Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/1GNmxmFKu9SoeUXbrFvN4IT_brc.roa
File: 1GNmxmFKu9SoeUXbrFvN4IT_brc.roa (raw, json)
Hash identifier: tWazaSCI+N9/abcvpOGdLyEN4jx1GwEFb/rXzBbFb6c=
Subject key identifier: D4:63:66:C6:61:4A:BB:D4:A8:79:45:DB:AC:5B:CD:E0:84:FF:6E:B7
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 0187E25C76ACC5F11D721DDE80AE3AB3830B
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/1GNmxmFKu9SoeUXbrFvN4IT_brc.roa
Signing time: Wed 03 May 2023 16:05:23 +0000
ROA not before: Wed 03 May 2023 16:05:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21502
IP address blocks: 77.128.0.0/13 maxlen: 24
88.140.0.0/16 maxlen: 24
87.231.0.0/16 maxlen: 24
89.156.0.0/14 maxlen: 24
77.140.0.0/14 maxlen: 24
89.2.0.0/15 maxlen: 24
88.141.0.0/16 maxlen: 24
109.0.0.0/11 maxlen: 24
93.0.0.0/11 maxlen: 24
81.64.0.0/14 maxlen: 24
92.88.0.0/13 maxlen: 24
195.132.0.0/16 maxlen: 24
89.157.88.0/21 maxlen: 21
213.223.0.0/16 maxlen: 24
89.157.96.0/19 maxlen: 19
84.4.0.0/14 maxlen: 24
213.245.0.0/16 maxlen: 24
79.80.0.0/12 maxlen: 24
77.144.0.0/12 maxlen: 24
78.112.0.0/12 maxlen: 24
77.192.0.0/12 maxlen: 24
77.136.0.0/16 maxlen: 24
85.168.0.0/14 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e2:5c:76:ac:c5:f1:1d:72:1d:de:80:ae:3a:b3:83:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: May 3 16:05:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d46366c6614abbd4a87945dbac5bcde084ff6eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:7b:35:87:ec:2f:a9:e9:f2:6e:98:63:6a:53:
18:94:b4:18:92:2c:e7:0d:57:26:40:60:34:39:c5:
23:c8:3e:df:cb:a5:27:55:89:de:52:81:e5:2d:d5:
9f:00:bc:5f:67:a4:99:d5:73:d8:17:a2:ee:54:fe:
36:13:ea:94:0d:3f:58:c9:41:6f:5c:65:be:9e:19:
d6:a7:69:7b:98:88:f7:d6:f6:a0:54:86:c9:09:62:
fe:bd:3e:55:47:86:75:99:69:24:98:56:f7:6d:10:
22:40:7e:7a:32:f4:e0:32:63:ea:55:71:1c:2b:2e:
73:94:93:82:61:2b:5e:02:fb:21:46:13:84:5f:32:
03:3d:40:81:83:e9:8f:08:57:24:e2:77:1d:3f:c2:
d7:3e:b7:0d:66:9a:dc:8d:eb:05:46:d9:7c:27:d9:
23:ba:a5:e5:12:40:02:a2:71:86:d0:a2:b9:fd:68:
46:b2:d1:94:b0:81:9f:a5:d1:19:f2:55:68:ba:f2:
5b:17:af:d3:02:0b:59:85:2c:ef:fc:04:d5:82:d5:
49:d7:b0:7c:a3:ee:7d:e8:6a:cc:0e:be:20:96:0a:
7e:48:c1:fc:1d:af:8f:66:79:13:90:a4:c0:a0:48:
47:12:4e:34:60:f2:b0:d7:68:bb:a2:19:a0:a3:63:
26:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:63:66:C6:61:4A:BB:D4:A8:79:45:DB:AC:5B:CD:E0:84:FF:6E:B7
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/1GNmxmFKu9SoeUXbrFvN4IT_brc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.128.0.0-77.136.255.255
77.140.0.0-77.159.255.255
77.192.0.0/12
78.112.0.0/12
79.80.0.0/12
81.64.0.0/14
84.4.0.0/14
85.168.0.0/14
87.231.0.0/16
88.140.0.0/15
89.2.0.0/15
89.156.0.0/14
92.88.0.0/13
93.0.0.0/11
109.0.0.0/11
195.132.0.0/16
213.223.0.0/16
213.245.0.0/16
Signature Algorithm: sha256WithRSAEncryption
76:d4:83:10:8c:7c:9b:3f:cf:cd:ec:03:ff:b2:b1:d5:c8:82:
f3:bd:36:fc:94:10:68:58:4b:f4:b9:1a:b1:8e:02:e2:f3:6e:
42:7e:b2:a7:17:1f:08:9c:e2:1c:53:96:a5:75:21:d2:a9:a7:
56:33:3d:b8:22:59:8d:57:2a:45:07:32:a2:0d:a9:82:60:06:
1a:b4:b2:b2:bc:be:fc:b2:cd:3f:c6:4e:05:de:04:e8:b7:4c:
41:54:76:0e:8c:5b:47:61:61:22:db:36:61:84:12:f1:60:e5:
b7:78:7d:31:95:87:3e:c5:6e:b6:f5:e0:07:d1:b7:f4:64:25:
9e:05:6b:bd:be:47:60:72:ee:d3:26:6f:05:6f:6a:1e:b3:65:
77:a1:72:bf:ca:bb:67:1d:a7:b2:be:cb:6c:bd:64:9c:02:60:
b4:dc:c0:d1:9b:64:bb:97:bd:c5:f6:56:3c:7a:f3:d7:5e:53:
10:96:9f:7b:9a:7d:51:13:d8:db:e4:e3:58:1e:cc:57:1c:cf:
cd:e8:1e:d8:75:02:c5:c9:b2:11:95:0d:3a:ea:43:12:e0:9e:
08:5f:6d:2b:f9:d9:14:e8:ff:3f:fc:b1:a9:38:29:d2:0d:e6:
3a:da:0e:81:4c:9e:e7:e7:aa:e5:ea:a2:6d:df:79:7c:18:15:
a9:77:14:3a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAYfiXHasxfEdch3egK46s4MLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjMwNTAzMTYwNTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDYzNjZjNjYxNGFiYmQ0YTg3OTQ1ZGJhYzViY2RlMDg0ZmY2ZWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiHs1h+wvqenybphjalMYlLQYkizn
DVcmQGA0OcUjyD7fy6UnVYneUoHlLdWfALxfZ6SZ1XPYF6LuVP42E+qUDT9YyUFv
XGW+nhnWp2l7mIj31vagVIbJCWL+vT5VR4Z1mWkkmFb3bRAiQH56MvTgMmPqVXEc
Ky5zlJOCYSteAvshRhOEXzIDPUCBg+mPCFck4ncdP8LXPrcNZprcjesFRtl8J9kj
uqXlEkAConGG0KK5/WhGstGUsIGfpdEZ8lVouvJbF6/TAgtZhSzv/ATVgtVJ17B8
o+596GrMDr4glgp+SMH8Ha+PZnkTkKTAoEhHEk40YPKw12i7ohmgo2MmQwIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFNRjZsZhSrvUqHlF26xbzeCE/263MB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvMUdObXhtRkt1OVNvZVVYYnJGdk40SVRfYnJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaDAKAwMHTYAD
AwBNiDAKAwMCTYwDAwVNgAMDBE3AAwMETnADAwRPUAMDAlFAAwMCVAQDAwJVqAMD
AFfnAwMBWIwDAwFZAgMDAlmcAwMDXFgDAwVdAAMDBW0AAwMAw4QDAwDV3wMDANX1
MA0GCSqGSIb3DQEBCwUAA4IBAQB21IMQjHybP8/N7AP/srHVyILzvTb8lBBoWEv0
uRqxjgLi825CfrKnFx8InOIcU5aldSHSqadWMz24IlmNVypFBzKiDamCYAYatLKy
vL78ss0/xk4F3gTot0xBVHYOjFtHYWEi2zZhhBLxYOW3eH0xlYc+xW629eAH0bf0
ZCWeBWu9vkdgcu7TJm8Fb2oes2V3oXK/yrtnHaeyvstsvWScAmC03MDRm2S7l73F
9lY8evPXXlMQlp97mn1RE9jb5ONYHsxXHM/N6B7YdQLFybIRlQ066kMS4J4IX20r
+dkU6P8//LGpOCnSDeY62g6BTJ7n56rl6qJt33l8GBWpdxQ6
-----END CERTIFICATE-----
Generated at Wed Apr 9 02:53:02 2025 by rpki-client