Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/edffbb-1082-4482-8a08-65f8247ffa91/1/XAxLJa2jYePmcw64djygxDVYusc.roa
File: XAxLJa2jYePmcw64djygxDVYusc.roa (raw, json)
Hash identifier: icTovv3CrMj4XH8zyLzv92rw/CN1pkfK1JvtVM4FYuw=
Subject key identifier: 5C:0C:4B:25:AD:A3:61:E3:E6:73:0E:B8:76:3C:A0:C4:35:58:BA:C7
Certificate issuer: /CN=a322f229edc2f314a2fa5ef0d7af1dddb499ea31
Certificate serial: 08C9B0E3
Authority key identifier: A3:22:F2:29:ED:C2:F3:14:A2:FA:5E:F0:D7:AF:1D:DD:B4:99:EA:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oyLyKe3C8xSi-l7w168d3bSZ6jE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/edffbb-1082-4482-8a08-65f8247ffa91/1/XAxLJa2jYePmcw64djygxDVYusc.roa
Signing time: Sat 01 Jan 2022 04:04:26 +0000
ROA not before: Sat 01 Jan 2022 04:04:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42309
IP address blocks: 77.240.208.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 147435747 (0x8c9b0e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a322f229edc2f314a2fa5ef0d7af1dddb499ea31
Validity
Not Before: Jan 1 04:04:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5c0c4b25ada361e3e6730eb8763ca0c43558bac7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:3c:00:e8:5e:5a:65:31:b6:d0:97:a0:f8:3f:
73:00:ca:04:23:e9:2a:ee:61:b8:9a:98:90:31:58:
67:1e:8e:7a:04:fa:4c:7b:e8:44:a7:b7:ca:ff:90:
c2:27:fc:25:60:bc:53:32:c7:e3:6f:9a:95:24:19:
af:17:d3:10:bd:b6:20:15:97:2c:b3:23:41:0d:d7:
44:90:b3:8d:bf:84:d9:73:00:61:76:3e:6c:9e:87:
9c:23:59:68:39:40:55:4b:55:ac:a0:59:9a:c7:a2:
ab:c7:29:ff:f0:0d:a8:56:4d:7b:3f:ea:3c:85:e0:
a1:dc:95:ef:bb:88:66:c0:3b:bf:bf:c8:79:2f:29:
94:be:3c:ef:bd:64:fa:b7:11:e8:98:5b:81:dc:11:
15:7d:6a:7c:ca:36:a0:fa:06:5e:35:8c:0a:28:21:
e4:a8:fd:e1:87:d5:cb:1a:b8:18:56:3f:65:38:71:
3b:ec:b0:15:1a:6d:36:f5:45:08:01:df:9c:50:d7:
78:3c:c4:4b:f0:e5:1e:0d:36:2d:66:83:27:b5:83:
d4:02:b7:71:ee:e9:ba:95:00:f0:62:49:8e:6e:2a:
30:2e:3d:e1:0f:92:21:0b:67:e7:e8:e1:5a:41:db:
82:bb:cb:37:46:d1:a3:31:ec:3d:a5:72:7b:ad:d7:
b0:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:0C:4B:25:AD:A3:61:E3:E6:73:0E:B8:76:3C:A0:C4:35:58:BA:C7
X509v3 Authority Key Identifier:
keyid:A3:22:F2:29:ED:C2:F3:14:A2:FA:5E:F0:D7:AF:1D:DD:B4:99:EA:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oyLyKe3C8xSi-l7w168d3bSZ6jE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/edffbb-1082-4482-8a08-65f8247ffa91/1/XAxLJa2jYePmcw64djygxDVYusc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/edffbb-1082-4482-8a08-65f8247ffa91/1/oyLyKe3C8xSi-l7w168d3bSZ6jE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.240.208.0/20
Signature Algorithm: sha256WithRSAEncryption
02:26:75:00:e2:b1:3b:be:04:23:79:e6:50:b3:45:f2:23:63:
c4:f5:84:ee:e1:3f:9e:11:bb:9c:9b:69:62:71:f0:cb:41:7b:
4b:73:f2:15:d1:f0:ea:56:20:83:b4:98:cf:71:3d:ed:1c:a0:
61:b7:eb:be:a7:d2:e8:3a:85:1c:d4:f8:4e:e6:a0:21:42:fa:
67:77:0c:e3:cb:c4:ae:1f:1d:93:7d:36:84:5b:b5:a9:5d:16:
b8:80:2c:4f:ba:8d:4e:b8:2d:a8:cb:4e:f9:96:7b:a0:00:11:
96:c5:3e:42:af:69:8d:df:a4:48:31:7a:d8:45:47:64:5a:f5:
bc:d6:05:c5:cc:c2:ff:5a:c1:82:a9:27:1d:25:d6:33:5c:62:
16:9a:7c:c1:75:db:ba:d4:3a:36:ac:61:f5:f9:52:85:a9:6b:
2a:91:b5:a2:e7:fe:4f:09:82:d9:cd:54:0a:34:08:37:e6:bc:
cf:2b:94:4d:57:0b:41:fe:d3:26:1a:9a:81:d6:6f:57:91:ef:
ef:a6:84:10:88:36:a3:04:97:10:5a:fe:1b:69:8b:52:15:22:
69:e3:fa:e2:bf:06:5c:7f:2c:9d:ec:53:a9:0a:05:e8:ee:74:
24:cb:3f:a0:65:2a:54:d0:4d:17:40:f7:f3:91:be:2d:86:f8:
f9:fe:e4:68
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECMmw4zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MzIyZjIyOWVkYzJmMzE0YTJmYTVlZjBkN2FmMWRkZGI0OTllYTMxMB4XDTIyMDEw
MTA0MDQyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWMwYzRiMjVhZGEz
NjFlM2U2NzMwZWI4NzYzY2EwYzQzNTU4YmFjNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAME8AOheWmUxttCXoPg/cwDKBCPpKu5huJqYkDFYZx6OegT6
THvoRKe3yv+Qwif8JWC8UzLH42+alSQZrxfTEL22IBWXLLMjQQ3XRJCzjb+E2XMA
YXY+bJ6HnCNZaDlAVUtVrKBZmseiq8cp//ANqFZNez/qPIXgodyV77uIZsA7v7/I
eS8plL48771k+rcR6JhbgdwRFX1qfMo2oPoGXjWMCigh5Kj94YfVyxq4GFY/ZThx
O+ywFRptNvVFCAHfnFDXeDzES/DlHg02LWaDJ7WD1AK3ce7pupUA8GJJjm4qMC49
4Q+SIQtn5+jhWkHbgrvLN0bRozHsPaVye63XsMkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRcDEslraNh4+ZzDrh2PKDENVi6xzAfBgNVHSMEGDAWgBSjIvIp7cLzFKL6
XvDXrx3dtJnqMTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L295THlLZTNDOHhTaS1sN3cxNjhkM2JTWjZqRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2QvZWRmZmJiLTEwODItNDQ4Mi04YTA4LTY1ZjgyNDdmZmE5MS8x
L1hBeExKYTJqWWVQbWN3NjRkanlneERWWXVzYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Qv
ZWRmZmJiLTEwODItNDQ4Mi04YTA4LTY1ZjgyNDdmZmE5MS8xL295THlLZTNDOHhT
aS1sN3cxNjhkM2JTWjZqRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBE3w0DANBgkqhkiG9w0BAQsFAAOC
AQEAAiZ1AOKxO74EI3nmULNF8iNjxPWE7uE/nhG7nJtpYnHwy0F7S3PyFdHw6lYg
g7SYz3E97RygYbfrvqfS6DqFHNT4TuagIUL6Z3cM48vErh8dk302hFu1qV0WuIAs
T7qNTrgtqMtO+ZZ7oAARlsU+Qq9pjd+kSDF62EVHZFr1vNYFxczC/1rBgqknHSXW
M1xiFpp8wXXbutQ6Nqxh9flShalrKpG1ouf+TwmC2c1UCjQIN+a8zyuUTVcLQf7T
JhqagdZvV5Hv76aEEIg2owSXEFr+G2mLUhUiaeP64r8GXH8snexTqQoF6O50JMs/
oGUqVNBNF0D385G+LYb4+f7kaA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:26 2024 by rpki-client on console-fra.rpki-client.org