Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/22c60e-72fd-47af-99f3-26848ffee765/1/0cKYkWl8wiLwql8Q1ujZHDALrzw.roa
File: 0cKYkWl8wiLwql8Q1ujZHDALrzw.roa (raw, json)
Hash identifier: 7LJ+FMuKQikl7Tqi2yMykLqEaWuhryyAbQGIbHFyD8s=
Subject key identifier: D1:C2:98:91:69:7C:C2:22:F0:AA:5F:10:D6:E8:D9:1C:30:0B:AF:3C
Certificate issuer: /CN=bd7410f4e62c7772c78d5750b21fc214339e94a2
Certificate serial: 018B6620A007A97A928842827D3A2DE07B87
Authority key identifier: BD:74:10:F4:E6:2C:77:72:C7:8D:57:50:B2:1F:C2:14:33:9E:94:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vXQQ9OYsd3LHjVdQsh_CFDOelKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/22c60e-72fd-47af-99f3-26848ffee765/1/0cKYkWl8wiLwql8Q1ujZHDALrzw.roa
Signing time: Wed 25 Oct 2023 09:18:15 +0000
ROA not before: Wed 25 Oct 2023 09:18:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 786
IP address blocks: 77.72.76.0/23 maxlen: 23
77.72.72.0/23 maxlen: 23
77.72.74.0/23 maxlen: 23
2a01:4b0:1::/48 maxlen: 48
2a01:4b0:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:66:20:a0:07:a9:7a:92:88:42:82:7d:3a:2d:e0:7b:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd7410f4e62c7772c78d5750b21fc214339e94a2
Validity
Not Before: Oct 25 09:18:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1c29891697cc222f0aa5f10d6e8d91c300baf3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:7a:56:51:26:a9:e7:ab:79:ba:96:04:78:af:
35:8b:61:a7:fb:e8:9e:f1:39:20:7d:fa:06:b1:c5:
ba:95:c7:a6:a4:06:04:d1:01:ee:13:aa:79:cb:fe:
aa:d2:5d:6e:7a:39:64:38:fc:b4:b1:a2:70:5b:1d:
86:c8:1b:19:5e:86:42:fe:a8:b7:42:b5:c7:fb:01:
c9:98:33:16:00:83:7a:62:61:30:71:cf:02:da:ee:
1b:c6:31:55:a4:4f:cc:5d:27:0a:af:79:6f:3c:ee:
82:11:3c:bf:d6:f4:c3:d3:6b:45:cd:40:45:7c:bc:
35:03:d8:6e:7d:28:ac:7d:ee:07:0f:20:56:a3:6a:
70:d2:15:a9:85:f7:f3:9f:2c:f4:eb:15:f8:94:97:
ad:23:a3:d2:cb:04:3b:bb:6f:45:07:59:b6:94:df:
40:b1:64:1a:02:4f:29:45:31:6c:13:79:8f:46:97:
28:3f:81:b1:fd:31:8c:1b:4d:e0:fc:1e:01:0b:0a:
92:cf:de:ca:d0:00:5f:c5:c7:c0:3c:86:77:43:9f:
4d:1d:0c:30:7a:e8:b6:89:4b:4e:c0:53:4a:57:85:
06:f5:89:1c:eb:f1:68:b5:77:eb:d9:58:14:50:f9:
93:6a:12:b4:7f:ea:0f:b4:71:c4:f2:19:77:bf:47:
7b:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:C2:98:91:69:7C:C2:22:F0:AA:5F:10:D6:E8:D9:1C:30:0B:AF:3C
X509v3 Authority Key Identifier:
keyid:BD:74:10:F4:E6:2C:77:72:C7:8D:57:50:B2:1F:C2:14:33:9E:94:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vXQQ9OYsd3LHjVdQsh_CFDOelKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/22c60e-72fd-47af-99f3-26848ffee765/1/0cKYkWl8wiLwql8Q1ujZHDALrzw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/22c60e-72fd-47af-99f3-26848ffee765/1/vXQQ9OYsd3LHjVdQsh_CFDOelKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.72.72.0-77.72.77.255
IPv6:
2a01:4b0:1::-2a01:4b0:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
43:44:8a:bd:a8:7c:57:75:f9:aa:a7:49:7c:24:a0:03:ec:6d:
a6:b0:34:fb:65:37:f2:dd:82:44:4a:a8:0e:bb:d9:2b:58:c4:
d4:d2:58:dd:48:e9:14:df:94:0a:97:a2:e9:69:f6:13:db:54:
8f:6f:2a:9c:ed:e4:ab:a5:0e:4d:2d:65:5d:89:ec:44:28:6e:
16:5a:a2:05:f7:7f:ea:e3:10:4d:a6:2e:c3:ed:72:fe:ed:bc:
bc:ed:b7:3c:13:bb:f0:20:fb:0b:ea:6d:71:62:70:8a:43:48:
25:29:6d:f0:d1:36:ce:27:e6:55:ee:ef:db:a1:01:3f:5c:aa:
f4:b7:e1:4e:26:1b:a1:f5:3f:47:e7:e9:66:6b:be:98:22:4f:
4b:78:7e:00:cf:cf:43:d2:a8:bc:11:05:a4:fd:21:73:ee:e1:
6c:7f:d5:d2:33:7d:d3:00:b4:8f:d8:cf:87:d5:f8:2e:df:63:
21:cf:c2:69:b7:07:52:6e:3b:ab:6f:04:09:c1:3f:86:15:16:
d6:16:fc:a8:81:1d:b3:f9:1e:af:37:02:d9:44:8b:1a:bd:14:
df:cb:0d:17:1d:a8:59:f2:17:f3:dc:d4:a4:5b:a4:00:66:e9:
83:cb:29:c9:fc:67:2e:79:41:ca:82:db:4f:35:d2:84:72:37:
41:48:51:f8
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYtmIKAHqXqSiEKCfTot4HuHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkNzQxMGY0ZTYyYzc3NzJjNzhkNTc1MGIyMWZjMjE0MzM5
ZTk0YTIwHhcNMjMxMDI1MDkxODE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWMyOTg5MTY5N2NjMjIyZjBhYTVmMTBkNmU4ZDkxYzMwMGJhZjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3pWUSap56t5upYEeK81i2Gn++ie
8TkgffoGscW6lcempAYE0QHuE6p5y/6q0l1uejlkOPy0saJwWx2GyBsZXoZC/qi3
QrXH+wHJmDMWAIN6YmEwcc8C2u4bxjFVpE/MXScKr3lvPO6CETy/1vTD02tFzUBF
fLw1A9hufSisfe4HDyBWo2pw0hWphffznyz06xX4lJetI6PSywQ7u29FB1m2lN9A
sWQaAk8pRTFsE3mPRpcoP4Gx/TGMG03g/B4BCwqSz97K0ABfxcfAPIZ3Q59NHQww
eui2iUtOwFNKV4UG9Ykc6/FotXfr2VgUUPmTahK0f+oPtHHE8hl3v0d7OwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNHCmJFpfMIi8KpfENbo2RwwC688MB8GA1UdIwQY
MBaAFL10EPTmLHdyx41XULIfwhQznpSiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlhRUTlPWXNkM0xIalZkUXNoX0NGRE9lbEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8yMmM2MGUtNzJmZC00N2FmLTk5ZjMt
MjY4NDhmZmVlNzY1LzEvMGNLWWtXbDh3aUx3cWw4UTF1alpIREFMcnp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8yMmM2MGUtNzJmZC00N2FmLTk5ZjMtMjY4NDhmZmVlNzY1
LzEvdlhRUTlPWXNkM0xIalZkUXNoX0NGRE9lbEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAUBAIAATAOMAwDBANNSEgD
BAFNSEwwGgQCAAIwFDASAwcAKgEEsAABAwcAKgEEsAACMA0GCSqGSIb3DQEBCwUA
A4IBAQBDRIq9qHxXdfmqp0l8JKAD7G2msDT7ZTfy3YJESqgOu9krWMTU0ljdSOkU
35QKl6LpafYT21SPbyqc7eSrpQ5NLWVdiexEKG4WWqIF93/q4xBNpi7D7XL+7by8
7bc8E7vwIPsL6m1xYnCKQ0glKW3w0TbOJ+ZV7u/boQE/XKr0t+FOJhuh9T9H5+lm
a76YIk9LeH4Az89D0qi8EQWk/SFz7uFsf9XSM33TALSP2M+H1fgu32Mhz8JptwdS
bjurbwQJwT+GFRbWFvyogR2z+R6vNwLZRIsavRTfyw0XHahZ8hfz3NSkW6QAZumD
yynJ/GcueUHKgttPNdKEcjdBSFH4
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:39 2025 by rpki-client