Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/OwVu3tJT7uhKw9BpMB1d3LXCpHM.roa
File: OwVu3tJT7uhKw9BpMB1d3LXCpHM.roa (raw, json)
Hash identifier: Njc40Ip5cq45GCtf2b21OC0DEHKjfGNO22lo4BDknqs=
Subject key identifier: 3B:05:6E:DE:D2:53:EE:E8:4A:C3:D0:69:30:1D:5D:DC:B5:C2:A4:73
Certificate issuer: /CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Certificate serial: 0187B32C5D68BD61DF1E9F26A2282110A7D8
Authority key identifier: 5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/OwVu3tJT7uhKw9BpMB1d3LXCpHM.roa
Signing time: Mon 24 Apr 2023 12:10:41 +0000
ROA not before: Mon 24 Apr 2023 12:10:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207353
IP address blocks: 77.220.216.0/21 maxlen: 24
185.62.100.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b3:2c:5d:68:bd:61:df:1e:9f:26:a2:28:21:10:a7:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Validity
Not Before: Apr 24 12:10:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b056eded253eee84ac3d069301d5ddcb5c2a473
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:c8:12:51:b1:af:91:2c:2f:e2:25:e5:2f:14:
67:e7:47:13:64:6c:da:c8:79:53:24:bd:87:3a:f0:
3a:5f:35:a2:ad:7b:a8:f5:6c:14:4c:3b:e8:e3:df:
da:5a:9b:95:c7:d1:48:96:08:24:6e:2f:b0:d7:96:
5a:2b:18:97:48:10:74:6c:6e:d8:50:c3:1b:85:1c:
ce:d3:84:2b:d3:3a:a7:ca:22:51:7b:ab:57:70:e8:
5b:bd:b0:20:e8:70:e8:bb:42:ed:e3:62:26:3a:9f:
d3:e0:c3:f0:79:99:37:6e:df:f0:25:d1:68:6f:29:
62:51:d7:7b:1c:0a:3c:5f:a2:f5:7f:0d:ed:b3:54:
6a:02:24:1f:ea:b1:25:d6:20:1b:b6:a7:60:b7:da:
47:32:49:cb:82:3e:66:35:ad:b5:c1:a8:38:c3:b5:
74:10:4e:ba:99:69:6f:0e:92:b5:3f:21:c8:df:f1:
56:b2:19:7f:d6:fc:64:19:a3:92:3c:df:a2:65:10:
21:82:46:f6:95:5e:9b:be:22:d5:75:30:2e:86:28:
e8:a6:65:a1:b2:98:0d:84:56:5e:02:73:06:9a:5a:
46:32:7b:13:b2:9b:2f:28:63:8b:13:68:2e:a3:4a:
e8:96:81:dd:ed:b9:58:02:dd:63:13:87:97:2f:ce:
b9:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:05:6E:DE:D2:53:EE:E8:4A:C3:D0:69:30:1D:5D:DC:B5:C2:A4:73
X509v3 Authority Key Identifier:
keyid:5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/OwVu3tJT7uhKw9BpMB1d3LXCpHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/XaQypOw7CsTKTk7OwOn01GtJevA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.220.216.0/21
185.62.100.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:c6:14:08:74:63:98:c6:cf:3e:53:e4:46:43:b2:86:7f:10:
53:e5:41:e0:8d:95:e2:be:52:57:90:cc:bf:b3:64:01:44:29:
b2:76:28:53:6c:5b:91:77:0f:a6:fb:d9:c1:89:6e:ab:19:e9:
9f:09:4e:73:b9:85:7a:d3:89:1e:38:32:46:7a:09:bd:43:1f:
ba:68:4e:d1:83:ec:30:dd:29:34:01:bb:cc:ee:4c:6b:5c:86:
25:60:1e:56:35:cb:53:49:be:0b:97:ff:cb:95:b3:f4:eb:1c:
00:d0:44:08:36:72:ad:5b:85:4c:f5:c6:19:51:8a:39:93:f7:
b1:90:f7:09:6c:a5:1c:a6:e1:d5:f6:fd:c3:92:31:5e:7c:3f:
05:66:ab:9b:09:92:61:b2:1f:2d:40:a5:7b:a9:b2:d9:cc:45:
b7:39:54:1c:5f:1c:ef:6f:08:ff:1b:9e:62:a7:b8:92:10:78:
59:61:d7:a4:45:87:18:83:9f:f6:2c:e8:43:e7:4e:a3:27:27:
16:46:ef:3e:e0:c9:e6:c7:13:aa:57:c2:29:87:e2:79:d2:0e:
d8:51:86:4f:f8:c4:53:4e:7d:07:56:5f:39:67:b5:fd:75:36:
c1:25:b3:b7:04:09:c7:22:80:44:d3:3d:6d:f9:b0:51:1a:f2:
2a:cd:fb:1a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYezLF1ovWHfHp8moighEKfYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTQzMmE0ZWMzYjBhYzRjYTRlNGVjZWMwZTlmNGQ0NmI0
OTdhZjAwHhcNMjMwNDI0MTIxMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjA1NmVkZWQyNTNlZWU4NGFjM2QwNjkzMDFkNWRkY2I1YzJhNDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk8gSUbGvkSwv4iXlLxRn50cTZGza
yHlTJL2HOvA6XzWirXuo9WwUTDvo49/aWpuVx9FIlggkbi+w15ZaKxiXSBB0bG7Y
UMMbhRzO04Qr0zqnyiJRe6tXcOhbvbAg6HDou0Lt42ImOp/T4MPweZk3bt/wJdFo
byliUdd7HAo8X6L1fw3ts1RqAiQf6rEl1iAbtqdgt9pHMknLgj5mNa21wag4w7V0
EE66mWlvDpK1PyHI3/FWshl/1vxkGaOSPN+iZRAhgkb2lV6bviLVdTAuhijopmWh
spgNhFZeAnMGmlpGMnsTspsvKGOLE2guo0roloHd7blYAt1jE4eXL865GwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDsFbt7SU+7oSsPQaTAdXdy1wqRzMB8GA1UdIwQY
MBaAFF2kMqTsOwrEyk5OzsDp9NRrSXrwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFReXBPdzdDc1RLVGs3T3dPbjAxR3RKZXZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85ZTg0N2YtNDE0Ni00NTY2LThjM2Ut
MWJhNTQzZWVhZWQ3LzEvT3dWdTN0SlQ3dWhLdzlCcE1CMWQzTFhDcEhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85ZTg0N2YtNDE0Ni00NTY2LThjM2UtMWJhNTQzZWVhZWQ3
LzEvWGFReXBPdzdDc1RLVGs3T3dPbjAxR3RKZXZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDTdzYAwQA
uT5kMA0GCSqGSIb3DQEBCwUAA4IBAQClxhQIdGOYxs8+U+RGQ7KGfxBT5UHgjZXi
vlJXkMy/s2QBRCmydihTbFuRdw+m+9nBiW6rGemfCU5zuYV604keODJGegm9Qx+6
aE7Rg+ww3Sk0AbvM7kxrXIYlYB5WNctTSb4Ll//LlbP06xwA0EQINnKtW4VM9cYZ
UYo5k/exkPcJbKUcpuHV9v3DkjFefD8FZqubCZJhsh8tQKV7qbLZzEW3OVQcXxzv
bwj/G55ip7iSEHhZYdekRYcYg5/2LOhD506jJycWRu8+4MnmxxOqV8Iph+J50g7Y
UYZP+MRTTn0HVl85Z7X9dTbBJbO3BAnHIoBE0z1t+bBRGvIqzfsa
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:50 2025 by rpki-client