Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/uR77PLNJB6um1xfMkSrW3FbItdo.roa
File: uR77PLNJB6um1xfMkSrW3FbItdo.roa (raw, json)
Hash identifier: j+JfeWsvqy7uwvBZJGC1w3A+HBU2uXKKTa8kHjNboSQ=
Subject key identifier: B9:1E:FB:3C:B3:49:07:AB:A6:D7:17:CC:91:2A:D6:DC:56:C8:B5:DA
Certificate issuer: /CN=1847b59d21ea36b3062fca80ce75c1616af5119a
Certificate serial: 018834BCBDA9051F760E6A779B9C2114FA9C
Authority key identifier: 18:47:B5:9D:21:EA:36:B3:06:2F:CA:80:CE:75:C1:61:6A:F5:11:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GEe1nSHqNrMGL8qAznXBYWr1EZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/uR77PLNJB6um1xfMkSrW3FbItdo.roa
Signing time: Fri 19 May 2023 15:59:24 +0000
ROA not before: Fri 19 May 2023 15:59:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48716
IP address blocks: 185.146.0.0/22 maxlen: 24
185.102.72.0/22 maxlen: 24
195.93.152.0/23 maxlen: 24
195.49.208.0/21 maxlen: 24
109.233.108.0/22 maxlen: 32
77.240.38.0/23 maxlen: 24
94.247.128.0/21 maxlen: 24
91.215.137.0/24 maxlen: 32
91.215.136.0/22 maxlen: 24
91.215.136.0/24 maxlen: 24
91.215.139.0/24 maxlen: 32
185.4.180.0/22 maxlen: 24
195.210.46.0/23 maxlen: 24
91.201.214.0/23 maxlen: 24
185.22.64.0/22 maxlen: 24
78.40.108.0/23 maxlen: 24
89.219.32.0/22 maxlen: 24
194.110.54.0/23 maxlen: 24
77.243.80.0/23 maxlen: 24
194.39.64.0/23 maxlen: 24
194.39.64.0/22 maxlen: 24
185.35.222.0/23 maxlen: 24
194.39.67.0/24 maxlen: 24
194.39.66.0/24 maxlen: 24
2a00:5da0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:34:bc:bd:a9:05:1f:76:0e:6a:77:9b:9c:21:14:fa:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1847b59d21ea36b3062fca80ce75c1616af5119a
Validity
Not Before: May 19 15:59:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b91efb3cb34907aba6d717cc912ad6dc56c8b5da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:15:2d:f9:63:d7:8d:6a:2d:a4:db:66:25:85:
c7:8f:e8:56:8a:dd:d7:b7:0b:a3:b8:a4:7b:cf:f3:
ba:22:2c:b4:d5:7e:e0:36:40:7b:66:22:17:86:02:
92:0e:3a:3f:58:ac:dc:57:4c:ff:23:1b:41:01:e6:
15:45:ff:59:9b:46:ff:83:2f:b6:ef:9d:a3:27:6e:
28:9f:df:a7:76:c9:40:0c:02:c6:84:7b:21:4d:56:
e7:d0:1b:2b:5a:2b:30:c9:6a:61:11:8b:cd:13:bf:
2f:26:95:1b:de:db:33:0b:3c:76:0d:c9:f9:53:9d:
86:af:b0:3f:27:75:ee:ca:58:b0:ca:c2:89:20:ca:
54:17:ff:6b:96:3f:ad:fe:7e:58:94:b6:08:be:f7:
d6:b9:0f:33:73:c6:08:e2:7d:46:68:3f:6d:a3:f9:
4f:e6:e0:80:b8:37:b6:58:15:72:56:35:97:f7:df:
9c:27:f1:e6:96:98:05:07:8b:32:84:a4:60:20:ac:
76:ef:fb:dd:55:9b:4f:50:6f:15:b5:03:e4:60:27:
61:cc:e0:18:e8:61:1b:e3:eb:cf:e4:dc:dc:9b:9f:
45:e8:62:ea:7a:06:2a:4c:79:38:ba:97:22:61:3c:
5f:4e:28:70:6b:72:c5:b0:a4:40:a1:25:80:27:0f:
58:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:1E:FB:3C:B3:49:07:AB:A6:D7:17:CC:91:2A:D6:DC:56:C8:B5:DA
X509v3 Authority Key Identifier:
keyid:18:47:B5:9D:21:EA:36:B3:06:2F:CA:80:CE:75:C1:61:6A:F5:11:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GEe1nSHqNrMGL8qAznXBYWr1EZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/uR77PLNJB6um1xfMkSrW3FbItdo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/GEe1nSHqNrMGL8qAznXBYWr1EZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.240.38.0/23
77.243.80.0/23
78.40.108.0/23
89.219.32.0/22
91.201.214.0/23
91.215.136.0/22
94.247.128.0/21
109.233.108.0/22
185.4.180.0/22
185.22.64.0/22
185.35.222.0/23
185.102.72.0/22
185.146.0.0/22
194.39.64.0/22
194.110.54.0/23
195.49.208.0/21
195.93.152.0/23
195.210.46.0/23
IPv6:
2a00:5da0::/32
Signature Algorithm: sha256WithRSAEncryption
06:2b:f1:f3:42:25:17:82:e5:fe:af:ee:db:be:96:49:37:a7:
03:32:d0:77:c8:5e:54:eb:c6:4f:e2:d4:5a:d9:37:5e:72:07:
1f:74:4a:ce:c0:cc:8c:31:83:36:cd:11:5a:f0:a1:d6:d7:dc:
cf:80:a6:dd:ef:dd:de:b0:0e:b5:24:b8:54:04:af:1a:82:87:
d6:93:60:bd:cb:29:2b:af:02:54:33:a8:1a:6b:c8:00:99:9b:
00:90:fd:0b:00:34:ba:0c:59:83:3a:ac:f5:e6:59:9d:32:26:
fc:39:7a:01:fb:5d:c3:7f:3f:85:0e:26:a5:d0:69:be:c3:c5:
e6:13:61:60:02:9d:65:b0:b2:22:4f:ef:08:01:fd:ea:d3:8a:
fd:e2:f1:48:50:b7:c1:51:cc:85:67:e7:2e:75:2d:12:12:41:
0d:b2:82:85:8c:b8:63:50:df:e8:64:20:44:4d:09:e7:f5:70:
95:61:a5:e9:60:1d:6e:d5:29:dd:bf:ca:b3:2f:43:54:ff:38:
e2:33:7c:98:33:3e:61:bb:9e:fd:e7:d7:7b:44:88:ab:37:55:
6c:bb:04:3a:b0:1d:1a:2a:d6:23:2a:bf:13:3b:4d:cf:12:06:
45:b2:7e:22:47:d5:d0:d2:8e:25:db:61:99:56:26:ea:f2:74:
b4:27:4e:78
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAYg0vL2pBR92Dmp3m5whFPqcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NDdiNTlkMjFlYTM2YjMwNjJmY2E4MGNlNzVjMTYxNmFm
NTExOWEwHhcNMjMwNTE5MTU1OTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTFlZmIzY2IzNDkwN2FiYTZkNzE3Y2M5MTJhZDZkYzU2YzhiNWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/BUt+WPXjWotpNtmJYXHj+hWit3X
twujuKR7z/O6Iiy01X7gNkB7ZiIXhgKSDjo/WKzcV0z/IxtBAeYVRf9Zm0b/gy+2
752jJ24on9+ndslADALGhHshTVbn0BsrWiswyWphEYvNE78vJpUb3tszCzx2Dcn5
U52Gr7A/J3XuyliwysKJIMpUF/9rlj+t/n5YlLYIvvfWuQ8zc8YI4n1GaD9to/lP
5uCAuDe2WBVyVjWX99+cJ/HmlpgFB4syhKRgIKx27/vdVZtPUG8VtQPkYCdhzOAY
6GEb4+vP5Nzcm59F6GLqegYqTHk4upciYTxfTihwa3LFsKRAoSWAJw9YKQIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFLke+zyzSQerptcXzJEq1txWyLXaMB8GA1UdIwQY
MBaAFBhHtZ0h6jazBi/KgM51wWFq9RGaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0VlMW5TSHFOck1HTDhxQXpuWEJZV3IxRVpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8zODI0Y2QtZTUyNy00YWRjLWE0MTIt
ZjkxYmI1MTc5MjE3LzEvdVI3N1BMTkpCNnVtMXhmTWtTclczRmJJdGRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi8zODI0Y2QtZTUyNy00YWRjLWE0MTItZjkxYmI1MTc5MjE3
LzEvR0VlMW5TSHFOck1HTDhxQXpuWEJZV3IxRVpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzByBAIAATBsAwQBTfAm
AwQBTfNQAwQBTihsAwQCWdsgAwQBW8nWAwQCW9eIAwQDXveAAwQCbelsAwQCuQS0
AwQCuRZAAwQBuSPeAwQCuWZIAwQCuZIAAwQCwidAAwQBwm42AwQDwzHQAwQBw12Y
AwQBw9IuMA0EAgACMAcDBQAqAF2gMA0GCSqGSIb3DQEBCwUAA4IBAQAGK/HzQiUX
guX+r+7bvpZJN6cDMtB3yF5U68ZP4tRa2TdecgcfdErOwMyMMYM2zRFa8KHW19zP
gKbd793esA61JLhUBK8agofWk2C9yykrrwJUM6gaa8gAmZsAkP0LADS6DFmDOqz1
5lmdMib8OXoB+13Dfz+FDial0Gm+w8XmE2FgAp1lsLIiT+8IAf3q04r94vFIULfB
UcyFZ+cudS0SEkENsoKFjLhjUN/oZCBETQnn9XCVYaXpYB1u1Sndv8qzL0NU/zji
M3yYMz5hu57959d7RIirN1VsuwQ6sB0aKtYjKr8TO03PEgZFsn4iR9XQ0o4l22GZ
Vibq8nS0J054
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:53:23 2025 by rpki-client