Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/cm77uxP6NSrW06IHrfKtz3xp6S0.roa
File: cm77uxP6NSrW06IHrfKtz3xp6S0.roa (raw, json)
Hash identifier: GWF0OY7TBg2TaagJtoMts19LSuG3JkO19zkU1WBMwsY=
Subject key identifier: 72:6E:FB:BB:13:FA:35:2A:D6:D3:A2:07:AD:F2:AD:CF:7C:69:E9:2D
Certificate issuer: /CN=60998d3c9d8bdc9c1dff8e319424412b6cdc1dd3
Certificate serial: 087828D5
Authority key identifier: 60:99:8D:3C:9D:8B:DC:9C:1D:FF:8E:31:94:24:41:2B:6C:DC:1D:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/cm77uxP6NSrW06IHrfKtz3xp6S0.roa
Signing time: Tue 07 Jun 2022 08:33:20 +0000
ROA not before: Tue 07 Jun 2022 08:33:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 192.40.69.0/24 maxlen: 24
192.35.206.0/24 maxlen: 24
147.189.163.0/24 maxlen: 24
31.25.11.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 142092501 (0x87828d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60998d3c9d8bdc9c1dff8e319424412b6cdc1dd3
Validity
Not Before: Jun 7 08:33:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=726efbbb13fa352ad6d3a207adf2adcf7c69e92d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:77:d7:2b:a3:78:9f:44:17:dd:50:35:e0:79:
e3:03:34:c1:03:45:8a:50:37:ad:09:1b:03:62:94:
cb:d6:85:0e:e4:cd:19:8a:99:5f:6f:57:47:ee:2e:
dc:e8:b2:6c:3f:9b:a2:e0:7c:93:ea:f2:17:fa:a4:
af:7b:34:82:de:86:cc:98:da:3b:17:9d:c2:7e:ce:
00:7f:8f:c4:35:f2:2f:f2:9f:33:1d:1c:34:da:85:
b2:90:7a:00:1d:df:98:f8:5e:a3:84:e4:a3:f8:28:
ea:0d:ed:6a:db:e8:8a:91:5b:f1:b3:c7:a5:5b:d7:
fc:46:ed:a8:02:a0:3e:38:94:c9:66:20:19:2e:44:
16:f8:d0:29:b1:d3:62:4f:78:87:95:18:ed:f3:bc:
0a:a8:81:6a:26:9a:cf:3c:78:4a:29:8a:79:49:dc:
98:36:0e:e0:6a:df:9c:2b:62:a6:88:15:2f:13:5f:
b6:a4:dd:17:bc:76:c6:da:89:79:49:2c:d1:27:e5:
a7:3d:8a:43:7a:ae:3d:c5:d9:58:12:04:79:aa:8d:
c7:75:7a:5d:a2:90:9a:b2:9d:6a:00:f7:ac:49:49:
cc:05:43:bd:ef:df:08:22:57:5b:c3:ff:fb:92:99:
65:9c:e8:af:3d:bb:5a:20:74:58:a6:db:91:f6:db:
29:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:6E:FB:BB:13:FA:35:2A:D6:D3:A2:07:AD:F2:AD:CF:7C:69:E9:2D
X509v3 Authority Key Identifier:
keyid:60:99:8D:3C:9D:8B:DC:9C:1D:FF:8E:31:94:24:41:2B:6C:DC:1D:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/cm77uxP6NSrW06IHrfKtz3xp6S0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.11.0/24
147.189.163.0/24
192.35.206.0/24
192.40.69.0/24
Signature Algorithm: sha256WithRSAEncryption
22:20:21:ed:72:f2:80:b0:32:f9:81:9c:f0:05:f0:88:74:3c:
59:58:63:10:30:c7:2b:43:73:8f:48:00:91:34:6b:4e:f1:3c:
64:53:a3:36:c3:f3:74:c3:15:73:ec:59:1c:aa:d3:18:36:93:
2d:dc:eb:d0:b1:b9:89:cf:3c:bb:96:58:bb:46:36:59:b0:aa:
02:0f:2e:9a:4a:80:29:8e:92:2c:99:e9:0d:7e:a3:4c:82:ea:
58:3f:ca:77:c3:1b:37:3b:bd:4f:dd:b7:d0:7e:b6:25:8a:e3:
5a:ef:55:66:1b:6b:e0:d5:4a:bf:e4:bd:e4:07:48:76:d1:8d:
77:18:27:e5:ca:39:bc:85:54:46:60:74:b6:a1:98:89:7b:43:
bc:0e:e9:b1:98:46:9b:f0:ec:39:0c:a9:35:9c:f0:ee:94:53:
50:70:c7:96:7e:a5:19:21:a9:f0:32:11:0d:db:37:1b:0c:9c:
7c:32:07:49:d1:b4:95:96:59:6d:97:5f:bd:d8:12:68:d4:f7:
b8:90:61:53:75:34:48:1e:2e:47:5b:8d:7e:75:fc:8d:f7:39:
3f:e6:7b:1c:3d:a9:c1:f0:16:b5:5c:c5:ca:60:62:4f:61:18:
e0:62:e0:a7:3d:99:a6:fc:d7:60:4b:07:de:40:63:c4:1c:4f:
5e:64:b6:52
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIECHgo1TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MDk5OGQzYzlkOGJkYzljMWRmZjhlMzE5NDI0NDEyYjZjZGMxZGQzMB4XDTIyMDYw
NzA4MzMyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzI2ZWZiYmIxM2Zh
MzUyYWQ2ZDNhMjA3YWRmMmFkY2Y3YzY5ZTkyZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMd31yujeJ9EF91QNeB54wM0wQNFilA3rQkbA2KUy9aFDuTN
GYqZX29XR+4u3OiybD+bouB8k+ryF/qkr3s0gt6GzJjaOxedwn7OAH+PxDXyL/Kf
Mx0cNNqFspB6AB3fmPheo4Tko/go6g3tatvoipFb8bPHpVvX/EbtqAKgPjiUyWYg
GS5EFvjQKbHTYk94h5UY7fO8CqiBaiaazzx4SimKeUncmDYO4GrfnCtipogVLxNf
tqTdF7x2xtqJeUks0Sflpz2KQ3quPcXZWBIEeaqNx3V6XaKQmrKdagD3rElJzAVD
ve/fCCJXW8P/+5KZZZzorz27WiB0WKbbkfbbKVUCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBRybvu7E/o1KtbToget8q3PfGnpLTAfBgNVHSMEGDAWgBRgmY08nYvcnB3/
jjGUJEErbNwd0zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lKbU5QSjJMM0p3ZF80NHhsQ1JCSzJ6Y0hkTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWMvNzc5YWU5LTdkMjItNDI1Mi04YzViLTBlYTRkNTMxYjc5My8x
L2NtNzd1eFA2TlNyVzA2SUhyZkt0ejN4cDZTMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWMv
Nzc5YWU5LTdkMjItNDI1Mi04YzViLTBlYTRkNTMxYjc5My8xL1lKbU5QSjJMM0p3
ZF80NHhsQ1JCSzJ6Y0hkTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAB8ZCwMEAJO9owMEAMAjzgMEAMAo
RTANBgkqhkiG9w0BAQsFAAOCAQEAIiAh7XLygLAy+YGc8AXwiHQ8WVhjEDDHK0Nz
j0gAkTRrTvE8ZFOjNsPzdMMVc+xZHKrTGDaTLdzr0LG5ic88u5ZYu0Y2WbCqAg8u
mkqAKY6SLJnpDX6jTILqWD/Kd8MbNzu9T9230H62JYrjWu9VZhtr4NVKv+S95AdI
dtGNdxgn5co5vIVURmB0tqGYiXtDvA7psZhGm/DsOQypNZzw7pRTUHDHln6lGSGp
8DIRDds3GwycfDIHSdG0lZZZbZdfvdgSaNT3uJBhU3U0SB4uR1uNfnX8jfc5P+Z7
HD2pwfAWtVzFymBiT2EY4GLgpz2ZpvzXYEsH3kBjxBxPXmS2Ug==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:37 2024 by rpki-client on console-fra.rpki-client.org