Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/3CZVKc3g8vfuV34V5gUIt7bX2ws.roa
File: 3CZVKc3g8vfuV34V5gUIt7bX2ws.roa (raw, json)
Hash identifier: XKVw0ABOHeLPlL7fiVSGMKHTlAlc5FjovCxq9qcitr0=
Subject key identifier: DC:26:55:29:CD:E0:F2:F7:EE:57:7E:15:E6:05:08:B7:B6:D7:DB:0B
Certificate issuer: /CN=affa13f1ae053916280ec68ee1b0976f9ebd3ea8
Certificate serial: 018279544A7614393FB886581F3926037111
Authority key identifier: AF:FA:13:F1:AE:05:39:16:28:0E:C6:8E:E1:B0:97:6F:9E:BD:3E:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r_oT8a4FORYoDsaO4bCXb569Pqg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/3CZVKc3g8vfuV34V5gUIt7bX2ws.roa
Signing time: Sun 07 Aug 2022 17:22:23 +0000
ROA not before: Sun 07 Aug 2022 17:22:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50386
IP address blocks: 77.73.132.0/24 maxlen: 24
77.73.130.0/24 maxlen: 24
77.73.135.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:79:54:4a:76:14:39:3f:b8:86:58:1f:39:26:03:71:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=affa13f1ae053916280ec68ee1b0976f9ebd3ea8
Validity
Not Before: Aug 7 17:22:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dc265529cde0f2f7ee577e15e60508b7b6d7db0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:a4:b8:96:60:df:0a:04:fd:9c:cf:3c:5b:76:
03:1f:7e:14:00:b6:23:c5:8e:83:ce:f9:b7:e3:cb:
9f:a8:a6:0b:8f:f8:4d:e1:bd:94:47:b9:34:ce:9f:
f8:34:fb:e2:81:f3:20:e0:dd:b9:52:30:4a:a0:11:
c7:7c:f9:45:e9:68:d2:be:e1:8f:fb:53:ca:8e:3d:
05:e6:e8:25:d7:41:b1:00:fc:3e:a4:97:a0:82:3f:
88:00:4d:60:f8:02:24:24:cc:43:ec:7a:7d:21:91:
2a:e7:a3:87:82:bc:9b:40:9f:e3:b6:db:09:5d:0b:
66:d1:9f:d0:cd:6d:36:9f:69:31:b1:75:99:02:c9:
00:66:1a:56:a2:1f:a4:71:5d:46:c5:35:29:0e:8b:
be:13:4b:52:25:0e:e9:24:fe:66:ee:4b:7d:79:76:
02:f4:ed:41:91:a5:48:a9:90:e7:dc:35:f6:b8:8c:
bc:e2:bd:be:0f:e5:98:39:78:af:70:0a:05:8b:15:
f9:a0:1d:6f:80:0d:8b:7d:16:c7:ab:78:3f:52:57:
6b:fa:88:c0:0b:b1:3b:e9:2c:56:4b:21:35:90:cf:
34:88:8a:5e:02:1d:09:bc:1f:88:46:f5:dc:7a:d4:
9a:ba:a2:35:d0:e8:73:8e:38:d4:ad:09:67:78:3c:
6c:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:26:55:29:CD:E0:F2:F7:EE:57:7E:15:E6:05:08:B7:B6:D7:DB:0B
X509v3 Authority Key Identifier:
keyid:AF:FA:13:F1:AE:05:39:16:28:0E:C6:8E:E1:B0:97:6F:9E:BD:3E:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_oT8a4FORYoDsaO4bCXb569Pqg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/3CZVKc3g8vfuV34V5gUIt7bX2ws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/r_oT8a4FORYoDsaO4bCXb569Pqg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.73.130.0/24
77.73.132.0/24
77.73.135.0/24
Signature Algorithm: sha256WithRSAEncryption
05:cb:f1:ea:33:39:1b:5d:7c:dc:25:87:83:ff:49:01:da:83:
62:2e:64:5b:88:7e:7b:48:79:aa:de:dc:d0:d3:4b:ad:fb:dd:
a0:1e:82:ad:b2:76:38:46:fa:e9:26:e1:33:25:7d:04:62:87:
6b:c3:1b:94:a4:c8:b1:69:eb:55:0a:4d:ee:ec:1e:20:6a:a7:
b2:6a:fc:4b:9d:d9:34:be:30:9e:70:14:86:b6:dc:5b:a4:a5:
cf:1a:9a:77:50:cb:08:d1:9d:f3:48:ea:64:07:c5:03:f2:75:
90:eb:7a:01:25:3f:3a:d7:d4:30:c4:9f:8e:3c:67:f8:7f:89:
b8:9b:a7:bf:1c:fe:a5:e3:e4:0d:df:60:61:ea:b2:83:de:84:
78:f2:51:a2:69:4f:56:0e:6a:00:84:91:2e:08:f3:80:03:89:
e7:5f:be:23:a5:71:47:46:b5:9f:5b:f9:97:58:61:ae:05:ef:
31:d1:72:66:31:d8:ed:b6:e0:9a:bc:54:4a:4f:48:ab:fa:43:
d7:ea:a7:70:d2:f4:aa:ea:76:b9:f1:26:42:d0:a0:e3:1f:75:
cb:3b:50:b1:c6:ca:be:f1:9d:49:b3:be:27:e3:7e:0b:38:bc:
9b:91:86:c6:f8:79:87:c2:31:66:28:15:c8:32:07:0f:b6:67:
02:70:91:c9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYJ5VEp2FDk/uIZYHzkmA3ERMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZmExM2YxYWUwNTM5MTYyODBlYzY4ZWUxYjA5NzZmOWVi
ZDNlYTgwHhcNMjIwODA3MTcyMjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzI2NTUyOWNkZTBmMmY3ZWU1NzdlMTVlNjA1MDhiN2I2ZDdkYjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqS4lmDfCgT9nM88W3YDH34UALYj
xY6Dzvm348ufqKYLj/hN4b2UR7k0zp/4NPvigfMg4N25UjBKoBHHfPlF6WjSvuGP
+1PKjj0F5ugl10GxAPw+pJeggj+IAE1g+AIkJMxD7Hp9IZEq56OHgrybQJ/jttsJ
XQtm0Z/QzW02n2kxsXWZAskAZhpWoh+kcV1GxTUpDou+E0tSJQ7pJP5m7kt9eXYC
9O1BkaVIqZDn3DX2uIy84r2+D+WYOXivcAoFixX5oB1vgA2LfRbHq3g/Uldr+ojA
C7E76SxWSyE1kM80iIpeAh0JvB+IRvXcetSauqI10OhzjjjUrQlneDxs4QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNwmVSnN4PL37ld+FeYFCLe219sLMB8GA1UdIwQY
MBaAFK/6E/GuBTkWKA7GjuGwl2+evT6oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcl9vVDhhNEZPUllvRHNhTzRiQ1hiNTY5UHFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9hM2MwYTQtMzE5MS00ZTUxLThkODAt
NDc4YzJjOGNiMmEwLzEvM0NaVktjM2c4dmZ1VjM0VjVnVUl0N2JYMndzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9hM2MwYTQtMzE5MS00ZTUxLThkODAtNDc4YzJjOGNiMmEw
LzEvcl9vVDhhNEZPUllvRHNhTzRiQ1hiNTY5UHFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATUmCAwQA
TUmEAwQATUmHMA0GCSqGSIb3DQEBCwUAA4IBAQAFy/HqMzkbXXzcJYeD/0kB2oNi
LmRbiH57SHmq3tzQ00ut+92gHoKtsnY4RvrpJuEzJX0EYodrwxuUpMixaetVCk3u
7B4gaqeyavxLndk0vjCecBSGttxbpKXPGpp3UMsI0Z3zSOpkB8UD8nWQ63oBJT86
19QwxJ+OPGf4f4m4m6e/HP6l4+QN32Bh6rKD3oR48lGiaU9WDmoAhJEuCPOAA4nn
X74jpXFHRrWfW/mXWGGuBe8x0XJmMdjttuCavFRKT0ir+kPX6qdw0vSq6na58SZC
0KDjH3XLO1Cxxsq+8Z1Js74n434LOLybkYbG+HmHwjFmKBXIMgcPtmcCcJHJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:18 2024 by rpki-client on console-ams.rpki-client.org