Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/f8-CXLgTP_aRIZmycsd4RYS9gR8.roa
File: f8-CXLgTP_aRIZmycsd4RYS9gR8.roa (raw, json)
Hash identifier: BPyMTj/q7qzLcY0FKTU3jZaGjqCOj0kzTwZMEW195xI=
Subject key identifier: 7F:CF:82:5C:B8:13:3F:F6:91:21:99:B2:72:C7:78:45:84:BD:81:1F
Certificate issuer: /CN=d703642076d27e252fa90bf1a4296f8bcd9d0cf1
Certificate serial: 380ABED9
Authority key identifier: D7:03:64:20:76:D2:7E:25:2F:A9:0B:F1:A4:29:6F:8B:CD:9D:0C:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1wNkIHbSfiUvqQvxpClvi82dDPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/f8-CXLgTP_aRIZmycsd4RYS9gR8.roa
Signing time: Sat 01 Jan 2022 10:04:09 +0000
ROA not before: Sat 01 Jan 2022 10:04:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12301
IP address blocks: 77.221.32.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 940228313 (0x380abed9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d703642076d27e252fa90bf1a4296f8bcd9d0cf1
Validity
Not Before: Jan 1 10:04:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7fcf825cb8133ff6912199b272c7784584bd811f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:49:8f:0e:f3:73:cb:9a:0c:ee:57:3a:06:f4:
bf:3d:b2:8c:67:08:65:e3:46:05:e3:ce:26:c8:c9:
1c:dd:0d:38:83:16:ba:ef:61:0c:b8:d9:ab:a0:e3:
76:0c:3c:9f:84:0f:db:da:4b:dc:f8:9d:85:67:d0:
ba:b0:78:6d:25:43:80:a8:85:a2:8e:72:b2:90:34:
ef:ff:4b:5e:85:3f:5e:b1:b9:49:38:e5:46:dd:0f:
a1:dc:61:20:53:9e:03:d8:7a:5a:f5:8f:45:55:f3:
78:28:c5:2d:63:dc:39:f9:a1:b1:dc:29:e1:3f:01:
1d:1c:92:9b:45:c9:94:3a:cf:bd:e0:dc:6c:0f:97:
72:4e:77:fe:09:ce:51:05:4c:69:49:28:74:ae:f0:
a3:8b:f5:ae:ef:6c:26:83:f3:fa:df:35:7e:11:98:
34:9a:b5:58:d0:bc:c0:29:99:87:6f:97:55:7a:ec:
a5:6a:9a:53:79:d0:e4:88:01:06:88:85:08:f5:94:
c4:5e:65:33:54:1d:65:7a:62:39:b0:76:b0:53:23:
9f:f6:db:38:ca:de:b0:89:4e:78:cc:14:3e:cb:03:
f1:98:2f:1f:1f:86:ac:63:82:e1:d0:19:19:81:60:
37:af:0f:3d:44:81:5a:9a:60:c3:d4:54:6c:fb:34:
19:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:CF:82:5C:B8:13:3F:F6:91:21:99:B2:72:C7:78:45:84:BD:81:1F
X509v3 Authority Key Identifier:
keyid:D7:03:64:20:76:D2:7E:25:2F:A9:0B:F1:A4:29:6F:8B:CD:9D:0C:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1wNkIHbSfiUvqQvxpClvi82dDPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/f8-CXLgTP_aRIZmycsd4RYS9gR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/1wNkIHbSfiUvqQvxpClvi82dDPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.221.32.0/20
Signature Algorithm: sha256WithRSAEncryption
63:66:6d:8d:8c:38:20:5b:8e:88:43:94:84:64:85:f5:7b:75:
96:07:e9:cc:0b:02:10:b3:00:70:0f:d0:c0:86:e2:3b:d4:82:
cc:45:24:5c:fb:d4:22:bf:23:f8:c9:3f:a6:a9:97:7a:e1:42:
6f:b7:ca:1f:99:a0:58:fa:aa:59:e0:0d:00:ec:1b:f3:b5:f2:
f2:15:28:38:67:36:1b:17:3a:ed:55:df:ae:d8:ab:e5:57:5a:
ae:64:32:30:cb:55:7e:f0:7a:d3:ef:5e:5b:f7:db:78:e0:b6:
76:4d:81:67:99:7a:0d:72:f8:4c:b5:52:e8:47:fc:a5:2a:ab:
ab:8c:13:d7:c5:69:d2:c4:24:9e:63:16:5e:20:9f:6e:ea:6c:
f0:6e:ef:c6:f8:af:50:bc:a8:1d:6b:63:a2:3b:f7:e2:1c:25:
2c:f9:35:29:99:68:81:96:7b:a1:74:35:1b:bd:df:03:8c:19:
45:1f:64:02:d2:85:ad:8f:83:e1:a3:9f:05:96:ee:19:fe:b3:
10:69:c5:63:7c:5e:bf:5f:8e:9c:ab:70:23:5b:ff:59:8a:9d:
e1:63:df:e6:46:fb:34:2c:c4:7d:45:c5:21:89:26:f0:99:d8:
01:b3:75:63:7c:27:85:11:0c:23:a9:83:de:2e:b1:7d:33:5d:
32:83:ac:f7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOAq+2TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NzAzNjQyMDc2ZDI3ZTI1MmZhOTBiZjFhNDI5NmY4YmNkOWQwY2YxMB4XDTIyMDEw
MTEwMDQwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2ZjZjgyNWNiODEz
M2ZmNjkxMjE5OWIyNzJjNzc4NDU4NGJkODExZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALdJjw7zc8uaDO5XOgb0vz2yjGcIZeNGBePOJsjJHN0NOIMW
uu9hDLjZq6Djdgw8n4QP29pL3PidhWfQurB4bSVDgKiFoo5yspA07/9LXoU/XrG5
STjlRt0PodxhIFOeA9h6WvWPRVXzeCjFLWPcOfmhsdwp4T8BHRySm0XJlDrPveDc
bA+Xck53/gnOUQVMaUkodK7wo4v1ru9sJoPz+t81fhGYNJq1WNC8wCmZh2+XVXrs
pWqaU3nQ5IgBBoiFCPWUxF5lM1QdZXpiObB2sFMjn/bbOMresIlOeMwUPssD8Zgv
Hx+GrGOC4dAZGYFgN68PPUSBWppgw9RUbPs0GRkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR/z4JcuBM/9pEhmbJyx3hFhL2BHzAfBgNVHSMEGDAWgBTXA2QgdtJ+JS+p
C/GkKW+LzZ0M8TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzF3TmtJSGJTZmlVdnFRdnhwQ2x2aTgyZERQRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWEvMzgxMzZjLWRiNTEtNGY3MC1hZDhiLTY1NDUwNWEyZDA0NS8x
L2Y4LUNYTGdUUF9hUklabXljc2Q0UllTOWdSOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWEv
MzgxMzZjLWRiNTEtNGY3MC1hZDhiLTY1NDUwNWEyZDA0NS8xLzF3TmtJSGJTZmlV
dnFRdnhwQ2x2aTgyZERQRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBE3dIDANBgkqhkiG9w0BAQsFAAOC
AQEAY2ZtjYw4IFuOiEOUhGSF9Xt1lgfpzAsCELMAcA/QwIbiO9SCzEUkXPvUIr8j
+Mk/pqmXeuFCb7fKH5mgWPqqWeANAOwb87Xy8hUoOGc2Gxc67VXfrtir5VdarmQy
MMtVfvB60+9eW/fbeOC2dk2BZ5l6DXL4TLVS6Ef8pSqrq4wT18Vp0sQknmMWXiCf
bups8G7vxvivULyoHWtjojv34hwlLPk1KZlogZZ7oXQ1G73fA4wZRR9kAtKFrY+D
4aOfBZbuGf6zEGnFY3xev1+OnKtwI1v/WYqd4WPf5kb7NCzEfUXFIYkm8JnYAbN1
Y3wnhREMI6mD3i6xfTNdMoOs9w==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:14 2023 by rpki-client on console.sobornost.net