Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/4ba46f-3469-42b0-9b9e-61949356a9a0/1/vBjDiK2s_Cs03Ta5LqyX2hiAHUg.roa
File: vBjDiK2s_Cs03Ta5LqyX2hiAHUg.roa (raw, json)
Hash identifier: BGfVzjmzEVLmu3Ek5j9KotPGGB0g6Xks1GMWFJ0yf0M=
Subject key identifier: BC:18:C3:88:AD:AC:FC:2B:34:DD:36:B9:2E:AC:97:DA:18:80:1D:48
Certificate issuer: /CN=d44820729a0f9abfb6cac3b5f96c27198d76391b
Certificate serial: 0185724C77750228525BB617840B36115107
Authority key identifier: D4:48:20:72:9A:0F:9A:BF:B6:CA:C3:B5:F9:6C:27:19:8D:76:39:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1EggcpoPmr-2ysO1-WwnGY12ORs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/4ba46f-3469-42b0-9b9e-61949356a9a0/1/vBjDiK2s_Cs03Ta5LqyX2hiAHUg.roa
Signing time: Mon 02 Jan 2023 11:44:52 +0000
ROA not before: Mon 02 Jan 2023 11:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42228
IP address blocks: 77.108.128.0/18 maxlen: 18
45.137.48.0/22 maxlen: 22
77.108.154.0/24 maxlen: 24
77.108.158.0/24 maxlen: 24
77.108.160.0/24 maxlen: 24
2a00:6300::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:4c:77:75:02:28:52:5b:b6:17:84:0b:36:11:51:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d44820729a0f9abfb6cac3b5f96c27198d76391b
Validity
Not Before: Jan 2 11:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bc18c388adacfc2b34dd36b92eac97da18801d48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:2d:20:b5:c6:52:1e:11:d8:f2:5e:51:22:49:
3d:fd:0e:03:a0:f1:c8:d2:64:7f:5d:80:fb:2c:0d:
55:6a:82:84:a8:4d:05:08:a9:90:0b:88:2f:cf:c9:
90:4c:9b:f5:b2:ec:d9:ec:9b:28:12:44:3f:a6:7c:
76:91:03:49:a6:1b:c7:66:74:dc:15:90:80:d4:ad:
99:79:e2:67:2f:8d:13:3d:9c:0d:22:bf:67:a4:46:
38:f9:c8:93:f3:a2:a7:90:9c:3f:a6:28:6d:e4:8c:
44:b6:a3:a0:1b:f8:6e:02:74:de:7b:fc:15:99:d1:
2f:b6:29:c5:24:69:8f:7f:7c:aa:7d:45:25:47:cd:
bf:6a:ee:e5:35:a2:41:24:a1:2f:37:38:5c:c6:77:
12:ff:b2:79:45:4a:01:4b:44:a3:51:ba:85:e5:0e:
f5:aa:c4:12:f4:f6:2c:da:1d:a5:73:0e:c5:df:06:
9f:31:f3:45:c5:3f:ab:2c:d2:c0:9f:a2:34:84:c8:
db:26:28:03:60:df:6e:0d:76:75:09:56:43:d6:51:
eb:74:45:ec:5c:08:75:61:7f:c4:0c:f4:0f:cc:76:
4b:30:cc:f2:af:6a:7d:e4:a6:7c:e0:8c:02:56:2f:
d9:20:cb:c3:56:68:8e:e1:35:74:88:45:68:3b:5a:
9a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:18:C3:88:AD:AC:FC:2B:34:DD:36:B9:2E:AC:97:DA:18:80:1D:48
X509v3 Authority Key Identifier:
keyid:D4:48:20:72:9A:0F:9A:BF:B6:CA:C3:B5:F9:6C:27:19:8D:76:39:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1EggcpoPmr-2ysO1-WwnGY12ORs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/4ba46f-3469-42b0-9b9e-61949356a9a0/1/vBjDiK2s_Cs03Ta5LqyX2hiAHUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/4ba46f-3469-42b0-9b9e-61949356a9a0/1/1EggcpoPmr-2ysO1-WwnGY12ORs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.48.0/22
77.108.128.0/18
IPv6:
2a00:6300::/32
Signature Algorithm: sha256WithRSAEncryption
75:9c:92:79:ec:5c:40:2e:cc:8f:93:52:f1:0e:b3:59:46:e2:
e8:b0:47:ca:43:bf:f8:9a:76:80:c7:53:15:7b:6f:c1:2e:0e:
10:7c:2c:55:b1:0c:53:ec:e0:93:8f:58:02:12:d3:39:2f:a5:
21:39:df:d1:e2:18:59:35:5a:b7:9f:3c:79:d3:f9:77:2f:70:
6b:e4:4e:9f:f7:e2:1d:29:07:8a:64:f3:50:a7:4c:f0:3d:ee:
a5:29:4c:f0:86:03:c1:26:47:f2:52:26:5d:a6:cb:01:da:f1:
82:76:fa:da:e4:21:14:8f:67:55:aa:e5:81:06:ac:a5:fe:70:
28:f8:85:2c:dc:e4:df:42:b7:d0:e6:13:1c:19:3e:41:9a:20:
af:69:b4:d0:81:4f:e3:30:8c:53:cb:f5:f1:4c:53:ef:0f:22:
ca:a0:96:de:85:a2:d1:d7:cf:cc:8c:52:d6:8b:f8:74:ef:f5:
c3:3e:0f:7a:d9:d6:c4:91:68:a2:22:af:01:1d:a9:7d:fc:62:
00:be:0c:64:40:3b:f4:23:4c:6c:e3:be:7e:4a:d8:31:c0:74:
bd:15:2c:57:3a:31:ef:4b:72:d0:db:c8:57:2a:ad:4e:9d:f8:
2c:d0:73:78:36:fd:21:ae:ee:71:d8:01:8c:40:ed:f6:26:0a:
a5:c5:66:ac
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVyTHd1AihSW7YXhAs2EVEHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NDgyMDcyOWEwZjlhYmZiNmNhYzNiNWY5NmMyNzE5OGQ3
NjM5MWIwHhcNMjMwMTAyMTE0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzE4YzM4OGFkYWNmYzJiMzRkZDM2YjkyZWFjOTdkYTE4ODAxZDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqC0gtcZSHhHY8l5RIkk9/Q4DoPHI
0mR/XYD7LA1VaoKEqE0FCKmQC4gvz8mQTJv1suzZ7JsoEkQ/pnx2kQNJphvHZnTc
FZCA1K2ZeeJnL40TPZwNIr9npEY4+ciT86KnkJw/piht5IxEtqOgG/huAnTee/wV
mdEvtinFJGmPf3yqfUUlR82/au7lNaJBJKEvNzhcxncS/7J5RUoBS0SjUbqF5Q71
qsQS9PYs2h2lcw7F3wafMfNFxT+rLNLAn6I0hMjbJigDYN9uDXZ1CVZD1lHrdEXs
XAh1YX/EDPQPzHZLMMzyr2p95KZ84IwCVi/ZIMvDVmiO4TV0iEVoO1qa2QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLwYw4itrPwrNN02uS6sl9oYgB1IMB8GA1UdIwQY
MBaAFNRIIHKaD5q/tsrDtflsJxmNdjkbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUVnZ2Nwb1Btci0yeXNPMS1Xd25HWTEyT1JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi80YmE0NmYtMzQ2OS00MmIwLTliOWUt
NjE5NDkzNTZhOWEwLzEvdkJqRGlLMnNfQ3MwM1RhNUxxeVgyaGlBSFVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi80YmE0NmYtMzQ2OS00MmIwLTliOWUtNjE5NDkzNTZhOWEw
LzEvMUVnZ2Nwb1Btci0yeXNPMS1Xd25HWTEyT1JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLYkwAwQG
TWyAMA0EAgACMAcDBQAqAGMAMA0GCSqGSIb3DQEBCwUAA4IBAQB1nJJ57FxALsyP
k1LxDrNZRuLosEfKQ7/4mnaAx1MVe2/BLg4QfCxVsQxT7OCTj1gCEtM5L6UhOd/R
4hhZNVq3nzx50/l3L3Br5E6f9+IdKQeKZPNQp0zwPe6lKUzwhgPBJkfyUiZdpssB
2vGCdvra5CEUj2dVquWBBqyl/nAo+IUs3OTfQrfQ5hMcGT5BmiCvabTQgU/jMIxT
y/XxTFPvDyLKoJbehaLR18/MjFLWi/h07/XDPg962dbEkWiiIq8BHal9/GIAvgxk
QDv0I0xs475+StgxwHS9FSxXOjHvS3LQ28hXKq1Onfgs0HN4Nv0hru5x2AGMQO32
JgqlxWas
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:55 2025 by rpki-client