Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/FRnofjDac5v_Xj9Wjjhhw9hV72w.roa
File: FRnofjDac5v_Xj9Wjjhhw9hV72w.roa (raw, json)
Hash identifier: i6a4oORYY27n7QfCEYt4k2qSw5ERdajOJrRa0AbX63k=
Subject key identifier: 15:19:E8:7E:30:DA:73:9B:FF:5E:3F:56:8E:38:61:C3:D8:55:EF:6C
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 01859ADEF05A79D681494CB8987A76A91A4C
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/FRnofjDac5v_Xj9Wjjhhw9hV72w.roa
Signing time: Tue 10 Jan 2023 08:49:39 +0000
ROA not before: Tue 10 Jan 2023 08:49:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8795
IP address blocks: 77.85.175.0/24 maxlen: 24
212.5.133.0/24 maxlen: 24
212.5.145.0/24 maxlen: 24
213.16.35.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:9a:de:f0:5a:79:d6:81:49:4c:b8:98:7a:76:a9:1a:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 10 08:49:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1519e87e30da739bff5e3f568e3861c3d855ef6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c1:d1:8b:40:ba:46:15:c8:e2:d6:fd:9e:39:
3c:19:0d:d6:3e:7b:63:64:6a:20:d5:5a:c3:89:e6:
33:c6:3a:31:0f:1b:b1:38:a2:18:66:b5:41:c4:22:
4b:84:68:08:8a:00:74:b3:7f:f4:e9:bc:b1:14:de:
2d:b8:0a:ae:66:d3:02:05:24:b7:ab:69:be:6c:13:
d7:48:23:19:16:dc:fd:1f:4b:d1:23:fa:9c:25:28:
3d:34:ef:6c:14:f8:f3:3e:fc:91:e8:a4:1a:8c:25:
91:08:74:76:e2:56:fd:a4:4d:a4:dc:87:11:bf:14:
5d:8b:2f:ed:55:88:63:e5:3d:9d:98:aa:db:07:9d:
48:df:f4:a4:5d:0b:5a:98:d2:73:14:cf:53:35:45:
23:ef:89:ed:a5:a9:47:0f:5a:00:92:db:92:d8:27:
71:4e:61:88:44:23:d8:26:80:a0:01:fe:af:ed:f9:
f9:5e:76:15:ed:07:ef:fc:4b:8c:62:6f:34:4d:14:
47:29:fe:02:02:01:2e:fd:3b:c3:d7:fd:85:02:6a:
f0:50:92:4d:24:d6:89:55:f0:5a:7c:8f:b8:87:22:
51:b6:9f:2a:52:db:64:f9:d3:a7:e4:82:da:00:05:
fd:32:d5:25:43:96:25:0b:dc:eb:5d:97:83:5e:a0:
77:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:19:E8:7E:30:DA:73:9B:FF:5E:3F:56:8E:38:61:C3:D8:55:EF:6C
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/FRnofjDac5v_Xj9Wjjhhw9hV72w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.85.175.0/24
212.5.133.0/24
212.5.145.0/24
213.16.35.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:d6:8f:29:a6:ef:2a:95:1d:bb:06:5c:e2:ce:82:cd:50:ca:
e0:08:33:ed:10:37:7f:f8:a4:93:ca:d6:f4:9d:c2:6f:7e:5e:
71:22:1a:3b:cb:23:05:03:ca:93:c4:60:af:43:09:21:00:8e:
27:81:41:2f:8c:1b:c4:a4:ea:df:2f:06:a9:e0:a1:b2:a7:ee:
68:28:d7:87:50:0f:62:a5:24:78:db:e5:59:5a:35:af:b6:3a:
9e:6f:59:27:80:c4:28:e9:8d:c1:75:d5:bb:e1:23:f5:b0:ff:
1a:33:f6:42:19:0e:d9:a4:56:e8:0e:99:b8:61:6f:03:0a:c4:
ff:84:a6:68:cd:df:d9:91:bb:ea:33:b1:fd:b3:8f:66:77:fa:
90:df:7e:27:5e:2b:25:33:ca:01:c0:26:6b:be:1d:c2:e1:64:
ae:c5:18:7b:eb:56:88:6d:06:63:b2:b4:00:cc:05:90:62:7a:
fe:59:8c:be:7d:36:2e:1f:e5:0b:b0:b7:8f:3b:aa:49:f8:60:
32:27:0e:e1:b8:20:10:db:3f:39:b9:a8:53:94:d6:da:de:02:
78:fc:44:d2:c4:47:e2:ca:a1:2b:87:df:74:35:72:ea:20:b9:
25:19:d2:dd:2d:65:c9:99:72:99:ce:0a:c5:6d:b3:c8:86:9d:
23:86:5a:31
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYWa3vBaedaBSUy4mHp2qRpMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjMwMTEwMDg0OTM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTE5ZTg3ZTMwZGE3MzliZmY1ZTNmNTY4ZTM4NjFjM2Q4NTVlZjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMHRi0C6RhXI4tb9njk8GQ3WPntj
ZGog1VrDieYzxjoxDxuxOKIYZrVBxCJLhGgIigB0s3/06byxFN4tuAquZtMCBSS3
q2m+bBPXSCMZFtz9H0vRI/qcJSg9NO9sFPjzPvyR6KQajCWRCHR24lb9pE2k3IcR
vxRdiy/tVYhj5T2dmKrbB51I3/SkXQtamNJzFM9TNUUj74ntpalHD1oAktuS2Cdx
TmGIRCPYJoCgAf6v7fn5XnYV7Qfv/EuMYm80TRRHKf4CAgEu/TvD1/2FAmrwUJJN
JNaJVfBafI+4hyJRtp8qUttk+dOn5ILaAAX9MtUlQ5YlC9zrXZeDXqB3vwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBUZ6H4w2nOb/14/Vo44YcPYVe9sMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvRlJub2ZqRGFjNXZfWGo5V2pqaGh3OWhWNzJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATVWvAwQA
1AWFAwQA1AWRAwQA1RAjMA0GCSqGSIb3DQEBCwUAA4IBAQAN1o8ppu8qlR27Blzi
zoLNUMrgCDPtEDd/+KSTytb0ncJvfl5xIho7yyMFA8qTxGCvQwkhAI4ngUEvjBvE
pOrfLwap4KGyp+5oKNeHUA9ipSR42+VZWjWvtjqeb1kngMQo6Y3BddW74SP1sP8a
M/ZCGQ7ZpFboDpm4YW8DCsT/hKZozd/ZkbvqM7H9s49md/qQ334nXislM8oBwCZr
vh3C4WSuxRh761aIbQZjsrQAzAWQYnr+WYy+fTYuH+ULsLePO6pJ+GAyJw7huCAQ
2z85uahTlNba3gJ4/ETSxEfiyqErh990NXLqILklGdLdLWXJmXKZzgrFbbPIhp0j
hlox
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:43 2025 by rpki-client