Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/b8d29c-3333-493c-9739-df56ec670de7/1/4JNGgfdkxKl3LNWaWhRxxtNf5rQ.roa
File: 4JNGgfdkxKl3LNWaWhRxxtNf5rQ.roa (raw, json)
Hash identifier: suo0UPbXlp7BzJPpWQPSqKVWJbcMo3AjQgly/WpJSDY=
Subject key identifier: E0:93:46:81:F7:64:C4:A9:77:2C:D5:9A:5A:14:71:C6:D3:5F:E6:B4
Certificate issuer: /CN=fcbe62378bb580af4ed70bfa35abc840945d7803
Certificate serial: 0184C2B99A3E5B471A3022198FF8BA7BFE64
Authority key identifier: FC:BE:62:37:8B:B5:80:AF:4E:D7:0B:FA:35:AB:C8:40:94:5D:78:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_L5iN4u1gK9O1wv6NavIQJRdeAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/b8d29c-3333-493c-9739-df56ec670de7/1/4JNGgfdkxKl3LNWaWhRxxtNf5rQ.roa
Signing time: Tue 29 Nov 2022 09:30:54 +0000
ROA not before: Tue 29 Nov 2022 09:30:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42300
IP address blocks: 194.15.248.0/24 maxlen: 24
194.15.248.0/22 maxlen: 22
77.240.240.0/22 maxlen: 22
77.240.240.0/24 maxlen: 24
77.240.241.0/24 maxlen: 24
77.240.242.0/24 maxlen: 24
77.240.243.0/24 maxlen: 24
178.236.200.0/24 maxlen: 24
178.236.201.0/24 maxlen: 24
178.236.202.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c2:b9:9a:3e:5b:47:1a:30:22:19:8f:f8:ba:7b:fe:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fcbe62378bb580af4ed70bfa35abc840945d7803
Validity
Not Before: Nov 29 09:30:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e0934681f764c4a9772cd59a5a1471c6d35fe6b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:89:bc:d6:49:c9:f5:3e:b7:26:06:04:4b:19:
fb:c2:70:16:4f:2c:05:be:60:0b:4c:b0:1d:38:b7:
28:60:1b:57:b5:b2:7d:2f:99:aa:b9:47:0c:ea:1e:
aa:ca:3a:97:45:fc:00:c3:d4:8c:c3:6c:de:97:52:
22:da:cd:14:56:1b:6b:71:28:bc:5a:d3:5c:75:bd:
2f:cb:e9:68:82:d6:fb:e9:77:ab:8e:2e:f3:c3:76:
fc:49:62:67:3c:b1:e9:7f:90:01:fa:3f:78:28:ef:
10:66:c5:23:80:bf:f0:6d:f1:79:43:04:26:30:a9:
56:62:46:82:d1:3a:b9:70:f6:17:5d:e8:30:63:eb:
65:93:f5:a2:5b:6b:26:ce:bc:ff:01:ea:74:1f:a6:
f5:58:af:20:05:ef:d5:b6:03:1b:01:55:de:c1:14:
6e:3d:00:23:7a:ef:3a:15:4f:f8:c4:5d:98:a0:e4:
37:ee:db:6e:7e:c6:0d:5f:66:92:e0:27:ed:31:ac:
8a:4f:52:ae:5d:11:cd:f4:e9:91:3d:7a:69:32:77:
7d:8e:22:22:cd:9b:3b:55:11:69:0e:6b:79:79:22:
ab:8d:c8:01:ce:f3:67:70:e1:bc:38:6a:93:a3:e7:
62:e6:3b:9f:8b:83:0f:c1:a3:e9:b2:5b:ee:34:19:
a2:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:93:46:81:F7:64:C4:A9:77:2C:D5:9A:5A:14:71:C6:D3:5F:E6:B4
X509v3 Authority Key Identifier:
keyid:FC:BE:62:37:8B:B5:80:AF:4E:D7:0B:FA:35:AB:C8:40:94:5D:78:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_L5iN4u1gK9O1wv6NavIQJRdeAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/b8d29c-3333-493c-9739-df56ec670de7/1/4JNGgfdkxKl3LNWaWhRxxtNf5rQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/b8d29c-3333-493c-9739-df56ec670de7/1/_L5iN4u1gK9O1wv6NavIQJRdeAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.240.240.0/22
178.236.200.0-178.236.202.255
194.15.248.0/22
Signature Algorithm: sha256WithRSAEncryption
42:de:23:bb:6c:fa:c3:90:d9:e2:bc:1f:04:94:fe:51:e1:63:
69:32:ed:08:92:ac:8e:1c:dc:dc:7f:9f:3f:32:c6:a5:96:98:
06:a6:70:8f:20:3c:36:cc:4d:60:3d:65:dd:99:13:81:af:a9:
d4:5c:09:39:f9:da:83:45:52:da:37:13:ea:a2:f5:7b:87:18:
9e:67:87:d9:8a:ba:5e:1d:80:b6:6a:b0:55:f9:26:38:5c:73:
3a:4c:55:8d:29:cb:06:0f:c2:f4:95:65:cc:2a:0f:f6:af:7b:
27:c0:19:48:08:54:fa:19:a1:d1:9a:4f:a4:e9:ef:3a:d9:a0:
3e:26:27:1f:cf:d8:d7:af:78:5f:38:dd:9d:5b:47:c2:37:fd:
81:28:57:27:41:90:94:3a:25:12:c4:7c:3f:7e:97:7b:b2:43:
ec:d6:22:8b:4c:30:77:e4:7d:0f:af:3a:fc:56:dd:cf:c7:30:
59:e0:33:ea:aa:cb:a9:b9:67:62:80:fc:54:3f:05:b7:e0:54:
37:54:8e:4e:41:eb:9f:17:e4:71:7b:e2:d6:d5:10:88:74:11:
12:9c:ec:39:f0:5c:e0:d1:e3:2f:44:0b:a2:a8:ba:26:28:f8:
73:a4:a8:00:53:2f:51:d7:cd:4e:ce:bb:7a:e7:8b:7b:56:cb:
28:e6:6a:00
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYTCuZo+W0caMCIZj/i6e/5kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjYmU2MjM3OGJiNTgwYWY0ZWQ3MGJmYTM1YWJjODQwOTQ1
ZDc4MDMwHhcNMjIxMTI5MDkzMDU0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDkzNDY4MWY3NjRjNGE5NzcyY2Q1OWE1YTE0NzFjNmQzNWZlNmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYm81knJ9T63JgYESxn7wnAWTywF
vmALTLAdOLcoYBtXtbJ9L5mquUcM6h6qyjqXRfwAw9SMw2zel1Ii2s0UVhtrcSi8
WtNcdb0vy+logtb76Xerji7zw3b8SWJnPLHpf5AB+j94KO8QZsUjgL/wbfF5QwQm
MKlWYkaC0Tq5cPYXXegwY+tlk/WiW2smzrz/Aep0H6b1WK8gBe/VtgMbAVXewRRu
PQAjeu86FU/4xF2YoOQ37ttufsYNX2aS4CftMayKT1KuXRHN9OmRPXppMnd9jiIi
zZs7VRFpDmt5eSKrjcgBzvNncOG8OGqTo+di5jufi4MPwaPpslvuNBmiSwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFOCTRoH3ZMSpdyzVmloUccbTX+a0MB8GA1UdIwQY
MBaAFPy+YjeLtYCvTtcL+jWryECUXXgDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0w1aU40dTFnSzlPMXd2Nk5hdklRSlJkZUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9iOGQyOWMtMzMzMy00OTNjLTk3Mzkt
ZGY1NmVjNjcwZGU3LzEvNEpOR2dmZGt4S2wzTE5XYVdoUnh4dE5mNXJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9iOGQyOWMtMzMzMy00OTNjLTk3MzktZGY1NmVjNjcwZGU3
LzEvX0w1aU40dTFnSzlPMXd2Nk5hdklRSlJkZUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCTfDwMAwD
BAOy7MgDBACy7MoDBALCD/gwDQYJKoZIhvcNAQELBQADggEBAELeI7ts+sOQ2eK8
HwSU/lHhY2ky7QiSrI4c3Nx/nz8yxqWWmAamcI8gPDbMTWA9Zd2ZE4GvqdRcCTn5
2oNFUto3E+qi9XuHGJ5nh9mKul4dgLZqsFX5JjhcczpMVY0pywYPwvSVZcwqD/av
eyfAGUgIVPoZodGaT6Tp7zrZoD4mJx/P2NeveF843Z1bR8I3/YEoVydBkJQ6JRLE
fD9+l3uyQ+zWIotMMHfkfQ+vOvxW3c/HMFngM+qqy6m5Z2KA/FQ/BbfgVDdUjk5B
658X5HF74tbVEIh0ERKc7DnwXODR4y9EC6KouiYo+HOkqABTL1HXzU7Ou3rni3tW
yyjmagA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:24 2024 by rpki-client on console-ams.rpki-client.org