Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/9c27c2-fdbe-4e39-ba92-1d5d945a05a3/1/DF5XnIPdzKwBC_mYRsFInB9OroM.roa
File: DF5XnIPdzKwBC_mYRsFInB9OroM.roa (raw, json)
Hash identifier: kX3jOqA9xxQUHP0bxR/0jHxGNx7YJjLyLWeZO5jc6jA=
Subject key identifier: 0C:5E:57:9C:83:DD:CC:AC:01:0B:F9:98:46:C1:48:9C:1F:4E:AE:83
Certificate issuer: /CN=12ef9e49fecf2509eb6769eee2cdd4a5253b71c5
Certificate serial: 01845D0C88444FA36B51F5405BC6A9040964
Authority key identifier: 12:EF:9E:49:FE:CF:25:09:EB:67:69:EE:E2:CD:D4:A5:25:3B:71:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Eu-eSf7PJQnrZ2nu4s3UpSU7ccU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/9c27c2-fdbe-4e39-ba92-1d5d945a05a3/1/DF5XnIPdzKwBC_mYRsFInB9OroM.roa
Signing time: Wed 09 Nov 2022 15:40:13 +0000
ROA not before: Wed 09 Nov 2022 15:40:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39246
IP address blocks: 77.78.134.0/24 maxlen: 24
77.78.133.0/24 maxlen: 24
77.78.139.0/24 maxlen: 24
77.78.138.0/24 maxlen: 24
77.78.137.0/24 maxlen: 24
77.78.136.0/24 maxlen: 24
77.78.135.0/24 maxlen: 24
77.78.143.0/24 maxlen: 24
77.78.142.0/24 maxlen: 24
77.78.141.0/24 maxlen: 24
77.78.140.0/24 maxlen: 24
77.78.132.0/24 maxlen: 24
77.78.131.0/24 maxlen: 24
77.78.129.0/24 maxlen: 24
77.78.128.0/24 maxlen: 24
109.121.132.0/24 maxlen: 24
109.121.131.0/24 maxlen: 24
109.121.130.0/24 maxlen: 24
109.121.129.0/24 maxlen: 24
109.121.151.0/24 maxlen: 24
109.121.150.0/24 maxlen: 24
109.121.149.0/24 maxlen: 24
109.121.148.0/24 maxlen: 24
109.121.155.0/24 maxlen: 24
109.121.154.0/24 maxlen: 24
109.121.158.0/24 maxlen: 24
109.121.157.0/24 maxlen: 24
109.121.156.0/24 maxlen: 24
109.121.164.0/24 maxlen: 24
31.193.189.0/24 maxlen: 24
62.192.132.0/24 maxlen: 24
62.192.133.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:5d:0c:88:44:4f:a3:6b:51:f5:40:5b:c6:a9:04:09:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12ef9e49fecf2509eb6769eee2cdd4a5253b71c5
Validity
Not Before: Nov 9 15:40:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0c5e579c83ddccac010bf99846c1489c1f4eae83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:33:ec:1f:22:77:02:25:42:f8:b6:eb:1b:b7:
ba:fe:ab:31:22:a4:3b:2a:9a:fc:57:e2:ca:2a:96:
ff:06:fa:c1:9b:60:c6:e4:27:56:df:5b:03:c1:81:
47:3f:87:00:d0:b3:e7:0d:fb:f6:73:60:43:fc:8a:
ba:52:35:64:69:22:7d:ed:2e:76:94:0b:7c:7f:bb:
51:25:be:51:ac:cc:a4:7b:98:fd:f6:cb:64:cf:78:
0c:3d:71:3a:29:da:1a:ec:a7:e4:f5:8c:e4:03:35:
e2:5c:01:19:d4:61:51:7f:f0:bb:4c:8c:d1:1e:b9:
97:49:e3:e9:5f:2e:1b:a0:9b:f8:c7:31:6a:38:ea:
b7:ce:4f:d7:3d:2f:15:f6:dc:1a:a8:07:b3:9b:2a:
97:96:b7:70:41:2c:9c:2a:f9:73:48:08:c6:e2:cd:
43:4d:d3:f6:ff:8e:5d:3f:d9:3b:07:d6:81:b4:22:
c6:10:e2:b7:ef:cf:0f:fe:6b:f0:fd:67:e6:2e:2d:
ad:86:ac:e1:e5:24:5f:c6:39:59:b1:34:97:21:d5:
33:d7:5a:4d:60:78:2a:c0:e2:e3:95:8d:3f:ad:92:
7b:e0:bb:76:ad:aa:2a:7f:4a:53:2b:7c:98:af:fb:
4f:8b:4d:a4:42:a7:c9:77:81:e6:21:29:ea:74:56:
69:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:5E:57:9C:83:DD:CC:AC:01:0B:F9:98:46:C1:48:9C:1F:4E:AE:83
X509v3 Authority Key Identifier:
keyid:12:EF:9E:49:FE:CF:25:09:EB:67:69:EE:E2:CD:D4:A5:25:3B:71:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Eu-eSf7PJQnrZ2nu4s3UpSU7ccU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/9c27c2-fdbe-4e39-ba92-1d5d945a05a3/1/DF5XnIPdzKwBC_mYRsFInB9OroM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/9c27c2-fdbe-4e39-ba92-1d5d945a05a3/1/Eu-eSf7PJQnrZ2nu4s3UpSU7ccU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.189.0/24
62.192.132.0/23
77.78.128.0/23
77.78.131.0-77.78.143.255
109.121.129.0-109.121.132.255
109.121.148.0/22
109.121.154.0-109.121.158.255
109.121.164.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:52:00:ba:04:a4:4f:4d:8b:a0:53:cf:79:d1:ac:0a:8d:43:
52:cd:9d:7a:79:07:92:70:f0:4b:e2:a9:25:36:1f:30:26:02:
55:0c:87:1c:0f:0f:52:dc:75:dc:3b:58:e4:82:7f:b7:40:be:
49:45:d9:9c:3d:18:0f:2f:df:72:f9:95:3f:dd:e1:a8:a7:e0:
1d:55:54:55:5f:6c:3f:ee:7a:be:8a:9f:25:29:76:9a:32:b6:
80:7b:8b:15:66:0e:21:97:60:de:14:21:3e:43:86:29:1b:6d:
47:fa:cd:5e:72:44:56:50:ec:df:12:d6:16:7c:35:97:90:b6:
4a:7e:03:f0:6f:5a:21:ef:45:c1:01:6a:1d:5b:56:3c:36:6a:
49:9d:91:48:70:d4:54:58:8c:0b:75:64:b9:33:b5:e1:8b:4b:
a8:8a:8e:51:db:a9:db:8d:e8:fd:b5:50:15:c9:8e:17:d1:e4:
a7:02:b9:f4:c6:0d:85:3a:a9:a8:d1:ea:8d:ae:c8:ef:bc:36:
f9:f4:36:7f:9f:aa:47:21:d8:23:2b:35:df:0e:db:3a:bd:3d:
39:e3:0c:d5:a1:51:f5:81:f5:f3:e8:fb:a8:e5:9a:d1:22:d6:
4d:69:ad:52:92:e5:29:89:0c:9f:7d:19:e7:44:d5:91:d6:72:
c1:4e:0d:37
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYRdDIhET6NrUfVAW8apBAlkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyZWY5ZTQ5ZmVjZjI1MDllYjY3NjllZWUyY2RkNGE1MjUz
YjcxYzUwHhcNMjIxMTA5MTU0MDEzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzVlNTc5YzgzZGRjY2FjMDEwYmY5OTg0NmMxNDg5YzFmNGVhZTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTPsHyJ3AiVC+LbrG7e6/qsxIqQ7
Kpr8V+LKKpb/BvrBm2DG5CdW31sDwYFHP4cA0LPnDfv2c2BD/Iq6UjVkaSJ97S52
lAt8f7tRJb5RrMyke5j99stkz3gMPXE6Kdoa7Kfk9YzkAzXiXAEZ1GFRf/C7TIzR
HrmXSePpXy4boJv4xzFqOOq3zk/XPS8V9twaqAezmyqXlrdwQSycKvlzSAjG4s1D
TdP2/45dP9k7B9aBtCLGEOK3788P/mvw/WfmLi2thqzh5SRfxjlZsTSXIdUz11pN
YHgqwOLjlY0/rZJ74Lt2raoqf0pTK3yYr/tPi02kQqfJd4HmISnqdFZpgwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFAxeV5yD3cysAQv5mEbBSJwfTq6DMB8GA1UdIwQY
MBaAFBLvnkn+zyUJ62dp7uLN1KUlO3HFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXUtZVNmN1BKUW5yWjJudTRzM1VwU1U3Y2NVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS85YzI3YzItZmRiZS00ZTM5LWJhOTIt
MWQ1ZDk0NWEwNWEzLzEvREY1WG5JUGR6S3dCQ19tWVJzRkluQjlPcm9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS85YzI3YzItZmRiZS00ZTM5LWJhOTItMWQ1ZDk0NWEwNWEz
LzEvRXUtZVNmN1BKUW5yWjJudTRzM1VwU1U3Y2NVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAH8G9AwQB
PsCEAwQBTU6AMAwDBABNToMDBARNToAwDAMEAG15gQMEAG15hAMEAm15lDAMAwQB
bXmaAwQAbXmeAwQAbXmkMA0GCSqGSIb3DQEBCwUAA4IBAQBaUgC6BKRPTYugU895
0awKjUNSzZ16eQeScPBL4qklNh8wJgJVDIccDw9S3HXcO1jkgn+3QL5JRdmcPRgP
L99y+ZU/3eGop+AdVVRVX2w/7nq+ip8lKXaaMraAe4sVZg4hl2DeFCE+Q4YpG21H
+s1eckRWUOzfEtYWfDWXkLZKfgPwb1oh70XBAWodW1Y8NmpJnZFIcNRUWIwLdWS5
M7Xhi0uoio5R26nbjej9tVAVyY4X0eSnArn0xg2FOqmo0eqNrsjvvDb59DZ/n6pH
IdgjKzXfDts6vT054wzVoVH1gfXz6Puo5ZrRItZNaa1SkuUpiQyffRnnRNWR1nLB
Tg03
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:35 2023 by rpki-client on console-ams.rpki-client.org