Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/d2MAr0UaM4Z-TrOsJRMRAZwi2Ls.roa
File: d2MAr0UaM4Z-TrOsJRMRAZwi2Ls.roa (raw, json)
Hash identifier: ZRfOOY+RIi1rAy7PyRrN/nPGQ2Pi3kOPuLXc6bRhrwk=
Subject key identifier: 77:63:00:AF:45:1A:33:86:7E:4E:B3:AC:25:13:11:01:9C:22:D8:BB
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 0187E256F79C830D9CA94D5A2BD95F3C1EAB
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/d2MAr0UaM4Z-TrOsJRMRAZwi2Ls.roa
Signing time: Wed 03 May 2023 15:59:22 +0000
ROA not before: Wed 03 May 2023 15:59:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21502
IP address blocks: 77.128.0.0/13 maxlen: 24
88.140.0.0/16 maxlen: 24
87.231.0.0/16 maxlen: 24
89.156.0.0/14 maxlen: 24
77.140.0.0/14 maxlen: 24
89.2.0.0/15 maxlen: 24
88.141.0.0/16 maxlen: 24
93.0.0.0/11 maxlen: 24
109.0.0.0/11 maxlen: 24
81.64.0.0/14 maxlen: 24
92.88.0.0/13 maxlen: 24
89.157.88.0/21 maxlen: 21
89.157.96.0/19 maxlen: 19
84.4.0.0/14 maxlen: 24
79.80.0.0/12 maxlen: 24
77.144.0.0/12 maxlen: 24
78.112.0.0/12 maxlen: 24
77.192.0.0/12 maxlen: 24
77.136.0.0/16 maxlen: 24
85.168.0.0/14 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e2:56:f7:9c:83:0d:9c:a9:4d:5a:2b:d9:5f:3c:1e:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: May 3 15:59:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=776300af451a33867e4eb3ac251311019c22d8bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:98:bb:5b:36:3f:ea:87:da:d6:51:35:10:2c:
50:eb:6b:f6:51:b9:39:d0:1d:b9:6e:43:af:b5:4c:
d0:8a:24:e3:95:53:94:71:90:1c:2d:80:b7:e3:6d:
ce:67:3e:9d:e7:7a:7a:c6:c4:0c:ba:0d:86:66:cb:
9e:fa:52:6e:24:71:17:9f:91:18:f6:be:98:e5:32:
17:a8:3c:65:37:16:5d:74:d3:0d:cd:1d:7a:3a:7b:
66:fc:ef:1f:62:6e:46:80:86:ad:3f:ed:2c:b7:92:
64:83:5f:7b:c7:fd:9d:53:f7:09:22:ae:1d:41:90:
9b:37:26:9c:ad:8c:f1:70:37:35:af:ea:64:ee:af:
1c:60:0f:ef:b3:61:9a:b7:6c:1f:70:21:38:9b:6f:
de:66:ec:6f:7c:2e:f4:2a:80:f8:40:d8:b3:13:e0:
f7:f9:7c:70:0a:cf:51:ad:6f:fa:f5:56:30:e2:cd:
21:da:90:21:2f:94:be:ef:da:d2:9f:42:b4:dc:77:
ae:45:52:05:2d:f2:c6:ac:35:15:d4:f3:28:6b:1e:
ea:e8:4b:1d:f5:1a:c7:3e:de:20:bd:0a:64:4a:ee:
ea:48:18:9e:b1:f3:3c:27:e5:5c:fb:b2:52:96:56:
bb:21:15:01:d2:a6:d3:02:67:fe:0f:6a:00:04:65:
70:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:63:00:AF:45:1A:33:86:7E:4E:B3:AC:25:13:11:01:9C:22:D8:BB
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/d2MAr0UaM4Z-TrOsJRMRAZwi2Ls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.128.0.0-77.136.255.255
77.140.0.0-77.159.255.255
77.192.0.0/12
78.112.0.0/12
79.80.0.0/12
81.64.0.0/14
84.4.0.0/14
85.168.0.0/14
87.231.0.0/16
88.140.0.0/15
89.2.0.0/15
89.156.0.0/14
92.88.0.0/13
93.0.0.0/11
109.0.0.0/11
Signature Algorithm: sha256WithRSAEncryption
4f:43:e0:2b:8b:98:0c:6f:da:c1:df:aa:23:ea:a7:5e:57:4f:
0f:fa:92:1f:5f:2a:6f:09:ae:dc:f3:01:17:cb:7c:78:08:c3:
3a:45:a0:1e:d9:10:b9:33:11:9e:bc:df:00:ef:a8:2f:5a:19:
a9:0c:af:97:be:bf:e7:42:51:a5:4c:c2:1e:7f:93:cd:a5:2e:
1d:fa:4d:a0:0f:9f:33:95:27:8e:7b:f6:4b:d0:67:71:fa:b8:
b4:76:81:74:33:91:86:48:5f:8a:3a:39:f4:a7:a6:8c:f6:c7:
ff:ba:95:74:76:20:0b:5d:5b:4e:8e:f3:68:2e:ec:0f:8e:38:
cd:11:57:88:32:28:18:a0:23:b0:8c:4f:db:cc:0d:53:28:cf:
3b:e2:57:ce:4e:d6:c2:ac:f9:66:54:1f:57:7a:d2:49:c5:55:
10:2f:7b:87:27:45:8b:2e:d9:64:56:09:fa:7e:70:65:8d:62:
66:0a:7e:4c:a6:ca:99:ba:27:a4:cb:86:8b:f2:bb:ff:c3:7c:
f5:aa:42:41:68:1b:37:3d:e1:3c:90:d8:bf:47:e9:7b:50:35:
79:0a:d1:82:1b:8f:ee:53:9a:38:10:ad:dc:3a:5c:8d:57:dc:
24:fa:82:0b:f2:94:74:ca:bb:73:b0:fe:33:7e:c0:63:ac:d1:
5b:d0:fc:64
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAYfiVvecgw2cqU1aK9lfPB6rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjMwNTAzMTU1OTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzYzMDBhZjQ1MWEzMzg2N2U0ZWIzYWMyNTEzMTEwMTljMjJkOGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZi7WzY/6ofa1lE1ECxQ62v2Ubk5
0B25bkOvtUzQiiTjlVOUcZAcLYC3423OZz6d53p6xsQMug2GZsue+lJuJHEXn5EY
9r6Y5TIXqDxlNxZddNMNzR16Ontm/O8fYm5GgIatP+0st5Jkg197x/2dU/cJIq4d
QZCbNyacrYzxcDc1r+pk7q8cYA/vs2Gat2wfcCE4m2/eZuxvfC70KoD4QNizE+D3
+XxwCs9RrW/69VYw4s0h2pAhL5S+79rSn0K03HeuRVIFLfLGrDUV1PMoax7q6Esd
9RrHPt4gvQpkSu7qSBiesfM8J+Vc+7JSlla7IRUB0qbTAmf+D2oABGVwbQIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFHdjAK9FGjOGfk6zrCUTEQGcIti7MB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvZDJNQXIwVWFNNFotVHJPc0pSTVJBWndpMkxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBfBAIAATBZMAoDAwdNgAMD
AE2IMAoDAwJNjAMDBU2AAwMETcADAwROcAMDBE9QAwMCUUADAwJUBAMDAlWoAwMA
V+cDAwFYjAMDAVkCAwMCWZwDAwNcWAMDBV0AAwMFbQAwDQYJKoZIhvcNAQELBQAD
ggEBAE9D4CuLmAxv2sHfqiPqp15XTw/6kh9fKm8JrtzzARfLfHgIwzpFoB7ZELkz
EZ683wDvqC9aGakMr5e+v+dCUaVMwh5/k82lLh36TaAPnzOVJ4579kvQZ3H6uLR2
gXQzkYZIX4o6OfSnpoz2x/+6lXR2IAtdW06O82gu7A+OOM0RV4gyKBigI7CMT9vM
DVMozzviV85O1sKs+WZUH1d60knFVRAve4cnRYsu2WRWCfp+cGWNYmYKfkymypm6
J6TLhovyu//DfPWqQkFoGzc94TyQ2L9H6XtQNXkK0YIbj+5TmjgQrdw6XI1X3CT6
ggvylHTKu3Ow/jN+wGOs0VvQ/GQ=
-----END CERTIFICATE-----
Generated at Sun May 11 04:16:09 2025 by rpki-client