Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/hVVte43lY5bZel5grkrQYvljI_o.roa
File: hVVte43lY5bZel5grkrQYvljI_o.roa (raw, json)
Hash identifier: k2ZU8kAD/i34jgQOmBAS4U93HiYg7BhGu3YQbW777g8=
Subject key identifier: 85:55:6D:7B:8D:E5:63:96:D9:7A:5E:60:AE:4A:D0:62:F9:63:23:FA
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 01839D3A07188FE53A338A8D5DEC4FCDEFBD
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/hVVte43lY5bZel5grkrQYvljI_o.roa
Signing time: Mon 03 Oct 2022 09:42:49 +0000
ROA not before: Mon 03 Oct 2022 09:42:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 77.47.240.0/24 maxlen: 24
77.47.142.0/24 maxlen: 24
195.178.143.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:9d:3a:07:18:8f:e5:3a:33:8a:8d:5d:ec:4f:cd:ef:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Oct 3 09:42:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=85556d7b8de56396d97a5e60ae4ad062f96323fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a7:99:9e:88:c9:be:ba:93:b7:f9:9f:27:0b:
5e:6d:43:47:12:dc:86:d2:75:ac:aa:9c:86:77:3d:
b3:ef:23:f2:9a:5d:6b:89:53:f7:af:2d:36:6f:e6:
cf:1b:2c:1e:68:86:b1:e9:45:ff:52:4d:4c:4d:b0:
b5:62:79:34:89:7c:15:15:73:b4:33:0f:6c:e0:3d:
6c:cb:a3:1c:39:4e:0e:52:66:59:5f:e3:5b:af:5a:
9c:25:6b:65:9a:69:cd:32:b3:66:10:50:fb:ba:29:
b1:d3:e8:77:45:c9:ae:17:ea:f6:d5:60:5f:94:df:
8e:41:d4:b7:18:70:6d:08:c1:59:4a:2a:89:a2:78:
6d:f1:c2:fb:25:37:0b:93:11:7e:de:ee:6b:71:48:
3b:ec:09:ef:3d:6a:5b:fa:e9:79:9a:ef:1a:f1:28:
2a:9c:d0:9c:99:f0:ff:0a:08:91:c4:29:88:72:fb:
83:2b:b5:b0:2e:12:48:db:da:d4:d4:ab:a0:f7:e3:
fe:90:83:a4:7f:6d:dd:b0:cd:78:87:d3:6e:57:38:
8d:c1:42:d2:cf:97:48:ca:e1:51:d1:b3:d6:48:b4:
67:c0:ee:70:35:db:fd:56:f5:67:b0:47:e3:fe:03:
2b:1d:42:54:a8:25:c5:59:e1:76:42:53:de:01:d9:
53:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:55:6D:7B:8D:E5:63:96:D9:7A:5E:60:AE:4A:D0:62:F9:63:23:FA
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/hVVte43lY5bZel5grkrQYvljI_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.47.142.0/24
77.47.240.0/24
195.178.143.0/24
Signature Algorithm: sha256WithRSAEncryption
48:a6:45:11:ce:af:96:e6:e6:a2:49:28:9d:b5:00:59:f6:ae:
cc:47:37:19:1f:9b:cf:4f:3f:14:e1:3f:c0:1f:ea:a5:68:61:
cd:ca:fc:a7:e8:23:b7:9b:9f:02:3f:10:96:80:48:19:98:77:
bf:10:80:77:84:86:15:9a:42:28:05:bc:51:88:19:d9:0d:1d:
02:ea:4e:7c:37:9d:03:6b:15:d2:3e:28:2d:08:5e:02:85:ff:
52:15:46:47:cc:99:b8:9b:19:fe:b5:ef:55:87:4b:5e:22:3d:
4a:e6:1a:c8:69:c0:da:75:e7:a3:c1:26:d2:58:9d:25:79:9c:
75:15:59:71:92:15:84:4a:e0:7a:ce:1b:bf:2a:ec:fd:85:37:
1d:61:a7:b6:a9:23:92:5f:fa:2c:70:11:7c:4a:50:92:58:d8:
b1:e3:f9:9d:d5:e6:c7:e8:9b:da:32:6f:65:5d:fa:81:e0:8a:
bf:46:77:c7:6b:fe:40:d5:ef:42:7e:a4:c6:97:57:a0:5a:f2:
68:a4:31:a8:3d:df:e7:3f:8c:58:04:70:c4:bf:49:a6:68:fe:
24:1a:fc:86:f7:6f:e9:3b:74:4f:7f:e1:fb:c1:3b:8e:04:89:
e8:47:2a:89:67:67:f0:03:cf:53:07:b7:07:43:e0:fe:6c:e6:
9f:74:76:9e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYOdOgcYj+U6M4qNXexPze+9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjIxMDAzMDk0MjQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTU1NmQ3YjhkZTU2Mzk2ZDk3YTVlNjBhZTRhZDA2MmY5NjMyM2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6eZnojJvrqTt/mfJwtebUNHEtyG
0nWsqpyGdz2z7yPyml1riVP3ry02b+bPGyweaIax6UX/Uk1MTbC1Ynk0iXwVFXO0
Mw9s4D1sy6McOU4OUmZZX+Nbr1qcJWtlmmnNMrNmEFD7uimx0+h3RcmuF+r21WBf
lN+OQdS3GHBtCMFZSiqJonht8cL7JTcLkxF+3u5rcUg77AnvPWpb+ul5mu8a8Sgq
nNCcmfD/CgiRxCmIcvuDK7WwLhJI29rU1Kug9+P+kIOkf23dsM14h9NuVziNwULS
z5dIyuFR0bPWSLRnwO5wNdv9VvVnsEfj/gMrHUJUqCXFWeF2QlPeAdlThQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIVVbXuN5WOW2XpeYK5K0GL5YyP6MB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvaFZWdGU0M2xZNWJaZWw1Z3JrclFZdmxqSV9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATS+OAwQA
TS/wAwQAw7KPMA0GCSqGSIb3DQEBCwUAA4IBAQBIpkURzq+W5uaiSSidtQBZ9q7M
RzcZH5vPTz8U4T/AH+qlaGHNyvyn6CO3m58CPxCWgEgZmHe/EIB3hIYVmkIoBbxR
iBnZDR0C6k58N50DaxXSPigtCF4Chf9SFUZHzJm4mxn+te9Vh0teIj1K5hrIacDa
deejwSbSWJ0leZx1FVlxkhWESuB6zhu/Kuz9hTcdYae2qSOSX/oscBF8SlCSWNix
4/md1ebH6JvaMm9lXfqB4Iq/RnfHa/5A1e9CfqTGl1egWvJopDGoPd/nP4xYBHDE
v0mmaP4kGvyG92/pO3RPf+H7wTuOBInoRyqJZ2fwA89TB7cHQ+D+bOafdHae
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:43 2024 by rpki-client on console-fra.rpki-client.org