Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/b2rVj_WODG16WcG8fRabI-UHFZw.roa
File: b2rVj_WODG16WcG8fRabI-UHFZw.roa (raw, json)
Hash identifier: /XvEQ91cfU8650LBvlfIF+OqiBO12XyBSZxdXHexL7Q=
Subject key identifier: 6F:6A:D5:8F:F5:8E:0C:6D:7A:59:C1:BC:7D:16:9B:23:E5:07:15:9C
Certificate issuer: /CN=affa13f1ae053916280ec68ee1b0976f9ebd3ea8
Certificate serial: 05757B23
Authority key identifier: AF:FA:13:F1:AE:05:39:16:28:0E:C6:8E:E1:B0:97:6F:9E:BD:3E:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r_oT8a4FORYoDsaO4bCXb569Pqg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/b2rVj_WODG16WcG8fRabI-UHFZw.roa
Signing time: Wed 23 Feb 2022 08:16:47 +0000
ROA not before: Wed 23 Feb 2022 08:16:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12695
IP address blocks: 77.73.129.0/24 maxlen: 24
77.73.132.0/24 maxlen: 24
77.73.131.0/24 maxlen: 24
77.73.128.0/24 maxlen: 24
77.73.133.0/24 maxlen: 24
77.73.134.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91585315 (0x5757b23)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=affa13f1ae053916280ec68ee1b0976f9ebd3ea8
Validity
Not Before: Feb 23 08:16:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6f6ad58ff58e0c6d7a59c1bc7d169b23e507159c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:f6:69:71:c1:34:f5:e7:7f:2a:3f:d7:5b:19:
15:9e:5a:de:a8:42:0b:28:dc:78:06:54:9b:5b:5f:
5a:a5:7c:1e:40:f5:35:91:78:90:5b:03:29:ac:8b:
2e:c9:65:f0:cb:2a:2c:f1:33:9e:49:29:33:5d:b8:
ac:0b:a1:d1:40:4f:8b:d1:48:c5:bd:7f:aa:12:b5:
e2:7c:5a:da:cc:a0:27:89:94:f6:49:ff:63:3e:ae:
89:85:33:4b:3e:72:60:db:bb:0d:1c:bb:40:1c:09:
d3:18:12:1b:67:b3:d4:94:ab:fd:60:4e:a0:b5:28:
93:7f:9f:00:2b:c4:78:14:09:f4:50:23:2c:0c:05:
06:99:b0:06:22:64:f0:57:2f:47:8c:25:ac:0e:91:
2e:da:12:72:8e:73:d2:ed:31:b4:73:8f:ec:e1:1c:
84:99:39:a1:52:7c:94:ae:7c:06:31:28:39:5b:ff:
65:40:01:f1:ef:a7:ae:eb:1e:da:05:da:98:94:60:
1c:b8:f9:ae:f5:5d:21:0b:31:b2:8b:3f:bd:f0:70:
c4:a8:a1:9a:2a:bd:2e:19:4b:79:e9:2d:b9:91:7e:
b2:da:42:3f:31:19:d3:a8:04:c8:0a:bd:bc:62:01:
4e:8c:13:74:8e:05:02:63:b2:0e:3e:af:97:8f:8a:
d7:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:6A:D5:8F:F5:8E:0C:6D:7A:59:C1:BC:7D:16:9B:23:E5:07:15:9C
X509v3 Authority Key Identifier:
keyid:AF:FA:13:F1:AE:05:39:16:28:0E:C6:8E:E1:B0:97:6F:9E:BD:3E:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_oT8a4FORYoDsaO4bCXb569Pqg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/b2rVj_WODG16WcG8fRabI-UHFZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/r_oT8a4FORYoDsaO4bCXb569Pqg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.73.128.0/23
77.73.131.0-77.73.134.255
Signature Algorithm: sha256WithRSAEncryption
a5:f7:54:f9:55:5b:36:a6:26:2c:e2:e6:59:d3:07:2c:b0:33:
74:bc:37:dc:9e:9a:c0:cd:e4:bd:2b:a2:60:54:31:30:4b:87:
54:68:08:d4:46:0e:08:47:b7:82:48:9d:62:01:c4:7a:3a:43:
e1:9f:21:6b:9a:fd:60:68:31:53:a7:02:20:fd:29:1e:7b:12:
18:6b:c5:db:7d:6d:16:88:fc:3a:9b:07:10:56:15:f2:f0:e3:
cb:45:2c:35:34:5a:76:dd:c0:b0:b2:5e:03:d4:7b:43:24:80:
ab:d5:55:ca:3e:83:d9:a6:7a:83:9a:d2:ab:fe:b2:91:25:c6:
86:dd:6a:f2:d1:59:34:62:39:5b:4d:43:c2:06:6f:d3:4a:6d:
56:ac:d6:bb:c8:a2:ea:c4:64:c6:87:76:76:2f:d7:fd:22:8f:
84:b4:99:bd:72:0e:8b:1e:eb:c8:b1:16:b6:04:e3:08:61:bf:
15:f7:bd:80:4b:b6:fd:5b:5d:96:ba:b1:c6:73:b1:8c:92:91:
cd:0d:20:38:53:5b:af:89:a0:35:d9:ec:e5:a5:0f:cc:0e:c4:
88:7a:31:d6:f3:d5:22:12:ec:4c:40:9d:fb:2b:5a:4c:fb:3a:
bc:f9:df:d9:b4:cc:46:9c:a8:78:c9:09:4a:ff:c9:f3:48:ac:
12:27:bc:4c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEBXV7IzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZmZhMTNmMWFlMDUzOTE2MjgwZWM2OGVlMWIwOTc2ZjllYmQzZWE4MB4XDTIyMDIy
MzA4MTY0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmY2YWQ1OGZmNThl
MGM2ZDdhNTljMWJjN2QxNjliMjNlNTA3MTU5YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM72aXHBNPXnfyo/11sZFZ5a3qhCCyjceAZUm1tfWqV8HkD1
NZF4kFsDKayLLsll8MsqLPEznkkpM124rAuh0UBPi9FIxb1/qhK14nxa2sygJ4mU
9kn/Yz6uiYUzSz5yYNu7DRy7QBwJ0xgSG2ez1JSr/WBOoLUok3+fACvEeBQJ9FAj
LAwFBpmwBiJk8FcvR4wlrA6RLtoSco5z0u0xtHOP7OEchJk5oVJ8lK58BjEoOVv/
ZUAB8e+nruse2gXamJRgHLj5rvVdIQsxsos/vfBwxKihmiq9LhlLeektuZF+stpC
PzEZ06gEyAq9vGIBTowTdI4FAmOyDj6vl4+K1yMCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBRvatWP9Y4MbXpZwbx9Fpsj5QcVnDAfBgNVHSMEGDAWgBSv+hPxrgU5FigO
xo7hsJdvnr0+qDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3Jfb1Q4YTRGT1JZb0RzYU80YkNYYjU2OVBxZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTkvYTNjMGE0LTMxOTEtNGU1MS04ZDgwLTQ3OGMyYzhjYjJhMC8x
L2IyclZqX1dPREcxNldjRzhmUmFiSS1VSEZady5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTkv
YTNjMGE0LTMxOTEtNGU1MS04ZDgwLTQ3OGMyYzhjYjJhMC8xL3Jfb1Q4YTRGT1JZ
b0RzYU80YkNYYjU2OVBxZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFAMEAU1JgDAMAwQATUmDAwQATUmGMA0G
CSqGSIb3DQEBCwUAA4IBAQCl91T5VVs2piYs4uZZ0wcssDN0vDfcnprAzeS9K6Jg
VDEwS4dUaAjURg4IR7eCSJ1iAcR6OkPhnyFrmv1gaDFTpwIg/SkeexIYa8XbfW0W
iPw6mwcQVhXy8OPLRSw1NFp23cCwsl4D1HtDJICr1VXKPoPZpnqDmtKr/rKRJcaG
3Wry0Vk0YjlbTUPCBm/TSm1WrNa7yKLqxGTGh3Z2L9f9Io+EtJm9cg6LHuvIsRa2
BOMIYb8V972AS7b9W12WurHGc7GMkpHNDSA4U1uviaA12ezlpQ/MDsSIejHW89Ui
EuxMQJ37K1pM+zq8+d/ZtMxGnKh4yQlK/8nzSKwSJ7xM
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:50 2025 by rpki-client