Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/e5e689-c58a-4e86-bf8b-ac0598ec342f/1/on1wpY3m4Z70rm3c1j8nlfX9hvM.roa
File: on1wpY3m4Z70rm3c1j8nlfX9hvM.roa (raw, json)
Hash identifier: LyFTw1iUTlM8r8lQI05JqO8oEYSaL1gwC9Zia0fBmfE=
Subject key identifier: A2:7D:70:A5:8D:E6:E1:9E:F4:AE:6D:DC:D6:3F:27:95:F5:FD:86:F3
Certificate issuer: /CN=f54bfb01b03caa6fce887b4384253db20e59fa71
Certificate serial: 018B61597B14736AA221301D566495E10F50
Authority key identifier: F5:4B:FB:01:B0:3C:AA:6F:CE:88:7B:43:84:25:3D:B2:0E:59:FA:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9Uv7AbA8qm_OiHtDhCU9sg5Z-nE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/e5e689-c58a-4e86-bf8b-ac0598ec342f/1/on1wpY3m4Z70rm3c1j8nlfX9hvM.roa
Signing time: Tue 24 Oct 2023 11:02:16 +0000
ROA not before: Tue 24 Oct 2023 11:02:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60772
IP address blocks: 77.94.64.0/24 maxlen: 24
77.94.66.0/24 maxlen: 24
77.94.67.0/24 maxlen: 24
77.94.65.0/24 maxlen: 24
185.26.141.0/24 maxlen: 24
185.26.142.0/24 maxlen: 24
185.26.140.0/24 maxlen: 24
185.26.140.0/22 maxlen: 22
185.26.143.0/24 maxlen: 24
2a00:83a0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:61:59:7b:14:73:6a:a2:21:30:1d:56:64:95:e1:0f:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f54bfb01b03caa6fce887b4384253db20e59fa71
Validity
Not Before: Oct 24 11:02:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a27d70a58de6e19ef4ae6ddcd63f2795f5fd86f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:f8:73:34:d1:79:39:b5:20:9b:98:1a:6f:6c:
67:2f:07:33:10:1e:02:7b:7b:56:a6:50:2b:db:26:
68:0a:df:fd:c8:7d:4c:f5:8f:97:49:d4:49:b2:ed:
14:d3:97:70:ca:e1:99:d9:12:25:f7:d3:52:a9:c0:
cd:a9:38:9b:8e:0b:e4:b7:d5:4f:ef:8a:fc:ac:ee:
1a:11:1a:91:d0:16:c0:b0:23:5a:5c:64:34:cd:d7:
02:51:0f:76:ac:3f:9b:32:a6:11:a5:df:c9:ce:f7:
21:8c:c8:39:8b:4c:59:a8:f4:a6:54:20:ba:e4:6f:
74:90:c6:ae:b4:aa:39:51:bb:b2:5b:df:c4:8b:36:
c1:3a:0d:29:38:d0:68:53:da:4c:6d:2c:f5:30:bb:
8c:0e:ff:a2:e5:3c:b6:92:e6:d6:69:e8:bf:7c:65:
78:c4:f1:2a:0d:22:d9:c9:ed:ea:7f:0f:46:7f:1c:
e8:ed:9f:59:e3:b1:29:2c:b9:4a:91:40:2b:a2:b3:
bb:e0:84:6a:da:0d:af:f0:cb:50:01:ea:1e:a6:26:
ab:f2:77:0e:cf:9d:63:92:e2:c4:52:8d:48:d2:2d:
f2:ed:0d:69:86:1a:b4:df:d9:e7:5e:17:8c:f8:b3:
7a:db:58:20:9e:7c:21:3a:d1:8c:2c:ae:2f:41:08:
3d:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:7D:70:A5:8D:E6:E1:9E:F4:AE:6D:DC:D6:3F:27:95:F5:FD:86:F3
X509v3 Authority Key Identifier:
keyid:F5:4B:FB:01:B0:3C:AA:6F:CE:88:7B:43:84:25:3D:B2:0E:59:FA:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Uv7AbA8qm_OiHtDhCU9sg5Z-nE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/e5e689-c58a-4e86-bf8b-ac0598ec342f/1/on1wpY3m4Z70rm3c1j8nlfX9hvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/e5e689-c58a-4e86-bf8b-ac0598ec342f/1/9Uv7AbA8qm_OiHtDhCU9sg5Z-nE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.94.64.0/22
185.26.140.0/22
IPv6:
2a00:83a0::/32
Signature Algorithm: sha256WithRSAEncryption
3a:ba:6a:c2:fc:b8:67:18:37:13:dd:15:51:80:db:2b:7d:db:
e5:48:53:5c:00:62:74:af:e2:44:e2:e9:00:58:9d:0c:e0:e5:
11:8a:bb:bc:a8:08:52:d1:28:22:08:7d:9b:d9:3c:d3:cc:97:
80:ff:4c:b4:d6:69:e0:91:e2:5a:33:ae:ba:13:ef:9d:a2:4f:
4e:2f:89:41:16:3f:b3:50:3d:96:ea:c6:71:2d:9a:2f:8b:2f:
fd:34:5a:e3:2a:cc:0b:0b:3b:af:12:0a:be:70:51:e3:dc:4f:
36:9c:f8:9d:f1:97:7f:d6:07:48:74:b3:f0:9a:a2:e4:9b:e1:
49:52:e4:8d:40:78:be:07:b1:cf:f2:39:27:46:a0:cc:b7:92:
31:98:ad:30:c4:49:e6:0f:7c:05:6d:99:96:b4:69:a7:5b:0b:
f1:11:79:7c:07:cf:cf:e7:d1:1b:2b:8c:66:49:e1:df:7b:45:
96:fa:df:4b:bc:ae:40:3f:57:fd:0c:ff:6f:62:63:00:bd:07:
5b:7e:2c:ff:60:6a:41:5f:9a:15:cc:b8:d2:20:f7:9e:6b:28:
0b:09:b3:2e:b6:e5:22:c9:b1:b4:d9:34:3d:93:13:fd:52:d9:
36:3e:52:5c:f2:66:59:8a:e2:f2:6c:ce:3c:03:60:f2:4c:bf:
bf:35:40:67
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYthWXsUc2qiITAdVmSV4Q9QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1NGJmYjAxYjAzY2FhNmZjZTg4N2I0Mzg0MjUzZGIyMGU1
OWZhNzEwHhcNMjMxMDI0MTEwMjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjdkNzBhNThkZTZlMTllZjRhZTZkZGNkNjNmMjc5NWY1ZmQ4NmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPhzNNF5ObUgm5gab2xnLwczEB4C
e3tWplAr2yZoCt/9yH1M9Y+XSdRJsu0U05dwyuGZ2RIl99NSqcDNqTibjgvkt9VP
74r8rO4aERqR0BbAsCNaXGQ0zdcCUQ92rD+bMqYRpd/JzvchjMg5i0xZqPSmVCC6
5G90kMautKo5UbuyW9/EizbBOg0pONBoU9pMbSz1MLuMDv+i5Ty2kubWaei/fGV4
xPEqDSLZye3qfw9Gfxzo7Z9Z47EpLLlKkUArorO74IRq2g2v8MtQAeoepiar8ncO
z51jkuLEUo1I0i3y7Q1phhq039nnXheM+LN621ggnnwhOtGMLK4vQQg95QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKJ9cKWN5uGe9K5t3NY/J5X1/YbzMB8GA1UdIwQY
MBaAFPVL+wGwPKpvzoh7Q4QlPbIOWfpxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVV2N0FiQThxbV9PaUh0RGhDVTlzZzVaLW5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9lNWU2ODktYzU4YS00ZTg2LWJmOGIt
YWMwNTk4ZWMzNDJmLzEvb24xd3BZM200Wjcwcm0zYzFqOG5sZlg5aHZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9lNWU2ODktYzU4YS00ZTg2LWJmOGItYWMwNTk4ZWMzNDJm
LzEvOVV2N0FiQThxbV9PaUh0RGhDVTlzZzVaLW5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCTV5AAwQC
uRqMMA0EAgACMAcDBQAqAIOgMA0GCSqGSIb3DQEBCwUAA4IBAQA6umrC/LhnGDcT
3RVRgNsrfdvlSFNcAGJ0r+JE4ukAWJ0M4OURiru8qAhS0SgiCH2b2TzTzJeA/0y0
1mngkeJaM666E++dok9OL4lBFj+zUD2W6sZxLZoviy/9NFrjKswLCzuvEgq+cFHj
3E82nPid8Zd/1gdIdLPwmqLkm+FJUuSNQHi+B7HP8jknRqDMt5IxmK0wxEnmD3wF
bZmWtGmnWwvxEXl8B8/P59EbK4xmSeHfe0WW+t9LvK5AP1f9DP9vYmMAvQdbfiz/
YGpBX5oVzLjSIPeeaygLCbMutuUiybG02TQ9kxP9Utk2PlJc8mZZiuLybM48A2Dy
TL+/NUBn
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:46 2025 by rpki-client