Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/b35c9a-8495-4169-8c50-3692f7841619/1/dhcKgeexdlQ8HFG1GcRbzolmOSI.roa
File: dhcKgeexdlQ8HFG1GcRbzolmOSI.roa (raw, json)
Hash identifier: h72gpetkJtIiYoSfLdeeB5q/aFN6B47gjvOGmiEMnDY=
Subject key identifier: 76:17:0A:81:E7:B1:76:54:3C:1C:51:B5:19:C4:5B:CE:89:66:39:22
Certificate issuer: /CN=90d5822d3c7bbf7ab5404dda88fd9da92138de21
Certificate serial: 018B617A7100BF143620CA1D4653AE91D706
Authority key identifier: 90:D5:82:2D:3C:7B:BF:7A:B5:40:4D:DA:88:FD:9D:A9:21:38:DE:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kNWCLTx7v3q1QE3aiP2dqSE43iE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/b35c9a-8495-4169-8c50-3692f7841619/1/dhcKgeexdlQ8HFG1GcRbzolmOSI.roa
Signing time: Tue 24 Oct 2023 11:38:16 +0000
ROA not before: Tue 24 Oct 2023 11:38:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42779
IP address blocks: 77.244.116.0/23 maxlen: 23
77.244.112.0/20 maxlen: 20
77.244.118.0/23 maxlen: 23
77.244.124.0/23 maxlen: 23
77.244.126.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:61:7a:71:00:bf:14:36:20:ca:1d:46:53:ae:91:d7:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90d5822d3c7bbf7ab5404dda88fd9da92138de21
Validity
Not Before: Oct 24 11:38:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76170a81e7b176543c1c51b519c45bce89663922
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ef:eb:77:e7:32:5b:aa:6e:7f:ef:66:3f:28:
dc:73:6b:47:65:38:8d:8b:ed:a6:ba:16:b3:45:20:
4b:73:46:7e:7b:9a:0b:7b:68:8a:63:59:87:03:c4:
e3:e3:41:c3:53:6c:14:38:17:53:ab:b0:36:65:95:
fc:58:51:53:15:ad:d3:fa:f4:c1:fe:32:03:18:40:
f7:0d:75:b8:cb:c7:6c:5a:cd:2e:7d:53:78:da:1d:
a3:fb:e0:be:1b:a5:e5:44:d3:d9:c6:7c:dd:b3:e0:
f4:2c:03:6d:0e:a9:49:9f:8b:38:cd:36:b2:58:e0:
fd:ae:0a:f7:73:1f:9e:ec:6a:da:c9:64:3d:97:2f:
0e:86:95:ae:5b:8d:71:9e:88:c7:6f:0f:af:0d:fd:
94:cc:b5:ef:99:ef:c2:6c:7e:07:91:c4:45:b8:a0:
5b:b4:dc:80:d5:cd:1a:18:7d:8f:8f:5a:fb:10:ea:
a2:23:7e:e6:d6:c0:fa:a6:4f:fc:45:c5:33:11:38:
fa:e9:12:f0:cf:cc:69:7a:92:67:6d:e1:d3:4c:6a:
dd:28:ca:8b:ba:54:22:fa:3a:a1:3c:23:b2:de:d1:
4e:ae:1b:5a:d5:d3:55:9a:50:0e:8d:c0:9e:de:8c:
cb:ad:a6:36:fe:6e:51:74:03:48:e9:dd:bd:a8:78:
dd:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:17:0A:81:E7:B1:76:54:3C:1C:51:B5:19:C4:5B:CE:89:66:39:22
X509v3 Authority Key Identifier:
keyid:90:D5:82:2D:3C:7B:BF:7A:B5:40:4D:DA:88:FD:9D:A9:21:38:DE:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kNWCLTx7v3q1QE3aiP2dqSE43iE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/b35c9a-8495-4169-8c50-3692f7841619/1/dhcKgeexdlQ8HFG1GcRbzolmOSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/b35c9a-8495-4169-8c50-3692f7841619/1/kNWCLTx7v3q1QE3aiP2dqSE43iE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.244.112.0/20
Signature Algorithm: sha256WithRSAEncryption
73:a7:2b:ca:4c:6d:43:b5:54:2b:ce:02:f9:9c:31:4a:d4:2d:
fd:01:e1:c0:7d:41:1d:6f:8f:c4:5a:9c:15:4a:18:41:b8:c2:
17:4e:e3:1d:a7:b5:a7:d1:cf:42:c4:62:88:87:c4:9b:25:d5:
41:e3:a9:dc:1c:3d:2f:3b:b0:af:3f:cd:12:da:b0:d4:ce:e3:
45:2c:54:6c:d4:11:27:fd:17:a4:29:a0:d2:11:82:f9:23:f0:
a4:9c:d1:63:e7:fb:ef:dc:5c:56:5a:a2:93:3c:0e:b3:1c:b0:
23:c7:2c:8e:58:5f:16:aa:79:8f:ec:95:e0:f8:05:d1:ae:23:
f2:38:01:43:b3:9e:04:c1:be:e7:04:03:9c:56:e7:c6:62:4a:
ae:d5:11:70:91:7c:ab:25:3a:dc:1d:2b:23:cb:82:e9:8b:78:
cb:08:15:c2:13:83:b7:44:ba:83:4f:60:6b:25:26:07:3f:f7:
02:1c:8e:c4:48:0f:4f:fe:b6:33:44:22:ac:18:9b:7e:41:91:
60:7e:27:26:76:49:c9:20:8a:e2:41:c6:1e:60:76:e6:18:9a:
de:f6:5c:cd:d7:35:81:e4:f2:21:ee:88:6c:6f:91:b7:8f:79:
1e:d3:de:b4:4e:4c:76:bf:40:c4:73:fe:f1:20:38:31:80:03:
13:bd:fd:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYthenEAvxQ2IModRlOukdcGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZDU4MjJkM2M3YmJmN2FiNTQwNGRkYTg4ZmQ5ZGE5MjEz
OGRlMjEwHhcNMjMxMDI0MTEzODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjE3MGE4MWU3YjE3NjU0M2MxYzUxYjUxOWM0NWJjZTg5NjYzOTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAme/rd+cyW6puf+9mPyjcc2tHZTiN
i+2muhazRSBLc0Z+e5oLe2iKY1mHA8Tj40HDU2wUOBdTq7A2ZZX8WFFTFa3T+vTB
/jIDGED3DXW4y8dsWs0ufVN42h2j++C+G6XlRNPZxnzds+D0LANtDqlJn4s4zTay
WOD9rgr3cx+e7GrayWQ9ly8OhpWuW41xnojHbw+vDf2UzLXvme/CbH4HkcRFuKBb
tNyA1c0aGH2Pj1r7EOqiI37m1sD6pk/8RcUzETj66RLwz8xpepJnbeHTTGrdKMqL
ulQi+jqhPCOy3tFOrhta1dNVmlAOjcCe3ozLraY2/m5RdANI6d29qHjdewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHYXCoHnsXZUPBxRtRnEW86JZjkiMB8GA1UdIwQY
MBaAFJDVgi08e796tUBN2oj9nakhON4hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva05XQ0xUeDd2M3ExUUUzYWlQMmRxU0U0M2lFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9iMzVjOWEtODQ5NS00MTY5LThjNTAt
MzY5MmY3ODQxNjE5LzEvZGhjS2dlZXhkbFE4SEZHMUdjUmJ6b2xtT1NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9iMzVjOWEtODQ5NS00MTY5LThjNTAtMzY5MmY3ODQxNjE5
LzEva05XQ0xUeDd2M3ExUUUzYWlQMmRxU0U0M2lFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQETfRwMA0G
CSqGSIb3DQEBCwUAA4IBAQBzpyvKTG1DtVQrzgL5nDFK1C39AeHAfUEdb4/EWpwV
ShhBuMIXTuMdp7Wn0c9CxGKIh8SbJdVB46ncHD0vO7CvP80S2rDUzuNFLFRs1BEn
/RekKaDSEYL5I/CknNFj5/vv3FxWWqKTPA6zHLAjxyyOWF8WqnmP7JXg+AXRriPy
OAFDs54Ewb7nBAOcVufGYkqu1RFwkXyrJTrcHSsjy4Lpi3jLCBXCE4O3RLqDT2Br
JSYHP/cCHI7ESA9P/rYzRCKsGJt+QZFgficmdknJIIriQcYeYHbmGJre9lzN1zWB
5PIh7ohsb5G3j3ke0960Tkx2v0DEc/7xIDgxgAMTvf3e
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:20:09 2025 by rpki-client