Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/jY1Y_M_8HVYVuPGYvSbRSINTJyw.roa
File: jY1Y_M_8HVYVuPGYvSbRSINTJyw.roa (raw, json)
Hash identifier: ChT7wiCGAg9zkGeQkiLJkHk3CIr4QKJRBato2TFJIGw=
Subject key identifier: 8D:8D:58:FC:CF:FC:1D:56:15:B8:F1:98:BD:26:D1:48:83:53:27:2C
Certificate issuer: /CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Certificate serial: 018926A3B70302FC70BC2864EFE3D74A052C
Authority key identifier: D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/jY1Y_M_8HVYVuPGYvSbRSINTJyw.roa
Signing time: Wed 05 Jul 2023 15:20:10 +0000
ROA not before: Wed 05 Jul 2023 15:20:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 77.74.231.0/24 maxlen: 24
77.74.228.0/24 maxlen: 24
109.105.197.0/24 maxlen: 24
109.105.199.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:26:a3:b7:03:02:fc:70:bc:28:64:ef:e3:d7:4a:05:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Validity
Not Before: Jul 5 15:20:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d8d58fccffc1d5615b8f198bd26d1488353272c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:67:71:6c:c9:73:fd:fd:16:b2:4d:9c:62:1c:
65:b1:ba:c8:31:a9:45:04:62:38:97:e3:78:f0:50:
e6:57:b3:55:20:59:b5:2e:c3:1c:56:a2:22:21:84:
17:2f:3b:67:e3:16:8e:c9:b3:98:6f:e5:b8:e1:9f:
3b:5f:05:bf:db:21:26:71:d1:ff:f0:f4:e9:2f:3b:
72:36:5a:f4:d4:d5:6a:8e:df:d0:b2:35:2e:05:d8:
47:92:5d:78:1e:91:be:24:6e:63:60:8e:c3:d6:3e:
46:05:ce:c6:79:2f:56:70:6e:89:c7:e5:e2:f1:64:
88:39:23:5a:1a:6f:3e:b9:f8:39:19:62:a8:3f:3d:
3c:a0:32:de:a0:78:13:27:a2:3e:2c:11:b1:0a:a1:
75:07:f5:38:e1:ae:a9:a5:b1:ec:98:17:29:6c:c2:
9a:e8:ec:58:62:ba:3e:ee:bd:fd:b8:40:8d:af:27:
7a:82:24:fd:be:c0:0f:7f:08:d8:f3:ac:78:00:21:
af:03:d2:99:5a:da:51:06:05:1f:a2:d0:61:d6:4d:
f5:8f:d5:72:02:05:36:a1:40:c4:e3:2d:98:49:ed:
9d:db:95:9e:85:1d:e5:59:f3:02:0d:79:31:3a:91:
76:d0:cf:ee:fd:d5:6d:f0:56:19:09:e2:a6:20:8e:
27:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:8D:58:FC:CF:FC:1D:56:15:B8:F1:98:BD:26:D1:48:83:53:27:2C
X509v3 Authority Key Identifier:
keyid:D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/jY1Y_M_8HVYVuPGYvSbRSINTJyw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.74.228.0/24
77.74.231.0/24
109.105.197.0/24
109.105.199.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:ed:a5:9d:f8:ac:e8:01:c5:29:41:34:03:3c:54:89:65:d0:
a1:8a:e1:09:8c:43:24:76:f0:15:c9:32:29:a0:18:4c:95:61:
00:12:09:35:00:26:3d:90:43:f0:ce:5b:6c:85:c8:c9:9c:9f:
77:1c:52:b3:6e:01:d8:86:3f:6a:68:ce:74:e1:26:ab:60:64:
e0:36:5d:9c:51:ad:1b:48:88:24:50:83:39:7f:ae:84:b1:09:
38:e6:87:f9:77:e0:25:bd:3b:42:f8:90:2b:24:a9:e9:56:b3:
f1:42:2b:62:f0:36:d5:cf:66:83:ff:bd:e9:1d:76:89:78:cb:
01:94:d7:a2:1a:fa:c3:43:91:e0:f3:bd:11:75:0e:83:99:11:
68:79:bc:d4:9b:9a:23:de:d8:50:ff:c3:3b:bd:ad:f5:0e:d6:
8e:65:30:82:fc:ec:58:2b:1a:1a:9f:83:3f:24:82:c0:ad:29:
22:6b:ad:83:6f:56:98:ba:44:1d:2c:a3:b2:01:27:2e:99:f5:
c5:0f:30:9e:c5:e1:b7:dc:31:50:31:65:17:9d:e0:d1:b2:6d:
72:97:76:ca:f7:02:40:b9:f9:cc:74:b2:63:dd:53:f0:31:e0:
c3:48:3c:5a:45:63:24:e1:79:50:6a:d3:2f:38:46:0e:c0:26:
11:34:1f:46
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYkmo7cDAvxwvChk7+PXSgUsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YzYwYTBkMmQ3MGE5MzM3ZDBiZGE1NmQxYWQ1OTZhYzFm
NjljZGEwHhcNMjMwNzA1MTUyMDEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDhkNThmY2NmZmMxZDU2MTViOGYxOThiZDI2ZDE0ODgzNTMyNzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgGdxbMlz/f0Wsk2cYhxlsbrIMalF
BGI4l+N48FDmV7NVIFm1LsMcVqIiIYQXLztn4xaOybOYb+W44Z87XwW/2yEmcdH/
8PTpLztyNlr01NVqjt/QsjUuBdhHkl14HpG+JG5jYI7D1j5GBc7GeS9WcG6Jx+Xi
8WSIOSNaGm8+ufg5GWKoPz08oDLeoHgTJ6I+LBGxCqF1B/U44a6ppbHsmBcpbMKa
6OxYYro+7r39uECNryd6giT9vsAPfwjY86x4ACGvA9KZWtpRBgUfotBh1k31j9Vy
AgU2oUDE4y2YSe2d25WehR3lWfMCDXkxOpF20M/u/dVt8FYZCeKmII4nMwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFI2NWPzP/B1WFbjxmL0m0UiDUycsMB8GA1UdIwQY
MBaAFNjGCg0tcKkzfQvaVtGtWWrB9pzaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUt
ZGQyOTRjMzc4ZjZjLzEvalkxWV9NXzhIVllWdVBHWXZTYlJTSU5USnl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUtZGQyOTRjMzc4ZjZj
LzEvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATUrkAwQA
TUrnAwQAbWnFAwQAbWnHMA0GCSqGSIb3DQEBCwUAA4IBAQBu7aWd+KzoAcUpQTQD
PFSJZdChiuEJjEMkdvAVyTIpoBhMlWEAEgk1ACY9kEPwzltshcjJnJ93HFKzbgHY
hj9qaM504SarYGTgNl2cUa0bSIgkUIM5f66EsQk45of5d+AlvTtC+JArJKnpVrPx
Qiti8DbVz2aD/73pHXaJeMsBlNeiGvrDQ5Hg870RdQ6DmRFoebzUm5oj3thQ/8M7
va31DtaOZTCC/OxYKxoan4M/JILArSkia62Db1aYukQdLKOyAScumfXFDzCexeG3
3DFQMWUXneDRsm1yl3bK9wJAufnMdLJj3VPwMeDDSDxaRWMk4XlQatMvOEYOwCYR
NB9G
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:07:30 2025 by rpki-client