Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/1-KU2WGTBFcxPJHTnuZIDbfld-LE.roa
File: 1-KU2WGTBFcxPJHTnuZIDbfld-LE.roa (raw, json)
Hash identifier: qDjfBFV3hL/fq91fIEc+xzniAUqWL5n8X7lPu0roAfE=
Subject key identifier: F8:A5:36:58:64:C1:15:CC:4F:24:74:E7:B9:92:03:6D:F9:5D:F8:B1
Certificate issuer: /CN=d703642076d27e252fa90bf1a4296f8bcd9d0cf1
Certificate serial: 0182EFB43C3BBAFF3DE6B515F129A1770FCF
Authority key identifier: D7:03:64:20:76:D2:7E:25:2F:A9:0B:F1:A4:29:6F:8B:CD:9D:0C:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1wNkIHbSfiUvqQvxpClvi82dDPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/1-KU2WGTBFcxPJHTnuZIDbfld-LE.roa
Signing time: Tue 30 Aug 2022 17:02:22 +0000
ROA not before: Tue 30 Aug 2022 17:02:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212910
IP address blocks: 77.221.58.0/23 maxlen: 23
77.221.63.0/24 maxlen: 24
77.221.60.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ef:b4:3c:3b:ba:ff:3d:e6:b5:15:f1:29:a1:77:0f:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d703642076d27e252fa90bf1a4296f8bcd9d0cf1
Validity
Not Before: Aug 30 17:02:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f8a5365864c115cc4f2474e7b992036df95df8b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:30:72:cb:0a:82:4c:09:bd:68:78:f0:c1:9a:
42:cd:66:30:36:7c:1f:5b:b5:66:ef:c5:83:9b:43:
fa:e1:1d:43:f3:a9:fd:b0:12:22:34:a5:51:d5:5b:
b8:84:b0:8c:d4:1e:73:11:e3:7e:55:49:fb:80:37:
f0:5f:63:f4:d7:0d:11:27:30:16:78:7e:d3:ab:14:
b6:72:70:9b:54:05:37:23:b4:db:79:37:4c:24:51:
8c:02:78:62:08:af:99:d1:15:7c:6c:f0:6b:95:04:
12:b1:59:f9:9c:2f:b1:01:d4:f2:55:50:f8:db:5f:
4f:f2:7c:59:78:d8:91:42:e0:4a:b2:3b:2b:a6:1e:
2d:75:bf:db:3e:25:02:35:03:16:75:58:9a:bc:e4:
d0:bb:74:66:df:38:34:60:ed:d8:ca:80:bc:75:d1:
b6:6e:73:be:88:65:0e:10:96:9f:31:bc:ef:3f:6e:
a3:ae:ff:74:5d:83:29:21:fc:59:8d:bc:a4:37:a7:
50:6f:61:25:2c:95:ac:40:92:1f:f4:3f:2f:86:ae:
b9:2c:74:44:25:be:81:f1:81:23:0a:82:51:2d:1d:
8d:0e:8b:5d:1c:c5:9b:c9:57:47:4e:f3:2d:04:23:
08:04:3c:cd:7c:f5:7e:fb:d3:e4:1c:cc:73:ac:e5:
53:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:A5:36:58:64:C1:15:CC:4F:24:74:E7:B9:92:03:6D:F9:5D:F8:B1
X509v3 Authority Key Identifier:
keyid:D7:03:64:20:76:D2:7E:25:2F:A9:0B:F1:A4:29:6F:8B:CD:9D:0C:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1wNkIHbSfiUvqQvxpClvi82dDPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/1-KU2WGTBFcxPJHTnuZIDbfld-LE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/1wNkIHbSfiUvqQvxpClvi82dDPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.221.58.0-77.221.61.255
77.221.63.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:b4:80:4f:b6:94:f9:c3:a9:6c:9b:90:38:ea:ea:35:7a:02:
f7:15:16:3d:1d:f4:de:2f:96:e0:7d:eb:77:bd:f1:11:e4:fa:
98:b2:73:44:51:a1:5e:dd:83:d3:6e:98:75:dd:ba:63:c4:33:
f9:1d:a0:60:44:bb:53:da:07:22:6e:39:b0:64:1e:15:02:cd:
d9:5e:cf:24:24:7b:cd:14:6c:34:17:ac:97:cb:74:fa:65:b2:
b3:0e:08:3b:06:0c:bf:b1:7a:e9:d2:1f:e8:92:22:11:ab:95:
59:a0:0e:89:35:7b:44:64:8c:6e:c9:2d:79:86:49:51:e0:41:
4a:1a:ab:f1:47:e6:d3:48:91:d3:53:43:d3:6c:aa:15:2c:ec:
56:4d:a0:eb:a4:38:b5:84:93:2c:39:32:d5:c4:dd:18:9c:48:
df:5f:4e:24:e6:ab:6b:64:b1:97:43:f3:21:b1:03:9c:4e:18:
90:c4:94:fc:c3:28:28:40:0d:82:57:b0:03:b1:29:3f:62:04:
3e:76:0f:9f:c6:8e:aa:68:5f:dd:44:da:77:50:75:22:47:ac:
1c:4b:a7:3c:e5:38:6c:48:20:e9:33:4e:72:cc:bb:7a:72:81:
b4:f2:ed:fa:13:08:23:78:58:b5:13:c8:8f:78:6b:0e:57:fc:
96:ac:d0:34
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYLvtDw7uv895rUV8Smhdw/PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3MDM2NDIwNzZkMjdlMjUyZmE5MGJmMWE0Mjk2ZjhiY2Q5
ZDBjZjEwHhcNMjIwODMwMTcwMjIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGE1MzY1ODY0YzExNWNjNGYyNDc0ZTdiOTkyMDM2ZGY5NWRmOGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTByywqCTAm9aHjwwZpCzWYwNnwf
W7Vm78WDm0P64R1D86n9sBIiNKVR1Vu4hLCM1B5zEeN+VUn7gDfwX2P01w0RJzAW
eH7TqxS2cnCbVAU3I7TbeTdMJFGMAnhiCK+Z0RV8bPBrlQQSsVn5nC+xAdTyVVD4
219P8nxZeNiRQuBKsjsrph4tdb/bPiUCNQMWdViavOTQu3Rm3zg0YO3YyoC8ddG2
bnO+iGUOEJafMbzvP26jrv90XYMpIfxZjbykN6dQb2ElLJWsQJIf9D8vhq65LHRE
Jb6B8YEjCoJRLR2NDotdHMWbyVdHTvMtBCMIBDzNfPV++9PkHMxzrOVTFQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPilNlhkwRXMTyR057mSA235XfixMB8GA1UdIwQY
MBaAFNcDZCB20n4lL6kL8aQpb4vNnQzxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXdOa0lIYlNmaVV2cVF2eHBDbHZpODJkRFBFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8zODEzNmMtZGI1MS00ZjcwLWFkOGIt
NjU0NTA1YTJkMDQ1LzEvMS1LVTJXR1RCRmN4UEpIVG51WklEYmZsZC1MRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNWEvMzgxMzZjLWRiNTEtNGY3MC1hZDhiLTY1NDUwNWEyZDA0
NS8xLzF3TmtJSGJTZmlVdnFRdnhwQ2x2aTgyZERQRS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAtBggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFDAMAwQBTd06
AwQBTd08AwQATd0/MA0GCSqGSIb3DQEBCwUAA4IBAQC2tIBPtpT5w6lsm5A46uo1
egL3FRY9HfTeL5bgfet3vfER5PqYsnNEUaFe3YPTbph13bpjxDP5HaBgRLtT2gci
bjmwZB4VAs3ZXs8kJHvNFGw0F6yXy3T6ZbKzDgg7Bgy/sXrp0h/okiIRq5VZoA6J
NXtEZIxuyS15hklR4EFKGqvxR+bTSJHTU0PTbKoVLOxWTaDrpDi1hJMsOTLVxN0Y
nEjfX04k5qtrZLGXQ/MhsQOcThiQxJT8wygoQA2CV7ADsSk/YgQ+dg+fxo6qaF/d
RNp3UHUiR6wcS6c85ThsSCDpM05yzLt6coG08u36EwgjeFi1E8iPeGsOV/yWrNA0
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:07:18 2025 by rpki-client