Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/m7SkQrno0F6uKNbD94WIKojm1e0.roa
File: m7SkQrno0F6uKNbD94WIKojm1e0.roa (raw, json)
Hash identifier: KPgXYRLQJDiS8GAXCjNLTxVN4oro4aPsYcMc716Mx2o=
Subject key identifier: 9B:B4:A4:42:B9:E8:D0:5E:AE:28:D6:C3:F7:85:88:2A:88:E6:D5:ED
Certificate issuer: /CN=374e2729b17369890a1512f643cd08e4ba2ff414
Certificate serial: 01835F56DAB28CE5D77470BFD2ED8CD4C58E
Authority key identifier: 37:4E:27:29:B1:73:69:89:0A:15:12:F6:43:CD:08:E4:BA:2F:F4:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N04nKbFzaYkKFRL2Q80I5Lov9BQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/m7SkQrno0F6uKNbD94WIKojm1e0.roa
Signing time: Wed 21 Sep 2022 09:17:50 +0000
ROA not before: Wed 21 Sep 2022 09:17:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 52000
IP address blocks: 178.20.215.0/24 maxlen: 24
178.20.214.0/24 maxlen: 24
77.243.89.0/24 maxlen: 24
77.243.88.0/24 maxlen: 24
77.243.91.0/24 maxlen: 24
77.243.90.0/24 maxlen: 24
185.101.21.0/24 maxlen: 24
185.101.20.0/24 maxlen: 24
178.20.213.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:5f:56:da:b2:8c:e5:d7:74:70:bf:d2:ed:8c:d4:c5:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=374e2729b17369890a1512f643cd08e4ba2ff414
Validity
Not Before: Sep 21 09:17:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9bb4a442b9e8d05eae28d6c3f785882a88e6d5ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:3c:17:95:5b:16:dc:89:ef:eb:e5:c5:43:13:
d6:87:b5:b4:02:c5:21:b0:80:98:39:af:7e:72:41:
7e:e3:9e:29:07:ac:37:61:b3:aa:b8:0a:3c:b5:59:
9e:48:00:33:e2:84:ad:94:68:a5:71:70:b7:ae:64:
88:f9:06:52:18:81:22:ce:8a:28:0e:ac:1d:9e:29:
b9:34:54:13:e6:6d:52:a9:0c:4a:73:7b:ac:44:00:
2e:a7:7f:c0:ba:97:cb:1b:63:da:b1:1f:85:57:35:
47:bc:e7:82:2a:a6:51:1d:2f:f6:90:7e:c8:ef:12:
d4:05:87:3d:43:d5:6d:97:4c:38:66:24:36:d2:40:
d2:a7:dd:2e:ea:74:f2:7b:85:90:90:ae:ca:32:46:
ca:c4:08:3e:e0:3f:65:1f:af:c3:ab:ea:6e:4e:5c:
5c:e3:cf:b4:1d:51:df:2a:0b:b2:49:f6:30:2d:4e:
9a:1e:b8:79:94:8f:69:75:29:ae:40:cb:81:d2:3e:
de:4f:7e:12:71:20:24:cf:37:46:4e:5b:3a:30:7e:
60:ff:b8:c7:fe:e6:ed:83:54:ff:50:12:15:0b:b2:
18:4b:0b:bc:1f:3b:4e:c7:a6:93:c6:d6:6f:fe:20:
27:e3:26:e8:84:de:01:ff:c9:9f:0f:e3:20:df:1e:
29:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:B4:A4:42:B9:E8:D0:5E:AE:28:D6:C3:F7:85:88:2A:88:E6:D5:ED
X509v3 Authority Key Identifier:
keyid:37:4E:27:29:B1:73:69:89:0A:15:12:F6:43:CD:08:E4:BA:2F:F4:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N04nKbFzaYkKFRL2Q80I5Lov9BQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/m7SkQrno0F6uKNbD94WIKojm1e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/N04nKbFzaYkKFRL2Q80I5Lov9BQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.243.88.0/22
178.20.213.0-178.20.215.255
185.101.20.0/23
Signature Algorithm: sha256WithRSAEncryption
06:af:44:d7:18:bf:79:f5:d3:20:46:3d:b9:22:4a:35:07:fd:
f7:54:c3:29:70:a0:44:49:ed:74:7b:bf:22:fe:f2:74:ec:f1:
9f:d4:fc:81:45:95:f5:c7:ae:d7:fa:d0:a1:cf:55:be:c2:0a:
eb:b4:a8:fb:bc:48:f9:2b:c4:99:0d:54:1d:9c:21:6f:c0:43:
74:1f:98:68:f2:07:43:59:a4:70:67:52:a8:fd:dc:97:72:84:
41:84:2b:c6:11:db:e4:db:6a:38:69:2e:29:4b:1c:d6:f4:9a:
34:6d:c4:57:21:cf:4e:24:e2:59:e4:17:5a:e6:20:0c:e3:0f:
87:ee:be:ff:34:3f:50:c9:45:a0:99:19:66:da:45:da:e8:35:
51:d8:0a:c0:5f:69:71:e9:eb:88:b9:24:89:ed:36:56:f2:d4:
2d:1d:5a:32:5f:75:5e:0c:be:a3:dd:1b:49:3d:21:88:0d:a1:
ab:80:8b:ab:76:ee:39:8b:9e:8d:18:d7:91:8e:83:ae:35:ef:
b0:37:a6:8b:c4:0e:7e:33:a7:41:47:12:86:83:c1:86:b8:0f:
c5:fd:0a:b0:1e:90:2d:58:c9:51:d9:38:9a:e6:92:7c:db:cf:
4a:47:21:6d:67:6d:3d:af:f1:5d:a0:30:04:3f:8a:21:72:06:
57:67:c8:90
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYNfVtqyjOXXdHC/0u2M1MWOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NGUyNzI5YjE3MzY5ODkwYTE1MTJmNjQzY2QwOGU0YmEy
ZmY0MTQwHhcNMjIwOTIxMDkxNzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmI0YTQ0MmI5ZThkMDVlYWUyOGQ2YzNmNzg1ODgyYTg4ZTZkNWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqTwXlVsW3Inv6+XFQxPWh7W0AsUh
sICYOa9+ckF+454pB6w3YbOquAo8tVmeSAAz4oStlGilcXC3rmSI+QZSGIEizooo
Dqwdnim5NFQT5m1SqQxKc3usRAAup3/AupfLG2PasR+FVzVHvOeCKqZRHS/2kH7I
7xLUBYc9Q9Vtl0w4ZiQ20kDSp90u6nTye4WQkK7KMkbKxAg+4D9lH6/Dq+puTlxc
48+0HVHfKguySfYwLU6aHrh5lI9pdSmuQMuB0j7eT34ScSAkzzdGTls6MH5g/7jH
/ubtg1T/UBIVC7IYSwu8HztOx6aTxtZv/iAn4ybohN4B/8mfD+Mg3x4pIwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJu0pEK56NBerijWw/eFiCqI5tXtMB8GA1UdIwQY
MBaAFDdOJymxc2mJChUS9kPNCOS6L/QUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjA0bktiRnphWWtLRlJMMlE4MEk1TG92OUJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC85NTIyMzAtYzI2Mi00MWNjLWI5NTYt
Y2ZjNDZhNzZlYzc4LzEvbTdTa1Fybm8wRjZ1S05iRDk0V0lLb2ptMWUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC85NTIyMzAtYzI2Mi00MWNjLWI5NTYtY2ZjNDZhNzZlYzc4
LzEvTjA0bktiRnphWWtLRlJMMlE4MEk1TG92OUJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCTfNYMAwD
BACyFNUDBAOyFNADBAG5ZRQwDQYJKoZIhvcNAQELBQADggEBAAavRNcYv3n10yBG
PbkiSjUH/fdUwylwoERJ7XR7vyL+8nTs8Z/U/IFFlfXHrtf60KHPVb7CCuu0qPu8
SPkrxJkNVB2cIW/AQ3QfmGjyB0NZpHBnUqj93JdyhEGEK8YR2+TbajhpLilLHNb0
mjRtxFchz04k4lnkF1rmIAzjD4fuvv80P1DJRaCZGWbaRdroNVHYCsBfaXHp64i5
JIntNlby1C0dWjJfdV4MvqPdG0k9IYgNoauAi6t27jmLno0Y15GOg64177A3povE
Dn4zp0FHEoaDwYa4D8X9CrAekC1YyVHZOJrmknzbz0pHIW1nbT2v8V2gMAQ/iiFy
BldnyJA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:30 2023 by rpki-client on console-ams.rpki-client.org