Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/U7Xs-_WCobCWjr5eM-6NzRqhuy0.roa
File: U7Xs-_WCobCWjr5eM-6NzRqhuy0.roa (raw, json)
Hash identifier: /wSCh/u82W3ocyoOHUWktLLJ483/oJhrjQg+XsBjIPQ=
Subject key identifier: 53:B5:EC:FB:F5:82:A1:B0:96:8E:BE:5E:33:EE:8D:CD:1A:A1:BB:2D
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 1E6A3715
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/U7Xs-_WCobCWjr5eM-6NzRqhuy0.roa
Signing time: Mon 27 Jun 2022 19:41:32 +0000
ROA not before: Mon 27 Jun 2022 19:41:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3319
IP address blocks: 212.111.200.0/24 maxlen: 24
77.47.210.0/23 maxlen: 24
77.47.212.0/23 maxlen: 24
77.47.240.0/24 maxlen: 24
77.47.244.0/22 maxlen: 22
77.47.152.0/24 maxlen: 24
195.178.144.0/23 maxlen: 23
77.47.154.0/24 maxlen: 24
77.47.153.0/24 maxlen: 24
77.47.155.0/24 maxlen: 24
195.178.147.0/24 maxlen: 24
195.178.152.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 510277397 (0x1e6a3715)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Jun 27 19:41:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=53b5ecfbf582a1b0968ebe5e33ee8dcd1aa1bb2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:12:cb:a0:32:20:c8:16:f4:d3:d0:58:1d:5b:
87:2d:89:c1:05:42:1c:4e:97:e1:b7:ee:17:c7:d6:
68:1b:a9:99:1a:29:36:ab:db:2e:df:4f:4b:d4:f1:
0f:cb:fe:4c:f3:67:4d:0a:30:aa:4b:8f:a8:43:03:
c7:c8:f8:a0:44:89:25:00:01:7e:25:4c:9a:a0:a5:
6e:48:8f:83:6a:13:16:2f:8a:99:5f:47:c9:b8:83:
bd:1f:c8:b3:7e:33:8e:a3:bc:ac:9e:3c:4d:62:13:
e9:8e:56:c3:30:a7:bb:87:c9:41:04:c3:5f:f0:d2:
0f:36:ae:6e:ae:42:cf:d9:5f:1f:dc:72:72:7e:68:
dd:b3:db:20:79:db:50:0e:3e:79:50:96:0f:b1:4d:
34:b8:7b:19:9c:74:01:61:66:db:2b:83:af:8b:dd:
7b:e8:8a:a5:ad:2a:f3:df:76:9c:9d:1f:f4:b2:df:
8f:f1:7a:d7:bf:0e:88:bd:9d:1c:0f:31:66:a1:51:
ba:c4:74:c3:01:6c:42:15:0c:1f:bc:49:70:be:a7:
4b:e0:ea:07:40:f7:91:21:83:8f:34:47:65:5a:59:
e2:32:d2:37:0b:48:16:02:c2:a5:e0:f0:57:fb:39:
7c:8f:20:7b:71:b0:3e:62:40:5f:05:2f:5a:63:e7:
1b:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:B5:EC:FB:F5:82:A1:B0:96:8E:BE:5E:33:EE:8D:CD:1A:A1:BB:2D
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/U7Xs-_WCobCWjr5eM-6NzRqhuy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.47.152.0/22
77.47.210.0-77.47.213.255
77.47.240.0/24
77.47.244.0/22
195.178.144.0/23
195.178.147.0/24
195.178.152.0/22
212.111.200.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:cd:a3:87:85:b6:b1:79:69:f8:6f:85:15:58:a7:28:63:dd:
82:1b:30:c1:e0:0f:0c:48:9f:65:d5:47:94:83:cb:dc:cb:38:
42:d2:a1:cf:93:6f:22:4d:64:0e:ca:4a:a5:9b:fe:f5:39:f2:
55:6e:c8:05:a0:39:90:9b:40:aa:77:f8:42:92:a3:56:66:25:
1a:36:93:8d:7b:49:4d:5e:34:b6:e5:cd:e1:67:3f:3d:ac:38:
80:05:80:cd:80:42:85:6f:8b:30:61:9e:57:24:d0:cf:cb:55:
a9:92:79:63:9e:66:50:69:60:e9:86:89:40:df:6e:5b:a6:4d:
19:4b:19:4f:07:f6:9d:f9:e1:2a:b3:32:72:28:45:cc:e1:fb:
41:c8:e2:3f:60:db:2c:61:93:c4:80:97:80:62:5f:be:d5:39:
89:75:af:e9:ed:34:68:cc:f1:c6:28:c0:02:2d:b0:c4:0e:c4:
23:1e:ff:4d:0b:d8:83:1b:79:61:3d:aa:83:b8:a9:66:13:62:
f9:fe:55:74:25:24:89:c3:a1:51:9e:76:55:08:d5:76:1e:fb:
e2:a4:d0:4f:83:d1:73:d1:e4:be:0c:3b:90:00:38:1a:c6:f2:
ca:89:24:e9:07:1d:c5:c8:18:fb:78:b2:1b:5f:26:99:91:34:
9f:09:20:1a
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIEHmo3FTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
OTQyNjMyNWFjYjhjZTYwOWE2ODZmYTY1NWIwNTg5Njg4MDliMzQ2MB4XDTIyMDYy
NzE5NDEzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTNiNWVjZmJmNTgy
YTFiMDk2OGViZTVlMzNlZThkY2QxYWExYmIyZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALkSy6AyIMgW9NPQWB1bhy2JwQVCHE6X4bfuF8fWaBupmRop
NqvbLt9PS9TxD8v+TPNnTQowqkuPqEMDx8j4oESJJQABfiVMmqClbkiPg2oTFi+K
mV9HybiDvR/Is34zjqO8rJ48TWIT6Y5WwzCnu4fJQQTDX/DSDzaubq5Cz9lfH9xy
cn5o3bPbIHnbUA4+eVCWD7FNNLh7GZx0AWFm2yuDr4vde+iKpa0q8992nJ0f9LLf
j/F6178OiL2dHA8xZqFRusR0wwFsQhUMH7xJcL6nS+DqB0D3kSGDjzRHZVpZ4jLS
NwtIFgLCpeDwV/s5fI8ge3GwPmJAXwUvWmPnG1MCAwEAAaOCAjswggI3MB0GA1Ud
DgQWBBRTtez79YKhsJaOvl4z7o3NGqG7LTAfBgNVHSMEGDAWgBQZQmMlrLjOYJpo
b6ZVsFiWiAmzRjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dVSmpKYXk0em1DYWFHLW1WYkJZbG9nSnMwWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvOGI2ZmIwLWE4NzUtNDk0Ny04YWU0LTAzZjRjNzExM2MzNC8x
L1U3WHMtX1dDb2JDV2pyNWVNLTZOelJxaHV5MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
OGI2ZmIwLWE4NzUtNDk0Ny04YWU0LTAzZjRjNzExM2MzNC8xL0dVSmpKYXk0em1D
YWFHLW1WYkJZbG9nSnMwWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBR
BggrBgEFBQcBBwEB/wRCMEAwPgQCAAEwOAMEAk0vmDAMAwQBTS/SAwQBTS/UAwQA
TS/wAwQCTS/0AwQBw7KQAwQAw7KTAwQCw7KYAwQA1G/IMA0GCSqGSIb3DQEBCwUA
A4IBAQBczaOHhbaxeWn4b4UVWKcoY92CGzDB4A8MSJ9l1UeUg8vcyzhC0qHPk28i
TWQOykqlm/71OfJVbsgFoDmQm0Cqd/hCkqNWZiUaNpONe0lNXjS25c3hZz89rDiA
BYDNgEKFb4swYZ5XJNDPy1WpknljnmZQaWDpholA325bpk0ZSxlPB/ad+eEqszJy
KEXM4ftByOI/YNssYZPEgJeAYl++1TmJda/p7TRozPHGKMACLbDEDsQjHv9NC9iD
G3lhPaqDuKlmE2L5/lV0JSSJw6FRnnZVCNV2HvvipNBPg9Fz0eS+DDuQADgaxvLK
iSTpBx3FyBj7eLIbXyaZkTSfCSAa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:42 2024 by rpki-client on console-fra.rpki-client.org