Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/0222fe-dcc8-4a7d-bfa2-eca978c3cb85/1/dtjENxieGTaMVAoB8oqETsLBJ_U.roa
File: dtjENxieGTaMVAoB8oqETsLBJ_U.roa (raw, json)
Hash identifier: tlVxtXSVIPPInecYS76cNzjoz13lFYx706NXA0bfiWY=
Subject key identifier: 76:D8:C4:37:18:9E:19:36:8C:54:0A:01:F2:8A:84:4E:C2:C1:27:F5
Certificate issuer: /CN=c9dcb695c70db4b96370600750918a4b3a8a21a9
Certificate serial: 191F8E50
Authority key identifier: C9:DC:B6:95:C7:0D:B4:B9:63:70:60:07:50:91:8A:4B:3A:8A:21:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydy2lccNtLljcGAHUJGKSzqKIak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/0222fe-dcc8-4a7d-bfa2-eca978c3cb85/1/dtjENxieGTaMVAoB8oqETsLBJ_U.roa
Signing time: Sat 01 Jan 2022 07:02:42 +0000
ROA not before: Sat 01 Jan 2022 07:02:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56865
IP address blocks: 77.240.85.0/24 maxlen: 24
77.240.84.0/24 maxlen: 24
77.240.84.0/23 maxlen: 23
85.184.238.0/23 maxlen: 23
85.184.238.0/24 maxlen: 24
85.184.239.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 421498448 (0x191f8e50)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9dcb695c70db4b96370600750918a4b3a8a21a9
Validity
Not Before: Jan 1 07:02:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=76d8c437189e19368c540a01f28a844ec2c127f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ea:e2:36:6a:19:af:9b:83:36:1f:51:66:13:
01:93:87:96:c2:c6:15:da:7a:a2:44:f5:20:ba:76:
4d:9a:72:07:0d:93:da:04:4f:13:47:5d:0b:bc:7e:
4a:78:6e:60:59:ea:06:42:ad:84:03:20:88:8c:37:
db:c2:92:5e:48:24:25:bd:7e:9e:67:c1:11:22:d7:
8b:40:35:3e:72:4f:c3:07:1d:4b:6a:35:1b:ab:ef:
22:8f:b9:1b:ff:93:ed:00:bb:46:4c:e5:34:0b:ab:
d0:d2:97:8e:f4:8d:db:c3:69:ad:ea:05:b2:af:bf:
74:e0:e2:39:25:a5:5c:24:f6:6a:a6:b8:83:6a:43:
4f:49:0a:6a:f9:d7:5a:ba:13:5f:8e:ca:c2:e8:5c:
52:55:0c:f7:25:78:a6:35:55:de:2c:4d:a5:5d:2d:
0c:eb:5e:0d:0c:50:ca:5c:45:0f:ab:38:53:53:d5:
26:e5:38:6c:d1:2a:bd:d1:84:ae:cf:fc:bc:7f:0b:
cd:dc:ed:1e:9b:17:97:26:6e:18:73:ae:a4:c4:94:
00:26:1a:d7:74:6e:52:33:24:85:52:e2:fb:f2:25:
55:9c:7a:e5:89:4f:fc:a1:52:6d:69:37:d3:44:68:
26:0a:f8:e6:7c:73:ea:78:a0:1a:01:08:8f:ff:d9:
ef:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:D8:C4:37:18:9E:19:36:8C:54:0A:01:F2:8A:84:4E:C2:C1:27:F5
X509v3 Authority Key Identifier:
keyid:C9:DC:B6:95:C7:0D:B4:B9:63:70:60:07:50:91:8A:4B:3A:8A:21:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydy2lccNtLljcGAHUJGKSzqKIak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/0222fe-dcc8-4a7d-bfa2-eca978c3cb85/1/dtjENxieGTaMVAoB8oqETsLBJ_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/0222fe-dcc8-4a7d-bfa2-eca978c3cb85/1/ydy2lccNtLljcGAHUJGKSzqKIak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.240.84.0/23
85.184.238.0/23
Signature Algorithm: sha256WithRSAEncryption
2d:c6:cf:a4:b1:ce:d7:57:cb:3a:03:e6:55:53:1a:90:ba:c6:
d0:74:4b:d7:42:7e:29:f4:d5:47:94:ab:b3:fa:47:d2:ef:41:
dc:51:2c:60:4b:71:74:d3:9d:c4:d1:c5:6a:12:1b:3c:e9:5f:
0e:c5:d6:84:ec:aa:06:0b:72:ac:dd:e8:cf:b4:14:49:0b:53:
93:6f:de:e7:de:b4:28:6c:d0:61:1d:3c:eb:bf:cb:77:a9:28:
4b:19:3f:4a:1e:61:49:c5:1e:25:e6:f5:e0:e3:9f:69:aa:ff:
1c:11:6e:8c:c9:fb:84:d3:5c:41:54:c6:32:6a:16:77:86:ec:
fa:3b:e3:58:89:82:d2:c3:56:17:49:1a:5e:bc:49:75:1c:e1:
22:86:3f:6e:76:eb:ad:e5:71:f1:00:43:2f:b2:e6:5b:9e:ec:
33:82:fe:ad:17:3a:65:a3:37:cb:91:cb:91:c0:23:40:db:94:
52:cf:39:8c:7f:42:6e:3d:b3:67:8f:73:a9:dd:54:98:61:d8:
54:f4:26:0d:45:ff:0f:15:b3:13:62:56:24:d4:34:66:5c:c6:
bf:f4:d6:49:cf:a9:52:60:a9:b9:bb:c6:f0:dc:6c:17:f9:fd:
2d:55:03:6c:6f:ad:fb:9c:f5:78:95:b2:df:af:00:6b:4d:45:
bc:6d:d2:32
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEGR+OUDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
OWRjYjY5NWM3MGRiNGI5NjM3MDYwMDc1MDkxOGE0YjNhOGEyMWE5MB4XDTIyMDEw
MTA3MDI0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzZkOGM0MzcxODll
MTkzNjhjNTQwYTAxZjI4YTg0NGVjMmMxMjdmNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJfq4jZqGa+bgzYfUWYTAZOHlsLGFdp6okT1ILp2TZpyBw2T
2gRPE0ddC7x+SnhuYFnqBkKthAMgiIw328KSXkgkJb1+nmfBESLXi0A1PnJPwwcd
S2o1G6vvIo+5G/+T7QC7RkzlNAur0NKXjvSN28NpreoFsq+/dODiOSWlXCT2aqa4
g2pDT0kKavnXWroTX47KwuhcUlUM9yV4pjVV3ixNpV0tDOteDQxQylxFD6s4U1PV
JuU4bNEqvdGErs/8vH8LzdztHpsXlyZuGHOupMSUACYa13RuUjMkhVLi+/IlVZx6
5YlP/KFSbWk300RoJgr45nxz6nigGgEIj//Z7xMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBR22MQ3GJ4ZNoxUCgHyioROwsEn9TAfBgNVHSMEGDAWgBTJ3LaVxw20uWNw
YAdQkYpLOoohqTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3lkeTJsY2NOdExsamNHQUhVSkdLU3pxS0lhay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2IvMDIyMmZlLWRjYzgtNGE3ZC1iZmEyLWVjYTk3OGMzY2I4NS8x
L2R0akVOeGllR1RhTVZBb0I4b3FFVHNMQkpfVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Iv
MDIyMmZlLWRjYzgtNGE3ZC1iZmEyLWVjYTk3OGMzY2I4NS8xL3lkeTJsY2NOdExs
amNHQUhVSkdLU3pxS0lhay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAU3wVAMEAVW47jANBgkqhkiG9w0B
AQsFAAOCAQEALcbPpLHO11fLOgPmVVMakLrG0HRL10J+KfTVR5Srs/pH0u9B3FEs
YEtxdNOdxNHFahIbPOlfDsXWhOyqBgtyrN3oz7QUSQtTk2/e5960KGzQYR0867/L
d6koSxk/Sh5hScUeJeb14OOfaar/HBFujMn7hNNcQVTGMmoWd4bs+jvjWImC0sNW
F0kaXrxJdRzhIoY/bnbrreVx8QBDL7LmW57sM4L+rRc6ZaM3y5HLkcAjQNuUUs85
jH9Cbj2zZ49zqd1UmGHYVPQmDUX/DxWzE2JWJNQ0ZlzGv/TWSc+pUmCpubvG8Nxs
F/n9LVUDbG+t+5z1eJWy368Aa01FvG3SMg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:23 2024 by rpki-client on console-ams.rpki-client.org