Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/e3bbc9-78c3-43a2-b9b0-48acef672e4a/1/Mglm7yQYNTT-j7YFxwDSnQkqt6A.roa
File: Mglm7yQYNTT-j7YFxwDSnQkqt6A.roa (raw, json)
Hash identifier: ovPvOSJb2Sn5+ZubPq5a6fE70NBbotgOjFDByCIP09E=
Subject key identifier: 32:09:66:EF:24:18:35:34:FE:8F:B6:05:C7:00:D2:9D:09:2A:B7:A0
Certificate issuer: /CN=bd82e60d072e5185435a900e323f463806d433c9
Certificate serial: 19188238
Authority key identifier: BD:82:E6:0D:07:2E:51:85:43:5A:90:0E:32:3F:46:38:06:D4:33:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vYLmDQcuUYVDWpAOMj9GOAbUM8k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/e3bbc9-78c3-43a2-b9b0-48acef672e4a/1/Mglm7yQYNTT-j7YFxwDSnQkqt6A.roa
Signing time: Sat 01 Jan 2022 09:03:36 +0000
ROA not before: Sat 01 Jan 2022 09:03:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43356
IP address blocks: 77.92.2.0/24 maxlen: 24
77.92.3.0/24 maxlen: 24
77.92.1.0/24 maxlen: 24
77.92.4.0/24 maxlen: 24
193.201.131.0/24 maxlen: 24
193.201.129.0/24 maxlen: 24
193.201.130.0/24 maxlen: 24
77.92.8.0/22 maxlen: 22
77.92.6.0/24 maxlen: 24
77.92.7.0/24 maxlen: 24
193.201.128.0/24 maxlen: 24
77.92.5.0/24 maxlen: 24
77.92.16.0/22 maxlen: 22
77.92.15.0/24 maxlen: 24
77.92.13.0/24 maxlen: 24
77.92.14.0/24 maxlen: 24
77.92.12.0/24 maxlen: 24
77.92.23.0/24 maxlen: 24
77.92.22.0/24 maxlen: 24
77.92.20.0/24 maxlen: 24
77.92.21.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 421036600 (0x19188238)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd82e60d072e5185435a900e323f463806d433c9
Validity
Not Before: Jan 1 09:03:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=320966ef24183534fe8fb605c700d29d092ab7a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:81:28:0e:c7:32:1e:db:60:c4:b9:e0:49:57:
61:05:d0:08:62:0c:4c:a0:81:a4:0e:20:1c:c6:8f:
81:b3:f2:24:1d:9e:d1:9c:4b:71:80:26:2d:ac:17:
4b:ad:f6:36:32:5c:5c:86:05:57:55:7f:7e:e0:d3:
d8:7d:25:3d:e3:07:2c:53:f3:7b:68:11:4f:07:5a:
39:64:e5:03:a3:8a:79:92:ba:74:e0:02:9b:64:53:
9b:d4:5a:c8:f4:99:8e:5b:e8:d7:f3:5c:42:c1:d1:
60:6b:33:a3:a0:15:a1:b0:71:dd:8d:c8:b8:94:38:
d4:a1:e9:6a:d9:20:58:58:29:c0:26:90:5d:47:6d:
17:12:0e:26:04:bf:e9:40:8d:f7:4f:b2:d3:17:b7:
42:e5:bc:79:08:d8:9b:62:8c:24:95:0e:13:35:bf:
ef:45:c5:0c:9a:e6:9f:81:3a:9d:30:12:69:4b:39:
4a:82:28:99:a4:1d:7d:3d:80:dc:d7:9d:f6:56:1e:
fe:77:f0:d7:5d:87:92:f8:b0:90:28:01:bf:6f:8b:
4d:47:8c:43:81:68:9a:6e:1c:6b:60:35:30:e8:ab:
80:aa:2c:c8:55:01:f8:ba:25:19:70:6c:bd:31:66:
d2:89:fc:d0:77:cd:0b:88:ae:dd:9f:c0:72:83:bc:
59:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:09:66:EF:24:18:35:34:FE:8F:B6:05:C7:00:D2:9D:09:2A:B7:A0
X509v3 Authority Key Identifier:
keyid:BD:82:E6:0D:07:2E:51:85:43:5A:90:0E:32:3F:46:38:06:D4:33:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vYLmDQcuUYVDWpAOMj9GOAbUM8k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/e3bbc9-78c3-43a2-b9b0-48acef672e4a/1/Mglm7yQYNTT-j7YFxwDSnQkqt6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/e3bbc9-78c3-43a2-b9b0-48acef672e4a/1/vYLmDQcuUYVDWpAOMj9GOAbUM8k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.92.1.0-77.92.23.255
193.201.128.0/22
Signature Algorithm: sha256WithRSAEncryption
67:99:37:17:e7:6b:2b:08:48:8e:94:7b:ff:c1:76:59:4a:e3:
4d:97:e7:84:0f:82:3e:e7:f8:57:c9:7a:a1:66:04:ec:46:3a:
4e:31:96:c3:0d:69:7d:16:3c:42:ef:a0:9e:0f:6b:a1:83:e1:
3f:0a:67:de:aa:86:f8:45:de:b7:19:b6:53:a7:48:34:d8:a6:
ac:84:83:16:fc:82:0a:48:99:6d:1c:d4:29:0c:00:02:fc:2f:
f3:0d:03:ff:e2:67:59:79:d7:ef:20:25:ba:08:b4:48:6f:f5:
80:d0:6d:29:44:e0:97:e7:0a:8d:5c:bb:85:07:28:13:08:f8:
39:e8:f3:9f:01:d2:32:db:34:b3:2f:4d:f7:f9:38:55:b1:5a:
85:df:3c:43:6f:31:aa:4d:f8:0e:3d:b1:50:b8:bb:c3:fa:97:
74:db:ea:5b:9a:17:68:5f:65:9b:f8:25:28:98:5d:e2:19:ab:
28:ba:b1:98:f7:a9:f7:7e:71:e5:eb:0f:b4:12:65:fa:9b:4e:
44:83:4d:d6:3a:43:1e:2d:9c:62:69:2a:4e:17:19:6e:04:65:
f7:bf:62:3e:54:c8:b6:2a:c7:99:c5:d0:dc:a6:75:12:0b:46:
ec:66:f8:e4:29:93:32:2e:a2:fe:cb:d9:bf:1c:8f:cb:48:1d:
f1:13:1d:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEGRiCODANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZDgyZTYwZDA3MmU1MTg1NDM1YTkwMGUzMjNmNDYzODA2ZDQzM2M5MB4XDTIyMDEw
MTA5MDMzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzIwOTY2ZWYyNDE4
MzUzNGZlOGZiNjA1YzcwMGQyOWQwOTJhYjdhMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANOBKA7HMh7bYMS54ElXYQXQCGIMTKCBpA4gHMaPgbPyJB2e
0ZxLcYAmLawXS632NjJcXIYFV1V/fuDT2H0lPeMHLFPze2gRTwdaOWTlA6OKeZK6
dOACm2RTm9RayPSZjlvo1/NcQsHRYGszo6AVobBx3Y3IuJQ41KHpatkgWFgpwCaQ
XUdtFxIOJgS/6UCN90+y0xe3QuW8eQjYm2KMJJUOEzW/70XFDJrmn4E6nTASaUs5
SoIomaQdfT2A3Ned9lYe/nfw112HkviwkCgBv2+LTUeMQ4Fomm4ca2A1MOirgKos
yFUB+LolGXBsvTFm0on80HfNC4iu3Z/AcoO8WQ0CAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBQyCWbvJBg1NP6PtgXHANKdCSq3oDAfBgNVHSMEGDAWgBS9guYNBy5RhUNa
kA4yP0Y4BtQzyTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZZTG1EUWN1VVlWRFdwQU9NajlHT0FiVU04ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjAvZTNiYmM5LTc4YzMtNDNhMi1iOWIwLTQ4YWNlZjY3MmU0YS8x
L01nbG03eVFZTlRULWo3WUZ4d0RTblFrcXQ2QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjAv
ZTNiYmM5LTc4YzMtNDNhMi1iOWIwLTQ4YWNlZjY3MmU0YS8xL3ZZTG1EUWN1VVlW
RFdwQU9NajlHT0FiVU04ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFDAMAwQATVwBAwQDTVwQAwQCwcmAMA0G
CSqGSIb3DQEBCwUAA4IBAQBnmTcX52srCEiOlHv/wXZZSuNNl+eED4I+5/hXyXqh
ZgTsRjpOMZbDDWl9FjxC76CeD2uhg+E/Cmfeqob4Rd63GbZTp0g02KashIMW/IIK
SJltHNQpDAAC/C/zDQP/4mdZedfvICW6CLRIb/WA0G0pROCX5wqNXLuFBygTCPg5
6POfAdIy2zSzL033+ThVsVqF3zxDbzGqTfgOPbFQuLvD+pd02+pbmhdoX2Wb+CUo
mF3iGasourGY96n3fnHl6w+0EmX6m05Eg03WOkMeLZxiaSpOFxluBGX3v2I+VMi2
KseZxdDcpnUSC0bsZvjkKZMyLqL+y9m/HI/LSB3xEx26
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:00 2024 by rpki-client on console-ams.rpki-client.org