Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/4e2808-e8f4-42a7-a827-7abce600c218/1/fTRRJhLobjKdtPZ3hi8yH8xex2M.roa
File: fTRRJhLobjKdtPZ3hi8yH8xex2M.roa (raw, json)
Hash identifier: bk+YWMwho1eTVneOFE4UAo23oNbM+aCh0tsaASXGNb0=
Subject key identifier: 7D:34:51:26:12:E8:6E:32:9D:B4:F6:77:86:2F:32:1F:CC:5E:C7:63
Certificate issuer: /CN=7651762de3d3f19cedd438b03cf23986ce91727f
Certificate serial: 0A685E53
Authority key identifier: 76:51:76:2D:E3:D3:F1:9C:ED:D4:38:B0:3C:F2:39:86:CE:91:72:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dlF2LePT8Zzt1DiwPPI5hs6Rcn8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/4e2808-e8f4-42a7-a827-7abce600c218/1/fTRRJhLobjKdtPZ3hi8yH8xex2M.roa
Signing time: Sat 01 Jan 2022 04:04:04 +0000
ROA not before: Sat 01 Jan 2022 04:04:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34756
IP address blocks: 77.95.96.0/21 maxlen: 21
193.138.109.0/24 maxlen: 24
45.15.12.0/22 maxlen: 22
185.47.236.0/22 maxlen: 22
195.114.12.0/24 maxlen: 24
176.58.24.0/21 maxlen: 21
176.58.30.0/24 maxlen: 24
176.58.31.0/24 maxlen: 24
195.230.110.0/24 maxlen: 24
2a03:fc00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 174612051 (0xa685e53)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7651762de3d3f19cedd438b03cf23986ce91727f
Validity
Not Before: Jan 1 04:04:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7d34512612e86e329db4f677862f321fcc5ec763
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:18:c7:67:a9:70:e2:98:24:9e:69:8b:cc:f4:
ab:a9:35:80:32:57:bf:98:1c:bb:72:ff:1d:d8:26:
81:2c:3b:db:dd:55:3f:55:78:01:d9:5d:47:87:e2:
0e:29:13:78:69:de:27:05:99:a1:1d:e1:60:9f:ec:
3c:6f:ba:b6:18:2b:a3:e5:c3:07:13:88:a2:3c:8f:
46:3b:7e:e6:62:37:0c:ec:4f:1f:99:2d:78:02:b3:
21:79:91:06:b8:85:fe:a3:11:26:d6:74:37:6d:3c:
c3:6b:a3:59:bf:9d:df:bd:96:ec:06:f4:d7:8f:0c:
4a:41:e0:9a:eb:b4:6c:8e:e1:52:87:50:62:49:cf:
40:5e:15:7e:60:df:14:66:1a:14:c1:22:f2:ba:60:
69:80:8d:14:e2:03:5e:5d:ea:c4:09:6f:04:25:0c:
78:f1:61:3e:56:7c:9c:2f:99:f5:dd:de:cb:db:d7:
90:6b:59:78:42:98:45:d6:eb:e7:42:e4:6a:0e:d7:
96:08:35:57:a6:48:3d:69:c5:c7:eb:ca:cf:9c:2d:
51:a6:ac:c0:f3:34:38:10:a0:7b:2d:c2:c9:e4:61:
8d:70:93:4a:2f:ca:13:94:6a:ff:b4:7f:3c:1a:25:
54:a2:6f:3b:4e:fa:ae:24:e4:71:7f:e4:8e:41:79:
8a:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:34:51:26:12:E8:6E:32:9D:B4:F6:77:86:2F:32:1F:CC:5E:C7:63
X509v3 Authority Key Identifier:
keyid:76:51:76:2D:E3:D3:F1:9C:ED:D4:38:B0:3C:F2:39:86:CE:91:72:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dlF2LePT8Zzt1DiwPPI5hs6Rcn8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/4e2808-e8f4-42a7-a827-7abce600c218/1/fTRRJhLobjKdtPZ3hi8yH8xex2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/4e2808-e8f4-42a7-a827-7abce600c218/1/dlF2LePT8Zzt1DiwPPI5hs6Rcn8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.12.0/22
77.95.96.0/21
176.58.24.0/21
185.47.236.0/22
193.138.109.0/24
195.114.12.0/24
195.230.110.0/24
IPv6:
2a03:fc00::/29
Signature Algorithm: sha256WithRSAEncryption
00:69:e5:80:b1:86:52:50:fa:b3:6f:93:23:66:d3:65:b7:e5:
f6:9b:0a:e7:c5:b0:aa:ff:e7:89:5a:4d:59:f5:15:a2:0f:b6:
25:b5:e8:ec:10:1a:d8:16:bb:dc:ef:ff:b8:83:8f:ab:25:e6:
99:85:61:5a:2d:a1:6a:28:ab:09:0b:42:ce:42:43:99:7c:9c:
29:81:4a:3f:c1:65:5f:de:c1:9d:c5:4d:32:34:d5:0a:ad:a1:
3c:0d:94:37:45:d9:c1:73:a3:18:95:fe:c5:bf:3c:ff:ae:23:
1f:bf:51:ca:94:ba:c3:74:32:76:5b:9d:42:6a:88:8d:9f:ee:
af:70:b4:30:6d:56:19:12:db:cb:65:88:5c:b2:f1:24:b8:0f:
66:4a:3d:77:9b:15:9c:ff:da:29:06:ca:a4:e3:4e:78:55:9c:
56:23:57:94:4d:3b:bc:23:25:e2:ea:b6:f5:5c:41:14:ee:20:
55:17:a4:22:fc:4d:b7:29:d7:09:a2:b7:9d:60:a9:4f:be:53:
09:09:6c:53:04:23:24:85:96:23:00:b4:e3:bb:f8:7f:68:9e:
2d:5f:46:4d:88:32:1d:05:34:10:fe:20:fb:9d:c6:8c:77:58:
98:1f:5d:87:5f:82:7d:a2:aa:a1:fe:b1:fe:29:9a:65:ce:b1:
49:18:5b:43
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIECmheUzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NjUxNzYyZGUzZDNmMTljZWRkNDM4YjAzY2YyMzk4NmNlOTE3MjdmMB4XDTIyMDEw
MTA0MDQwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2QzNDUxMjYxMmU4
NmUzMjlkYjRmNjc3ODYyZjMyMWZjYzVlYzc2MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJsYx2epcOKYJJ5pi8z0q6k1gDJXv5gcu3L/HdgmgSw7291V
P1V4AdldR4fiDikTeGneJwWZoR3hYJ/sPG+6thgro+XDBxOIojyPRjt+5mI3DOxP
H5kteAKzIXmRBriF/qMRJtZ0N208w2ujWb+d372W7Ab0148MSkHgmuu0bI7hUodQ
YknPQF4VfmDfFGYaFMEi8rpgaYCNFOIDXl3qxAlvBCUMePFhPlZ8nC+Z9d3ey9vX
kGtZeEKYRdbr50Lkag7Xlgg1V6ZIPWnFx+vKz5wtUaaswPM0OBCgey3CyeRhjXCT
Si/KE5Rq/7R/PBolVKJvO076riTkcX/kjkF5ivsCAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBR9NFEmEuhuMp209neGLzIfzF7HYzAfBgNVHSMEGDAWgBR2UXYt49PxnO3U
OLA88jmGzpFyfzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RsRjJMZVBUOFp6dDFEaXdQUEk1aHM2UmNuOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTQvNGUyODA4LWU4ZjQtNDJhNy1hODI3LTdhYmNlNjAwYzIxOC8x
L2ZUUlJKaExvYmpLZHRQWjNoaTh5SDh4ZXgyTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTQv
NGUyODA4LWU4ZjQtNDJhNy1hODI3LTdhYmNlNjAwYzIxOC8xL2RsRjJMZVBUOFp6
dDFEaXdQUEk1aHM2UmNuOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEAi0PDAMEA01fYAMEA7A6GAMEArkv
7AMEAMGKbQMEAMNyDAMEAMPmbjANBAIAAjAHAwUDKgP8ADANBgkqhkiG9w0BAQsF
AAOCAQEAAGnlgLGGUlD6s2+TI2bTZbfl9psK58Wwqv/niVpNWfUVog+2JbXo7BAa
2Ba73O//uIOPqyXmmYVhWi2haiirCQtCzkJDmXycKYFKP8FlX97BncVNMjTVCq2h
PA2UN0XZwXOjGJX+xb88/64jH79RypS6w3QydludQmqIjZ/ur3C0MG1WGRLby2WI
XLLxJLgPZko9d5sVnP/aKQbKpONOeFWcViNXlE07vCMl4uq29VxBFO4gVRekIvxN
tynXCaK3nWCpT75TCQlsUwQjJIWWIwC047v4f2ieLV9GTYgyHQU0EP4g+53GjHdY
mB9dh1+CfaKqof6x/imaZc6xSRhbQw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:18 2024 by rpki-client on console-fra.rpki-client.org