Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/5f5bc8-e5f3-421d-9fa0-fefe8e34006c/1/2g73vH7XpzeFb0HyXnJnHA2W01M.roa
File: 2g73vH7XpzeFb0HyXnJnHA2W01M.roa (raw, json)
Hash identifier: jYwv8q/0uqdk5gLvB3f/Bp5P0f9QwauCuBVryzmF5Io=
Subject key identifier: DA:0E:F7:BC:7E:D7:A7:37:85:6F:41:F2:5E:72:67:1C:0D:96:D3:53
Certificate issuer: /CN=b4e882f7171af6dcdccc9cd79f98dec6757fe189
Certificate serial: 0184E292E7285D554EDBD84047AA16AF7599
Authority key identifier: B4:E8:82:F7:17:1A:F6:DC:DC:CC:9C:D7:9F:98:DE:C6:75:7F:E1:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tOiC9xca9tzczJzXn5jexnV_4Yk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/5f5bc8-e5f3-421d-9fa0-fefe8e34006c/1/2g73vH7XpzeFb0HyXnJnHA2W01M.roa
Signing time: Mon 05 Dec 2022 13:56:28 +0000
ROA not before: Mon 05 Dec 2022 13:56:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39931
IP address blocks: 185.172.12.0/22 maxlen: 22
77.245.128.0/20 maxlen: 20
77.245.136.0/23 maxlen: 23
77.245.136.0/22 maxlen: 22
77.245.140.0/22 maxlen: 22
2a00:4fc0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e2:92:e7:28:5d:55:4e:db:d8:40:47:aa:16:af:75:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4e882f7171af6dcdccc9cd79f98dec6757fe189
Validity
Not Before: Dec 5 13:56:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=da0ef7bc7ed7a737856f41f25e72671c0d96d353
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:81:c0:af:a4:ec:ac:93:f7:7f:12:c6:ce:e9:
cc:2a:90:f9:ed:89:48:e2:07:cf:03:05:9e:bb:67:
dd:d2:bd:3d:2c:09:d3:3f:bd:7a:f1:80:2d:54:ba:
b9:d4:3e:d7:bd:b3:90:09:bc:46:84:97:e7:9b:0d:
fe:74:0d:d9:21:59:f0:99:47:0c:53:db:da:89:8d:
11:cf:d1:de:8f:05:f4:e9:2b:79:97:2e:83:db:1d:
ba:69:07:88:cb:fe:bb:ef:c9:98:d0:f1:ca:0c:d0:
f3:4c:ba:81:02:0b:70:43:5c:15:d3:d1:d2:83:88:
b1:c2:fa:45:fa:54:97:e0:28:78:cc:d7:d9:93:aa:
f8:58:92:a2:a5:56:5e:49:70:b8:c3:6d:ed:06:a4:
2c:98:fa:c1:39:0b:fe:c2:6e:d6:59:f8:70:83:57:
b9:24:81:1e:b3:44:5d:a7:67:27:03:8c:44:a5:8e:
9e:37:d9:7d:65:c6:c9:9d:c1:d7:9d:2c:e0:38:b6:
5c:95:27:b8:12:a4:89:cd:78:34:49:53:f0:1c:4d:
05:5b:d9:97:0d:02:9f:56:90:ff:d3:f8:69:2c:0b:
d6:e7:9b:23:b8:59:27:56:83:45:b7:3d:b3:a4:e4:
71:80:bd:76:50:0e:6a:bf:74:89:02:21:0d:71:de:
5b:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:0E:F7:BC:7E:D7:A7:37:85:6F:41:F2:5E:72:67:1C:0D:96:D3:53
X509v3 Authority Key Identifier:
keyid:B4:E8:82:F7:17:1A:F6:DC:DC:CC:9C:D7:9F:98:DE:C6:75:7F:E1:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tOiC9xca9tzczJzXn5jexnV_4Yk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/5f5bc8-e5f3-421d-9fa0-fefe8e34006c/1/2g73vH7XpzeFb0HyXnJnHA2W01M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/5f5bc8-e5f3-421d-9fa0-fefe8e34006c/1/tOiC9xca9tzczJzXn5jexnV_4Yk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.245.128.0/20
185.172.12.0/22
IPv6:
2a00:4fc0::/32
Signature Algorithm: sha256WithRSAEncryption
5b:de:70:77:69:8b:76:ec:e8:c8:81:a4:c5:93:76:10:5a:ce:
08:5d:f7:61:7c:62:a2:aa:f2:10:43:43:78:40:95:87:97:59:
c5:69:01:d7:b3:09:dd:ab:ac:ef:ae:cb:1d:bf:a3:08:01:ca:
7c:00:84:39:f0:8a:ab:a7:64:89:c5:50:36:ac:10:63:1a:75:
3b:ee:a9:4d:4f:82:27:91:dc:ba:fa:01:d8:5f:5d:4e:60:31:
b3:6e:05:19:6b:5d:c1:51:54:f8:30:dc:50:55:35:b5:54:52:
4a:ef:72:59:86:2a:0f:75:89:b6:59:48:1e:79:04:0d:8e:b4:
08:f8:fc:03:ad:84:99:45:11:2b:a2:7d:22:7e:69:02:6b:6a:
e6:35:4f:84:9a:a9:b0:08:b8:52:60:d2:da:d2:ec:56:06:9b:
36:ba:3d:3b:6c:fe:92:aa:39:81:2f:cf:d9:57:1d:cc:f4:5a:
7d:16:fc:75:ff:36:da:96:be:9f:9c:9d:6e:01:57:ee:8a:1e:
75:61:e0:0c:34:f2:41:7c:8f:af:fa:ee:3b:95:c8:cc:60:91:
75:b5:ba:d3:aa:f6:36:21:c3:ae:b6:a5:6c:c8:27:7f:7d:9d:
b2:52:e5:02:72:ea:20:f7:0c:a8:ca:dc:c1:05:70:c0:43:c5:
01:c4:38:0c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYTikucoXVVO29hAR6oWr3WZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZTg4MmY3MTcxYWY2ZGNkY2NjOWNkNzlmOThkZWM2NzU3
ZmUxODkwHhcNMjIxMjA1MTM1NjI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTBlZjdiYzdlZDdhNzM3ODU2ZjQxZjI1ZTcyNjcxYzBkOTZkMzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYHAr6TsrJP3fxLGzunMKpD57YlI
4gfPAwWeu2fd0r09LAnTP7168YAtVLq51D7XvbOQCbxGhJfnmw3+dA3ZIVnwmUcM
U9vaiY0Rz9HejwX06St5ly6D2x26aQeIy/6778mY0PHKDNDzTLqBAgtwQ1wV09HS
g4ixwvpF+lSX4Ch4zNfZk6r4WJKipVZeSXC4w23tBqQsmPrBOQv+wm7WWfhwg1e5
JIEes0Rdp2cnA4xEpY6eN9l9ZcbJncHXnSzgOLZclSe4EqSJzXg0SVPwHE0FW9mX
DQKfVpD/0/hpLAvW55sjuFknVoNFtz2zpORxgL12UA5qv3SJAiENcd5b7QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNoO97x+16c3hW9B8l5yZxwNltNTMB8GA1UdIwQY
MBaAFLTogvcXGvbc3Myc15+Y3sZ1f+GJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE9pQzl4Y2E5dHpjekp6WG41amV4blZfNFlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My81ZjViYzgtZTVmMy00MjFkLTlmYTAt
ZmVmZThlMzQwMDZjLzEvMmc3M3ZIN1hwemVGYjBIeVhuSm5IQTJXMDFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My81ZjViYzgtZTVmMy00MjFkLTlmYTAtZmVmZThlMzQwMDZj
LzEvdE9pQzl4Y2E5dHpjekp6WG41amV4blZfNFlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQETfWAAwQC
uawMMA0EAgACMAcDBQAqAE/AMA0GCSqGSIb3DQEBCwUAA4IBAQBb3nB3aYt27OjI
gaTFk3YQWs4IXfdhfGKiqvIQQ0N4QJWHl1nFaQHXswndq6zvrssdv6MIAcp8AIQ5
8Iqrp2SJxVA2rBBjGnU77qlNT4Inkdy6+gHYX11OYDGzbgUZa13BUVT4MNxQVTW1
VFJK73JZhioPdYm2WUgeeQQNjrQI+PwDrYSZRREron0ifmkCa2rmNU+EmqmwCLhS
YNLa0uxWBps2uj07bP6SqjmBL8/ZVx3M9Fp9Fvx1/zbalr6fnJ1uAVfuih51YeAM
NPJBfI+v+u47lcjMYJF1tbrTqvY2IcOutqVsyCd/fZ2yUuUCcuog9wyoytzBBXDA
Q8UBxDgM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:55 2024 by rpki-client on console-ams.rpki-client.org