Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/709fc9-68ef-411e-a1cc-e1e807ecd4df/1/sufjtP3aj7ZZb0nqGfErynbGRYo.roa
File: sufjtP3aj7ZZb0nqGfErynbGRYo.roa (raw, json)
Hash identifier: U2MaWf/R7CQ2N0vGqeIIWHCeb2G9BhrMWi5jfrGflWg=
Subject key identifier: B2:E7:E3:B4:FD:DA:8F:B6:59:6F:49:EA:19:F1:2B:CA:76:C6:45:8A
Certificate issuer: /CN=2c40fcd53987b209f8af39ca1211f27060a8902e
Certificate serial: 02EE30E3
Authority key identifier: 2C:40:FC:D5:39:87:B2:09:F8:AF:39:CA:12:11:F2:70:60:A8:90:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LED81TmHsgn4rznKEhHycGCokC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/709fc9-68ef-411e-a1cc-e1e807ecd4df/1/sufjtP3aj7ZZb0nqGfErynbGRYo.roa
Signing time: Thu 28 Apr 2022 08:03:40 +0000
ROA not before: Thu 28 Apr 2022 08:03:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208800
IP address blocks: 188.116.28.0/22 maxlen: 22
77.242.240.0/24 maxlen: 24
77.242.240.0/22 maxlen: 22
77.242.240.0/23 maxlen: 23
77.242.240.0/21 maxlen: 21
77.242.242.0/23 maxlen: 23
77.242.242.0/24 maxlen: 24
77.242.241.0/24 maxlen: 24
77.242.245.0/24 maxlen: 24
77.242.244.0/22 maxlen: 22
77.242.244.0/23 maxlen: 23
77.242.244.0/24 maxlen: 24
77.242.243.0/24 maxlen: 24
77.242.246.0/24 maxlen: 24
77.242.246.0/23 maxlen: 23
77.242.249.0/24 maxlen: 24
77.242.248.0/24 maxlen: 24
77.242.247.0/24 maxlen: 24
77.242.250.0/24 maxlen: 24
77.242.255.0/24 maxlen: 24
91.201.4.0/24 maxlen: 24
91.201.4.0/22 maxlen: 22
91.201.7.0/24 maxlen: 24
91.201.6.0/24 maxlen: 24
91.201.5.0/24 maxlen: 24
2a0e:6e80::/44 maxlen: 44
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 49164515 (0x2ee30e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c40fcd53987b209f8af39ca1211f27060a8902e
Validity
Not Before: Apr 28 08:03:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b2e7e3b4fdda8fb6596f49ea19f12bca76c6458a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:28:dc:49:ba:b3:96:60:cb:7e:bd:7b:17:be:
f1:f3:40:67:72:4a:1b:2a:08:35:1a:bf:0b:e0:a9:
8d:be:31:e5:d6:f5:ff:c2:66:1b:31:e0:55:f3:5a:
c8:b1:24:5d:e3:cf:43:85:fd:83:83:91:0f:69:85:
04:6a:b5:61:c3:c6:28:de:be:3a:6c:a4:e2:d6:05:
ed:6d:16:9f:44:28:eb:a7:40:4e:1a:78:2f:5a:cf:
a3:e3:9c:35:66:9b:18:d1:2d:c0:42:fe:86:90:77:
70:e9:b8:7a:1c:29:8b:d3:be:e2:76:29:b0:d9:4e:
fa:86:09:d6:92:b0:b5:35:69:6c:3a:c1:f6:0b:72:
33:34:0d:1d:09:21:36:86:17:7b:cf:0d:cc:ae:23:
cc:65:3c:08:63:a9:a8:74:b4:76:6d:b2:20:51:d9:
d6:e3:ce:00:86:65:25:9e:fd:71:08:9c:4f:ef:bb:
04:01:ef:04:f5:b7:95:fc:c9:80:10:96:78:fa:1f:
90:73:32:7c:3c:eb:66:20:67:6b:19:f9:9a:9a:92:
5d:38:14:f5:1e:28:7b:72:9f:5b:b3:1a:d2:2d:be:
42:39:0b:f5:22:36:c4:84:c8:4b:c3:ab:8c:5e:66:
89:ae:ac:a4:d0:31:ee:8a:23:09:2d:b6:dc:ef:18:
38:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:E7:E3:B4:FD:DA:8F:B6:59:6F:49:EA:19:F1:2B:CA:76:C6:45:8A
X509v3 Authority Key Identifier:
keyid:2C:40:FC:D5:39:87:B2:09:F8:AF:39:CA:12:11:F2:70:60:A8:90:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LED81TmHsgn4rznKEhHycGCokC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/709fc9-68ef-411e-a1cc-e1e807ecd4df/1/sufjtP3aj7ZZb0nqGfErynbGRYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/709fc9-68ef-411e-a1cc-e1e807ecd4df/1/LED81TmHsgn4rznKEhHycGCokC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.240.0-77.242.250.255
77.242.255.0/24
91.201.4.0/22
188.116.28.0/22
IPv6:
2a0e:6e80::/44
Signature Algorithm: sha256WithRSAEncryption
3e:8f:0c:e4:d8:11:16:54:15:65:0d:90:d2:ae:ab:0b:b3:62:
49:93:ea:35:0b:da:3a:fa:24:cb:2a:14:da:e9:e3:09:d1:6b:
ce:39:5d:1a:83:e2:2e:77:86:74:ae:17:c6:db:9e:6f:65:9c:
c4:f5:af:b0:97:8f:44:d8:d9:31:36:a9:6a:07:4f:ac:89:bf:
13:f1:71:f1:3e:57:6b:3f:44:9d:44:3a:a5:53:e4:e4:0d:10:
56:60:9a:93:b7:b7:d6:41:69:cb:3a:2a:de:d6:68:d9:0c:19:
d2:3c:84:37:f7:6e:79:53:4d:b0:32:ac:d6:41:f1:83:9b:31:
55:17:eb:47:b8:d4:78:8a:bb:09:cc:58:5d:21:0c:23:fa:3a:
3d:c4:96:d9:5d:5d:d4:7d:7c:bb:a0:31:cf:24:c5:d2:d4:a3:
58:33:0a:b4:0e:60:ba:cf:c3:a2:eb:41:48:7f:27:16:af:a8:
6e:66:58:e9:53:8c:83:ab:fb:89:a1:44:b0:c1:33:fa:84:90:
58:08:82:ad:7f:ef:7c:67:74:c5:0b:7d:bb:54:16:59:21:8e:
f6:ac:72:8b:6f:1f:3d:54:13:16:1a:ef:64:70:e8:57:14:2c:
93:4b:9c:34:8e:ef:c9:94:7a:51:9c:77:ca:87:8d:15:c5:92:
8f:c0:39:c8
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgIEAu4w4zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YzQwZmNkNTM5ODdiMjA5ZjhhZjM5Y2ExMjExZjI3MDYwYTg5MDJlMB4XDTIyMDQy
ODA4MDM0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjJlN2UzYjRmZGRh
OGZiNjU5NmY0OWVhMTlmMTJiY2E3NmM2NDU4YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ8o3Em6s5Zgy369exe+8fNAZ3JKGyoINRq/C+Cpjb4x5db1
/8JmGzHgVfNayLEkXePPQ4X9g4ORD2mFBGq1YcPGKN6+Omyk4tYF7W0Wn0Qo66dA
Thp4L1rPo+OcNWabGNEtwEL+hpB3cOm4ehwpi9O+4nYpsNlO+oYJ1pKwtTVpbDrB
9gtyMzQNHQkhNoYXe88NzK4jzGU8CGOpqHS0dm2yIFHZ1uPOAIZlJZ79cQicT++7
BAHvBPW3lfzJgBCWePofkHMyfDzrZiBnaxn5mpqSXTgU9R4oe3KfW7Ma0i2+QjkL
9SI2xITIS8OrjF5mia6spNAx7oojCS223O8YOIsCAwEAAaOCAjQwggIwMB0GA1Ud
DgQWBBSy5+O0/dqPtllvSeoZ8SvKdsZFijAfBgNVHSMEGDAWgBQsQPzVOYeyCfiv
OcoSEfJwYKiQLjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xFRDgxVG1Ic2duNHJ6bktFaEh5Y0dDb2tDNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDcvNzA5ZmM5LTY4ZWYtNDExZS1hMWNjLWUxZTgwN2VjZDRkZi8x
L3N1Zmp0UDNhajdaWmIwbnFHZkVyeW5iR1JZby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDcv
NzA5ZmM5LTY4ZWYtNDExZS1hMWNjLWUxZTgwN2VjZDRkZi8xL0xFRDgxVG1Ic2du
NHJ6bktFaEh5Y0dDb2tDNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBK
BggrBgEFBQcBBwEB/wQ7MDkwJgQCAAEwIDAMAwQETfLwAwQATfL6AwQATfL/AwQC
W8kEAwQCvHQcMA8EAgACMAkDBwQqDm6AAAAwDQYJKoZIhvcNAQELBQADggEBAD6P
DOTYERZUFWUNkNKuqwuzYkmT6jUL2jr6JMsqFNrp4wnRa845XRqD4i53hnSuF8bb
nm9lnMT1r7CXj0TY2TE2qWoHT6yJvxPxcfE+V2s/RJ1EOqVT5OQNEFZgmpO3t9ZB
acs6Kt7WaNkMGdI8hDf3bnlTTbAyrNZB8YObMVUX60e41HiKuwnMWF0hDCP6Oj3E
ltldXdR9fLugMc8kxdLUo1gzCrQOYLrPw6LrQUh/JxavqG5mWOlTjIOr+4mhRLDB
M/qEkFgIgq1/73xndMULfbtUFlkhjvascotvHz1UExYa72Rw6FcULJNLnDSO78mU
elGcd8qHjRXFko/AOcg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:39 2024 by rpki-client on console-fra.rpki-client.org