Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9e6c48-4bdd-4e60-910a-54b41e4fc63b/1/9wvkAF4DR-pRilIoC0m9Yzqk2rg.roa
File: 9wvkAF4DR-pRilIoC0m9Yzqk2rg.roa (raw, json)
Hash identifier: uX/WcsT3HkbaFt5b0Eo6cU3JPLBt6x3p+NH/lc1vygw=
Subject key identifier: F7:0B:E4:00:5E:03:47:EA:51:8A:52:28:0B:49:BD:63:3A:A4:DA:B8
Certificate issuer: /CN=77dbfb3d64eb10c782562a37855b0732bd18eb3f
Certificate serial: 01856B00BD18F70F2112924530C62746248E
Authority key identifier: 77:DB:FB:3D:64:EB:10:C7:82:56:2A:37:85:5B:07:32:BD:18:EB:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d9v7PWTrEMeCVio3hVsHMr0Y6z8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9e6c48-4bdd-4e60-910a-54b41e4fc63b/1/9wvkAF4DR-pRilIoC0m9Yzqk2rg.roa
Signing time: Sun 01 Jan 2023 01:44:48 +0000
ROA not before: Sun 01 Jan 2023 01:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43323
IP address blocks: 194.107.16.0/24 maxlen: 24
95.87.96.0/21 maxlen: 21
95.87.97.0/24 maxlen: 24
95.87.98.0/24 maxlen: 24
95.87.96.0/24 maxlen: 24
95.87.100.0/24 maxlen: 24
95.87.101.0/24 maxlen: 24
95.87.99.0/24 maxlen: 24
95.87.102.0/24 maxlen: 24
95.87.103.0/24 maxlen: 24
193.53.165.0/24 maxlen: 24
193.53.166.0/24 maxlen: 24
193.53.164.0/24 maxlen: 24
193.53.164.0/22 maxlen: 22
193.53.167.0/24 maxlen: 24
2a03:4d80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:00:bd:18:f7:0f:21:12:92:45:30:c6:27:46:24:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77dbfb3d64eb10c782562a37855b0732bd18eb3f
Validity
Not Before: Jan 1 01:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f70be4005e0347ea518a52280b49bd633aa4dab8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:cb:42:a3:7e:25:17:b5:49:2a:fe:07:1b:f2:
53:cb:eb:73:2a:61:81:e9:b7:37:17:70:5a:55:cf:
e3:d1:bd:83:d0:cd:ca:24:bf:39:58:ab:13:0b:1b:
32:0b:f9:af:b0:00:ae:9f:e0:32:21:c9:7a:72:8e:
c2:a4:dc:ab:d8:29:d6:9b:9f:2e:c8:42:6d:ed:c9:
8e:ee:6b:25:8f:b0:9f:1d:96:63:86:f7:1a:02:61:
9c:b2:11:65:99:ef:d0:17:f9:c2:3d:d6:cf:1c:68:
98:12:4b:60:a4:f3:c2:8e:d7:6c:62:12:b9:8f:29:
2d:a8:af:87:fe:9c:af:4e:f9:8b:f6:e1:66:be:7b:
c7:e7:75:56:66:ea:16:5f:ce:c9:93:3b:a7:4c:15:
4e:a0:62:5f:9d:8f:66:88:7f:d7:90:b5:a0:70:c4:
3c:77:6d:25:0f:75:28:f5:d2:6e:3a:7f:81:e5:a7:
a6:a7:4b:d9:97:95:56:1f:1f:f5:51:ea:d3:dc:70:
75:7b:88:77:56:8e:b6:48:c0:9b:fd:1e:d6:73:4e:
ad:e4:71:96:b6:3c:95:0d:78:7a:67:c6:e1:d9:cc:
57:d9:1c:73:d0:0f:17:5b:74:4c:ce:e4:24:a3:2b:
89:58:25:e4:ae:7f:31:6b:68:94:fc:d3:5d:32:94:
be:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:0B:E4:00:5E:03:47:EA:51:8A:52:28:0B:49:BD:63:3A:A4:DA:B8
X509v3 Authority Key Identifier:
keyid:77:DB:FB:3D:64:EB:10:C7:82:56:2A:37:85:5B:07:32:BD:18:EB:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9v7PWTrEMeCVio3hVsHMr0Y6z8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9e6c48-4bdd-4e60-910a-54b41e4fc63b/1/9wvkAF4DR-pRilIoC0m9Yzqk2rg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9e6c48-4bdd-4e60-910a-54b41e4fc63b/1/d9v7PWTrEMeCVio3hVsHMr0Y6z8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.87.96.0/21
193.53.164.0/22
194.107.16.0/24
IPv6:
2a03:4d80::/32
Signature Algorithm: sha256WithRSAEncryption
86:63:e9:73:60:dd:91:8c:8a:ce:e5:78:eb:cd:e9:58:dc:bb:
20:5d:83:2d:91:c0:56:6d:a4:65:9f:66:20:a6:23:71:ab:2d:
22:19:b5:ad:89:b6:68:68:3d:8d:d2:45:a0:db:51:20:a3:c8:
bf:62:2c:24:29:26:22:bb:da:e3:f5:21:a5:de:31:e0:e8:89:
a6:4f:aa:cb:8a:fe:89:4a:e9:f2:72:29:c1:dc:19:40:c4:eb:
6c:38:72:a6:bf:b7:52:f3:68:7b:93:dc:83:b0:9f:b0:f5:ab:
c1:bc:01:12:66:ed:da:45:e1:ff:b9:59:4f:07:66:57:7f:72:
d0:12:d3:ee:fb:e7:cc:1b:7a:ed:b8:b7:c5:12:6e:3c:5e:e9:
6b:7d:d9:0b:d5:ba:ae:14:c8:3e:ea:a1:75:ca:93:f4:fc:4c:
13:ea:46:e7:db:48:20:49:4e:f3:28:6b:21:36:e5:d8:eb:d9:
b7:97:69:8e:74:3c:7e:c7:fb:52:cb:f9:af:52:4a:16:69:ff:
12:5b:85:1b:26:49:9c:34:ff:23:50:04:29:3c:b8:ae:64:00:
87:82:75:52:30:1e:fd:59:38:d0:b1:50:fc:b5:c0:35:a3:a3:
2f:d3:23:32:68:76:3c:b1:4a:66:d5:51:01:a4:1d:20:fb:32:
ae:93:cd:01
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVrAL0Y9w8hEpJFMMYnRiSOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZGJmYjNkNjRlYjEwYzc4MjU2MmEzNzg1NWIwNzMyYmQx
OGViM2YwHhcNMjMwMTAxMDE0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzBiZTQwMDVlMDM0N2VhNTE4YTUyMjgwYjQ5YmQ2MzNhYTRkYWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApctCo34lF7VJKv4HG/JTy+tzKmGB
6bc3F3BaVc/j0b2D0M3KJL85WKsTCxsyC/mvsACun+AyIcl6co7CpNyr2CnWm58u
yEJt7cmO7mslj7CfHZZjhvcaAmGcshFlme/QF/nCPdbPHGiYEktgpPPCjtdsYhK5
jyktqK+H/pyvTvmL9uFmvnvH53VWZuoWX87JkzunTBVOoGJfnY9miH/XkLWgcMQ8
d20lD3Uo9dJuOn+B5aemp0vZl5VWHx/1UerT3HB1e4h3Vo62SMCb/R7Wc06t5HGW
tjyVDXh6Z8bh2cxX2Rxz0A8XW3RMzuQkoyuJWCXkrn8xa2iU/NNdMpS+tQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPcL5ABeA0fqUYpSKAtJvWM6pNq4MB8GA1UdIwQY
MBaAFHfb+z1k6xDHglYqN4VbBzK9GOs/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDl2N1BXVHJFTWVDVmlvM2hWc0hNcjBZNno4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZTZjNDgtNGJkZC00ZTYwLTkxMGEt
NTRiNDFlNGZjNjNiLzEvOXd2a0FGNERSLXBSaWxJb0MwbTlZenFrMnJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZTZjNDgtNGJkZC00ZTYwLTkxMGEtNTRiNDFlNGZjNjNi
LzEvZDl2N1BXVHJFTWVDVmlvM2hWc0hNcjBZNno4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDX1dgAwQC
wTWkAwQAwmsQMA0EAgACMAcDBQAqA02AMA0GCSqGSIb3DQEBCwUAA4IBAQCGY+lz
YN2RjIrO5XjrzelY3LsgXYMtkcBWbaRln2YgpiNxqy0iGbWtibZoaD2N0kWg21Eg
o8i/YiwkKSYiu9rj9SGl3jHg6ImmT6rLiv6JSunycinB3BlAxOtsOHKmv7dS82h7
k9yDsJ+w9avBvAESZu3aReH/uVlPB2ZXf3LQEtPu++fMG3rtuLfFEm48XulrfdkL
1bquFMg+6qF1ypP0/EwT6kbn20ggSU7zKGshNuXY69m3l2mOdDx+x/tSy/mvUkoW
af8SW4UbJkmcNP8jUAQpPLiuZACHgnVSMB79WTjQsVD8tcA1o6Mv0yMyaHY8sUpm
1VEBpB0g+zKuk80B
-----END CERTIFICATE-----
Generated at Tue Apr 22 22:35:28 2025 by rpki-client