Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/hWDFXM8YIDOyykAsZTgAerrUcN8.roa
File: hWDFXM8YIDOyykAsZTgAerrUcN8.roa (raw, json)
Hash identifier: 9ypG1ORAmONCCMdJ65JW3nBHNsJWFZ4MkMwYkMH1v/s=
Subject key identifier: 85:60:C5:5C:CF:18:20:33:B2:CA:40:2C:65:38:00:7A:BA:D4:70:DF
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 0187E1CAE431A7A46508C20A8AD48FB8C592
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/hWDFXM8YIDOyykAsZTgAerrUcN8.roa
Signing time: Wed 03 May 2023 13:26:22 +0000
ROA not before: Wed 03 May 2023 13:26:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 77.105.22.0/24 maxlen: 24
188.255.215.0/24 maxlen: 24
109.121.40.0/24 maxlen: 24
188.255.134.0/24 maxlen: 24
212.69.14.0/24 maxlen: 24
212.69.13.0/24 maxlen: 24
212.69.18.0/24 maxlen: 24
178.219.14.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e1:ca:e4:31:a7:a4:65:08:c2:0a:8a:d4:8f:b8:c5:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: May 3 13:26:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8560c55ccf182033b2ca402c6538007abad470df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:3e:cc:4e:bb:bc:c5:6e:05:16:1d:72:17:d3:
60:29:aa:6f:5c:a6:ff:83:dc:fc:9c:9c:9c:87:42:
a8:82:b4:52:2c:7c:4c:c4:a1:a3:4b:f0:88:88:50:
aa:d5:e9:5f:2d:04:7e:92:a0:34:c7:b0:40:a9:09:
68:3e:25:be:30:bf:16:fd:36:a7:5d:b9:5a:be:e7:
fe:f6:44:ec:60:b7:5d:d9:39:d1:c2:87:2d:b8:b7:
32:84:c3:d6:aa:af:06:6b:a4:f4:51:51:6d:62:60:
a1:09:b1:43:ab:99:b1:fd:22:28:7a:58:97:63:4d:
28:41:92:46:74:44:df:9c:05:ce:2c:f6:c1:b4:0c:
62:a4:20:0d:22:91:7a:43:6d:26:46:eb:32:81:8f:
b3:c2:71:a2:ac:4d:67:7c:64:66:c7:2e:58:ba:99:
26:c6:a8:95:bb:90:63:77:93:56:c1:98:f3:1e:91:
32:f0:54:19:90:8a:88:12:59:f1:dc:7b:9b:1e:86:
05:ec:39:90:96:34:1f:26:99:d0:1d:a3:5d:38:8e:
b0:11:de:0b:ce:34:a7:b2:ce:3b:29:d5:0b:03:6b:
5d:74:ec:b7:d3:05:ea:4f:bb:9f:8c:d5:71:f4:b1:
44:e7:cd:2a:14:d5:c5:99:50:b2:b0:fc:73:bd:9f:
39:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:60:C5:5C:CF:18:20:33:B2:CA:40:2C:65:38:00:7A:BA:D4:70:DF
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/hWDFXM8YIDOyykAsZTgAerrUcN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.22.0/24
109.121.40.0/24
178.219.14.0/24
188.255.134.0/24
188.255.215.0/24
212.69.13.0-212.69.14.255
212.69.18.0/24
Signature Algorithm: sha256WithRSAEncryption
10:e7:ae:9d:fb:0f:77:23:ff:c0:2c:56:65:a9:72:cf:1b:09:
c6:6e:b0:3c:68:53:66:e8:31:01:ee:44:26:a5:b1:c3:75:32:
26:f2:9a:8f:ef:e3:65:be:cb:a7:bd:70:a6:b9:ff:10:b1:14:
c6:63:b1:e1:7f:5b:e7:03:df:e0:41:8b:d7:b3:93:d6:5b:28:
6c:dc:64:f1:03:03:50:ff:42:63:b6:38:3a:00:91:8a:99:06:
20:1f:17:05:d9:9f:0f:89:cc:b2:75:c1:0f:38:da:91:47:a0:
06:79:ae:82:2b:ac:44:8e:26:fd:29:37:c5:0c:90:36:c1:f0:
b7:61:18:2e:35:8b:e7:4b:7a:7c:b5:e4:8e:35:29:36:23:2a:
17:33:e7:5d:b5:2b:17:3a:d5:e1:9f:61:cf:d7:4f:1c:b0:e7:
89:74:e4:73:a7:22:12:a4:b4:c8:cf:00:85:37:54:7a:b4:47:
0f:76:aa:9f:1b:12:f7:18:49:7b:9b:04:5b:54:69:f9:97:25:
39:33:58:ee:a2:22:5e:97:ec:27:f0:a9:e7:a2:58:72:53:6b:
53:09:dd:24:90:60:70:26:d2:28:8d:7b:77:4a:b4:0e:99:63:
94:ba:66:ad:e8:a2:53:85:7a:3f:2c:c5:7d:57:c0:39:d3:51:
6c:2b:1a:e7
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYfhyuQxp6RlCMIKitSPuMWSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwNTAzMTMyNjIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTYwYzU1Y2NmMTgyMDMzYjJjYTQwMmM2NTM4MDA3YWJhZDQ3MGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiz7MTru8xW4FFh1yF9NgKapvXKb/
g9z8nJych0KogrRSLHxMxKGjS/CIiFCq1elfLQR+kqA0x7BAqQloPiW+ML8W/Tan
Xblavuf+9kTsYLdd2TnRwoctuLcyhMPWqq8Ga6T0UVFtYmChCbFDq5mx/SIoeliX
Y00oQZJGdETfnAXOLPbBtAxipCANIpF6Q20mRusygY+zwnGirE1nfGRmxy5Yupkm
xqiVu5Bjd5NWwZjzHpEy8FQZkIqIElnx3HubHoYF7DmQljQfJpnQHaNdOI6wEd4L
zjSnss47KdULA2tddOy30wXqT7ufjNVx9LFE580qFNXFmVCysPxzvZ85bwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFIVgxVzPGCAzsspALGU4AHq61HDfMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvaFdERlhNOFlJRE95eWtBc1pUZ0FlcnJVY044LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQATWkWAwQA
bXkoAwQAstsOAwQAvP+GAwQAvP/XMAwDBADURQ0DBADURQ4DBADURRIwDQYJKoZI
hvcNAQELBQADggEBABDnrp37D3cj/8AsVmWpcs8bCcZusDxoU2boMQHuRCalscN1
Mibymo/v42W+y6e9cKa5/xCxFMZjseF/W+cD3+BBi9ezk9ZbKGzcZPEDA1D/QmO2
ODoAkYqZBiAfFwXZnw+JzLJ1wQ842pFHoAZ5roIrrESOJv0pN8UMkDbB8LdhGC41
i+dLeny15I41KTYjKhcz5121Kxc61eGfYc/XTxyw54l05HOnIhKktMjPAIU3VHq0
Rw92qp8bEvcYSXubBFtUafmXJTkzWO6iIl6X7CfwqeeiWHJTa1MJ3SSQYHAm0iiN
e3dKtA6ZY5S6Zq3oolOFej8sxX1XwDnTUWwrGuc=
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:29:55 2025 by rpki-client