Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/fe7dfc-1264-4c94-9bcc-96333489e855/1/ljivbR5BQ3weiEBLA_ymTTPXqFU.roa
File: ljivbR5BQ3weiEBLA_ymTTPXqFU.roa (raw, json)
Hash identifier: pWyfY/44FtPL8It4BFhMF9s4lM6ZTx1MLDOa/lL2knU=
Subject key identifier: 96:38:AF:6D:1E:41:43:7C:1E:88:40:4B:03:FC:A6:4D:33:D7:A8:55
Certificate issuer: /CN=1c28b07c157a5dc613c9264daf89e7c860e33e63
Certificate serial: 0188860DCEAC0BD9D1CB6AAE91D629BD4237
Authority key identifier: 1C:28:B0:7C:15:7A:5D:C6:13:C9:26:4D:AF:89:E7:C8:60:E3:3E:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HCiwfBV6XcYTySZNr4nnyGDjPmM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/fe7dfc-1264-4c94-9bcc-96333489e855/1/ljivbR5BQ3weiEBLA_ymTTPXqFU.roa
Signing time: Sun 04 Jun 2023 10:57:11 +0000
ROA not before: Sun 04 Jun 2023 10:57:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39273
IP address blocks: 78.110.79.0/24 maxlen: 24
81.22.30.0/24 maxlen: 24
81.22.31.0/24 maxlen: 24
81.22.28.0/24 maxlen: 24
81.22.29.0/24 maxlen: 24
81.22.27.0/24 maxlen: 24
81.22.25.0/24 maxlen: 24
81.22.26.0/24 maxlen: 24
77.92.165.0/24 maxlen: 24
77.92.166.0/24 maxlen: 24
77.92.163.0/24 maxlen: 24
77.92.164.0/24 maxlen: 24
77.92.161.0/24 maxlen: 24
77.92.160.0/21 maxlen: 21
77.92.162.0/24 maxlen: 24
77.92.160.0/19 maxlen: 19
77.92.160.0/24 maxlen: 24
77.92.172.0/24 maxlen: 24
77.92.170.0/24 maxlen: 24
77.92.171.0/24 maxlen: 24
77.92.168.0/24 maxlen: 24
77.92.169.0/24 maxlen: 24
77.92.167.0/24 maxlen: 24
77.92.168.0/21 maxlen: 21
77.92.173.0/24 maxlen: 24
77.92.179.0/24 maxlen: 24
77.92.177.0/24 maxlen: 24
77.92.178.0/24 maxlen: 24
77.92.175.0/24 maxlen: 24
77.92.176.0/24 maxlen: 24
77.92.176.0/21 maxlen: 21
77.92.174.0/24 maxlen: 24
77.92.186.0/24 maxlen: 24
77.92.184.0/21 maxlen: 21
77.92.184.0/24 maxlen: 24
77.92.185.0/24 maxlen: 24
77.92.182.0/24 maxlen: 24
77.92.183.0/24 maxlen: 24
77.92.181.0/24 maxlen: 24
77.92.180.0/24 maxlen: 24
77.92.191.0/24 maxlen: 24
77.92.189.0/24 maxlen: 24
77.92.190.0/24 maxlen: 24
77.92.188.0/24 maxlen: 24
77.92.187.0/24 maxlen: 24
81.22.16.0/20 maxlen: 20
81.22.16.0/24 maxlen: 24
81.22.17.0/24 maxlen: 24
81.22.23.0/24 maxlen: 24
81.22.24.0/24 maxlen: 24
81.22.21.0/24 maxlen: 24
81.22.22.0/24 maxlen: 24
81.22.20.0/24 maxlen: 24
81.22.18.0/24 maxlen: 24
81.22.19.0/24 maxlen: 24
78.110.64.0/24 maxlen: 24
78.110.64.0/20 maxlen: 20
78.110.64.0/21 maxlen: 21
78.110.70.0/24 maxlen: 24
78.110.71.0/24 maxlen: 24
78.110.68.0/24 maxlen: 24
78.110.69.0/24 maxlen: 24
78.110.67.0/24 maxlen: 24
78.110.65.0/24 maxlen: 24
78.110.66.0/24 maxlen: 24
78.110.75.0/24 maxlen: 24
78.110.77.0/24 maxlen: 24
77.83.91.0/24 maxlen: 24
78.110.78.0/24 maxlen: 24
77.83.89.0/24 maxlen: 24
78.110.76.0/24 maxlen: 24
77.83.90.0/24 maxlen: 24
78.110.74.0/24 maxlen: 24
77.83.88.0/24 maxlen: 24
77.83.88.0/22 maxlen: 22
78.110.72.0/21 maxlen: 21
78.110.72.0/24 maxlen: 24
78.110.73.0/24 maxlen: 24
87.236.50.0/24 maxlen: 24
87.236.48.0/21 maxlen: 21
87.236.51.0/24 maxlen: 24
87.236.48.0/24 maxlen: 24
87.236.49.0/24 maxlen: 24
185.33.178.0/24 maxlen: 24
185.33.179.0/24 maxlen: 24
185.33.177.0/24 maxlen: 24
185.33.176.0/24 maxlen: 24
87.236.54.0/24 maxlen: 24
87.236.52.0/24 maxlen: 24
87.236.53.0/24 maxlen: 24
87.236.55.0/24 maxlen: 24
2a04:8ac0::/29 maxlen: 29
2a00:6600::/29 maxlen: 29
2a00:6600::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:86:0d:ce:ac:0b:d9:d1:cb:6a:ae:91:d6:29:bd:42:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c28b07c157a5dc613c9264daf89e7c860e33e63
Validity
Not Before: Jun 4 10:57:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9638af6d1e41437c1e88404b03fca64d33d7a855
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:89:0c:c2:03:34:93:e7:de:71:16:b9:71:b6:
08:0a:f1:6b:76:bb:7a:e5:0c:70:b4:8f:2b:22:f5:
fb:56:9d:bf:f7:72:d4:d9:28:ef:6c:b0:7c:e2:30:
10:69:40:22:f2:c0:a4:cc:9f:40:74:99:b0:41:ec:
46:a5:a9:6e:9c:8b:49:ab:cf:34:63:be:31:cb:4a:
e1:91:98:e1:92:e6:d5:d4:b6:e5:19:93:8c:1d:9c:
10:4b:3e:76:9a:93:b6:99:b2:22:06:60:ca:92:48:
aa:10:18:07:8c:d2:c4:2f:dc:80:70:7e:c4:6d:ef:
1c:f9:c9:24:9a:a3:3b:7b:48:4a:ae:03:6d:a2:1d:
d9:8a:c1:21:29:65:02:09:3f:ad:02:43:8e:10:56:
27:99:53:04:d0:a7:3e:a5:c5:3e:30:c9:53:89:89:
03:36:33:10:cd:c5:97:76:e2:73:1f:ab:57:92:26:
87:b1:d7:1f:61:b9:b7:af:80:de:72:06:94:c9:5f:
87:01:54:3c:79:c2:0d:07:0d:74:b2:3a:e0:86:c6:
66:84:14:97:fd:37:28:b0:c3:53:bf:9e:de:cd:97:
d0:50:35:a7:8b:6d:2e:47:67:4c:61:c9:06:4f:09:
f3:ba:58:48:cb:42:3c:b6:d7:b7:6a:71:f9:7e:2c:
dc:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:38:AF:6D:1E:41:43:7C:1E:88:40:4B:03:FC:A6:4D:33:D7:A8:55
X509v3 Authority Key Identifier:
keyid:1C:28:B0:7C:15:7A:5D:C6:13:C9:26:4D:AF:89:E7:C8:60:E3:3E:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HCiwfBV6XcYTySZNr4nnyGDjPmM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/fe7dfc-1264-4c94-9bcc-96333489e855/1/ljivbR5BQ3weiEBLA_ymTTPXqFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/fe7dfc-1264-4c94-9bcc-96333489e855/1/HCiwfBV6XcYTySZNr4nnyGDjPmM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.88.0/22
77.92.160.0/19
78.110.64.0/20
81.22.16.0/20
87.236.48.0/21
185.33.176.0/22
IPv6:
2a00:6600::/29
2a04:8ac0::/29
Signature Algorithm: sha256WithRSAEncryption
ab:27:06:2b:ac:69:76:bb:2f:07:5d:0a:a2:b8:9b:f3:8b:f2:
64:18:bb:60:f8:f1:a9:dd:a5:8d:9a:e0:80:0f:82:b3:a7:bf:
9b:37:d7:02:11:89:d0:3d:2d:ad:d1:8f:e4:fe:58:30:26:d3:
92:bd:7b:dc:5d:2e:b1:40:3f:69:dc:52:6d:9b:33:4e:8d:c5:
43:d0:fe:5a:a3:54:c1:94:42:da:4f:dd:62:41:26:1a:ba:28:
e4:36:27:43:8b:2f:ca:b0:62:e9:fb:1d:4a:cd:40:36:85:d0:
96:bf:b0:54:6a:44:68:d4:59:e4:71:cf:12:d7:05:32:2b:21:
0c:8e:72:b6:ea:c1:d7:d5:50:86:a7:03:82:21:70:e2:61:d3:
9c:02:f0:9e:d7:ec:c4:0c:f2:20:37:df:21:f1:30:65:e7:34:
c2:08:77:d0:29:75:e6:59:34:0b:73:3d:c1:5b:65:7d:24:09:
52:c8:86:7c:5f:de:dc:db:6f:d5:06:97:0f:55:57:87:ee:7e:
dd:6a:63:e9:2c:79:c6:ae:01:92:d0:96:f3:4b:14:6b:27:7f:
a5:81:47:38:bb:4c:e4:85:87:88:b7:d8:70:24:57:a0:31:9b:
cc:a5:a7:6f:c5:d7:b0:b9:27:a8:44:3d:86:48:20:15:0a:f7:
f1:b8:c9:e5
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYiGDc6sC9nRy2qukdYpvUI3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMjhiMDdjMTU3YTVkYzYxM2M5MjY0ZGFmODllN2M4NjBl
MzNlNjMwHhcNMjMwNjA0MTA1NzExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjM4YWY2ZDFlNDE0MzdjMWU4ODQwNGIwM2ZjYTY0ZDMzZDdhODU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3YkMwgM0k+fecRa5cbYICvFrdrt6
5QxwtI8rIvX7Vp2/93LU2SjvbLB84jAQaUAi8sCkzJ9AdJmwQexGpalunItJq880
Y74xy0rhkZjhkubV1LblGZOMHZwQSz52mpO2mbIiBmDKkkiqEBgHjNLEL9yAcH7E
be8c+ckkmqM7e0hKrgNtoh3ZisEhKWUCCT+tAkOOEFYnmVME0Kc+pcU+MMlTiYkD
NjMQzcWXduJzH6tXkiaHsdcfYbm3r4DecgaUyV+HAVQ8ecINBw10sjrghsZmhBSX
/TcosMNTv57ezZfQUDWni20uR2dMYckGTwnzulhIy0I8tte3anH5fizcaQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFJY4r20eQUN8HohASwP8pk0z16hVMB8GA1UdIwQY
MBaAFBwosHwVel3GE8kmTa+J58hg4z5jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSENpd2ZCVjZYY1lUeVNaTnI0bm55R0RqUG1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9mZTdkZmMtMTI2NC00Yzk0LTliY2Mt
OTYzMzM0ODllODU1LzEvbGppdmJSNUJRM3dlaUVCTEFfeW1UVFBYcUZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9mZTdkZmMtMTI2NC00Yzk0LTliY2MtOTYzMzM0ODllODU1
LzEvSENpd2ZCVjZYY1lUeVNaTnI0bm55R0RqUG1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQCTVNYAwQF
TVygAwQETm5AAwQEURYQAwQDV+wwAwQCuSGwMBQEAgACMA4DBQMqAGYAAwUDKgSK
wDANBgkqhkiG9w0BAQsFAAOCAQEAqycGK6xpdrsvB10Korib84vyZBi7YPjxqd2l
jZrggA+Cs6e/mzfXAhGJ0D0trdGP5P5YMCbTkr173F0usUA/adxSbZszTo3FQ9D+
WqNUwZRC2k/dYkEmGroo5DYnQ4svyrBi6fsdSs1ANoXQlr+wVGpEaNRZ5HHPEtcF
MishDI5yturB19VQhqcDgiFw4mHTnALwntfsxAzyIDffIfEwZec0wgh30Cl15lk0
C3M9wVtlfSQJUsiGfF/e3Ntv1QaXD1VXh+5+3Wpj6Sx5xq4BktCW80sUayd/pYFH
OLtM5IWHiLfYcCRXoDGbzKWnb8XXsLknqEQ9hkggFQr38bjJ5Q==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:08 2025 by rpki-client