Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/XROMcxX6gNyphdJIJbxbQ8OJGRc.roa
File: XROMcxX6gNyphdJIJbxbQ8OJGRc.roa (raw, json)
Hash identifier: IZkfTADSWK1uAvC5vEoLevjBNyYThPzZESkj38VPhMo=
Subject key identifier: 5D:13:8C:73:15:FA:80:DC:A9:85:D2:48:25:BC:5B:43:C3:89:19:17
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 1D3E722F
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/XROMcxX6gNyphdJIJbxbQ8OJGRc.roa
Signing time: Fri 25 Mar 2022 11:15:50 +0000
ROA not before: Fri 25 Mar 2022 11:15:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3319
IP address blocks: 77.47.244.0/22 maxlen: 22
77.47.248.0/22 maxlen: 24
77.47.252.0/22 maxlen: 24
77.47.152.0/24 maxlen: 24
195.178.144.0/21 maxlen: 21
77.47.154.0/24 maxlen: 24
77.47.153.0/24 maxlen: 24
77.47.155.0/24 maxlen: 24
185.143.56.0/22 maxlen: 24
195.178.152.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 490631727 (0x1d3e722f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Mar 25 11:15:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5d138c7315fa80dca985d24825bc5b43c3891917
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:12:c2:21:60:7c:b3:57:05:06:7b:58:c1:66:
5b:58:2a:29:df:5f:91:7e:19:d0:00:73:41:99:62:
98:cf:23:21:fd:8f:85:96:87:4a:c9:e0:ae:23:92:
c6:0a:42:d9:f7:4d:7b:89:63:7c:46:a3:c6:2d:1a:
1d:e3:57:2e:56:96:f4:51:84:78:8f:0f:b1:67:a5:
1b:28:1f:a3:bb:3b:9b:d4:7a:43:76:fd:e9:cf:82:
dc:f7:a6:e5:e2:e9:e4:a8:b6:b6:9e:dd:4d:bb:b3:
8d:da:48:30:df:e5:ec:46:7b:03:a3:97:6c:a9:45:
dd:02:dc:fa:03:18:dd:2e:7a:57:53:d3:da:ff:0e:
09:14:9f:e8:37:7a:5a:7b:6f:bc:33:bf:ed:c2:3f:
4c:93:24:5a:c7:b4:82:b4:48:f2:9a:83:c7:12:4a:
7b:20:af:16:bf:71:78:be:0a:43:07:29:0c:22:0a:
e8:e2:1c:41:3f:d1:e2:1d:af:b6:44:a5:3a:d1:90:
17:0f:52:78:bc:b0:5d:30:3c:39:1b:fb:3a:0b:72:
4c:8a:13:36:a6:ea:d7:8f:c3:c1:7b:75:64:62:af:
03:af:5d:79:76:8f:f3:ce:3c:05:58:f4:bd:e1:f6:
fb:80:32:cd:1e:1b:fb:0f:e1:fe:25:ec:cb:67:b7:
48:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:13:8C:73:15:FA:80:DC:A9:85:D2:48:25:BC:5B:43:C3:89:19:17
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/XROMcxX6gNyphdJIJbxbQ8OJGRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.47.152.0/22
77.47.244.0-77.47.255.255
185.143.56.0/22
195.178.144.0-195.178.155.255
Signature Algorithm: sha256WithRSAEncryption
4b:52:f5:e0:8b:a5:4c:97:61:21:33:f2:93:48:70:1c:aa:76:
b5:6b:de:8a:9b:fb:dc:73:b3:8f:ce:7e:35:72:a2:57:8f:c3:
02:b6:da:50:03:91:be:b1:1e:87:15:31:4e:23:49:76:fd:90:
73:f9:04:d5:3d:be:58:96:de:19:f1:95:b4:26:2f:e9:6d:be:
60:1b:9a:e0:c3:a7:e0:e3:7d:f2:52:ee:8e:2b:00:87:78:83:
b2:45:0e:be:0e:ef:8c:ac:95:bd:2c:fd:b7:57:85:35:bf:91:
a0:9e:41:4a:77:52:f0:e8:a5:cd:dd:e3:f0:ae:f4:2b:69:46:
22:95:ff:75:b6:fa:89:d1:a4:55:f3:19:b2:02:2d:ae:3c:9f:
89:ae:6c:09:f7:de:e0:14:e9:94:7a:ee:41:57:de:29:26:44:
af:29:91:8e:f3:5e:54:de:bb:d7:47:0c:e3:f5:5a:4e:e9:92:
36:02:98:c0:a3:92:63:f4:55:aa:22:10:3c:86:d3:49:c3:d1:
07:1d:71:20:24:78:d0:e5:59:3a:ec:c4:72:4a:e5:f2:f2:90:
24:de:5d:1a:54:88:8a:a1:fa:24:cc:8e:8e:fd:85:5c:16:7f:
35:fd:95:97:a4:e0:6a:05:ee:ab:43:ed:2c:a6:da:74:69:00:
5f:61:15:44
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEHT5yLzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
OTQyNjMyNWFjYjhjZTYwOWE2ODZmYTY1NWIwNTg5Njg4MDliMzQ2MB4XDTIyMDMy
NTExMTU1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWQxMzhjNzMxNWZh
ODBkY2E5ODVkMjQ4MjViYzViNDNjMzg5MTkxNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKoSwiFgfLNXBQZ7WMFmW1gqKd9fkX4Z0ABzQZlimM8jIf2P
hZaHSsngriOSxgpC2fdNe4ljfEajxi0aHeNXLlaW9FGEeI8PsWelGygfo7s7m9R6
Q3b96c+C3Pem5eLp5Ki2tp7dTbuzjdpIMN/l7EZ7A6OXbKlF3QLc+gMY3S56V1PT
2v8OCRSf6Dd6WntvvDO/7cI/TJMkWse0grRI8pqDxxJKeyCvFr9xeL4KQwcpDCIK
6OIcQT/R4h2vtkSlOtGQFw9SeLywXTA8ORv7OgtyTIoTNqbq14/DwXt1ZGKvA69d
eXaP8848BVj0veH2+4AyzR4b+w/h/iXsy2e3SFUCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBRdE4xzFfqA3KmF0kglvFtDw4kZFzAfBgNVHSMEGDAWgBQZQmMlrLjOYJpo
b6ZVsFiWiAmzRjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dVSmpKYXk0em1DYWFHLW1WYkJZbG9nSnMwWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvOGI2ZmIwLWE4NzUtNDk0Ny04YWU0LTAzZjRjNzExM2MzNC8x
L1hST01jeFg2Z055cGhkSklKYnhiUThPSkdSYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
OGI2ZmIwLWE4NzUtNDk0Ny04YWU0LTAzZjRjNzExM2MzNC8xL0dVSmpKYXk0em1D
YWFHLW1WYkJZbG9nSnMwWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wLQQCAAEwJwMEAk0vmDALAwQCTS/0AwMETSADBAK5
jzgwDAMEBMOykAMEAsOymDANBgkqhkiG9w0BAQsFAAOCAQEAS1L14IulTJdhITPy
k0hwHKp2tWveipv73HOzj85+NXKiV4/DArbaUAORvrEehxUxTiNJdv2Qc/kE1T2+
WJbeGfGVtCYv6W2+YBua4MOn4ON98lLujisAh3iDskUOvg7vjKyVvSz9t1eFNb+R
oJ5BSndS8Oilzd3j8K70K2lGIpX/dbb6idGkVfMZsgItrjyfia5sCffe4BTplHru
QVfeKSZErymRjvNeVN6710cM4/VaTumSNgKYwKOSY/RVqiIQPIbTScPRBx1xICR4
0OVZOuzEckrl8vKQJN5dGlSIiqH6JMyOjv2FXBZ/Nf2Vl6TgagXuq0PtLKbadGkA
X2EVRA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:38 2024 by rpki-client on console-ams.rpki-client.org