Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/600aea-9ea5-4c67-a602-ab1a87ecdf1b/1/8kpxv35LHf_ImKeKntVpxJcQUok.roa
File: 8kpxv35LHf_ImKeKntVpxJcQUok.roa (raw, json)
Hash identifier: ik7zYlCYH4B0uecNaUGCatfPLVLStnd+zAxtQogpDlI=
Subject key identifier: F2:4A:71:BF:7E:4B:1D:FF:C8:98:A7:8A:9E:D5:69:C4:97:10:52:89
Certificate issuer: /CN=48e06a351a5189bcdc44840948dbfb40abf58be5
Certificate serial: 01856F0B74AB4DE7A4FB81651C3347982EC7
Authority key identifier: 48:E0:6A:35:1A:51:89:BC:DC:44:84:09:48:DB:FB:40:AB:F5:8B:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SOBqNRpRibzcRIQJSNv7QKv1i-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/600aea-9ea5-4c67-a602-ab1a87ecdf1b/1/8kpxv35LHf_ImKeKntVpxJcQUok.roa
Signing time: Sun 01 Jan 2023 20:34:59 +0000
ROA not before: Sun 01 Jan 2023 20:34:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201029
IP address blocks: 185.77.76.0/24 maxlen: 24
185.77.77.0/24 maxlen: 24
2a00:8dc0:ff00::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:0b:74:ab:4d:e7:a4:fb:81:65:1c:33:47:98:2e:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48e06a351a5189bcdc44840948dbfb40abf58be5
Validity
Not Before: Jan 1 20:34:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f24a71bf7e4b1dffc898a78a9ed569c497105289
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:32:70:6c:41:ed:8b:60:d2:b9:e2:50:a0:e2:
8b:88:41:29:92:16:18:03:d9:c8:97:ec:4d:dc:5b:
67:35:1e:5a:94:e4:b3:b1:b4:3b:30:61:2b:57:52:
6c:9f:1d:e1:fe:84:aa:77:36:53:82:ea:76:05:4b:
ed:d0:5b:12:5d:24:f1:92:0d:68:79:9a:1d:d8:f6:
58:e6:dc:51:d3:c9:4e:4e:83:66:2b:e5:3b:a8:00:
7a:4a:8b:5b:81:ed:d5:da:bf:b2:87:10:5a:a6:e2:
10:a1:9f:1e:09:a4:63:1b:86:60:ab:11:c1:bd:8e:
f2:5f:55:bc:e0:5c:da:b0:06:4d:74:6a:27:03:c4:
41:50:ad:f5:29:7d:4c:7a:26:ed:0e:a2:74:43:5c:
39:ae:4c:70:4d:ad:3f:ed:8d:de:11:db:9b:3c:3f:
31:9d:61:87:6a:f7:02:e0:d4:f0:4d:52:dc:f4:9f:
74:51:b1:13:d5:56:52:fa:50:9b:c9:42:4e:38:39:
cd:fa:e5:c8:8e:b6:8a:e2:52:f1:8c:8b:12:97:7d:
7d:e7:e6:95:fb:5f:17:ca:3b:b0:c6:59:49:32:33:
85:f2:8c:27:b1:e8:71:c2:12:c1:69:ef:99:28:94:
7a:ee:8a:7a:32:dc:69:ea:3b:0f:24:2c:2c:87:3e:
ec:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:4A:71:BF:7E:4B:1D:FF:C8:98:A7:8A:9E:D5:69:C4:97:10:52:89
X509v3 Authority Key Identifier:
keyid:48:E0:6A:35:1A:51:89:BC:DC:44:84:09:48:DB:FB:40:AB:F5:8B:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SOBqNRpRibzcRIQJSNv7QKv1i-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/600aea-9ea5-4c67-a602-ab1a87ecdf1b/1/8kpxv35LHf_ImKeKntVpxJcQUok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/600aea-9ea5-4c67-a602-ab1a87ecdf1b/1/SOBqNRpRibzcRIQJSNv7QKv1i-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.77.76.0/23
IPv6:
2a00:8dc0:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
7f:80:f0:97:6e:cf:13:c8:1e:03:9e:da:65:dd:98:5a:e9:95:
94:1f:48:f4:40:60:3b:b5:5a:55:76:44:94:b7:cc:85:9b:2d:
79:a3:ba:48:e4:fa:2a:ae:84:50:07:86:85:ea:47:6e:cc:c4:
9c:d7:31:69:bd:83:fe:39:72:da:7f:c2:d0:52:cb:f9:33:63:
02:8b:85:96:85:fa:87:ed:db:59:56:cf:6a:71:32:f1:c4:47:
dc:6e:f1:e5:61:71:28:0a:d4:b5:17:fc:8b:dc:ce:72:f0:53:
2b:a1:60:48:f4:d9:e9:df:63:01:8d:38:01:42:fc:b4:63:2b:
c9:f2:68:0e:09:59:d2:f2:3d:26:38:74:29:79:11:93:d1:b5:
6a:fa:e2:9f:a8:b8:95:75:92:e5:70:2d:3b:fd:b1:31:40:a4:
1c:95:66:e5:83:dd:67:55:07:ec:72:2b:56:67:04:84:c8:e3:
28:34:74:e7:8f:ae:fe:7d:60:a3:8c:d7:d0:e3:14:58:7a:e7:
c6:42:9a:91:fe:b4:16:02:dd:ae:39:58:77:38:94:24:43:17:
70:a5:e3:ca:87:3a:5a:b8:15:2b:3b:a0:c6:0f:14:2c:4b:d4:
66:38:8d:a3:c3:38:d6:47:5c:76:4f:f7:c2:e1:fb:a8:68:5a:
9c:24:73:fb
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVvC3SrTeek+4FlHDNHmC7HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4ZTA2YTM1MWE1MTg5YmNkYzQ0ODQwOTQ4ZGJmYjQwYWJm
NThiZTUwHhcNMjMwMTAxMjAzNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjRhNzFiZjdlNGIxZGZmYzg5OGE3OGE5ZWQ1NjljNDk3MTA1Mjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTJwbEHti2DSueJQoOKLiEEpkhYY
A9nIl+xN3FtnNR5alOSzsbQ7MGErV1Jsnx3h/oSqdzZTgup2BUvt0FsSXSTxkg1o
eZod2PZY5txR08lOToNmK+U7qAB6Sotbge3V2r+yhxBapuIQoZ8eCaRjG4ZgqxHB
vY7yX1W84FzasAZNdGonA8RBUK31KX1MeibtDqJ0Q1w5rkxwTa0/7Y3eEdubPD8x
nWGHavcC4NTwTVLc9J90UbET1VZS+lCbyUJOODnN+uXIjraK4lLxjIsSl3195+aV
+18XyjuwxllJMjOF8ownsehxwhLBae+ZKJR67op6Mtxp6jsPJCwshz7s6QIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPJKcb9+Sx3/yJinip7VacSXEFKJMB8GA1UdIwQY
MBaAFEjgajUaUYm83ESECUjb+0Cr9YvlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU09CcU5ScFJpYnpjUklRSlNOdjdRS3YxaS1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS82MDBhZWEtOWVhNS00YzY3LWE2MDIt
YWIxYTg3ZWNkZjFiLzEvOGtweHYzNUxIZl9JbUtlS250VnB4SmNRVW9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS82MDBhZWEtOWVhNS00YzY3LWE2MDItYWIxYTg3ZWNkZjFi
LzEvU09CcU5ScFJpYnpjUklRSlNOdjdRS3YxaS1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBuU1MMA4E
AgACMAgDBgAqAI3A/zANBgkqhkiG9w0BAQsFAAOCAQEAf4Dwl27PE8geA57aZd2Y
WumVlB9I9EBgO7VaVXZElLfMhZsteaO6SOT6Kq6EUAeGhepHbszEnNcxab2D/jly
2n/C0FLL+TNjAouFloX6h+3bWVbPanEy8cRH3G7x5WFxKArUtRf8i9zOcvBTK6Fg
SPTZ6d9jAY04AUL8tGMryfJoDglZ0vI9Jjh0KXkRk9G1avrin6i4lXWS5XAtO/2x
MUCkHJVm5YPdZ1UH7HIrVmcEhMjjKDR054+u/n1go4zX0OMUWHrnxkKakf60FgLd
rjlYdziUJEMXcKXjyoc6WrgVKzugxg8ULEvUZjiNo8M41kdcdk/3wuH7qGhanCRz
+w==
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:35:29 2025 by rpki-client