Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/v2_yJfNc-ucQlJmecxu9NNFxwNY.roa
File: v2_yJfNc-ucQlJmecxu9NNFxwNY.roa (raw, json)
Hash identifier: ovpWYBuRBjRvzs5XrpEA4p/zqrTfy7cGXvtPfIhNfHg=
Subject key identifier: BF:6F:F2:25:F3:5C:FA:E7:10:94:99:9E:73:1B:BD:34:D1:71:C0:D6
Certificate issuer: /CN=58015cc8da1f1bbf343e26ab208df8bb26fd53ae
Certificate serial: 01853938153AE327571DE9605EE66256945E
Authority key identifier: 58:01:5C:C8:DA:1F:1B:BF:34:3E:26:AB:20:8D:F8:BB:26:FD:53:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WAFcyNofG780PiarII34uyb9U64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/v2_yJfNc-ucQlJmecxu9NNFxwNY.roa
Signing time: Thu 22 Dec 2022 09:44:14 +0000
ROA not before: Thu 22 Dec 2022 09:44:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39040
IP address blocks: 77.95.120.64/26 maxlen: 26
77.95.120.0/26 maxlen: 26
77.95.120.192/26 maxlen: 26
77.95.120.128/27 maxlen: 27
77.95.120.160/27 maxlen: 27
77.95.120.0/24 maxlen: 24
212.103.64.0/24 maxlen: 24
2a02:388::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:39:38:15:3a:e3:27:57:1d:e9:60:5e:e6:62:56:94:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58015cc8da1f1bbf343e26ab208df8bb26fd53ae
Validity
Not Before: Dec 22 09:44:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bf6ff225f35cfae71094999e731bbd34d171c0d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:79:de:59:b9:6e:49:da:05:bb:ee:43:e7:24:
de:d6:d9:d8:8f:0f:39:ca:da:78:2c:95:3c:76:77:
56:3b:a8:52:3d:e4:8c:df:c8:99:2d:35:80:81:ef:
69:64:60:d3:25:1a:4a:19:3f:d2:96:53:f0:d1:b5:
2c:36:28:82:52:a3:27:fe:27:a0:17:af:78:2c:b3:
71:6c:fe:47:39:33:55:37:5d:42:f1:91:a4:83:00:
40:9a:2c:54:f4:70:97:c0:07:7f:a3:fe:97:e8:cd:
cb:d8:8e:9b:4b:03:46:92:89:4c:8a:67:44:e6:0d:
57:a0:07:73:32:e8:aa:be:57:13:2e:d1:82:a0:86:
b0:c0:8f:e2:8d:ef:af:82:c8:27:fb:2a:60:0c:94:
69:4a:ac:12:8a:73:28:da:cd:c6:19:4b:13:9f:f0:
dc:65:68:3e:b6:63:95:9c:30:d9:3c:4b:e9:03:b8:
9b:bf:9e:76:40:60:29:63:bc:2f:ff:77:92:e8:1b:
ad:dd:8f:d6:64:4c:0f:3e:e4:19:e4:83:2c:a0:b7:
69:9b:ff:80:dd:6a:0f:2c:41:2a:68:ab:84:3b:2c:
d0:52:77:48:60:ed:1d:c9:0e:0f:f9:fd:7e:5e:ad:
9b:df:76:58:a7:a6:85:ad:b9:d8:27:ec:10:33:16:
d8:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:6F:F2:25:F3:5C:FA:E7:10:94:99:9E:73:1B:BD:34:D1:71:C0:D6
X509v3 Authority Key Identifier:
keyid:58:01:5C:C8:DA:1F:1B:BF:34:3E:26:AB:20:8D:F8:BB:26:FD:53:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WAFcyNofG780PiarII34uyb9U64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/v2_yJfNc-ucQlJmecxu9NNFxwNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/WAFcyNofG780PiarII34uyb9U64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.95.120.0/24
212.103.64.0/24
IPv6:
2a02:388::/32
Signature Algorithm: sha256WithRSAEncryption
2c:a6:a8:6b:1f:39:bf:df:b2:f1:c3:27:58:bc:f6:40:72:82:
bf:15:d3:ab:52:71:5d:d8:d3:eb:a2:f4:59:46:f2:e4:bd:6a:
f9:64:de:57:fc:d8:9a:26:c6:96:4f:78:95:be:62:1f:3e:4a:
e4:31:84:67:37:de:58:ba:27:ea:33:91:4b:a3:83:7f:c6:5a:
88:78:c9:c9:c5:a7:2d:74:1e:4e:67:be:29:08:69:43:17:8d:
28:cb:b5:f5:5f:77:7c:f4:2f:fc:1a:b9:35:af:7e:76:54:b2:
b1:1d:2a:22:fe:bf:7a:44:42:17:6e:92:3f:53:1e:e0:6a:a6:
cd:19:bf:6f:96:36:60:76:d9:e0:c8:e9:e6:fc:fd:66:80:d6:
17:c5:67:73:7b:27:a5:a3:13:4b:ac:3a:3a:26:05:dd:dd:f5:
3e:b5:e1:74:0e:3f:58:e8:b2:f0:49:a2:31:ec:dd:50:5d:40:
7d:5e:cc:a8:8f:88:61:01:43:53:dd:24:a2:6b:90:b1:33:67:
ee:88:55:5d:47:21:2a:81:14:73:ac:7d:5b:b5:f8:1e:dd:41:
48:4c:03:be:ad:d4:2d:a3:3a:9a:bb:2f:63:0c:90:a9:c8:8f:
16:1d:18:a0:c7:06:bb:e9:0e:21:dd:1d:77:99:2d:d2:35:88:
dd:3a:6f:2c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYU5OBU64ydXHelgXuZiVpReMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MDE1Y2M4ZGExZjFiYmYzNDNlMjZhYjIwOGRmOGJiMjZm
ZDUzYWUwHhcNMjIxMjIyMDk0NDE0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjZmZjIyNWYzNWNmYWU3MTA5NDk5OWU3MzFiYmQzNGQxNzFjMGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknneWbluSdoFu+5D5yTe1tnYjw85
ytp4LJU8dndWO6hSPeSM38iZLTWAge9pZGDTJRpKGT/SllPw0bUsNiiCUqMn/ieg
F694LLNxbP5HOTNVN11C8ZGkgwBAmixU9HCXwAd/o/6X6M3L2I6bSwNGkolMimdE
5g1XoAdzMuiqvlcTLtGCoIawwI/ije+vgsgn+ypgDJRpSqwSinMo2s3GGUsTn/Dc
ZWg+tmOVnDDZPEvpA7ibv552QGApY7wv/3eS6But3Y/WZEwPPuQZ5IMsoLdpm/+A
3WoPLEEqaKuEOyzQUndIYO0dyQ4P+f1+Xq2b33ZYp6aFrbnYJ+wQMxbYdwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFL9v8iXzXPrnEJSZnnMbvTTRccDWMB8GA1UdIwQY
MBaAFFgBXMjaHxu/ND4mqyCN+Lsm/VOuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0FGY3lOb2ZHNzgwUGlhcklJMzR1eWI5VTY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9kNDE3NWQtMTkyYy00MThjLTk3MmYt
OGVlMjFiNzRkZDU2LzEvdjJfeUpmTmMtdWNRbEptZWN4dTlOTkZ4d05ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9kNDE3NWQtMTkyYy00MThjLTk3MmYtOGVlMjFiNzRkZDU2
LzEvV0FGY3lOb2ZHNzgwUGlhcklJMzR1eWI5VTY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQATV94AwQA
1GdAMA0EAgACMAcDBQAqAgOIMA0GCSqGSIb3DQEBCwUAA4IBAQAspqhrHzm/37Lx
wydYvPZAcoK/FdOrUnFd2NProvRZRvLkvWr5ZN5X/NiaJsaWT3iVvmIfPkrkMYRn
N95YuifqM5FLo4N/xlqIeMnJxactdB5OZ74pCGlDF40oy7X1X3d89C/8Grk1r352
VLKxHSoi/r96REIXbpI/Ux7gaqbNGb9vljZgdtngyOnm/P1mgNYXxWdzeyeloxNL
rDo6JgXd3fU+teF0Dj9Y6LLwSaIx7N1QXUB9Xsyoj4hhAUNT3SSia5CxM2fuiFVd
RyEqgRRzrH1btfge3UFITAO+rdQtozqauy9jDJCpyI8WHRigxwa76Q4h3R13mS3S
NYjdOm8s
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:54 2023 by rpki-client on console.sobornost.net