Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/nrU0gRRqACTs_TVx_2HOOZj5jPU.roa
File: nrU0gRRqACTs_TVx_2HOOZj5jPU.roa (raw, json)
Hash identifier: lu4NaLmXBCIYNdbVs4ekx0o7aF8xfF14BjgNkLXToXs=
Subject key identifier: 9E:B5:34:81:14:6A:00:24:EC:FD:35:71:FF:61:CE:39:98:F9:8C:F5
Certificate issuer: /CN=aca1f4713024804c445403af63fa644b2a935d24
Certificate serial: 39A357CC
Authority key identifier: AC:A1:F4:71:30:24:80:4C:44:54:03:AF:63:FA:64:4B:2A:93:5D:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKH0cTAkgExEVAOvY_pkSyqTXSQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/nrU0gRRqACTs_TVx_2HOOZj5jPU.roa
Signing time: Wed 29 Jun 2022 13:03:02 +0000
ROA not before: Wed 29 Jun 2022 13:03:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12902
IP address blocks: 217.77.128.0/19 maxlen: 19
217.77.144.0/24 maxlen: 24
79.98.168.0/21 maxlen: 21
79.98.170.0/24 maxlen: 24
2001:9c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 967006156 (0x39a357cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca1f4713024804c445403af63fa644b2a935d24
Validity
Not Before: Jun 29 13:03:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9eb53481146a0024ecfd3571ff61ce3998f98cf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:05:87:e2:6a:d7:25:7a:46:4e:54:e3:f6:31:
bc:fc:13:29:b3:28:51:77:08:08:ae:78:57:cb:45:
c5:c6:f8:60:37:27:c0:8e:c8:2d:8b:9d:b9:ed:62:
08:65:fa:37:97:9a:50:d5:c3:04:20:76:bd:66:4a:
19:15:b7:0a:ca:67:e0:8a:0e:04:9d:ac:ad:a0:9f:
12:56:ee:8a:77:de:89:9a:78:90:11:19:17:3e:21:
c5:21:82:c1:c4:26:72:6c:c8:38:17:bc:b5:ac:8b:
ca:3f:0d:9f:76:ef:b8:36:c7:44:15:bf:17:6d:d6:
a2:62:af:19:a9:cc:f9:b8:aa:7d:fb:61:14:0a:2e:
5f:e5:38:ee:b3:e0:79:6c:c1:e5:a6:9a:50:96:e5:
65:58:53:5c:94:bb:60:e1:ab:e1:9f:ac:4c:4b:92:
e1:f7:20:0c:ed:84:ef:cb:1c:e6:9a:2a:e7:dc:0d:
bb:b2:29:ce:74:fd:ca:da:36:7b:15:a0:96:43:e1:
82:95:a9:11:e9:1a:84:19:81:5b:30:1a:1c:99:f0:
11:a6:8c:5c:96:77:77:c9:0e:f6:d0:97:87:6e:25:
a9:8c:e1:41:8a:97:52:d4:f3:c1:d8:a0:13:a6:ca:
ce:00:c4:a3:4b:8c:cf:06:bd:74:98:06:dd:d2:99:
cc:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:B5:34:81:14:6A:00:24:EC:FD:35:71:FF:61:CE:39:98:F9:8C:F5
X509v3 Authority Key Identifier:
keyid:AC:A1:F4:71:30:24:80:4C:44:54:03:AF:63:FA:64:4B:2A:93:5D:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKH0cTAkgExEVAOvY_pkSyqTXSQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/nrU0gRRqACTs_TVx_2HOOZj5jPU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/rKH0cTAkgExEVAOvY_pkSyqTXSQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.168.0/21
217.77.128.0/19
IPv6:
2001:9c0::/32
Signature Algorithm: sha256WithRSAEncryption
5e:37:dd:86:4e:e4:b5:a7:17:f2:74:85:8f:97:a1:dd:95:b7:
e2:e5:aa:ba:58:a5:e4:29:b6:24:48:70:81:95:bb:fb:52:55:
f4:b7:b8:ce:d4:9d:0c:01:c1:fb:d4:a3:4f:1e:df:d4:fe:b4:
c6:4b:e2:62:d7:06:10:6e:88:eb:1e:35:8f:ce:b3:fb:56:35:
4c:b5:5a:9c:99:f3:c4:be:f3:86:5f:86:73:4e:10:37:28:e9:
8a:19:33:80:ee:1b:5a:68:6a:44:39:fd:a9:b4:00:88:61:1a:
81:11:55:1d:c8:c8:83:0a:be:1b:3d:56:88:6b:60:d8:93:8b:
12:74:d5:64:83:92:8a:0d:c0:34:df:74:61:00:01:b9:f6:52:
9a:cd:83:4f:89:cf:69:f1:53:88:7c:d6:f1:b1:f0:dd:e3:5b:
d2:67:02:ac:fb:73:7c:15:4a:ba:72:68:bc:53:9c:8b:ff:3c:
b1:7b:be:f4:0c:20:43:90:22:44:1f:2c:98:87:21:ca:5a:70:
2f:5e:9b:8a:8f:4b:0f:5b:61:5e:18:39:d9:7b:e9:0d:19:e6:
d2:72:9b:b2:8f:de:df:d0:5a:9c:b2:02:57:ef:c8:f3:79:a9:
b3:ed:e5:bd:45:2d:24:e0:5a:6f:c2:54:a9:02:e3:b9:8e:16:
a6:10:44:a8
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEOaNXzDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
Y2ExZjQ3MTMwMjQ4MDRjNDQ1NDAzYWY2M2ZhNjQ0YjJhOTM1ZDI0MB4XDTIyMDYy
OTEzMDMwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWViNTM0ODExNDZh
MDAyNGVjZmQzNTcxZmY2MWNlMzk5OGY5OGNmNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJUFh+Jq1yV6Rk5U4/YxvPwTKbMoUXcICK54V8tFxcb4YDcn
wI7ILYudue1iCGX6N5eaUNXDBCB2vWZKGRW3Cspn4IoOBJ2sraCfElbuinfeiZp4
kBEZFz4hxSGCwcQmcmzIOBe8tayLyj8Nn3bvuDbHRBW/F23WomKvGanM+biqffth
FAouX+U47rPgeWzB5aaaUJblZVhTXJS7YOGr4Z+sTEuS4fcgDO2E78sc5poq59wN
u7IpznT9yto2exWglkPhgpWpEekahBmBWzAaHJnwEaaMXJZ3d8kO9tCXh24lqYzh
QYqXUtTzwdigE6bKzgDEo0uMzwa9dJgG3dKZzHsCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSetTSBFGoAJOz9NXH/Yc45mPmM9TAfBgNVHSMEGDAWgBSsofRxMCSATERU
A69j+mRLKpNdJDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JLSDBjVEFrZ0V4RVZBT3ZZX3BrU3lxVFhTUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzIvYzZkNmJlLWJmNGEtNDNlNS1hOTA4LTVjYTAxNmExMDA1NC8x
L25yVTBnUlJxQUNUc19UVnhfMkhPT1pqNWpQVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzIv
YzZkNmJlLWJmNGEtNDNlNS1hOTA4LTVjYTAxNmExMDA1NC8xL3JLSDBjVEFrZ0V4
RVZBT3ZZX3BrU3lxVFhTUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEA09iqAMEBdlNgDANBAIAAjAHAwUA
IAEJwDANBgkqhkiG9w0BAQsFAAOCAQEAXjfdhk7ktacX8nSFj5eh3ZW34uWqulil
5Cm2JEhwgZW7+1JV9Le4ztSdDAHB+9SjTx7f1P60xkviYtcGEG6I6x41j86z+1Y1
TLVanJnzxL7zhl+Gc04QNyjpihkzgO4bWmhqRDn9qbQAiGEagRFVHcjIgwq+Gz1W
iGtg2JOLEnTVZIOSig3ANN90YQABufZSms2DT4nPafFTiHzW8bHw3eNb0mcCrPtz
fBVKunJovFOci/88sXu+9AwgQ5AiRB8smIchylpwL16bio9LD1thXhg52XvpDRnm
0nKbso/e39BanLICV+/I83mps+3lvUUtJOBab8JUqQLjuY4WphBEqA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:48 2025 by rpki-client