Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/cf8f99-e581-4f5f-875f-df4e8c7364fe/1/u3sxt_LaGo6sGukVI9L0g6XT9E0.roa
File: u3sxt_LaGo6sGukVI9L0g6XT9E0.roa (raw, json)
Hash identifier: f4BThcLLH3RuSNvp6mjSMZ9KLKADM0YLxpnhHkRZi1g=
Subject key identifier: BB:7B:31:B7:F2:DA:1A:8E:AC:1A:E9:15:23:D2:F4:83:A5:D3:F4:4D
Certificate issuer: /CN=3096d7afbb8a5e315a5c489acea7dcb75aa65d04
Certificate serial: 1C2AAA58
Authority key identifier: 30:96:D7:AF:BB:8A:5E:31:5A:5C:48:9A:CE:A7:DC:B7:5A:A6:5D:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MJbXr7uKXjFaXEiazqfct1qmXQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/cf8f99-e581-4f5f-875f-df4e8c7364fe/1/u3sxt_LaGo6sGukVI9L0g6XT9E0.roa
Signing time: Sat 01 Jan 2022 00:58:10 +0000
ROA not before: Sat 01 Jan 2022 00:58:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34606
IP address blocks: 194.116.0.0/18 maxlen: 18
88.87.96.0/19 maxlen: 19
77.108.0.0/18 maxlen: 18
185.73.244.0/22 maxlen: 22
95.140.136.0/21 maxlen: 21
82.215.128.0/18 maxlen: 18
82.215.128.0/22 maxlen: 22
185.117.216.0/22 maxlen: 22
194.176.126.0/24 maxlen: 24
85.159.176.0/21 maxlen: 21
77.72.32.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 472558168 (0x1c2aaa58)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3096d7afbb8a5e315a5c489acea7dcb75aa65d04
Validity
Not Before: Jan 1 00:58:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bb7b31b7f2da1a8eac1ae91523d2f483a5d3f44d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:db:3b:81:cb:4b:bc:4c:d6:9f:ec:9e:34:2f:
f3:01:ca:98:79:ec:50:82:36:60:0a:de:ec:7b:ad:
b4:5e:6f:dc:83:6b:16:71:38:2e:0e:c5:27:8d:95:
76:d7:63:7b:99:0f:35:77:a4:fb:9c:fa:af:05:44:
ff:a0:b1:0c:9d:29:de:83:4b:3e:38:31:08:75:98:
c3:8f:24:a3:21:bb:a9:c5:ea:f4:fa:68:c9:23:82:
1c:b4:8b:93:21:ca:c4:d6:95:38:80:25:3b:4f:f2:
12:a8:96:9e:3f:55:32:e9:4e:73:e8:73:5e:37:56:
90:ed:f0:26:82:c0:1c:d0:68:97:98:88:4a:a2:e9:
f7:be:ed:7f:3b:c8:30:40:66:93:b8:af:02:98:25:
4c:26:79:97:90:9b:0a:8b:2a:22:c5:c1:d3:63:57:
67:4f:79:a4:bd:f2:79:cf:03:a4:3e:01:2c:74:15:
48:d4:2e:3f:5f:79:29:4e:fa:26:b1:34:a9:a0:ac:
a2:27:36:18:7d:11:4f:f6:08:94:cc:0a:68:96:2e:
01:e1:fa:3d:47:97:b7:08:4a:72:9b:df:a5:f8:03:
3b:3b:6f:cf:e5:26:83:bf:f2:57:47:a6:64:8a:1e:
44:bd:56:18:d1:60:4a:13:75:45:ac:a9:f4:2c:28:
e6:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:7B:31:B7:F2:DA:1A:8E:AC:1A:E9:15:23:D2:F4:83:A5:D3:F4:4D
X509v3 Authority Key Identifier:
keyid:30:96:D7:AF:BB:8A:5E:31:5A:5C:48:9A:CE:A7:DC:B7:5A:A6:5D:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MJbXr7uKXjFaXEiazqfct1qmXQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/cf8f99-e581-4f5f-875f-df4e8c7364fe/1/u3sxt_LaGo6sGukVI9L0g6XT9E0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/cf8f99-e581-4f5f-875f-df4e8c7364fe/1/MJbXr7uKXjFaXEiazqfct1qmXQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.72.32.0/21
77.108.0.0/18
82.215.128.0/18
85.159.176.0/21
88.87.96.0/19
95.140.136.0/21
185.73.244.0/22
185.117.216.0/22
194.116.0.0/18
194.176.126.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:e2:7f:9c:d5:51:36:49:50:9d:96:92:ec:90:4c:26:07:63:
f5:46:89:6b:49:83:ea:69:7d:41:77:4b:f4:eb:9b:bb:d2:56:
8c:25:fb:92:69:20:ce:00:cb:a1:59:76:e2:17:f9:f4:06:36:
24:9a:c2:77:59:cd:93:00:2d:6e:31:94:6f:2f:45:e4:02:fa:
c3:dc:1d:e1:b0:a8:f7:e4:84:fe:80:df:78:db:cd:c2:60:3d:
0b:c0:37:19:5f:db:ce:ca:10:31:67:e5:2e:e0:f4:d9:86:f9:
19:02:3d:f9:cb:13:03:4b:83:8e:ea:ec:a3:12:e9:1e:f9:a4:
61:64:44:f6:f1:39:73:66:49:6d:f8:c6:db:d5:bf:24:e0:98:
bc:79:24:c4:78:c0:aa:99:af:cb:7e:5d:79:c0:f9:1a:9c:f2:
91:c6:bb:31:b0:77:51:ff:e9:2f:76:19:fe:f3:b6:fc:22:56:
9c:68:68:18:dc:90:0e:c7:90:39:77:ba:6a:84:66:72:e1:2f:
5b:e1:de:f4:ba:8c:6d:0d:05:d0:48:f8:ea:16:e0:06:cf:11:
14:5c:7b:d3:76:8a:57:db:2e:ab:11:0b:b7:80:a0:61:5a:a8:
74:8e:27:4c:75:64:7a:9b:1e:2d:28:8d:a1:2a:8c:c8:22:cd:
be:01:c1:2d
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgIEHCqqWDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MDk2ZDdhZmJiOGE1ZTMxNWE1YzQ4OWFjZWE3ZGNiNzVhYTY1ZDA0MB4XDTIyMDEw
MTAwNTgxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmI3YjMxYjdmMmRh
MWE4ZWFjMWFlOTE1MjNkMmY0ODNhNWQzZjQ0ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ3bO4HLS7xM1p/snjQv8wHKmHnsUII2YAre7HuttF5v3INr
FnE4Lg7FJ42Vdtdje5kPNXek+5z6rwVE/6CxDJ0p3oNLPjgxCHWYw48koyG7qcXq
9PpoySOCHLSLkyHKxNaVOIAlO0/yEqiWnj9VMulOc+hzXjdWkO3wJoLAHNBol5iI
SqLp977tfzvIMEBmk7ivApglTCZ5l5CbCosqIsXB02NXZ095pL3yec8DpD4BLHQV
SNQuP195KU76JrE0qaCsoic2GH0RT/YIlMwKaJYuAeH6PUeXtwhKcpvfpfgDOztv
z+Umg7/yV0emZIoeRL1WGNFgShN1Rayp9Cwo5g8CAwEAAaOCAj8wggI7MB0GA1Ud
DgQWBBS7ezG38toajqwa6RUj0vSDpdP0TTAfBgNVHSMEGDAWgBQwltevu4peMVpc
SJrOp9y3WqZdBDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01KYlhyN3VLWGpGYVhFaWF6cWZjdDFxbVhRUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzQvY2Y4Zjk5LWU1ODEtNGY1Zi04NzVmLWRmNGU4YzczNjRmZS8x
L3Uzc3h0X0xhR282c0d1a1ZJOUwwZzZYVDlFMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzQv
Y2Y4Zjk5LWU1ODEtNGY1Zi04NzVmLWRmNGU4YzczNjRmZS8xL01KYlhyN3VLWGpG
YVhFaWF6cWZjdDFxbVhRUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBV
BggrBgEFBQcBBwEB/wRGMEQwQgQCAAEwPAMEA01IIAMEBk1sAAMEBlLXgAMEA1Wf
sAMEBVhXYAMEA1+MiAMEArlJ9AMEArl12AMEBsJ0AAMEAMKwfjANBgkqhkiG9w0B
AQsFAAOCAQEAf+J/nNVRNklQnZaS7JBMJgdj9UaJa0mD6ml9QXdL9Oubu9JWjCX7
kmkgzgDLoVl24hf59AY2JJrCd1nNkwAtbjGUby9F5AL6w9wd4bCo9+SE/oDfeNvN
wmA9C8A3GV/bzsoQMWflLuD02Yb5GQI9+csTA0uDjursoxLpHvmkYWRE9vE5c2ZJ
bfjG29W/JOCYvHkkxHjAqpmvy35decD5Gpzykca7MbB3Uf/pL3YZ/vO2/CJWnGho
GNyQDseQOXe6aoRmcuEvW+He9LqMbQ0F0Ej46hbgBs8RFFx703aKV9suqxELt4Cg
YVqodI4nTHVkepseLSiNoSqMyCLNvgHBLQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:09 2024 by rpki-client on console-ams.rpki-client.org