Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/k2PhKFbUiK7A-1PmYUPBhAI333w.roa
File: k2PhKFbUiK7A-1PmYUPBhAI333w.roa (raw, json)
Hash identifier: ytOPw3BrgAQ2ryLSKd/kbwHhfORax6Miprj6w1KbWlk=
Subject key identifier: 93:63:E1:28:56:D4:88:AE:C0:FB:53:E6:61:43:C1:84:02:37:DF:7C
Certificate issuer: /CN=08a9217bd830627cb3e657c0b9063c82234ddbcb
Certificate serial: 1A8FD0A0
Authority key identifier: 08:A9:21:7B:D8:30:62:7C:B3:E6:57:C0:B9:06:3C:82:23:4D:DB:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CKkhe9gwYnyz5lfAuQY8giNN28s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/k2PhKFbUiK7A-1PmYUPBhAI333w.roa
Signing time: Sat 01 Jan 2022 13:03:42 +0000
ROA not before: Sat 01 Jan 2022 13:03:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20811
IP address blocks: 77.74.112.0/21 maxlen: 24
185.111.144.0/22 maxlen: 24
109.69.248.0/21 maxlen: 24
2a02:54c0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 445632672 (0x1a8fd0a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08a9217bd830627cb3e657c0b9063c82234ddbcb
Validity
Not Before: Jan 1 13:03:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9363e12856d488aec0fb53e66143c1840237df7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:36:0b:81:75:25:3a:41:79:00:7e:d0:1b:70:
9b:a0:1d:7c:64:50:16:51:4a:fe:7b:a7:e4:68:32:
7f:cf:06:fe:94:a8:40:2e:20:72:40:8a:76:88:47:
80:a6:39:a5:01:80:3c:50:fa:b9:18:dd:50:58:38:
53:77:3b:08:47:54:9b:ec:e2:19:cf:6a:c6:d6:cb:
8d:5c:0d:0f:0f:67:ce:0f:5e:90:8f:26:37:a3:b6:
12:2d:c9:b9:bd:03:e1:13:d1:d5:b2:84:eb:11:7f:
4d:0b:05:c7:b3:f6:7a:84:5d:fe:c4:b1:14:34:c8:
06:31:e4:13:39:1c:17:1c:24:31:b8:ba:53:a7:3c:
ea:80:03:e2:15:eb:57:f2:42:33:33:e7:e7:0d:6c:
4a:11:c8:71:60:60:70:09:67:18:57:15:f5:f8:78:
80:3c:a1:b9:46:0e:e0:cb:bb:db:00:e9:b2:66:bc:
95:cc:24:dd:ca:36:ca:09:ff:0a:db:81:e7:8c:5a:
06:4a:e8:94:37:3e:d3:7b:53:fc:37:2c:b1:75:7c:
0c:13:16:85:c5:87:9a:bf:90:74:71:42:14:37:a4:
0d:a8:2a:34:1f:54:55:8d:d5:a1:07:42:cc:e7:e2:
5d:6f:9a:7f:3c:90:d3:59:e5:4e:a5:1c:11:71:bd:
68:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:63:E1:28:56:D4:88:AE:C0:FB:53:E6:61:43:C1:84:02:37:DF:7C
X509v3 Authority Key Identifier:
keyid:08:A9:21:7B:D8:30:62:7C:B3:E6:57:C0:B9:06:3C:82:23:4D:DB:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKkhe9gwYnyz5lfAuQY8giNN28s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/k2PhKFbUiK7A-1PmYUPBhAI333w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.74.112.0/21
109.69.248.0/21
185.111.144.0/22
IPv6:
2a02:54c0::/29
Signature Algorithm: sha256WithRSAEncryption
43:e8:ad:a5:a8:e3:83:43:72:1a:c6:10:53:45:d5:79:6c:19:
6d:e6:ad:3f:b0:e7:26:5b:34:06:16:5d:69:de:3f:74:6d:47:
67:92:18:53:ef:89:16:69:61:6f:c5:49:1b:34:38:f9:ef:02:
12:08:ad:3a:c3:d3:fd:3e:cf:03:92:ab:c9:ae:50:c2:1f:e6:
53:e1:a3:cf:1a:c2:f9:b0:ce:54:05:a3:66:7d:97:f8:f3:cb:
60:86:c3:35:6e:c5:36:e1:ad:b9:3b:ec:5d:b6:03:a6:b3:22:
a9:28:dc:ca:99:39:39:82:ba:ac:eb:67:e8:d6:a6:88:50:5d:
e6:2c:46:e2:fd:71:b0:a4:8b:f2:5a:fe:45:fc:9a:0e:33:e9:
40:58:3d:14:c7:33:70:4f:53:36:fb:f2:ee:b4:fc:a6:04:6f:
af:71:80:64:ed:da:8f:2e:87:64:3e:ed:77:6f:33:45:2b:74:
84:fc:41:21:8f:98:c1:80:db:09:55:d6:31:9e:bb:ba:30:7e:
b0:71:96:b3:42:f2:2d:df:e5:f2:37:61:79:e7:07:04:5f:58:
65:5d:9f:1c:a9:b3:28:37:35:e4:aa:60:5a:42:6c:3a:ee:65:
00:e5:5d:15:bc:b1:95:6f:a4:16:fa:41:2e:a3:8b:85:a0:5d:
d9:31:b4:51
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEGo/QoDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
OGE5MjE3YmQ4MzA2MjdjYjNlNjU3YzBiOTA2M2M4MjIzNGRkYmNiMB4XDTIyMDEw
MTEzMDM0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTM2M2UxMjg1NmQ0
ODhhZWMwZmI1M2U2NjE0M2MxODQwMjM3ZGY3YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK42C4F1JTpBeQB+0Btwm6AdfGRQFlFK/nun5Ggyf88G/pSo
QC4gckCKdohHgKY5pQGAPFD6uRjdUFg4U3c7CEdUm+ziGc9qxtbLjVwNDw9nzg9e
kI8mN6O2Ei3Jub0D4RPR1bKE6xF/TQsFx7P2eoRd/sSxFDTIBjHkEzkcFxwkMbi6
U6c86oAD4hXrV/JCMzPn5w1sShHIcWBgcAlnGFcV9fh4gDyhuUYO4Mu72wDpsma8
lcwk3co2ygn/CtuB54xaBkrolDc+03tT/DcssXV8DBMWhcWHmr+QdHFCFDekDagq
NB9UVY3VoQdCzOfiXW+afzyQ01nlTqUcEXG9aAsCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBSTY+EoVtSIrsD7U+ZhQ8GEAjfffDAfBgNVHSMEGDAWgBQIqSF72DBifLPm
V8C5BjyCI03byzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NLa2hlOWd3WW55ejVsZkF1UVk4Z2lOTjI4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTAvN2RkZTQ0LWQ3YjUtNDhkYS1iYzY4LTJjNWJhYzM1YzM0NC8x
L2syUGhLRmJVaUs3QS0xUG1ZVVBCaEFJMzMzdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTAv
N2RkZTQ0LWQ3YjUtNDhkYS1iYzY4LTJjNWJhYzM1YzM0NC8xL0NLa2hlOWd3WW55
ejVsZkF1UVk4Z2lOTjI4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEA01KcAMEA21F+AMEArlvkDANBAIA
AjAHAwUDKgJUwDANBgkqhkiG9w0BAQsFAAOCAQEAQ+itpajjg0NyGsYQU0XVeWwZ
beatP7DnJls0BhZdad4/dG1HZ5IYU++JFmlhb8VJGzQ4+e8CEgitOsPT/T7PA5Kr
ya5Qwh/mU+GjzxrC+bDOVAWjZn2X+PPLYIbDNW7FNuGtuTvsXbYDprMiqSjcypk5
OYK6rOtn6NamiFBd5ixG4v1xsKSL8lr+RfyaDjPpQFg9FMczcE9TNvvy7rT8pgRv
r3GAZO3ajy6HZD7td28zRSt0hPxBIY+YwYDbCVXWMZ67ujB+sHGWs0LyLd/l8jdh
eecHBF9YZV2fHKmzKDc15KpgWkJsOu5lAOVdFbyxlW+kFvpBLqOLhaBd2TG0UQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:25 2023 by rpki-client on console-fra.rpki-client.org