Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/bY3ri00NelALY-EdJHpQmPRmH2M.roa
File: bY3ri00NelALY-EdJHpQmPRmH2M.roa (raw, json)
Hash identifier: S0zTY7IqwOZqoowVrAIr1PIlG1ophOC3q74Fq0aFogE=
Subject key identifier: 6D:8D:EB:8B:4D:0D:7A:50:0B:63:E1:1D:24:7A:50:98:F4:66:1F:63
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 0182CF9EEF925C7A67A217C23B760B1EDEA1
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/bY3ri00NelALY-EdJHpQmPRmH2M.roa
Signing time: Wed 24 Aug 2022 11:31:15 +0000
ROA not before: Wed 24 Aug 2022 11:31:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212953
IP address blocks: 212.111.207.0/24 maxlen: 24
77.47.158.0/23 maxlen: 24
77.47.156.0/24 maxlen: 24
77.47.157.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:cf:9e:ef:92:5c:7a:67:a2:17:c2:3b:76:0b:1e:de:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Aug 24 11:31:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6d8deb8b4d0d7a500b63e11d247a5098f4661f63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:25:63:42:43:42:2d:0b:62:e8:3d:22:52:2d:
16:4a:ee:ba:0e:5f:d3:d5:be:d8:ab:bf:6c:f6:a1:
4b:5d:51:b4:7a:3d:96:cd:24:da:2a:cd:20:50:f4:
ef:04:ae:c4:4c:1f:ed:96:d8:5a:66:1d:a2:00:ba:
d9:14:ae:e4:c1:fe:52:36:bc:2e:d9:d4:a3:9e:aa:
86:20:03:67:92:4f:c7:da:db:5f:3b:af:c6:3b:ff:
84:86:67:96:38:bb:4b:f0:e3:4f:05:8f:9d:83:82:
29:56:c6:7e:ea:06:28:c7:05:76:ff:57:73:2b:1c:
5a:56:46:45:fd:45:f3:2a:66:f9:d5:ef:1e:0e:86:
4b:c2:fa:17:8e:cf:8f:61:0e:16:48:23:6e:c2:85:
2c:f8:6f:c3:36:c2:aa:29:e7:3b:fc:d7:2b:cb:4b:
3e:4b:9f:db:b0:47:ad:b5:ce:58:ff:c4:d9:5b:79:
f0:cc:af:33:f9:d0:c7:73:55:c0:8f:f9:f1:08:bb:
ae:37:2b:97:92:90:97:19:92:fa:29:6c:d2:35:4a:
43:eb:a6:4f:f5:7b:11:99:ca:2f:9d:65:5a:7b:fa:
61:b0:be:89:df:d9:1e:75:81:9e:06:5b:cf:7f:eb:
3c:da:4d:62:27:da:ec:fe:c5:c6:c1:6d:e6:b7:9e:
ae:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:8D:EB:8B:4D:0D:7A:50:0B:63:E1:1D:24:7A:50:98:F4:66:1F:63
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/bY3ri00NelALY-EdJHpQmPRmH2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.47.156.0/22
212.111.207.0/24
Signature Algorithm: sha256WithRSAEncryption
43:d8:0f:03:46:7f:75:37:8b:a8:23:e2:ba:f1:fc:a4:cf:73:
2f:8b:94:85:32:d3:8c:59:31:4c:e4:8a:82:35:06:a2:2e:0c:
08:da:f3:f8:3a:a4:ac:06:d1:12:6d:ef:1d:7a:8a:41:9f:0e:
8e:d8:15:31:ab:21:e8:e6:3a:cb:2b:78:fe:d1:d0:c1:0c:bb:
45:73:8f:24:42:05:e7:18:70:e5:05:65:32:bb:b9:7f:a2:0d:
c4:9d:bd:b9:8a:8c:14:52:ad:7f:e7:be:dd:e6:24:81:e4:22:
f8:24:4a:48:94:b8:46:6d:33:e0:e6:e4:19:f4:ce:65:68:c0:
8a:c8:ec:9c:b8:c6:49:92:24:98:12:8e:2b:2a:af:dd:5d:a2:
ab:4d:06:b5:17:56:35:2b:93:4c:00:cd:67:87:1a:9b:9b:8b:
95:81:92:44:21:e0:80:fa:44:09:36:8b:db:61:86:65:fc:06:
4f:0e:40:18:78:88:ba:b0:b0:7f:cf:ed:ff:3e:b1:6b:54:33:
bc:af:b5:90:8f:90:2e:b4:93:34:98:df:0f:d1:69:5f:f2:17:
cb:6e:aa:be:d1:e3:17:00:4b:ca:0c:b3:95:16:d8:70:b9:9e:
53:1e:be:f1:db:ae:97:76:36:e2:18:a2:75:99:58:0f:fb:e2:
39:79:ce:81
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYLPnu+SXHpnohfCO3YLHt6hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjIwODI0MTEzMTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDhkZWI4YjRkMGQ3YTUwMGI2M2UxMWQyNDdhNTA5OGY0NjYxZjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0CVjQkNCLQti6D0iUi0WSu66Dl/T
1b7Yq79s9qFLXVG0ej2WzSTaKs0gUPTvBK7ETB/tlthaZh2iALrZFK7kwf5SNrwu
2dSjnqqGIANnkk/H2ttfO6/GO/+EhmeWOLtL8ONPBY+dg4IpVsZ+6gYoxwV2/1dz
KxxaVkZF/UXzKmb51e8eDoZLwvoXjs+PYQ4WSCNuwoUs+G/DNsKqKec7/Ncry0s+
S5/bsEettc5Y/8TZW3nwzK8z+dDHc1XAj/nxCLuuNyuXkpCXGZL6KWzSNUpD66ZP
9XsRmcovnWVae/phsL6J39kedYGeBlvPf+s82k1iJ9rs/sXGwW3mt56uNwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG2N64tNDXpQC2PhHSR6UJj0Zh9jMB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvYlkzcmkwME5lbEFMWS1FZEpIcFFtUFJtSDJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCTS+cAwQA
1G/PMA0GCSqGSIb3DQEBCwUAA4IBAQBD2A8DRn91N4uoI+K68fykz3Mvi5SFMtOM
WTFM5IqCNQaiLgwI2vP4OqSsBtESbe8deopBnw6O2BUxqyHo5jrLK3j+0dDBDLtF
c48kQgXnGHDlBWUyu7l/og3Enb25iowUUq1/577d5iSB5CL4JEpIlLhGbTPg5uQZ
9M5laMCKyOycuMZJkiSYEo4rKq/dXaKrTQa1F1Y1K5NMAM1nhxqbm4uVgZJEIeCA
+kQJNovbYYZl/AZPDkAYeIi6sLB/z+3/PrFrVDO8r7WQj5AutJM0mN8P0Wlf8hfL
bqq+0eMXAEvKDLOVFthwuZ5THr7x266XdjbiGKJ1mVgP++I5ec6B
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:42 2024 by rpki-client on console-fra.rpki-client.org