Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/79drtMXKEYsgiZCsrckWPRzU86c.roa
File: 79drtMXKEYsgiZCsrckWPRzU86c.roa (raw, json)
Hash identifier: OySJLdfKP5dpt73ZQ4M6DZJUkAFS9meKjdX2VL7c6+c=
Subject key identifier: EF:D7:6B:B4:C5:CA:11:8B:20:89:90:AC:AD:C9:16:3D:1C:D4:F3:A7
Certificate issuer: /CN=0bac82804700ad36538bf86f34c073e971430da5
Certificate serial: 0185DF027137AED9D7E6A8C903AB77BD9583
Authority key identifier: 0B:AC:82:80:47:00:AD:36:53:8B:F8:6F:34:C0:73:E9:71:43:0D:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C6yCgEcArTZTi_hvNMBz6XFDDaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/79drtMXKEYsgiZCsrckWPRzU86c.roa
Signing time: Mon 23 Jan 2023 14:22:37 +0000
ROA not before: Mon 23 Jan 2023 14:22:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8674
IP address blocks: 213.32.232.0/21 maxlen: 21
194.58.192.0/22 maxlen: 22
194.58.192.0/24 maxlen: 24
194.58.195.0/24 maxlen: 24
194.58.196.0/24 maxlen: 24
194.58.197.0/24 maxlen: 24
194.58.198.0/24 maxlen: 24
194.58.193.0/24 maxlen: 24
194.58.194.0/24 maxlen: 24
194.58.194.0/23 maxlen: 23
194.58.199.0/24 maxlen: 24
194.146.105.0/24 maxlen: 24
194.146.106.0/24 maxlen: 24
194.146.106.0/23 maxlen: 24
194.146.107.0/24 maxlen: 24
212.237.196.0/22 maxlen: 22
212.237.194.0/24 maxlen: 24
212.237.195.0/24 maxlen: 24
185.42.136.0/23 maxlen: 23
77.72.224.0/21 maxlen: 21
2001:67c:1011::/48 maxlen: 48
2a01:3f2::/32 maxlen: 48
2001:67c:1010::/48 maxlen: 48
2001:67c:1010::/47 maxlen: 47
2a01:3f5::/32 maxlen: 48
2a01:3f3::/32 maxlen: 48
2a01:3f1:3000::/38 maxlen: 38
2a01:3f1::/32 maxlen: 32
2a01:3f1:5000::/38 maxlen: 38
2a01:3f1:a000::/38 maxlen: 38
2a01:3f1:400::/38 maxlen: 38
2a01:3f1:f000::/36 maxlen: 48
2a01:3f1:c000::/38 maxlen: 38
2a01:3f1:800::/38 maxlen: 38
2a01:3f1::/38 maxlen: 38
2a01:3f1:8000::/38 maxlen: 38
2a01:3f4::/32 maxlen: 48
2a01:3f0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:df:02:71:37:ae:d9:d7:e6:a8:c9:03:ab:77:bd:95:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bac82804700ad36538bf86f34c073e971430da5
Validity
Not Before: Jan 23 14:22:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=efd76bb4c5ca118b208990acadc9163d1cd4f3a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:db:f5:31:d8:7b:88:de:28:6d:fb:60:61:68:
ba:8b:f4:5b:5f:bf:92:5c:9b:b2:cf:d3:1e:d3:31:
a7:cd:14:ea:31:5a:f8:b6:2e:07:63:22:4e:4d:ba:
7e:ab:36:b9:10:44:61:ca:e1:e6:63:44:d3:53:42:
55:35:af:ec:a6:f4:4a:95:67:2c:4a:ff:15:b4:f1:
5b:72:72:b9:76:e3:d6:ac:75:98:58:64:2f:07:10:
76:7e:dc:8c:74:b7:b1:48:0b:2f:3d:76:82:13:4c:
b6:1e:27:c2:0e:69:e0:b7:e2:e1:ee:62:6d:ea:ca:
22:75:ca:2e:33:90:d8:19:2a:dd:74:0f:aa:e8:4c:
51:1a:e6:36:62:a5:07:90:b7:f4:76:ee:29:a1:ed:
d5:db:e7:11:4d:c7:42:1b:e7:d3:16:e1:a3:81:2a:
e5:ec:f3:14:7b:c8:2c:57:af:55:06:6c:30:9c:3d:
32:be:f6:e4:86:26:55:e5:a6:b7:13:e5:f4:65:ee:
da:85:e0:69:96:6a:b0:e0:74:c7:1f:4d:71:4e:ed:
da:c6:41:c5:9d:0b:ce:92:b0:25:a8:54:dc:5e:1a:
92:3c:52:d7:e0:e2:d7:7f:bd:7e:45:13:98:b4:24:
ac:c2:53:3b:3b:7d:b3:a0:4d:83:6b:cc:d5:9d:97:
68:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:D7:6B:B4:C5:CA:11:8B:20:89:90:AC:AD:C9:16:3D:1C:D4:F3:A7
X509v3 Authority Key Identifier:
keyid:0B:AC:82:80:47:00:AD:36:53:8B:F8:6F:34:C0:73:E9:71:43:0D:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C6yCgEcArTZTi_hvNMBz6XFDDaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/79drtMXKEYsgiZCsrckWPRzU86c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/C6yCgEcArTZTi_hvNMBz6XFDDaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.72.224.0/21
185.42.136.0/23
194.58.192.0/21
194.146.105.0-194.146.107.255
212.237.194.0-212.237.199.255
213.32.232.0/21
IPv6:
2001:67c:1010::/47
2a01:3f0::-2a01:3f5:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
94:20:d5:63:97:fa:c4:cc:91:d3:2e:a4:c5:ba:f6:a2:bd:e2:
8b:59:9a:a9:62:2c:29:80:fa:8d:83:21:de:50:c0:89:e4:72:
26:3d:6c:42:59:7f:da:ef:96:5c:c4:e0:78:7f:6a:6f:75:eb:
37:d6:10:d1:e5:27:50:5a:6a:b9:a9:d1:bb:11:a0:67:d3:da:
34:20:e3:0a:fd:c8:28:b4:60:2a:be:18:c8:81:72:85:92:9e:
10:65:af:90:d3:01:a6:3f:ff:c0:fb:60:26:6c:5f:49:c6:82:
82:b8:04:81:75:6d:c5:9b:e1:bc:21:c5:06:fd:90:22:fb:ec:
72:fd:65:58:e2:5a:fd:3d:e2:03:bc:0c:84:2b:97:17:17:42:
14:d1:8d:c3:80:ec:d2:b0:bc:17:f3:d3:29:26:7a:ec:67:92:
1a:fd:4e:15:e8:b2:dc:58:ff:a6:e0:1c:3f:4d:a5:97:b1:f9:
d4:61:a2:ca:66:f6:9d:62:f8:7e:57:a0:3c:e8:2c:b6:4a:e6:
56:52:7c:c9:c3:7e:e9:75:b7:de:57:50:e6:3f:7c:ae:e5:0b:
f6:f4:4e:91:3d:7c:a2:ce:63:68:b4:64:d0:ee:0a:df:0d:f1:
4e:73:49:2f:bb:69:b5:05:84:25:73:e5:30:69:17:79:bb:df:
1e:62:3f:29
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAYXfAnE3rtnX5qjJA6t3vZWDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiYWM4MjgwNDcwMGFkMzY1MzhiZjg2ZjM0YzA3M2U5NzE0
MzBkYTUwHhcNMjMwMTIzMTQyMjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmQ3NmJiNGM1Y2ExMThiMjA4OTkwYWNhZGM5MTYzZDFjZDRmM2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldv1Mdh7iN4obftgYWi6i/RbX7+S
XJuyz9Me0zGnzRTqMVr4ti4HYyJOTbp+qza5EERhyuHmY0TTU0JVNa/spvRKlWcs
Sv8VtPFbcnK5duPWrHWYWGQvBxB2ftyMdLexSAsvPXaCE0y2HifCDmngt+Lh7mJt
6soidcouM5DYGSrddA+q6ExRGuY2YqUHkLf0du4poe3V2+cRTcdCG+fTFuGjgSrl
7PMUe8gsV69VBmwwnD0yvvbkhiZV5aa3E+X0Ze7aheBplmqw4HTHH01xTu3axkHF
nQvOkrAlqFTcXhqSPFLX4OLXf71+RROYtCSswlM7O32zoE2Da8zVnZdoSwIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFO/Xa7TFyhGLIImQrK3JFj0c1POnMB8GA1UdIwQY
MBaAFAusgoBHAK02U4v4bzTAc+lxQw2lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzZ5Q2dFY0FyVFpUaV9odk5NQno2WEZERGFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9hNzI4OTEtZGUyZi00MTU2LWEwMTEt
NDNmNjRiY2VhOTlkLzEvNzlkcnRNWEtFWXNnaVpDc3Jja1dQUnpVODZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9hNzI4OTEtZGUyZi00MTU2LWEwMTEtNDNmNjRiY2VhOTlk
LzEvQzZ5Q2dFY0FyVFpUaV9odk5NQno2WEZERGFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTA6BAIAATA0AwQDTUjgAwQB
uSqIAwQDwjrAMAwDBADCkmkDBALCkmgwDAMEAdTtwgMEA9TtwAMEA9Ug6DAfBAIA
AjAZAwcBIAEGfBAQMA4DBQQqAQPwAwUBKgED9DANBgkqhkiG9w0BAQsFAAOCAQEA
lCDVY5f6xMyR0y6kxbr2or3ii1maqWIsKYD6jYMh3lDAieRyJj1sQll/2u+WXMTg
eH9qb3XrN9YQ0eUnUFpquanRuxGgZ9PaNCDjCv3IKLRgKr4YyIFyhZKeEGWvkNMB
pj//wPtgJmxfScaCgrgEgXVtxZvhvCHFBv2QIvvscv1lWOJa/T3iA7wMhCuXFxdC
FNGNw4Ds0rC8F/PTKSZ67GeSGv1OFeiy3Fj/puAcP02ll7H51GGiymb2nWL4fleg
POgstkrmVlJ8ycN+6XW33ldQ5j98ruUL9vROkT18os5jaLRk0O4K3w3xTnNJL7tp
tQWEJXPlMGkXebvfHmI/KQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:23:57 2025 by rpki-client