Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/849dfd-939d-4c5d-8eb6-f059670daf3d/1/KF_Yr4Hbdwhep4xPitlkTx9ArCM.roa
File: KF_Yr4Hbdwhep4xPitlkTx9ArCM.roa (raw, json)
Hash identifier: Ak2AxbzRYHOGd1CKZeTVYEHjx83trqsFGzdeKJxjJks=
Subject key identifier: 28:5F:D8:AF:81:DB:77:08:5E:A7:8C:4F:8A:D9:64:4F:1F:40:AC:23
Certificate issuer: /CN=f1333a6754c008edbbac5f32ebd019ea6473aea8
Certificate serial: 3203AA
Authority key identifier: F1:33:3A:67:54:C0:08:ED:BB:AC:5F:32:EB:D0:19:EA:64:73:AE:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TM6Z1TACO27rF8y69AZ6mRzrqg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/849dfd-939d-4c5d-8eb6-f059670daf3d/1/KF_Yr4Hbdwhep4xPitlkTx9ArCM.roa
Signing time: Sat 01 Jan 2022 00:54:20 +0000
ROA not before: Sat 01 Jan 2022 00:54:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42386
IP address blocks: 77.241.124.0/22 maxlen: 22
77.241.120.0/22 maxlen: 22
77.241.112.0/22 maxlen: 22
77.241.112.0/20 maxlen: 20
77.241.116.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3277738 (0x3203aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1333a6754c008edbbac5f32ebd019ea6473aea8
Validity
Not Before: Jan 1 00:54:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=285fd8af81db77085ea78c4f8ad9644f1f40ac23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ab:55:aa:4d:f9:b3:e8:3e:9c:e2:5d:f8:d8:
67:75:a8:81:6b:6c:cb:4e:91:95:b1:d3:58:ec:15:
2c:fb:7a:a7:ad:93:71:3b:11:b6:c4:a0:3e:30:c9:
43:56:97:9b:d5:13:1d:77:53:5d:1a:58:83:99:fb:
16:d1:d8:7c:df:1d:c3:14:09:50:43:aa:b9:d5:e9:
f4:86:bf:5c:c7:6d:e3:8f:d1:3e:eb:15:ac:4c:85:
d2:2a:b8:c2:38:64:82:9a:ca:60:2c:de:e5:91:8d:
5a:80:c9:a0:a4:ec:a0:ca:b1:a4:0e:01:41:47:66:
3b:34:4c:4f:c1:05:59:ba:d8:ae:a7:51:39:9a:51:
e5:33:43:dd:7a:56:c7:6e:d7:4a:71:e4:80:d2:1e:
69:81:b0:8d:4f:67:b4:8d:af:bc:df:6f:89:de:ae:
b1:19:f7:1c:3b:82:92:88:db:33:01:02:bc:41:3e:
2a:78:60:9b:b6:b2:2e:26:fd:1e:47:8d:8b:fd:c9:
b9:65:9c:73:cf:92:3f:1e:79:36:13:9c:28:97:91:
eb:5f:ff:96:71:99:87:eb:fd:da:85:f3:16:01:e2:
36:aa:8b:e7:d3:cd:01:3b:84:62:29:68:5d:4f:b9:
fb:a8:96:ec:be:a3:47:fa:95:4e:f2:46:12:3b:12:
99:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:5F:D8:AF:81:DB:77:08:5E:A7:8C:4F:8A:D9:64:4F:1F:40:AC:23
X509v3 Authority Key Identifier:
keyid:F1:33:3A:67:54:C0:08:ED:BB:AC:5F:32:EB:D0:19:EA:64:73:AE:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TM6Z1TACO27rF8y69AZ6mRzrqg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/849dfd-939d-4c5d-8eb6-f059670daf3d/1/KF_Yr4Hbdwhep4xPitlkTx9ArCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/849dfd-939d-4c5d-8eb6-f059670daf3d/1/8TM6Z1TACO27rF8y69AZ6mRzrqg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.241.112.0/20
Signature Algorithm: sha256WithRSAEncryption
0e:92:5f:fb:61:41:c6:33:4e:d7:fb:c3:ce:bb:21:50:e2:25:
d5:b4:ce:42:d4:62:b8:51:0b:8a:04:63:f9:ad:a2:bc:86:14:
e9:ac:c3:7f:2a:5a:13:c0:55:bd:3e:b5:27:e0:9c:29:2f:85:
7c:23:29:b7:85:66:73:8b:d5:29:c8:1b:e1:a1:c4:99:d9:57:
a0:a3:05:c3:e8:b3:b8:02:cb:30:42:43:ea:f4:cb:d7:8e:01:
3c:f3:31:8b:ff:14:f5:5e:15:3e:ee:ee:a4:33:3f:10:15:a6:
bc:bf:57:e8:e9:1d:5f:e6:3a:4f:90:79:f0:2a:8a:51:c0:7d:
09:62:eb:90:df:0b:03:9a:70:fd:8d:66:98:eb:43:24:df:65:
75:12:4e:17:56:a2:9e:dc:e9:38:ce:bd:d9:c7:ac:19:d3:81:
d7:e9:d2:e9:a7:06:c5:dd:bb:bf:3e:ed:c9:5e:e6:85:4b:c5:
2c:ba:85:b7:5d:14:cd:da:23:d6:57:d7:f2:86:c1:28:71:0d:
fb:fa:04:bb:6c:a9:c7:57:71:d1:4f:56:df:e6:39:b0:1b:8d:
e2:2b:22:ce:6f:f6:ba:8a:3f:ca:04:63:9d:96:ae:1a:04:4d:
fa:4e:48:11:49:58:0a:34:40:dc:e9:f2:5c:ee:7f:79:63:7e:
f7:8f:c4:f3
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDMgOqMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGYx
MzMzYTY3NTRjMDA4ZWRiYmFjNWYzMmViZDAxOWVhNjQ3M2FlYTgwHhcNMjIwMTAx
MDA1NDIwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyODVmZDhhZjgxZGI3
NzA4NWVhNzhjNGY4YWQ5NjQ0ZjFmNDBhYzIzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAtatVqk35s+g+nOJd+NhndaiBa2zLTpGVsdNY7BUs+3qnrZNx
OxG2xKA+MMlDVpeb1RMdd1NdGliDmfsW0dh83x3DFAlQQ6q51en0hr9cx23jj9E+
6xWsTIXSKrjCOGSCmspgLN7lkY1agMmgpOygyrGkDgFBR2Y7NExPwQVZutiup1E5
mlHlM0PdelbHbtdKceSA0h5pgbCNT2e0ja+832+J3q6xGfccO4KSiNszAQK8QT4q
eGCbtrIuJv0eR42L/cm5ZZxzz5I/Hnk2E5wol5HrX/+WcZmH6/3ahfMWAeI2qovn
080BO4RiKWhdT7n7qJbsvqNH+pVO8kYSOxKZHQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFChf2K+B23cIXqeMT4rZZE8fQKwjMB8GA1UdIwQYMBaAFPEzOmdUwAjtu6xf
MuvQGepkc66oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
OFRNNloxVEFDTzI3ckY4eTY5QVo2bVJ6cnFnLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC83NS84NDlkZmQtOTM5ZC00YzVkLThlYjYtZjA1OTY3MGRhZjNkLzEv
S0ZfWXI0SGJkd2hlcDR4UGl0bGtUeDlBckNNLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS84
NDlkZmQtOTM5ZC00YzVkLThlYjYtZjA1OTY3MGRhZjNkLzEvOFRNNloxVEFDTzI3
ckY4eTY5QVo2bVJ6cnFnLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQETfFwMA0GCSqGSIb3DQEBCwUAA4IB
AQAOkl/7YUHGM07X+8POuyFQ4iXVtM5C1GK4UQuKBGP5raK8hhTprMN/KloTwFW9
PrUn4JwpL4V8Iym3hWZzi9UpyBvhocSZ2VegowXD6LO4AsswQkPq9MvXjgE88zGL
/xT1XhU+7u6kMz8QFaa8v1fo6R1f5jpPkHnwKopRwH0JYuuQ3wsDmnD9jWaY60Mk
32V1Ek4XVqKe3Ok4zr3Zx6wZ04HX6dLppwbF3bu/Pu3JXuaFS8UsuoW3XRTN2iPW
V9fyhsEocQ37+gS7bKnHV3HRT1bf5jmwG43iKyLOb/a6ij/KBGOdlq4aBE36TkgR
SVgKNEDc6fJc7n95Y373j8Tz
-----END CERTIFICATE-----
Generated at Tue Mar 11 19:33:34 2025 by rpki-client