Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/vKcMlmKWfzT_q_dmfMUkkUKHHEw.roa
File: vKcMlmKWfzT_q_dmfMUkkUKHHEw.roa (raw, json)
Hash identifier: wgnzC2hdEMkj/tOtHiL7x1bLV5DKX7lvd6jqzwYG92w=
Subject key identifier: BC:A7:0C:96:62:96:7F:34:FF:AB:F7:66:7C:C5:24:91:42:87:1C:4C
Certificate issuer: /CN=374e2729b17369890a1512f643cd08e4ba2ff414
Certificate serial: 0182846536B78F01F4686C3525EC966C6CE4
Authority key identifier: 37:4E:27:29:B1:73:69:89:0A:15:12:F6:43:CD:08:E4:BA:2F:F4:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N04nKbFzaYkKFRL2Q80I5Lov9BQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/vKcMlmKWfzT_q_dmfMUkkUKHHEw.roa
Signing time: Tue 09 Aug 2022 20:56:41 +0000
ROA not before: Tue 09 Aug 2022 20:56:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 174
IP address blocks: 178.20.215.0/24 maxlen: 24
178.20.214.0/24 maxlen: 24
77.243.91.0/24 maxlen: 24
77.243.89.0/24 maxlen: 24
77.243.88.0/24 maxlen: 24
185.101.21.0/24 maxlen: 24
185.101.20.0/24 maxlen: 24
178.20.213.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:84:65:36:b7:8f:01:f4:68:6c:35:25:ec:96:6c:6c:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=374e2729b17369890a1512f643cd08e4ba2ff414
Validity
Not Before: Aug 9 20:56:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bca70c9662967f34ffabf7667cc5249142871c4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c4:2f:54:79:b3:aa:eb:66:49:75:40:57:17:
75:d8:9a:13:7b:e8:47:7f:a7:14:37:70:bb:f6:71:
60:cb:64:c6:01:a7:5d:e6:ba:8f:41:50:67:b9:b3:
c2:f2:4a:a4:8e:87:d4:70:1d:fb:17:b7:48:e7:f7:
02:d2:f0:e0:1b:b8:63:19:5a:39:b3:9b:fa:66:f4:
ac:82:aa:e1:cf:b6:8b:f7:cd:3e:9a:77:3b:aa:10:
03:42:0e:c7:70:c5:65:06:5c:0d:8c:64:7b:7d:1d:
0f:f1:21:b6:c3:30:a0:f7:46:fe:25:0b:f7:04:12:
ad:64:ae:e6:d4:7f:6e:f2:1e:4a:70:77:7b:a2:db:
ea:f0:a4:6b:c0:2f:fa:02:39:d1:de:c1:23:23:58:
cb:61:35:70:b6:49:e0:14:41:fd:62:ce:e4:1a:76:
3a:78:f8:72:5c:81:c2:2f:88:4c:25:9c:d7:19:e4:
54:c2:39:c4:96:ca:0c:35:7d:78:6e:f1:ef:62:b9:
88:76:56:c0:e6:09:7e:06:64:8d:5f:cc:11:6d:04:
65:e0:42:3d:19:17:06:4e:6c:a5:fa:fa:85:a7:b8:
6c:e3:6e:03:b7:8e:d0:1f:c4:17:6e:f9:c2:2b:9d:
c0:15:59:44:5c:8a:55:40:12:72:64:f0:b0:4c:6c:
07:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:A7:0C:96:62:96:7F:34:FF:AB:F7:66:7C:C5:24:91:42:87:1C:4C
X509v3 Authority Key Identifier:
keyid:37:4E:27:29:B1:73:69:89:0A:15:12:F6:43:CD:08:E4:BA:2F:F4:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N04nKbFzaYkKFRL2Q80I5Lov9BQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/vKcMlmKWfzT_q_dmfMUkkUKHHEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/N04nKbFzaYkKFRL2Q80I5Lov9BQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.243.88.0/23
77.243.91.0/24
178.20.213.0-178.20.215.255
185.101.20.0/23
Signature Algorithm: sha256WithRSAEncryption
92:e9:d4:67:5f:ec:e5:1a:6e:63:83:27:35:9e:e0:6c:86:a3:
b8:66:bf:dd:b7:77:a0:7f:d5:70:ee:ce:fd:ae:b3:9f:1d:0b:
12:16:78:b5:a6:8b:6d:17:83:51:5f:02:7a:ab:06:dd:0f:8c:
06:c1:07:4d:e1:6a:ac:73:f7:93:9d:3c:23:96:b5:6b:87:92:
9c:d1:01:ee:2b:db:7b:e4:83:8e:3e:3c:b3:bf:9a:b5:1c:5f:
f2:08:ec:85:4d:d1:49:8f:cc:d5:d0:54:d2:bf:6a:03:b3:e2:
66:d8:11:b2:f9:57:72:89:76:3d:63:7c:64:a6:e1:a3:06:07:
6b:1c:93:82:e4:a1:ff:b5:cb:cb:b1:09:9f:e1:29:99:06:12:
b5:42:0d:60:22:9b:3d:df:d2:11:8f:3c:22:ff:18:15:93:c1:
0f:80:a3:dd:01:b1:b5:7c:1f:5c:19:a8:0a:15:b0:2b:ad:20:
16:e2:74:ac:3d:eb:be:51:4e:ef:59:70:15:33:2a:05:bd:6e:
26:b2:25:4b:ff:b4:d6:d7:3c:53:94:47:67:0b:fd:73:3c:c0:
a8:8e:ca:35:75:c1:dc:93:bf:1e:30:b7:8c:b2:2b:6f:0c:41:
de:cd:ba:ff:fa:db:47:cf:36:bf:37:72:10:da:46:63:4a:67:
55:bc:fa:4a
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYKEZTa3jwH0aGw1JeyWbGzkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NGUyNzI5YjE3MzY5ODkwYTE1MTJmNjQzY2QwOGU0YmEy
ZmY0MTQwHhcNMjIwODA5MjA1NjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2E3MGM5NjYyOTY3ZjM0ZmZhYmY3NjY3Y2M1MjQ5MTQyODcxYzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8QvVHmzqutmSXVAVxd12JoTe+hH
f6cUN3C79nFgy2TGAadd5rqPQVBnubPC8kqkjofUcB37F7dI5/cC0vDgG7hjGVo5
s5v6ZvSsgqrhz7aL980+mnc7qhADQg7HcMVlBlwNjGR7fR0P8SG2wzCg90b+JQv3
BBKtZK7m1H9u8h5KcHd7otvq8KRrwC/6AjnR3sEjI1jLYTVwtkngFEH9Ys7kGnY6
ePhyXIHCL4hMJZzXGeRUwjnElsoMNX14bvHvYrmIdlbA5gl+BmSNX8wRbQRl4EI9
GRcGTmyl+vqFp7hs424Dt47QH8QXbvnCK53AFVlEXIpVQBJyZPCwTGwHHwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLynDJZiln80/6v3ZnzFJJFChxxMMB8GA1UdIwQY
MBaAFDdOJymxc2mJChUS9kPNCOS6L/QUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjA0bktiRnphWWtLRlJMMlE4MEk1TG92OUJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC85NTIyMzAtYzI2Mi00MWNjLWI5NTYt
Y2ZjNDZhNzZlYzc4LzEvdktjTWxtS1dmelRfcV9kbWZNVWtrVUtISEV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC85NTIyMzAtYzI2Mi00MWNjLWI5NTYtY2ZjNDZhNzZlYzc4
LzEvTjA0bktiRnphWWtLRlJMMlE4MEk1TG92OUJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBTfNYAwQA
TfNbMAwDBACyFNUDBAOyFNADBAG5ZRQwDQYJKoZIhvcNAQELBQADggEBAJLp1Gdf
7OUabmODJzWe4GyGo7hmv923d6B/1XDuzv2us58dCxIWeLWmi20Xg1FfAnqrBt0P
jAbBB03haqxz95OdPCOWtWuHkpzRAe4r23vkg44+PLO/mrUcX/II7IVN0UmPzNXQ
VNK/agOz4mbYEbL5V3KJdj1jfGSm4aMGB2sck4Lkof+1y8uxCZ/hKZkGErVCDWAi
mz3f0hGPPCL/GBWTwQ+Ao90BsbV8H1wZqAoVsCutIBbidKw9675RTu9ZcBUzKgW9
biayJUv/tNbXPFOUR2cL/XM8wKiOyjV1wdyTvx4wt4yyK28MQd7Nuv/620fPNr83
chDaRmNKZ1W8+ko=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:41 2024 by rpki-client on console-fra.rpki-client.org