:16:ee:09:89:78:52:0b:f2:b9:dc:
46:86:4f:55:a1:25:20:35:3c:53:8a:44:fd:b3:ce:
c1:40:c4:df:6f:ae:fc:66:cc:78:51:1e:94:05:8c:
21:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:B0:C9:A3:30:FC:95:86:27:38:78:7A:B3:FD:97:44:3C:42:4A:EA
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/G7DJozD8lYYnOHh6s_2XRDxCSuo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.47.152.0/22
77.47.180.0/22
77.47.244.0-77.47.255.255
185.143.56.0/22
195.178.144.0-195.178.155.255
212.111.220.0/22
Signature Algorithm: sha256WithRSAEncryption
0d:37:44:4d:ec:da:dd:d3:c9:21:20:e1:04:5a:7d:60:70:02:
09:79:0c:0a:37:a8:49:ad:4a:ad:65:da:d3:55:51:58:1f:89:
1c:ba:3a:b6:be:ef:46:0e:17:3a:07:c5:68:c7:4a:20:89:d3:
a1:44:3e:58:18:bc:81:2b:45:df:6d:f9:6c:e3:7a:61:3b:f6:
28:ba:6b:44:a8:d9:25:f6:4d:ea:b7:55:84:1c:b6:71:19:ed:
a0:7b:b1:3a:0b:f2:0c:b1:69:4f:25:6b:72:d7:c1:76:26:97:
01:35:12:23:99:b5:9b:07:52:79:e4:df:44:e2:94:98:71:89:
41:5f:5d:09:fb:48:8b:54:44:ba:6f:67:25:e7:f5:f8:93:7c:
50:03:24:5b:bb:73:6d:0e:12:11:32:eb:2a:c4:fb:b0:15:7b:
4e:d2:6e:cf:7d:75:03:1c:8c:a1:42:a5:a2:a7:15:b4:e0:f8:
5a:5e:6c:d0:12:b3:7b:3a:d4:9c:e0:97:60:03:c1:f0:e4:7d:
32:62:9b:06:cb:4c:27:2d:d7:d1:6a:f4:16:d3:3b:d0:e3:da:
ae:0b:08:f6:d4:e1:20:a0:34:b3:c4:9d:4d:25:61:1d:37:c8:
28:12:f0:a8:75:73:73:14:17:21:ba:c4:00:21:b1:c2:99:a7:
d7:75:3a:8a
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEHVRUmzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
OTQyNjMyNWFjYjhjZTYwOWE2ODZmYTY1NWIwNTg5Njg4MDliMzQ2MB4XDTIyMDMy
OTEzMzEwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWJiMGM5YTMzMGZj
OTU4NjI3Mzg3ODdhYjNmZDk3NDQzYzQyNGFlYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMahCKsjdikuVMz+KzxrosdUsmNhc9tfWZUJcGvrk/aZgKQk
5FMgUWA9romfcjbR4PcC9coAKrKw90hF4ZmNt4ycWVF4Ga9gXrMHx0a/sJV5TiEC
h7goM0/GdKzU/JZ/yx5x7HD19jayGH87OGE8DDKdTpDRGPvYQ0+AIUcsOH0WjkBp
3xRfXHoWvKjtz/wS+AMzBox4yBS8Z9w29XTpL1PBfDaeE+Za/Ee/u0BnvjTJHgAf
YK1p8ROUejYGzjLvbwNoozRRcyiMrmYV7mfyg4A+hY5lcYYW7gmJeFIL8rncRoZP
VaElIDU8U4pE/bPOwUDE32+u/GbMeFEelAWMIa0CAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBQbsMmjMPyVhic4eHqz/ZdEPEJK6jAfBgNVHSMEGDAWgBQZQmMlrLjOYJpo
b6ZVsFiWiAmzRjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dVSmpKYXk0em1DYWFHLW1WYkJZbG9nSnMwWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvOGI2ZmIwLWE4NzUtNDk0Ny04YWU0LTAzZjRjNzExM2MzNC8x
L0c3REpvekQ4bFlZbk9IaDZzXzJYUkR4Q1N1by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
OGI2ZmIwLWE4NzUtNDk0Ny04YWU0LTAzZjRjNzExM2MzNC8xL0dVSmpKYXk0em1D
YWFHLW1WYkJZbG9nSnMwWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswOQQCAAEwMwMEAk0vmAMEAk0vtDALAwQCTS/0AwME
TSADBAK5jzgwDAMEBMOykAMEAsOymAMEAtRv3DANBgkqhkiG9w0BAQsFAAOCAQEA
DTdETeza3dPJISDhBFp9YHACCXkMCjeoSa1KrWXa01VRWB+JHLo6tr7vRg4XOgfF
aMdKIInToUQ+WBi8gStF3235bON6YTv2KLprRKjZJfZN6rdVhBy2cRntoHuxOgvy
DLFpTyVrctfBdiaXATUSI5m1mwdSeeTfROKUmHGJQV9dCftIi1REum9nJef1+JN8
UAMkW7tzbQ4SETLrKsT7sBV7TtJuz311AxyMoUKloqcVtOD4Wl5s0BKzezrUnOCX
YAPB8OR9MmKbBstMJy3X0Wr0FtM70OPargsI9tThIKA0s8SdTSVhHTfIKBLwqHVz
cxQXIbrEACGxwpmn13U6ig==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:38 2024 by rpki-client on console-ams.rpki-client.org