Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/Hc9WLBoXxz45kHCpLiHePDFNQN8.roa
File: Hc9WLBoXxz45kHCpLiHePDFNQN8.roa (raw, json)
Hash identifier: sT0v16dmeSxosS4MQuy44LSmNzw58uT8dM0lCisG/sk=
Subject key identifier: 1D:CF:56:2C:1A:17:C7:3E:39:90:70:A9:2E:21:DE:3C:31:4D:40:DF
Certificate issuer: /CN=affa13f1ae053916280ec68ee1b0976f9ebd3ea8
Certificate serial: 05A88574
Authority key identifier: AF:FA:13:F1:AE:05:39:16:28:0E:C6:8E:E1:B0:97:6F:9E:BD:3E:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r_oT8a4FORYoDsaO4bCXb569Pqg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/Hc9WLBoXxz45kHCpLiHePDFNQN8.roa
Signing time: Fri 18 Mar 2022 07:01:05 +0000
ROA not before: Fri 18 Mar 2022 07:01:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50386
IP address blocks: 77.73.131.0/24 maxlen: 24
77.73.132.0/24 maxlen: 24
77.73.129.0/24 maxlen: 24
77.73.130.0/24 maxlen: 24
77.73.134.0/24 maxlen: 24
77.73.135.0/24 maxlen: 24
77.73.133.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94930292 (0x5a88574)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=affa13f1ae053916280ec68ee1b0976f9ebd3ea8
Validity
Not Before: Mar 18 07:01:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1dcf562c1a17c73e399070a92e21de3c314d40df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ae:8e:9e:ec:cf:f8:ee:37:e2:94:e7:c7:1d:
65:35:e0:84:7b:d4:19:84:69:df:88:5b:b2:e6:9b:
b8:39:de:2f:8a:92:4e:1e:a6:9e:5c:78:38:35:4c:
89:30:25:2a:e5:54:be:15:d1:d5:b5:8e:47:8f:18:
c4:c6:c2:2c:fd:e4:fc:4e:0c:32:62:9b:06:1d:1a:
a6:26:a6:96:88:8a:1d:4a:9b:4d:48:2d:41:5b:7c:
1c:15:93:e0:35:3e:c2:3d:72:c0:45:16:28:be:fb:
9d:da:f3:85:94:7d:c7:bd:e1:c5:b3:10:9b:e2:6e:
73:bf:57:65:cd:cf:1d:f4:b8:75:0a:3f:bf:97:0c:
f1:4f:5c:16:29:aa:11:f0:52:9e:42:1c:fb:54:06:
15:44:bc:c9:60:88:fa:bc:cd:7b:aa:bf:89:ef:cc:
3f:3e:85:f2:7c:2e:c0:42:1b:9d:98:0a:41:00:98:
ab:aa:5c:f1:13:2a:10:e8:b1:a0:c2:c2:4f:bd:4f:
be:b7:95:bc:63:34:98:62:0f:88:ea:86:e2:1d:f3:
b3:49:f3:e6:0f:7b:a1:f4:10:0f:d5:c6:92:4b:09:
98:9d:0c:28:91:1a:51:84:1d:e9:38:35:97:c5:67:
22:fd:07:52:62:87:aa:4e:7a:2a:02:8f:e9:82:1b:
9b:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:CF:56:2C:1A:17:C7:3E:39:90:70:A9:2E:21:DE:3C:31:4D:40:DF
X509v3 Authority Key Identifier:
keyid:AF:FA:13:F1:AE:05:39:16:28:0E:C6:8E:E1:B0:97:6F:9E:BD:3E:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_oT8a4FORYoDsaO4bCXb569Pqg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/Hc9WLBoXxz45kHCpLiHePDFNQN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/r_oT8a4FORYoDsaO4bCXb569Pqg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.73.129.0-77.73.135.255
Signature Algorithm: sha256WithRSAEncryption
34:4b:80:8c:20:78:94:ec:4e:82:99:14:67:3f:ca:96:5b:71:
0e:f4:1f:e5:79:bc:88:33:a6:ca:c0:fe:5f:9b:e7:c2:42:41:
cb:9d:50:ec:c7:5b:61:eb:b6:76:f2:5f:be:ee:8a:80:e3:84:
03:d3:bb:cb:c1:c4:e9:09:57:10:d2:87:ec:60:08:af:c2:b6:
9a:09:6b:b2:b4:94:4c:ce:f7:2d:fb:85:6e:0a:19:ab:f0:22:
9d:c6:8e:e2:d9:c0:47:57:10:e8:cb:c8:13:b6:f2:50:70:b0:
62:a7:d0:bb:7b:36:23:67:24:89:37:7f:fc:c5:a4:5b:ec:ba:
17:41:13:41:ba:a6:1c:26:82:5b:01:3c:25:81:2c:e5:32:24:
25:19:a8:9c:42:99:94:b9:c8:d3:40:5f:06:1f:a3:f2:bc:a3:
c0:d2:0f:ea:f8:ab:46:f4:31:11:9f:1a:a6:8b:53:c6:6c:9e:
dd:af:5f:07:5d:94:37:6e:9f:dc:a8:cc:21:8c:d0:79:8a:b4:
01:fa:1f:7e:b4:2b:06:32:1c:b1:64:c0:b4:44:c1:bd:dc:de:
eb:b3:5e:b6:b7:a2:b2:f4:04:40:69:3a:18:fd:28:7c:1c:d2:
01:b0:21:47:c9:bf:d4:87:2a:7b:ca:3f:ab:c8:03:ed:8a:ba:
e9:c5:f3:0a
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEBaiFdDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZmZhMTNmMWFlMDUzOTE2MjgwZWM2OGVlMWIwOTc2ZjllYmQzZWE4MB4XDTIyMDMx
ODA3MDEwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWRjZjU2MmMxYTE3
YzczZTM5OTA3MGE5MmUyMWRlM2MzMTRkNDBkZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK6ujp7sz/juN+KU58cdZTXghHvUGYRp34hbsuabuDneL4qS
Th6mnlx4ODVMiTAlKuVUvhXR1bWOR48YxMbCLP3k/E4MMmKbBh0apiamloiKHUqb
TUgtQVt8HBWT4DU+wj1ywEUWKL77ndrzhZR9x73hxbMQm+Juc79XZc3PHfS4dQo/
v5cM8U9cFimqEfBSnkIc+1QGFUS8yWCI+rzNe6q/ie/MPz6F8nwuwEIbnZgKQQCY
q6pc8RMqEOixoMLCT71PvreVvGM0mGIPiOqG4h3zs0nz5g97ofQQD9XGkksJmJ0M
KJEaUYQd6Tg1l8VnIv0HUmKHqk56KgKP6YIbmxsCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBQdz1YsGhfHPjmQcKkuId48MU1A3zAfBgNVHSMEGDAWgBSv+hPxrgU5FigO
xo7hsJdvnr0+qDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3Jfb1Q4YTRGT1JZb0RzYU80YkNYYjU2OVBxZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTkvYTNjMGE0LTMxOTEtNGU1MS04ZDgwLTQ3OGMyYzhjYjJhMC8x
L0hjOVdMQm9YeHo0NWtIQ3BMaUhlUERGTlFOOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTkv
YTNjMGE0LTMxOTEtNGU1MS04ZDgwLTQ3OGMyYzhjYjJhMC8xL3Jfb1Q4YTRGT1JZ
b0RzYU80YkNYYjU2OVBxZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQATUmBAwQDTUmAMA0GCSqGSIb3
DQEBCwUAA4IBAQA0S4CMIHiU7E6CmRRnP8qWW3EO9B/lebyIM6bKwP5fm+fCQkHL
nVDsx1th67Z28l++7oqA44QD07vLwcTpCVcQ0ofsYAivwraaCWuytJRMzvct+4Vu
Chmr8CKdxo7i2cBHVxDoy8gTtvJQcLBip9C7ezYjZySJN3/8xaRb7LoXQRNBuqYc
JoJbATwlgSzlMiQlGaicQpmUucjTQF8GH6PyvKPA0g/q+KtG9DERnxqmi1PGbJ7d
r18HXZQ3bp/cqMwhjNB5irQB+h9+tCsGMhyxZMC0RMG93N7rs162t6Ky9ARAaToY
/Sh8HNIBsCFHyb/Uhyp7yj+ryAPtirrpxfMK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:23 2024 by rpki-client on console-fra.rpki-client.org