Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/2ua4ymDW3myPqz0Z8UcWWANLZrs.roa
File: 2ua4ymDW3myPqz0Z8UcWWANLZrs.roa (raw, json)
Hash identifier: pp3/H7Hij7NOdiVcpRGpl2EWB7TG5gUznavZnymkMaM=
Subject key identifier: DA:E6:B8:CA:60:D6:DE:6C:8F:AB:3D:19:F1:47:16:58:03:4B:66:BB
Certificate issuer: /CN=22373571c90249bf2aa948e78bed13e08528b87e
Certificate serial: 0194126D9ADB5F1B3BC3102DD687AA18BB73
Authority key identifier: 22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/2ua4ymDW3myPqz0Z8UcWWANLZrs.roa
Signing time: Sun 29 Dec 2024 12:39:20 +0000
ROA not before: Sun 29 Dec 2024 12:39:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204812
IP address blocks: 77.104.124.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:12:6d:9a:db:5f:1b:3b:c3:10:2d:d6:87:aa:18:bb:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22373571c90249bf2aa948e78bed13e08528b87e
Validity
Not Before: Dec 29 12:39:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dae6b8ca60d6de6c8fab3d19f1471658034b66bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:bc:a6:dc:7d:1f:fe:37:f1:83:26:41:42:d7:
c2:4e:7a:f2:ad:81:bf:6d:26:08:13:ae:0e:af:16:
cb:97:71:6c:3d:8b:b8:b6:7d:6e:dd:e0:70:25:ef:
d2:68:1f:a8:dc:e7:fa:5a:14:9d:98:28:f6:97:ea:
fb:7c:fb:48:43:0c:a5:52:4d:8a:45:51:63:b8:8a:
08:c4:e4:54:88:30:94:51:33:94:0c:65:56:38:17:
41:7d:c4:73:30:f7:aa:c7:44:0e:d4:81:a0:0b:b9:
f8:39:dc:d3:a3:e2:c2:1a:64:0d:91:18:2c:06:40:
59:3c:36:ee:ea:8c:9a:74:33:0e:00:b7:51:93:b1:
09:cc:1c:a5:2b:68:a4:c9:35:a7:31:b1:4c:16:5e:
9d:9f:7f:e1:c9:e7:2e:fd:82:e2:2a:f6:9f:6e:73:
71:f5:d1:1d:95:e7:23:de:c3:44:99:10:95:e5:08:
93:71:37:95:fe:d7:66:35:d0:27:91:d5:b9:45:b3:
09:e4:de:bd:6c:9e:54:68:c0:9f:3a:80:26:6b:c2:
9c:ce:ad:f7:15:dd:ab:63:6a:c7:e4:e5:e5:65:e4:
ef:44:51:09:57:47:b2:31:6d:43:36:de:2b:7e:44:
a2:ba:38:5f:c2:f6:8a:3a:a1:0f:a9:7e:ae:dc:26:
85:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:E6:B8:CA:60:D6:DE:6C:8F:AB:3D:19:F1:47:16:58:03:4B:66:BB
X509v3 Authority Key Identifier:
keyid:22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/2ua4ymDW3myPqz0Z8UcWWANLZrs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.104.124.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:6c:55:e9:22:8d:68:df:ed:21:ca:e7:f8:b3:a9:22:04:d6:
ac:7d:f3:07:f8:7a:e0:23:f8:79:8a:ae:74:29:69:c8:a0:17:
55:c0:a8:c3:55:e8:f3:2e:39:e4:a5:a9:8b:cb:2e:0a:a4:4d:
aa:73:c5:da:67:71:9b:6a:1e:38:a3:49:e0:0e:6f:3e:e6:30:
52:e2:a1:cc:2b:7a:d2:72:85:40:e9:94:57:c6:15:4e:36:2a:
59:7a:55:31:01:ac:d9:be:2a:6a:c9:80:df:34:17:42:d1:51:
6a:b7:af:3d:a9:64:8b:cb:a2:11:20:8d:97:4f:52:dd:11:c3:
97:50:d9:e5:62:66:c1:b5:a4:ad:ae:a1:50:1f:bc:2d:24:08:
92:0b:1c:20:63:e2:f2:f5:7a:20:4e:31:33:52:bb:cb:b4:fc:
18:80:68:6f:e7:bf:35:ba:3b:a0:49:5c:43:36:0f:79:b4:95:
db:eb:ec:8b:ad:2d:b9:fd:87:fb:12:32:7a:24:7c:ce:3e:35:
13:1a:b4:03:65:50:1b:11:8c:26:2d:f0:e3:b1:33:a3:a5:f9:
b8:0d:f1:9c:64:66:5c:23:74:06:15:ab:76:c2:da:64:18:49:
ea:a1:e0:9c:b4:8b:8d:77:a1:57:e1:a9:e3:f8:d8:13:d4:32:
7c:66:31:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQSbZrbXxs7wxAt1oeqGLtzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMzczNTcxYzkwMjQ5YmYyYWE5NDhlNzhiZWQxM2UwODUy
OGI4N2UwHhcNMjQxMjI5MTIzOTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWU2YjhjYTYwZDZkZTZjOGZhYjNkMTlmMTQ3MTY1ODAzNGI2NmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4rym3H0f/jfxgyZBQtfCTnryrYG/
bSYIE64OrxbLl3FsPYu4tn1u3eBwJe/SaB+o3Of6WhSdmCj2l+r7fPtIQwylUk2K
RVFjuIoIxORUiDCUUTOUDGVWOBdBfcRzMPeqx0QO1IGgC7n4OdzTo+LCGmQNkRgs
BkBZPDbu6oyadDMOALdRk7EJzBylK2ikyTWnMbFMFl6dn3/hyecu/YLiKvafbnNx
9dEdlecj3sNEmRCV5QiTcTeV/tdmNdAnkdW5RbMJ5N69bJ5UaMCfOoAma8Kczq33
Fd2rY2rH5OXlZeTvRFEJV0eyMW1DNt4rfkSiujhfwvaKOqEPqX6u3CaFywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNrmuMpg1t5sj6s9GfFHFlgDS2a7MB8GA1UdIwQY
MBaAFCI3NXHJAkm/KqlI54vtE+CFKLh+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEt
YjQ1NDBjNzRjOTRiLzEvMnVhNHltRFczbXlQcXowWjhVY1dXQU5MWnJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEtYjQ1NDBjNzRjOTRi
LzEvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATWh8MA0G
CSqGSIb3DQEBCwUAA4IBAQAPbFXpIo1o3+0hyuf4s6kiBNasffMH+HrgI/h5iq50
KWnIoBdVwKjDVejzLjnkpamLyy4KpE2qc8XaZ3Gbah44o0ngDm8+5jBS4qHMK3rS
coVA6ZRXxhVONipZelUxAazZvipqyYDfNBdC0VFqt689qWSLy6IRII2XT1LdEcOX
UNnlYmbBtaStrqFQH7wtJAiSCxwgY+Ly9XogTjEzUrvLtPwYgGhv5781ujugSVxD
Ng95tJXb6+yLrS25/Yf7EjJ6JHzOPjUTGrQDZVAbEYwmLfDjsTOjpfm4DfGcZGZc
I3QGFat2wtpkGEnqoeCctIuNd6FX4anj+NgT1DJ8ZjF8
-----END CERTIFICATE-----
Generated at Sun Jul 27 05:17:11 2025 by rpki-client