Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/54b0d0-e9fe-48d1-968d-9e243c2d8821/1/mVolJNgADGGL8EkhU9r2V2FbXH8.roa
File: mVolJNgADGGL8EkhU9r2V2FbXH8.roa (raw, json)
Hash identifier: SgoYqzN2shGMayAOFeqhwmf49d/nz1KlPYJaIzW3ERA=
Subject key identifier: 99:5A:25:24:D8:00:0C:61:8B:F0:49:21:53:DA:F6:57:61:5B:5C:7F
Certificate issuer: /CN=4df2c6fa54a8cc2dc71e802cf83f5c776ce974c9
Certificate serial: 0936A9D1
Authority key identifier: 4D:F2:C6:FA:54:A8:CC:2D:C7:1E:80:2C:F8:3F:5C:77:6C:E9:74:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TfLG-lSozC3HHoAs-D9cd2zpdMk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/54b0d0-e9fe-48d1-968d-9e243c2d8821/1/mVolJNgADGGL8EkhU9r2V2FbXH8.roa
Signing time: Sat 01 Jan 2022 11:04:35 +0000
ROA not before: Sat 01 Jan 2022 11:04:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35205
IP address blocks: 77.78.166.0/24 maxlen: 24
77.78.160.0/20 maxlen: 20
77.78.160.0/19 maxlen: 19
77.78.176.0/20 maxlen: 20
77.78.184.0/22 maxlen: 22
212.37.176.0/20 maxlen: 20
185.27.152.0/22 maxlen: 22
77.78.188.0/22 maxlen: 22
46.28.80.0/21 maxlen: 21
212.37.160.0/20 maxlen: 20
212.37.164.0/22 maxlen: 22
212.37.160.0/19 maxlen: 19
212.37.168.0/21 maxlen: 21
2a03:ed00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154577361 (0x936a9d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4df2c6fa54a8cc2dc71e802cf83f5c776ce974c9
Validity
Not Before: Jan 1 11:04:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=995a2524d8000c618bf0492153daf657615b5c7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:71:86:df:ff:54:55:69:37:cf:39:da:ad:b0:
09:ca:b0:c4:55:b5:7d:76:ed:2d:d6:db:96:25:9c:
33:62:33:8d:3f:ba:b9:08:5d:ab:2b:97:45:bb:e6:
5f:22:21:d7:60:f6:d9:6c:3e:8b:2e:76:4a:5c:5d:
d7:c1:ca:08:e1:63:e9:f2:55:bc:bc:4f:09:18:e7:
2d:e6:6d:51:fe:ee:7e:a5:71:2e:50:44:b6:34:a3:
31:4f:39:5b:f8:2b:41:bb:6b:eb:59:6c:2d:e4:18:
7d:49:78:41:2e:f9:8f:e0:e4:6c:c2:18:2c:5b:cf:
a8:69:3b:a4:00:46:c9:5d:18:64:ba:0d:c9:7e:dc:
90:73:f1:18:19:81:00:75:58:c9:66:dc:93:e8:4d:
bb:fa:21:b1:0d:e6:c3:db:68:2a:95:3e:8d:82:ae:
d9:36:11:21:07:8f:b8:9e:88:a0:55:53:24:a0:60:
54:72:f6:ad:3b:8b:be:54:60:c1:34:55:c1:c9:29:
78:0b:7f:4d:59:e9:51:57:ed:ea:62:eb:69:7a:8e:
26:96:e5:a6:3a:36:4b:bb:ff:43:97:01:f3:12:6c:
8d:07:c9:27:a5:b4:6b:1e:3f:09:20:51:a7:f0:ce:
28:dd:ae:ea:8a:76:c3:ff:66:65:c1:4d:73:2e:46:
01:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:5A:25:24:D8:00:0C:61:8B:F0:49:21:53:DA:F6:57:61:5B:5C:7F
X509v3 Authority Key Identifier:
keyid:4D:F2:C6:FA:54:A8:CC:2D:C7:1E:80:2C:F8:3F:5C:77:6C:E9:74:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TfLG-lSozC3HHoAs-D9cd2zpdMk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/54b0d0-e9fe-48d1-968d-9e243c2d8821/1/mVolJNgADGGL8EkhU9r2V2FbXH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/54b0d0-e9fe-48d1-968d-9e243c2d8821/1/TfLG-lSozC3HHoAs-D9cd2zpdMk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.80.0/21
77.78.160.0/19
185.27.152.0/22
212.37.160.0/19
IPv6:
2a03:ed00::/32
Signature Algorithm: sha256WithRSAEncryption
12:1e:87:c1:6f:71:64:40:fd:1d:cb:ea:2d:96:b0:27:19:7b:
0a:e0:d8:f0:60:66:62:ea:23:29:6e:a3:9b:13:75:e2:06:96:
4f:84:82:88:b3:46:97:cc:ee:c4:91:29:e2:e8:b2:a5:8a:f3:
1a:81:22:b3:5d:03:ec:e1:e0:53:a1:ac:c9:03:e9:32:ec:08:
85:e6:30:a8:58:e5:a8:25:0d:30:c4:6c:0b:1f:b2:3e:25:27:
2d:bf:85:c3:eb:af:44:cd:77:d5:3e:b7:84:9e:db:09:db:c7:
ff:58:a7:36:b9:7a:fb:f2:1b:55:8d:7c:f9:d6:ef:13:9d:2f:
24:41:c1:b0:3b:3b:ce:58:be:17:76:cd:da:9f:f7:db:fd:38:
7b:07:42:23:e4:a7:59:e7:15:2e:37:16:68:9c:37:81:c2:41:
32:3d:b6:ae:41:1b:b4:a9:21:60:09:fa:b2:1c:b3:b1:af:6b:
79:ce:f1:3d:7b:42:d4:54:09:83:65:09:07:3c:c2:6f:e9:d3:
48:a7:16:25:ef:c4:07:01:39:9e:f7:13:96:09:b3:b7:cf:27:
67:4f:0d:95:d0:94:ab:2a:3e:2d:9d:07:be:66:27:b0:3e:c0:
e0:01:9e:8b:5e:fb:34:d7:09:54:2c:a2:d7:33:cb:18:76:fb:
21:b1:67:49
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIECTap0TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZGYyYzZmYTU0YThjYzJkYzcxZTgwMmNmODNmNWM3NzZjZTk3NGM5MB4XDTIyMDEw
MTExMDQzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTk1YTI1MjRkODAw
MGM2MThiZjA0OTIxNTNkYWY2NTc2MTViNWM3ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIhxht//VFVpN8852q2wCcqwxFW1fXbtLdbbliWcM2IzjT+6
uQhdqyuXRbvmXyIh12D22Ww+iy52Slxd18HKCOFj6fJVvLxPCRjnLeZtUf7ufqVx
LlBEtjSjMU85W/grQbtr61lsLeQYfUl4QS75j+DkbMIYLFvPqGk7pABGyV0YZLoN
yX7ckHPxGBmBAHVYyWbck+hNu/ohsQ3mw9toKpU+jYKu2TYRIQePuJ6IoFVTJKBg
VHL2rTuLvlRgwTRVwckpeAt/TVnpUVft6mLraXqOJpblpjo2S7v/Q5cB8xJsjQfJ
J6W0ax4/CSBRp/DOKN2u6op2w/9mZcFNcy5GAW0CAwEAAaOCAiowggImMB0GA1Ud
DgQWBBSZWiUk2AAMYYvwSSFT2vZXYVtcfzAfBgNVHSMEGDAWgBRN8sb6VKjMLcce
gCz4P1x3bOl0yTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RmTEctbFNvekMzSEhvQXMtRDljZDJ6cGRNay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2MvNTRiMGQwLWU5ZmUtNDhkMS05NjhkLTllMjQzYzJkODgyMS8x
L21Wb2xKTmdBREdHTDhFa2hVOXIyVjJGYlhIOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Mv
NTRiMGQwLWU5ZmUtNDhkMS05NjhkLTllMjQzYzJkODgyMS8xL1RmTEctbFNvekMz
SEhvQXMtRDljZDJ6cGRNay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAy4cUAMEBU1OoAMEArkbmAMEBdQl
oDANBAIAAjAHAwUAKgPtADANBgkqhkiG9w0BAQsFAAOCAQEAEh6HwW9xZED9Hcvq
LZawJxl7CuDY8GBmYuojKW6jmxN14gaWT4SCiLNGl8zuxJEp4uiypYrzGoEis10D
7OHgU6GsyQPpMuwIheYwqFjlqCUNMMRsCx+yPiUnLb+Fw+uvRM131T63hJ7bCdvH
/1inNrl6+/IbVY18+dbvE50vJEHBsDs7zli+F3bN2p/32/04ewdCI+SnWecVLjcW
aJw3gcJBMj22rkEbtKkhYAn6shyzsa9rec7xPXtC1FQJg2UJBzzCb+nTSKcWJe/E
BwE5nvcTlgmzt88nZ08NldCUqyo+LZ0HvmYnsD7A4AGei177NNcJVCyi1zPLGHb7
IbFnSQ==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:24 2023 by rpki-client on console.sobornost.net