Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/4e1bc8-f810-4182-a6e3-721bb4fc8c16/1/dzw9YcIr6c4zC4M2cRvJXl_3k1Y.roa
File: dzw9YcIr6c4zC4M2cRvJXl_3k1Y.roa (raw, json)
Hash identifier: VYp8GLgxRJk53NWBNFD3raNL9kU2lzpjX3BOwu2TnBk=
Subject key identifier: 77:3C:3D:61:C2:2B:E9:CE:33:0B:83:36:71:1B:C9:5E:5F:F7:93:56
Certificate issuer: /CN=0966e05d152750dfaade5faf791bad391dc6d2d4
Certificate serial: 01857139D337905168B712345177AF70EDF3
Authority key identifier: 09:66:E0:5D:15:27:50:DF:AA:DE:5F:AF:79:1B:AD:39:1D:C6:D2:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CWbgXRUnUN-q3l-veRutOR3G0tQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/4e1bc8-f810-4182-a6e3-721bb4fc8c16/1/dzw9YcIr6c4zC4M2cRvJXl_3k1Y.roa
Signing time: Mon 02 Jan 2023 06:44:53 +0000
ROA not before: Mon 02 Jan 2023 06:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42003
IP address blocks: 77.42.240.0/21 maxlen: 21
94.187.40.0/21 maxlen: 21
94.187.48.0/21 maxlen: 21
94.187.56.0/21 maxlen: 21
94.187.64.0/21 maxlen: 21
94.187.72.0/21 maxlen: 21
94.187.80.0/21 maxlen: 21
77.42.128.0/19 maxlen: 19
94.187.88.0/21 maxlen: 21
94.187.0.0/24 maxlen: 24
94.187.1.0/24 maxlen: 24
94.187.2.0/24 maxlen: 24
94.187.3.0/24 maxlen: 24
94.187.0.0/21 maxlen: 21
94.187.4.0/24 maxlen: 24
94.187.11.0/24 maxlen: 24
94.187.6.0/24 maxlen: 24
94.187.7.0/24 maxlen: 24
94.187.8.0/24 maxlen: 24
94.187.9.0/24 maxlen: 24
94.187.10.0/24 maxlen: 24
94.187.16.0/21 maxlen: 21
94.187.24.0/21 maxlen: 21
94.187.32.0/21 maxlen: 21
77.42.192.0/19 maxlen: 19
77.42.224.0/21 maxlen: 21
77.42.232.0/21 maxlen: 21
94.187.95.0/24 maxlen: 24
94.187.96.0/21 maxlen: 21
94.187.104.0/21 maxlen: 21
94.187.112.0/21 maxlen: 21
94.187.120.0/21 maxlen: 21
77.42.160.0/19 maxlen: 19
178.135.200.0/21 maxlen: 21
178.135.208.0/21 maxlen: 21
178.135.216.0/21 maxlen: 21
178.135.224.0/21 maxlen: 21
178.135.232.0/21 maxlen: 21
178.135.240.0/21 maxlen: 21
178.135.248.0/21 maxlen: 21
178.135.152.0/21 maxlen: 21
178.135.160.0/21 maxlen: 21
178.135.168.0/21 maxlen: 21
178.135.176.0/21 maxlen: 21
178.135.184.0/21 maxlen: 21
178.135.192.0/21 maxlen: 21
178.135.0.0/24 maxlen: 24
178.135.1.0/24 maxlen: 24
178.135.2.0/24 maxlen: 24
178.135.3.0/24 maxlen: 24
178.135.6.0/24 maxlen: 24
178.135.7.0/24 maxlen: 24
178.135.8.0/24 maxlen: 24
178.135.9.0/24 maxlen: 24
178.135.10.0/24 maxlen: 24
178.135.11.0/24 maxlen: 24
178.135.16.0/21 maxlen: 21
178.135.24.0/21 maxlen: 21
178.135.32.0/21 maxlen: 21
178.135.96.0/21 maxlen: 21
178.135.95.0/24 maxlen: 24
178.135.104.0/21 maxlen: 21
178.135.112.0/21 maxlen: 21
178.135.120.0/21 maxlen: 21
178.135.128.0/21 maxlen: 21
178.135.136.0/21 maxlen: 21
178.135.144.0/21 maxlen: 21
178.135.40.0/21 maxlen: 21
178.135.48.0/21 maxlen: 21
178.135.56.0/21 maxlen: 21
178.135.64.0/21 maxlen: 21
178.135.72.0/21 maxlen: 21
178.135.80.0/21 maxlen: 21
178.135.88.0/21 maxlen: 21
2a00:6920:f000::/40 maxlen: 40
2a00:6920:e100::/40 maxlen: 40
2a00:6920:e000::/40 maxlen: 40
2a00:6920:d000::/40 maxlen: 40
2a00:6920:e1c0::/42 maxlen: 42
2a00:6920:e180::/42 maxlen: 42
2a00:6920:e140::/42 maxlen: 42
2a00:6920:e100::/42 maxlen: 42
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:39:d3:37:90:51:68:b7:12:34:51:77:af:70:ed:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0966e05d152750dfaade5faf791bad391dc6d2d4
Validity
Not Before: Jan 2 06:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=773c3d61c22be9ce330b8336711bc95e5ff79356
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:d6:d9:3b:23:67:01:25:71:12:45:b2:9b:4e:
ad:22:f7:21:fa:de:19:9b:77:58:d1:4a:69:21:4a:
12:64:bd:b1:cb:04:56:2f:61:c5:5e:94:e7:8b:f4:
53:da:b3:ca:e6:20:76:e5:c5:05:27:c3:c1:e1:08:
fe:14:d7:bd:b2:fb:c4:4d:b7:bb:21:96:ec:ee:17:
03:3d:a1:fe:58:c7:04:48:0a:af:d9:91:5c:59:b3:
12:8c:51:98:ea:41:75:bf:1e:1e:f2:bf:50:45:29:
cc:9b:4b:4c:96:56:2d:8f:7f:1f:bc:b7:0c:39:5c:
09:cb:b9:6a:04:af:89:d7:c9:e5:e6:4e:43:21:57:
35:49:4e:a7:a2:7f:13:6b:da:85:89:b9:c5:ab:ea:
4c:57:95:b7:98:6a:cb:38:b6:11:42:e0:82:3f:12:
d7:b1:bd:90:88:6f:12:a3:c2:a0:ab:98:8c:d1:dc:
7a:e4:1d:e1:b5:90:24:3f:21:76:7f:53:48:52:41:
49:3a:ea:58:0e:0b:99:c6:81:4e:16:a1:5b:7a:53:
30:05:10:8a:ed:24:b4:ad:7a:87:7b:9c:28:64:ec:
c5:10:4e:63:0c:f3:b9:a1:2f:12:9f:fc:37:f2:f1:
e4:85:0a:38:60:97:b2:16:2d:ff:e1:a4:cc:bf:34:
70:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:3C:3D:61:C2:2B:E9:CE:33:0B:83:36:71:1B:C9:5E:5F:F7:93:56
X509v3 Authority Key Identifier:
keyid:09:66:E0:5D:15:27:50:DF:AA:DE:5F:AF:79:1B:AD:39:1D:C6:D2:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CWbgXRUnUN-q3l-veRutOR3G0tQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/4e1bc8-f810-4182-a6e3-721bb4fc8c16/1/dzw9YcIr6c4zC4M2cRvJXl_3k1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/4e1bc8-f810-4182-a6e3-721bb4fc8c16/1/CWbgXRUnUN-q3l-veRutOR3G0tQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.42.128.0-77.42.247.255
94.187.0.0-94.187.11.255
94.187.16.0-94.187.127.255
178.135.0.0/22
178.135.6.0-178.135.11.255
178.135.16.0-178.135.255.255
IPv6:
2a00:6920:d000::/40
2a00:6920:e000::/39
2a00:6920:f000::/40
Signature Algorithm: sha256WithRSAEncryption
31:c2:19:f7:2f:dc:00:9e:22:93:6e:46:d2:d5:62:1b:21:e3:
81:57:12:8b:d3:d8:29:54:11:e7:5b:50:17:9d:b4:d8:b7:37:
5c:d3:6b:bb:15:ed:ee:c3:9e:04:a9:67:74:71:b2:08:01:0d:
17:3c:69:e4:65:65:00:af:7a:75:2d:94:df:9b:4b:47:6e:27:
34:67:ed:56:eb:69:02:0e:ef:a3:3b:c8:44:28:02:49:1f:df:
81:da:72:1e:e7:47:c8:68:dd:df:7b:74:c4:2b:96:60:98:ac:
28:7b:d7:fd:2f:f9:47:45:50:bc:16:78:65:67:3b:52:4c:7c:
46:6e:bd:78:8f:ec:6f:cc:7c:2e:c7:80:47:af:f6:12:8a:07:
00:69:bd:89:5d:97:40:4b:20:16:82:8b:0f:46:da:c0:91:0a:
8d:e2:88:67:de:02:c0:c5:e8:21:08:9c:38:b6:fc:dd:f8:e9:
9b:34:3d:5a:47:71:f5:13:69:86:fc:66:1c:7e:31:00:87:4a:
fe:99:c2:44:7b:0a:79:4b:56:67:35:3d:6e:2d:d6:f4:d8:1a:
90:0d:fa:8c:9b:39:44:4c:ac:0d:0b:11:8f:8c:71:f0:be:ff:
04:03:8d:91:84:07:f7:3f:7d:78:d4:c1:c6:a3:fe:bc:c9:cd:
ca:0f:45:ac
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAYVxOdM3kFFotxI0UXevcO3zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NjZlMDVkMTUyNzUwZGZhYWRlNWZhZjc5MWJhZDM5MWRj
NmQyZDQwHhcNMjMwMTAyMDY0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzNjM2Q2MWMyMmJlOWNlMzMwYjgzMzY3MTFiYzk1ZTVmZjc5MzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtbZOyNnASVxEkWym06tIvch+t4Z
m3dY0UppIUoSZL2xywRWL2HFXpTni/RT2rPK5iB25cUFJ8PB4Qj+FNe9svvETbe7
IZbs7hcDPaH+WMcESAqv2ZFcWbMSjFGY6kF1vx4e8r9QRSnMm0tMllYtj38fvLcM
OVwJy7lqBK+J18nl5k5DIVc1SU6non8Ta9qFibnFq+pMV5W3mGrLOLYRQuCCPxLX
sb2QiG8So8Kgq5iM0dx65B3htZAkPyF2f1NIUkFJOupYDguZxoFOFqFbelMwBRCK
7SS0rXqHe5woZOzFEE5jDPO5oS8Sn/w38vHkhQo4YJeyFi3/4aTMvzRwfQIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFHc8PWHCK+nOMwuDNnEbyV5f95NWMB8GA1UdIwQY
MBaAFAlm4F0VJ1Dfqt5fr3kbrTkdxtLUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1diZ1hSVW5VTi1xM2wtdmVSdXRPUjNHMHRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC80ZTFiYzgtZjgxMC00MTgyLWE2ZTMt
NzIxYmI0ZmM4YzE2LzEvZHp3OVljSXI2YzR6QzRNMmNSdkpYbF8zazFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC80ZTFiYzgtZjgxMC00MTgyLWE2ZTMtNzIxYmI0ZmM4YzE2
LzEvQ1diZ1hSVW5VTi1xM2wtdmVSdXRPUjNHMHRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwUAQCAAEwSjAMAwQHTSqA
AwQDTSrwMAsDAwBeuwMEAl67CDAMAwQEXrsQAwQHXrsAAwQCsocAMAwDBAGyhwYD
BAKyhwgwCwMEBLKHEAMDA7KAMB4EAgACMBgDBgAqAGkg0AMGASoAaSDgAwYAKgBp
IPAwDQYJKoZIhvcNAQELBQADggEBADHCGfcv3ACeIpNuRtLVYhsh44FXEovT2ClU
EedbUBedtNi3N1zTa7sV7e7DngSpZ3RxsggBDRc8aeRlZQCvenUtlN+bS0duJzRn
7VbraQIO76M7yEQoAkkf34Hach7nR8ho3d97dMQrlmCYrCh71/0v+UdFULwWeGVn
O1JMfEZuvXiP7G/MfC7HgEev9hKKBwBpvYldl0BLIBaCiw9G2sCRCo3iiGfeAsDF
6CEInDi2/N346Zs0PVpHcfUTaYb8Zhx+MQCHSv6ZwkR7CnlLVmc1PW4t1vTYGpAN
+oybOURMrA0LEY+McfC+/wQDjZGEB/c/fXjUwcaj/rzJzcoPRaw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:31 2025 by rpki-client