Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/3dc222-1206-4922-8890-455b19f766cc/1/eJIqzeQ4rK77BmQL4-tGWZJydi4.roa
File: eJIqzeQ4rK77BmQL4-tGWZJydi4.roa (raw, json)
Hash identifier: kbDw7nUl+wKbOjumpegKt7UHjrBIZ8GVtxCQUOVd6bk=
Subject key identifier: 78:92:2A:CD:E4:38:AC:AE:FB:06:64:0B:E3:EB:46:59:92:72:76:2E
Certificate issuer: /CN=4f0e77d9c6ff68dca68f05df8f4675ee7bdcb0bc
Certificate serial: 0182E8EB3950B1FD9A2E8D6C380BBE7350A8
Authority key identifier: 4F:0E:77:D9:C6:FF:68:DC:A6:8F:05:DF:8F:46:75:EE:7B:DC:B0:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tw532cb_aNymjwXfj0Z17nvcsLw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/3dc222-1206-4922-8890-455b19f766cc/1/eJIqzeQ4rK77BmQL4-tGWZJydi4.roa
Signing time: Mon 29 Aug 2022 09:25:05 +0000
ROA not before: Mon 29 Aug 2022 09:25:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20912
IP address blocks: 212.66.96.0/19 maxlen: 24
77.39.216.0/22 maxlen: 24
185.109.188.0/22 maxlen: 24
176.62.48.0/20 maxlen: 20
85.119.176.0/21 maxlen: 24
77.39.192.0/20 maxlen: 24
2001:40d0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:e8:eb:39:50:b1:fd:9a:2e:8d:6c:38:0b:be:73:50:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f0e77d9c6ff68dca68f05df8f4675ee7bdcb0bc
Validity
Not Before: Aug 29 09:25:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=78922acde438acaefb06640be3eb46599272762e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:85:a8:18:d3:88:dc:4b:e1:f0:a5:44:55:f5:
6c:7f:6e:d5:4c:11:1c:db:b5:35:cf:fe:bc:62:a7:
ce:13:4f:6b:1f:a8:df:3f:29:37:1f:c9:b8:6a:d8:
ec:96:b1:60:a5:3b:a6:95:92:84:ae:ff:62:6d:ae:
f5:27:b1:27:14:b6:a1:0c:e5:0d:43:38:b8:d9:cc:
35:81:d6:d6:84:ef:1a:26:84:72:04:de:69:ab:b4:
df:f4:b7:30:a4:e8:06:75:3c:1e:da:1a:f9:14:e1:
25:e8:87:a9:cb:09:e1:6b:17:79:0d:45:3f:66:9d:
f7:02:74:79:18:ab:97:a2:47:98:74:92:42:87:ec:
f2:5f:85:0f:81:b8:5a:ea:bc:f7:15:87:6a:7c:c9:
9a:18:26:d6:39:9f:5d:36:91:2f:a1:b3:c2:3f:0c:
8c:bd:b5:fc:1c:69:4f:3f:71:6c:14:cf:f5:ac:94:
4c:81:ce:ce:4a:b4:1f:75:54:4c:d9:39:ff:17:4b:
3a:78:92:5d:41:4d:3a:6a:9b:ae:54:84:b0:dd:f9:
34:82:36:0d:1f:4b:20:d2:af:9b:2c:1c:4b:d8:89:
e5:a8:07:16:9c:b7:9d:86:6b:5f:13:5b:9c:f8:06:
64:63:d5:81:ef:48:39:85:7e:9e:a6:bd:68:31:d1:
ad:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:92:2A:CD:E4:38:AC:AE:FB:06:64:0B:E3:EB:46:59:92:72:76:2E
X509v3 Authority Key Identifier:
keyid:4F:0E:77:D9:C6:FF:68:DC:A6:8F:05:DF:8F:46:75:EE:7B:DC:B0:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tw532cb_aNymjwXfj0Z17nvcsLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/3dc222-1206-4922-8890-455b19f766cc/1/eJIqzeQ4rK77BmQL4-tGWZJydi4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/3dc222-1206-4922-8890-455b19f766cc/1/Tw532cb_aNymjwXfj0Z17nvcsLw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.39.192.0/20
77.39.216.0/22
85.119.176.0/21
176.62.48.0/20
185.109.188.0/22
212.66.96.0/19
IPv6:
2001:40d0::/32
Signature Algorithm: sha256WithRSAEncryption
84:8f:ca:72:4d:50:86:f1:f1:5c:40:fa:e7:d9:92:8d:e2:64:
12:c2:90:6c:f6:34:0c:b2:d8:f2:85:de:20:40:6c:19:aa:eb:
df:98:7d:ac:cf:f5:7c:47:7f:d1:8a:fb:df:78:87:c1:17:78:
78:91:55:84:6c:73:7e:c0:91:4a:23:31:17:5d:ff:bd:0c:1c:
db:c7:9f:aa:8b:43:d4:ec:6c:84:4e:af:bc:5f:51:9a:a2:35:
1b:0a:11:e3:c2:6f:ed:ba:95:6d:61:1c:6c:bc:79:f6:15:f5:
67:43:f1:b4:b2:53:66:19:a5:9d:58:69:ad:bb:5a:1e:2d:e6:
3c:3e:07:ff:a5:de:9f:c4:24:c3:a1:e6:29:e7:b5:01:5b:2d:
4b:3c:3e:f8:9c:7b:87:7c:1f:f7:7f:ef:e3:d0:ee:55:25:cf:
5b:7a:98:dc:05:16:9d:43:c2:08:7b:35:df:b6:58:a5:3a:79:
c2:c9:8c:e4:c3:1b:55:84:6f:fa:b0:1e:6e:4f:f5:b9:eb:36:
44:af:32:89:7a:94:53:e0:e3:a4:fd:96:9b:0c:a7:bd:14:4c:
13:b6:fc:c2:ea:db:bc:30:fe:6f:0e:45:5b:8e:6f:0b:87:9f:
59:0e:91:72:df:35:2a:66:62:d2:5a:f8:bc:6f:d7:c4:7c:1f:
18:75:f3:0c
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYLo6zlQsf2aLo1sOAu+c1CoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMGU3N2Q5YzZmZjY4ZGNhNjhmMDVkZjhmNDY3NWVlN2Jk
Y2IwYmMwHhcNMjIwODI5MDkyNTA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODkyMmFjZGU0MzhhY2FlZmIwNjY0MGJlM2ViNDY1OTkyNzI3NjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmoWoGNOI3Evh8KVEVfVsf27VTBEc
27U1z/68YqfOE09rH6jfPyk3H8m4atjslrFgpTumlZKErv9iba71J7EnFLahDOUN
Qzi42cw1gdbWhO8aJoRyBN5pq7Tf9LcwpOgGdTwe2hr5FOEl6Iepywnhaxd5DUU/
Zp33AnR5GKuXokeYdJJCh+zyX4UPgbha6rz3FYdqfMmaGCbWOZ9dNpEvobPCPwyM
vbX8HGlPP3FsFM/1rJRMgc7OSrQfdVRM2Tn/F0s6eJJdQU06apuuVISw3fk0gjYN
H0sg0q+bLBxL2InlqAcWnLedhmtfE1uc+AZkY9WB70g5hX6epr1oMdGtDwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFHiSKs3kOKyu+wZkC+PrRlmScnYuMB8GA1UdIwQY
MBaAFE8Od9nG/2jcpo8F349Gde573LC8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHc1MzJjYl9hTnltandYZmowWjE3bnZjc0x3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8zZGMyMjItMTIwNi00OTIyLTg4OTAt
NDU1YjE5Zjc2NmNjLzEvZUpJcXplUTRySzc3Qm1RTDQtdEdXWkp5ZGk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS8zZGMyMjItMTIwNi00OTIyLTg4OTAtNDU1YjE5Zjc2NmNj
LzEvVHc1MzJjYl9hTnltandYZmowWjE3bnZjc0x3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQETSfAAwQC
TSfYAwQDVXewAwQEsD4wAwQCuW28AwQF1EJgMA0EAgACMAcDBQAgAUDQMA0GCSqG
SIb3DQEBCwUAA4IBAQCEj8pyTVCG8fFcQPrn2ZKN4mQSwpBs9jQMstjyhd4gQGwZ
quvfmH2sz/V8R3/RivvfeIfBF3h4kVWEbHN+wJFKIzEXXf+9DBzbx5+qi0PU7GyE
Tq+8X1GaojUbChHjwm/tupVtYRxsvHn2FfVnQ/G0slNmGaWdWGmtu1oeLeY8Pgf/
pd6fxCTDoeYp57UBWy1LPD74nHuHfB/3f+/j0O5VJc9bepjcBRadQ8IIezXftlil
OnnCyYzkwxtVhG/6sB5uT/W56zZErzKJepRT4OOk/ZabDKe9FEwTtvzC6tu8MP5v
DkVbjm8Lh59ZDpFy3zUqZmLSWvi8b9fEfB8YdfMM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:16 2024 by rpki-client on console-fra.rpki-client.org