Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/h3wAEtehUjec8E7uUx77tCivnYs.roa
File: h3wAEtehUjec8E7uUx77tCivnYs.roa (raw, json)
Hash identifier: syA0QVnllyd17Y9EUZSPF3ESQACeyIZG6f15GV8N+HU=
Subject key identifier: 87:7C:00:12:D7:A1:52:37:9C:F0:4E:EE:53:1E:FB:B4:28:AF:9D:8B
Certificate issuer: /CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Certificate serial: 01891E40CC855913111B71518FEB0F584948
Authority key identifier: D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/h3wAEtehUjec8E7uUx77tCivnYs.roa
Signing time: Tue 04 Jul 2023 00:15:10 +0000
ROA not before: Tue 04 Jul 2023 00:15:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 77.74.231.0/24 maxlen: 24
77.74.229.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1e:40:cc:85:59:13:11:1b:71:51:8f:eb:0f:58:49:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Validity
Not Before: Jul 4 00:15:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=877c0012d7a152379cf04eee531efbb428af9d8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:3a:98:21:3d:f6:4c:07:8c:ec:f8:72:c0:bf:
a7:c0:d6:e0:0f:7b:8c:8e:5e:4a:37:c7:5f:07:cd:
69:c9:ce:99:90:43:e2:43:1c:76:92:9b:e3:f3:c4:
08:77:14:77:7b:2f:8b:e8:c7:d6:99:e7:0f:52:74:
d5:04:6a:d0:e9:a7:56:8b:07:22:33:ee:e0:db:b0:
48:56:a7:f5:01:0a:6c:14:a2:5c:ac:43:a7:9a:e7:
5b:21:9b:22:6a:e1:9a:e1:92:77:be:70:6d:90:d0:
3c:d4:5d:cb:7e:22:a9:c3:00:a7:42:a5:0e:40:a4:
8b:a7:30:cb:4d:85:e6:ef:e8:74:cf:26:15:d9:8f:
7e:b0:f3:d4:49:48:3f:62:9d:f6:fb:2e:4a:70:78:
7d:0c:55:2d:74:0a:bf:c2:d1:c0:b0:f9:c5:df:1d:
99:f3:70:19:0f:ff:d4:5e:b9:13:f7:89:0f:3d:09:
4d:80:73:2c:62:cd:38:44:b7:2d:1f:ec:29:de:94:
ee:10:c2:52:a4:ab:27:83:37:59:aa:d6:aa:65:a6:
cd:69:2e:7e:b3:c0:3a:63:91:1d:2a:9a:e7:ba:93:
e4:cc:14:fd:b0:ad:8c:15:b8:2b:2d:e0:6b:c2:6b:
05:c8:d9:94:e2:f8:37:49:a2:43:4e:78:2e:0e:48:
be:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:7C:00:12:D7:A1:52:37:9C:F0:4E:EE:53:1E:FB:B4:28:AF:9D:8B
X509v3 Authority Key Identifier:
keyid:D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/h3wAEtehUjec8E7uUx77tCivnYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.74.229.0/24
77.74.231.0/24
Signature Algorithm: sha256WithRSAEncryption
92:34:fa:7d:ec:6c:4f:f1:dd:1c:d6:64:9d:8b:92:f6:f7:85:
33:36:fe:49:e4:27:dd:06:9d:2b:a7:b7:62:fa:be:2b:a3:e8:
73:8a:01:c8:85:04:cd:ed:e6:34:80:11:c7:61:58:d3:77:1f:
0f:ec:94:59:a3:19:89:f8:a1:ed:ef:42:9f:87:c4:8b:ee:f1:
f1:4b:6b:9a:f2:1a:3c:e5:e0:4a:cf:63:60:47:f6:1c:6b:e4:
c2:3b:44:bf:21:36:32:19:3d:db:ec:1e:e7:9c:c0:4e:78:a8:
1c:04:dd:02:df:91:4c:97:42:40:65:54:06:20:7f:85:5a:5b:
8b:0c:ec:b0:98:d6:7a:72:b9:ea:85:0b:e2:d3:d4:43:b5:1b:
3f:c9:9f:eb:1c:1f:20:7d:1f:c1:67:3f:06:b3:2b:6e:d9:20:
1a:12:f4:60:9d:b5:32:23:38:62:c3:83:6a:e3:19:3d:8b:6c:
af:ed:f0:fb:b8:43:0e:a6:52:e1:97:8a:0c:52:ef:f8:3c:39:
e1:e8:a3:e0:48:f1:8c:bb:cf:67:e1:04:d0:c2:ac:87:0d:e7:
eb:a9:0e:e0:52:32:3f:c6:1e:54:82:f9:6b:94:14:64:18:ef:
98:ba:82:66:1d:24:bc:c0:d9:df:bb:c2:ba:15:ed:22:18:21:
bd:ba:ea:4e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYkeQMyFWRMRG3FRj+sPWElIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YzYwYTBkMmQ3MGE5MzM3ZDBiZGE1NmQxYWQ1OTZhYzFm
NjljZGEwHhcNMjMwNzA0MDAxNTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzdjMDAxMmQ3YTE1MjM3OWNmMDRlZWU1MzFlZmJiNDI4YWY5ZDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDqYIT32TAeM7PhywL+nwNbgD3uM
jl5KN8dfB81pyc6ZkEPiQxx2kpvj88QIdxR3ey+L6MfWmecPUnTVBGrQ6adWiwci
M+7g27BIVqf1AQpsFKJcrEOnmudbIZsiauGa4ZJ3vnBtkNA81F3LfiKpwwCnQqUO
QKSLpzDLTYXm7+h0zyYV2Y9+sPPUSUg/Yp32+y5KcHh9DFUtdAq/wtHAsPnF3x2Z
83AZD//UXrkT94kPPQlNgHMsYs04RLctH+wp3pTuEMJSpKsngzdZqtaqZabNaS5+
s8A6Y5EdKprnupPkzBT9sK2MFbgrLeBrwmsFyNmU4vg3SaJDTnguDki+mwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFId8ABLXoVI3nPBO7lMe+7Qor52LMB8GA1UdIwQY
MBaAFNjGCg0tcKkzfQvaVtGtWWrB9pzaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUt
ZGQyOTRjMzc4ZjZjLzEvaDN3QUV0ZWhVamVjOEU3dVV4Nzd0Q2l2bllzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUtZGQyOTRjMzc4ZjZj
LzEvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATUrlAwQA
TUrnMA0GCSqGSIb3DQEBCwUAA4IBAQCSNPp97GxP8d0c1mSdi5L294UzNv5J5Cfd
Bp0rp7di+r4ro+hzigHIhQTN7eY0gBHHYVjTdx8P7JRZoxmJ+KHt70Kfh8SL7vHx
S2ua8ho85eBKz2NgR/Yca+TCO0S/ITYyGT3b7B7nnMBOeKgcBN0C35FMl0JAZVQG
IH+FWluLDOywmNZ6crnqhQvi09RDtRs/yZ/rHB8gfR/BZz8Gsytu2SAaEvRgnbUy
Izhiw4Nq4xk9i2yv7fD7uEMOplLhl4oMUu/4PDnh6KPgSPGMu89n4QTQwqyHDefr
qQ7gUjI/xh5UgvlrlBRkGO+YuoJmHSS8wNnfu8K6Fe0iGCG9uupO
-----END CERTIFICATE-----
Generated at Tue May 6 19:21:00 2025 by rpki-client