Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/861c6c-a47a-4654-a4ef-61fac286d387/1/cIuBF-mzmpyIeUt6v-gBlXzzT58.roa
File: cIuBF-mzmpyIeUt6v-gBlXzzT58.roa (raw, json)
Hash identifier: lxgyO4izO2XfewShw/sHcuYb605o4n1C30/IkFWsLm0=
Subject key identifier: 70:8B:81:17:E9:B3:9A:9C:88:79:4B:7A:BF:E8:01:95:7C:F3:4F:9F
Certificate issuer: /CN=572abd85a58991ab71a17fd7541fb8de96f55a7d
Certificate serial: 37BD4B54
Authority key identifier: 57:2A:BD:85:A5:89:91:AB:71:A1:7F:D7:54:1F:B8:DE:96:F5:5A:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vyq9haWJkatxoX_XVB-43pb1Wn0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/861c6c-a47a-4654-a4ef-61fac286d387/1/cIuBF-mzmpyIeUt6v-gBlXzzT58.roa
Signing time: Sat 01 Jan 2022 11:56:43 +0000
ROA not before: Sat 01 Jan 2022 11:56:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42760
IP address blocks: 77.74.0.0/21 maxlen: 21
185.74.28.0/22 maxlen: 22
46.227.224.0/21 maxlen: 21
193.246.101.0/24 maxlen: 24
193.246.120.0/24 maxlen: 24
2a02:cd8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 935152468 (0x37bd4b54)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=572abd85a58991ab71a17fd7541fb8de96f55a7d
Validity
Not Before: Jan 1 11:56:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=708b8117e9b39a9c88794b7abfe801957cf34f9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:66:82:67:87:d1:f5:6b:82:ee:84:ec:84:0d:
77:dd:96:f0:63:3f:38:d8:b6:71:70:6f:39:c5:e6:
43:93:6a:54:7f:16:f9:54:e4:6b:14:51:46:2c:ff:
80:29:a3:5e:f9:e4:e6:d0:28:29:7a:33:fb:7c:8e:
54:90:5f:b8:e4:5a:18:27:b4:52:76:51:bf:ca:96:
b6:ad:37:38:d8:bf:db:c7:67:bd:d3:0c:8a:07:80:
b2:cd:0c:ff:63:0e:8b:fe:09:a3:ea:77:ed:b7:c6:
b1:a2:ad:2a:ea:1e:7f:b6:ca:6b:aa:b1:8b:fe:72:
08:55:85:43:c6:af:30:eb:59:bd:45:a8:a3:0d:46:
d3:06:3d:64:df:39:2d:af:37:87:76:2a:8b:9f:a0:
6d:32:b0:d8:53:ab:36:7f:55:36:43:65:51:16:7a:
69:4a:59:f7:bd:43:94:7d:bc:be:16:2d:b6:ef:1a:
5c:08:7a:45:ff:9c:18:da:ca:4a:07:19:01:13:ea:
14:4f:87:4b:d3:a6:e9:60:e8:9b:04:a8:03:bc:d8:
3b:23:e0:99:fc:88:f7:4c:5e:5c:eb:82:0e:b1:e8:
2b:9f:be:16:2c:ed:1b:09:42:7f:88:46:92:3f:ff:
1e:95:a1:9f:1b:64:3d:c1:6f:0c:f2:2a:0a:c1:f2:
2f:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:8B:81:17:E9:B3:9A:9C:88:79:4B:7A:BF:E8:01:95:7C:F3:4F:9F
X509v3 Authority Key Identifier:
keyid:57:2A:BD:85:A5:89:91:AB:71:A1:7F:D7:54:1F:B8:DE:96:F5:5A:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vyq9haWJkatxoX_XVB-43pb1Wn0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/861c6c-a47a-4654-a4ef-61fac286d387/1/cIuBF-mzmpyIeUt6v-gBlXzzT58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/861c6c-a47a-4654-a4ef-61fac286d387/1/Vyq9haWJkatxoX_XVB-43pb1Wn0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.224.0/21
77.74.0.0/21
185.74.28.0/22
193.246.101.0/24
193.246.120.0/24
IPv6:
2a02:cd8::/32
Signature Algorithm: sha256WithRSAEncryption
81:0d:1c:71:58:c0:ae:31:56:8d:a5:46:c4:93:de:25:f1:9f:
5b:1b:f2:b9:15:62:4d:05:94:3f:8c:c8:ef:b9:40:d6:a2:71:
2d:28:c8:8d:89:09:b3:9d:41:58:76:89:e0:c9:4f:c1:cc:66:
37:66:ed:a5:5d:7e:8e:02:07:43:e7:e7:e0:34:30:5f:df:7f:
61:54:ea:af:a3:ea:31:89:bc:58:b9:4c:a7:54:b6:d6:f5:fd:
bb:32:83:79:cb:4a:75:96:3e:61:34:ab:33:3b:30:56:dd:66:
5a:61:fe:ed:bc:b8:c2:92:b0:c7:a5:b3:2c:12:5e:6e:3b:60:
09:4d:30:ca:70:38:16:45:12:71:b6:50:93:c8:57:ec:15:7b:
df:5b:72:af:15:7f:f0:e9:cf:1c:fb:5c:51:43:ab:ec:1a:c3:
70:93:36:a1:93:a8:ea:26:63:80:0f:87:8b:68:4d:87:43:4c:
5e:36:70:9f:bd:50:ac:ea:83:2e:3b:51:01:9c:e3:3c:1a:ce:
fb:31:14:3b:27:dc:f6:d2:0f:31:41:3e:ca:e0:5b:0d:a1:a4:
06:b2:dc:94:89:1b:71:9d:02:c8:bb:81:1f:09:53:cc:39:b3:
c8:ad:7a:24:d9:b8:17:ce:c9:31:32:8e:ce:3a:e4:27:ae:4c:
6a:31:6e:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEN71LVDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NzJhYmQ4NWE1ODk5MWFiNzFhMTdmZDc1NDFmYjhkZTk2ZjU1YTdkMB4XDTIyMDEw
MTExNTY0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzA4YjgxMTdlOWIz
OWE5Yzg4Nzk0YjdhYmZlODAxOTU3Y2YzNGY5ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALJmgmeH0fVrgu6E7IQNd92W8GM/ONi2cXBvOcXmQ5NqVH8W
+VTkaxRRRiz/gCmjXvnk5tAoKXoz+3yOVJBfuORaGCe0UnZRv8qWtq03ONi/28dn
vdMMigeAss0M/2MOi/4Jo+p37bfGsaKtKuoef7bKa6qxi/5yCFWFQ8avMOtZvUWo
ow1G0wY9ZN85La83h3Yqi5+gbTKw2FOrNn9VNkNlURZ6aUpZ971DlH28vhYttu8a
XAh6Rf+cGNrKSgcZARPqFE+HS9Om6WDomwSoA7zYOyPgmfyI90xeXOuCDrHoK5++
FiztGwlCf4hGkj//HpWhnxtkPcFvDPIqCsHyL8ECAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBRwi4EX6bOanIh5S3q/6AGVfPNPnzAfBgNVHSMEGDAWgBRXKr2FpYmRq3Gh
f9dUH7jelvVafTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Z5cTloYVdKa2F0eG9YX1hWQi00M3BiMVduMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmYvODYxYzZjLWE0N2EtNDY1NC1hNGVmLTYxZmFjMjg2ZDM4Ny8x
L2NJdUJGLW16bXB5SWVVdDZ2LWdCbFh6elQ1OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmYv
ODYxYzZjLWE0N2EtNDY1NC1hNGVmLTYxZmFjMjg2ZDM4Ny8xL1Z5cTloYVdKa2F0
eG9YX1hWQi00M3BiMVduMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAy7j4AMEA01KAAMEArlKHAMEAMH2
ZQMEAMH2eDANBAIAAjAHAwUAKgIM2DANBgkqhkiG9w0BAQsFAAOCAQEAgQ0ccVjA
rjFWjaVGxJPeJfGfWxvyuRViTQWUP4zI77lA1qJxLSjIjYkJs51BWHaJ4MlPwcxm
N2btpV1+jgIHQ+fn4DQwX99/YVTqr6PqMYm8WLlMp1S21vX9uzKDectKdZY+YTSr
MzswVt1mWmH+7by4wpKwx6WzLBJebjtgCU0wynA4FkUScbZQk8hX7BV731tyrxV/
8OnPHPtcUUOr7BrDcJM2oZOo6iZjgA+Hi2hNh0NMXjZwn71QrOqDLjtRAZzjPBrO
+zEUOyfc9tIPMUE+yuBbDaGkBrLclIkbcZ0CyLuBHwlTzDmzyK16JNm4F87JMTKO
zjrkJ65MajFunA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:34 2025 by rpki-client