Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/wDqhRdo72Ow30oZKyNM4tGiMlLk.roa
File: wDqhRdo72Ow30oZKyNM4tGiMlLk.roa (raw, json)
Hash identifier: PNG3oF7FeFvBpJ4tpV28+8TA3mtFvcCgdVJn9H7+0qY=
Subject key identifier: C0:3A:A1:45:DA:3B:D8:EC:37:D2:86:4A:C8:D3:38:B4:68:8C:94:B9
Certificate issuer: /CN=bfb097a36c2325d1031ff4091ba00a86459d4288
Certificate serial: 01896A6B0B965985FB5BA27D040F1DB2219B
Authority key identifier: BF:B0:97:A3:6C:23:25:D1:03:1F:F4:09:1B:A0:0A:86:45:9D:42:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v7CXo2wjJdEDH_QJG6AKhkWdQog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/wDqhRdo72Ow30oZKyNM4tGiMlLk.roa
Signing time: Tue 18 Jul 2023 19:12:27 +0000
ROA not before: Tue 18 Jul 2023 19:12:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47159
IP address blocks: 91.83.158.0/24 maxlen: 24
89.186.104.0/24 maxlen: 24
82.131.172.0/24 maxlen: 24
62.77.213.0/24 maxlen: 24
91.83.92.0/24 maxlen: 24
62.77.234.0/24 maxlen: 24
91.83.220.0/22 maxlen: 22
91.83.225.0/24 maxlen: 24
213.197.64.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:6a:6b:0b:96:59:85:fb:5b:a2:7d:04:0f:1d:b2:21:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfb097a36c2325d1031ff4091ba00a86459d4288
Validity
Not Before: Jul 18 19:12:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c03aa145da3bd8ec37d2864ac8d338b4688c94b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:dc:6a:ee:30:a5:db:57:95:83:98:3d:82:1c:
7f:83:ca:02:2f:4f:0e:1b:eb:8f:59:ec:77:40:cd:
65:22:3b:82:06:c3:9f:90:56:d4:36:61:e5:47:8d:
10:12:4b:38:8d:78:95:24:c4:f6:cd:2a:7b:d9:50:
de:b3:61:05:6d:e1:1d:2f:46:bd:6c:84:31:a9:bd:
07:c8:1a:8d:e0:7a:7c:ca:bf:3f:12:85:b9:05:77:
b3:66:fe:33:b9:88:34:f4:31:a5:97:9d:b7:07:23:
67:e8:28:93:40:d3:23:26:d7:72:74:7a:4f:a2:ee:
66:cf:34:d9:5a:4d:81:e1:74:15:f3:60:fd:10:f3:
b2:2f:e7:ec:73:f2:a7:e3:62:3d:b2:db:a0:bc:93:
34:82:3e:c0:58:ae:5d:ac:30:f5:1e:c8:28:0c:ac:
9e:1f:cb:0d:8e:50:a3:0f:d5:f9:ab:c6:2d:e3:67:
fa:2c:08:f0:cb:ce:ad:ae:b0:ef:c5:a4:05:0e:07:
c8:4d:ce:96:ee:73:48:ae:3c:3c:49:bf:b6:3f:e7:
41:94:5f:71:ee:72:83:72:ab:51:4f:d3:13:5f:0e:
57:e0:95:73:93:bb:49:a2:1b:27:20:ab:0e:12:bb:
72:26:d9:5b:80:9e:de:76:7e:d3:98:60:a9:4d:dd:
67:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:3A:A1:45:DA:3B:D8:EC:37:D2:86:4A:C8:D3:38:B4:68:8C:94:B9
X509v3 Authority Key Identifier:
keyid:BF:B0:97:A3:6C:23:25:D1:03:1F:F4:09:1B:A0:0A:86:45:9D:42:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v7CXo2wjJdEDH_QJG6AKhkWdQog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/wDqhRdo72Ow30oZKyNM4tGiMlLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/v7CXo2wjJdEDH_QJG6AKhkWdQog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.77.213.0/24
62.77.234.0/24
82.131.172.0/24
89.186.104.0/24
91.83.92.0/24
91.83.158.0/24
91.83.220.0/22
91.83.225.0/24
213.197.64.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:ba:01:cd:3c:63:31:e7:f0:84:b9:41:39:3e:ab:34:aa:95:
bb:60:cd:08:5f:64:45:d7:ff:b4:be:4c:45:6e:9e:a8:31:ee:
63:9a:c7:f9:49:3f:41:03:15:4f:d9:bb:a1:2f:b6:42:83:de:
5c:11:94:0a:9a:79:e5:6e:c4:aa:23:8e:81:ec:3a:b2:20:ca:
c2:7e:47:68:23:50:7c:2c:92:ac:f5:f2:d7:2b:f4:2c:ea:ee:
b5:7e:98:ce:b1:1f:16:ab:39:f6:b8:7f:2f:ca:7f:9c:d5:fb:
9f:2b:03:0f:ba:a7:f6:1f:df:53:08:21:b5:1f:c6:6d:8c:b3:
3c:90:82:6f:00:e4:87:cc:71:63:44:ad:09:eb:9c:75:51:e0:
ba:2d:6b:af:cd:f3:e7:fe:11:37:4d:61:aa:dc:7b:bc:f6:39:
c8:62:c6:d7:3c:c2:61:91:15:67:c5:67:0e:2b:ef:00:de:d0:
5b:b1:80:da:71:a9:27:2a:e5:08:5e:56:67:70:08:a5:a4:14:
fe:b8:a6:0f:7c:f1:a6:1e:15:bf:8a:80:5d:da:d1:44:1f:27:
9f:39:ff:a2:9a:47:e6:6a:d7:38:a2:2f:55:26:bd:db:72:58:
a7:ac:55:8e:5d:51:84:da:c6:ef:86:f0:11:68:45:03:7d:c5:
6e:c8:8e:9d
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYlqawuWWYX7W6J9BA8dsiGbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYjA5N2EzNmMyMzI1ZDEwMzFmZjQwOTFiYTAwYTg2NDU5
ZDQyODgwHhcNMjMwNzE4MTkxMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDNhYTE0NWRhM2JkOGVjMzdkMjg2NGFjOGQzMzhiNDY4OGM5NGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Nxq7jCl21eVg5g9ghx/g8oCL08O
G+uPWex3QM1lIjuCBsOfkFbUNmHlR40QEks4jXiVJMT2zSp72VDes2EFbeEdL0a9
bIQxqb0HyBqN4Hp8yr8/EoW5BXezZv4zuYg09DGll523ByNn6CiTQNMjJtdydHpP
ou5mzzTZWk2B4XQV82D9EPOyL+fsc/Kn42I9stugvJM0gj7AWK5drDD1HsgoDKye
H8sNjlCjD9X5q8Yt42f6LAjwy86trrDvxaQFDgfITc6W7nNIrjw8Sb+2P+dBlF9x
7nKDcqtRT9MTXw5X4JVzk7tJohsnIKsOErtyJtlbgJ7edn7TmGCpTd1n8wIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFMA6oUXaO9jsN9KGSsjTOLRojJS5MB8GA1UdIwQY
MBaAFL+wl6NsIyXRAx/0CRugCoZFnUKIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjdDWG8yd2pKZEVESF9RSkc2QUtoa1dkUW9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9mMmM1ZTgtOGQzNy00ODM4LWEzM2It
ZWNjNDliZGMyYWQ4LzEvd0RxaFJkbzcyT3czMG9aS3lOTTR0R2lNbExrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9mMmM1ZTgtOGQzNy00ODM4LWEzM2ItZWNjNDliZGMyYWQ4
LzEvdjdDWG8yd2pKZEVESF9RSkc2QUtoa1dkUW9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAPk3VAwQA
Pk3qAwQAUoOsAwQAWbpoAwQAW1NcAwQAW1OeAwQCW1PcAwQAW1PhAwQC1cVAMA0G
CSqGSIb3DQEBCwUAA4IBAQBdugHNPGMx5/CEuUE5Pqs0qpW7YM0IX2RF1/+0vkxF
bp6oMe5jmsf5ST9BAxVP2buhL7ZCg95cEZQKmnnlbsSqI46B7DqyIMrCfkdoI1B8
LJKs9fLXK/Qs6u61fpjOsR8Wqzn2uH8vyn+c1fufKwMPuqf2H99TCCG1H8ZtjLM8
kIJvAOSHzHFjRK0J65x1UeC6LWuvzfPn/hE3TWGq3Hu89jnIYsbXPMJhkRVnxWcO
K+8A3tBbsYDacaknKuUIXlZncAilpBT+uKYPfPGmHhW/ioBd2tFEHyefOf+imkfm
atc4oi9VJr3bclinrFWOXVGE2sbvhvARaEUDfcVuyI6d
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:29 2025 by rpki-client