Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/R6lxskWqxWFWiTpTk57vPGMB5zM.roa
File: R6lxskWqxWFWiTpTk57vPGMB5zM.roa (raw, json)
Hash identifier: 0GMcAMeT1URpkFMka73irEjswdMRdjT8fBpU7taljRA=
Subject key identifier: 47:A9:71:B2:45:AA:C5:61:56:89:3A:53:93:9E:EF:3C:63:01:E7:33
Certificate issuer: /CN=857a2c74af5a44d9aae47a0b89425fa4f7fc7c19
Certificate serial: 34DF419D
Authority key identifier: 85:7A:2C:74:AF:5A:44:D9:AA:E4:7A:0B:89:42:5F:A4:F7:FC:7C:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hXosdK9aRNmq5HoLiUJfpPf8fBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/R6lxskWqxWFWiTpTk57vPGMB5zM.roa
Signing time: Sat 01 Jan 2022 13:56:26 +0000
ROA not before: Sat 01 Jan 2022 13:56:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43281
IP address blocks: 77.247.200.0/21 maxlen: 24
37.77.168.0/22 maxlen: 24
37.77.172.0/24 maxlen: 24
2a03:9d80::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 887046557 (0x34df419d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=857a2c74af5a44d9aae47a0b89425fa4f7fc7c19
Validity
Not Before: Jan 1 13:56:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=47a971b245aac56156893a53939eef3c6301e733
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:71:05:4c:08:cf:0b:9b:9e:0f:b1:97:fc:04:
ea:ba:43:56:a7:83:e7:26:f0:09:f9:4f:7c:fc:9a:
0c:d4:f2:83:cc:07:62:2b:47:54:38:e3:b0:97:54:
fa:96:73:a5:ed:dd:3d:cb:83:87:e3:c0:f2:12:35:
c8:93:91:1b:3a:e5:fe:98:83:67:d5:4e:c8:e5:ef:
42:5b:ad:a0:eb:38:78:df:46:03:fb:52:85:fc:b0:
8b:50:30:6c:36:3a:14:f8:0b:1d:90:6f:ce:a5:32:
54:4c:f6:2a:66:4e:1e:b1:8f:4f:1b:0a:ff:ca:d6:
d2:b8:80:44:23:d3:ae:1f:cb:31:3e:c1:1f:92:f7:
ce:cc:a6:d8:ae:4b:57:ec:7c:b3:9c:15:fb:bb:5d:
da:3e:55:fa:18:39:dd:f0:ef:c6:7f:89:78:dc:6f:
6f:95:d1:16:e0:68:ee:55:e0:23:42:dd:c2:9c:9a:
e2:9f:5d:ec:51:2c:2f:74:91:3c:16:c6:b5:d7:fa:
b2:02:3b:c5:32:4c:ff:4c:75:06:67:11:0f:9e:e7:
ba:ed:68:78:fa:f7:0c:f4:21:94:fe:0e:03:ae:7d:
7c:dc:49:33:0d:9b:45:9a:63:59:53:20:f1:6f:2e:
40:50:cc:d7:5d:93:64:8b:19:b8:7c:35:9c:0d:0a:
f7:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:A9:71:B2:45:AA:C5:61:56:89:3A:53:93:9E:EF:3C:63:01:E7:33
X509v3 Authority Key Identifier:
keyid:85:7A:2C:74:AF:5A:44:D9:AA:E4:7A:0B:89:42:5F:A4:F7:FC:7C:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hXosdK9aRNmq5HoLiUJfpPf8fBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/R6lxskWqxWFWiTpTk57vPGMB5zM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/hXosdK9aRNmq5HoLiUJfpPf8fBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.168.0-37.77.172.255
77.247.200.0/21
IPv6:
2a03:9d80::/32
Signature Algorithm: sha256WithRSAEncryption
61:6b:8b:c9:b2:87:70:c3:c3:be:b0:cc:7d:5c:26:00:ca:7a:
3b:0c:c0:45:04:7c:af:d5:85:09:86:20:27:bd:ca:2c:88:57:
fd:5a:1d:3a:63:63:53:78:e9:89:41:0b:bd:44:6f:f6:03:cb:
a3:33:9a:00:7f:c7:fc:1e:9d:be:6f:8a:9f:23:fe:da:1d:24:
9e:5b:14:7d:9b:d1:ff:d7:8e:86:52:01:15:fe:64:52:ae:6c:
a5:24:70:60:38:1a:fa:26:6f:6a:f1:88:94:a1:a9:29:f2:e2:
86:2f:61:ac:04:43:8d:f3:3b:5e:83:f0:1f:32:89:7f:71:94:
a9:fa:b9:ea:36:78:17:a9:cf:7d:0b:3d:62:e8:5c:c3:4e:2a:
5e:b1:71:10:71:3a:9b:7b:8f:3c:e0:c4:7c:4e:ed:d0:3b:9f:
fb:b9:9e:94:c0:3a:9a:ff:16:af:46:ca:f2:cd:80:bd:f4:7f:
6c:fc:d7:13:91:25:0d:2d:fa:74:d4:89:61:de:6a:07:b4:5c:
93:99:fb:ea:3e:75:7d:26:25:3c:af:30:77:b7:21:63:4e:53:
24:b7:9a:ef:5b:fe:45:fa:eb:89:91:13:4e:83:24:94:c0:59:
35:5c:45:82:df:47:69:5a:31:1b:99:99:1e:33:c2:44:46:ea:
80:22:65:bc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIENN9BnTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NTdhMmM3NGFmNWE0NGQ5YWFlNDdhMGI4OTQyNWZhNGY3ZmM3YzE5MB4XDTIyMDEw
MTEzNTYyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDdhOTcxYjI0NWFh
YzU2MTU2ODkzYTUzOTM5ZWVmM2M2MzAxZTczMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ5xBUwIzwubng+xl/wE6rpDVqeD5ybwCflPfPyaDNTyg8wH
YitHVDjjsJdU+pZzpe3dPcuDh+PA8hI1yJORGzrl/piDZ9VOyOXvQlutoOs4eN9G
A/tShfywi1AwbDY6FPgLHZBvzqUyVEz2KmZOHrGPTxsK/8rW0riARCPTrh/LMT7B
H5L3zsym2K5LV+x8s5wV+7td2j5V+hg53fDvxn+JeNxvb5XRFuBo7lXgI0Ldwpya
4p9d7FEsL3SRPBbGtdf6sgI7xTJM/0x1BmcRD57nuu1oePr3DPQhlP4OA659fNxJ
Mw2bRZpjWVMg8W8uQFDM112TZIsZuHw1nA0K95sCAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBRHqXGyRarFYVaJOlOTnu88YwHnMzAfBgNVHSMEGDAWgBSFeix0r1pE2ark
eguJQl+k9/x8GTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hYb3NkSzlhUk5tcTVIb0xpVUpmcFBmOGZCay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTMvMGE5YTMzLTk5ZGMtNGI5Mi04Y2VkLTgzNmFjOTdjMDFiYi8x
L1I2bHhza1dxeFdGV2lUcFRrNTd2UEdNQjV6TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTMv
MGE5YTMzLTk5ZGMtNGI5Mi04Y2VkLTgzNmFjOTdjMDFiYi8xL2hYb3NkSzlhUk5t
cTVIb0xpVUpmcFBmOGZCay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswGgQCAAEwFDAMAwQDJU2oAwQAJU2sAwQDTffIMA0E
AgACMAcDBQAqA52AMA0GCSqGSIb3DQEBCwUAA4IBAQBha4vJsodww8O+sMx9XCYA
yno7DMBFBHyv1YUJhiAnvcosiFf9Wh06Y2NTeOmJQQu9RG/2A8ujM5oAf8f8Hp2+
b4qfI/7aHSSeWxR9m9H/146GUgEV/mRSrmylJHBgOBr6Jm9q8YiUoakp8uKGL2Gs
BEON8zteg/AfMol/cZSp+rnqNngXqc99Cz1i6FzDTipesXEQcTqbe4884MR8Tu3Q
O5/7uZ6UwDqa/xavRsryzYC99H9s/NcTkSUNLfp01Ilh3moHtFyTmfvqPnV9JiU8
rzB3tyFjTlMkt5rvW/5F+uuJkRNOgySUwFk1XEWC30dpWjEbmZkeM8JERuqAImW8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:14 2024 by rpki-client on console-ams.rpki-client.org