Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/cpuPnrrUAIjuj1lCz6fchcYYOAA.roa
File: cpuPnrrUAIjuj1lCz6fchcYYOAA.roa (raw, json)
Hash identifier: xCds89TFb//eLPTpo2OXzZMHnGqc5PUs7BYtjoQ8PYc=
Subject key identifier: 72:9B:8F:9E:BA:D4:00:88:EE:8F:59:42:CF:A7:DC:85:C6:18:38:00
Certificate issuer: /CN=1c7ad7754795ddd605f28838bb7cc359df7a266a
Certificate serial: 018570672FDF3DCFFF49E16C595426938C3E
Authority key identifier: 1C:7A:D7:75:47:95:DD:D6:05:F2:88:38:BB:7C:C3:59:DF:7A:26:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HHrXdUeV3dYF8og4u3zDWd96Jmo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/cpuPnrrUAIjuj1lCz6fchcYYOAA.roa
Signing time: Mon 02 Jan 2023 02:54:48 +0000
ROA not before: Mon 02 Jan 2023 02:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34568
IP address blocks: 193.138.81.0/24 maxlen: 24
193.28.228.0/24 maxlen: 24
194.116.234.0/23 maxlen: 24
77.87.248.0/21 maxlen: 24
91.234.22.0/24 maxlen: 24
185.217.192.0/22 maxlen: 24
84.246.120.0/21 maxlen: 24
2a01:1f8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:2f:df:3d:cf:ff:49:e1:6c:59:54:26:93:8c:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c7ad7754795ddd605f28838bb7cc359df7a266a
Validity
Not Before: Jan 2 02:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=729b8f9ebad40088ee8f5942cfa7dc85c6183800
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:15:21:e6:f7:3a:ac:93:6b:54:4f:1d:5e:fb:
f7:90:fb:f3:3e:97:db:af:77:24:9c:dd:64:6c:99:
7e:f1:d1:24:eb:ad:a6:ea:b8:72:fa:d4:c7:e5:3c:
d9:c2:d5:63:dd:cd:1e:fe:b8:95:aa:36:6b:bb:9b:
d9:92:f9:05:14:5f:2d:99:9c:96:e8:96:09:c8:bf:
ef:1c:97:6b:82:1a:87:93:2c:6d:6d:27:b0:0e:5d:
6a:48:e2:2f:92:74:9b:80:89:9d:49:41:f2:73:a8:
5a:45:f0:71:9a:ee:03:fa:9e:15:39:9f:62:5e:0e:
6b:fc:49:01:9e:51:b4:f2:b0:4b:36:21:1c:69:24:
69:6f:1f:c8:85:09:61:0d:70:38:1d:66:74:25:c3:
1a:58:44:74:3a:a7:4d:a2:31:d9:90:c9:2c:1f:7c:
6c:67:79:d2:69:ad:f5:e2:0d:94:a5:03:da:1a:7e:
43:b9:7c:6d:22:71:71:35:68:34:be:f1:7a:28:66:
f9:26:02:61:bf:83:14:7d:8b:c9:ca:7b:9a:9a:6e:
d4:49:dc:91:91:f2:a2:6d:09:94:d0:f4:13:9d:0e:
0b:33:99:7b:7e:a0:fa:d5:f3:19:54:25:47:70:f9:
a6:3a:c9:d6:28:0a:1d:aa:e2:d6:9f:65:fd:f4:1e:
e9:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:9B:8F:9E:BA:D4:00:88:EE:8F:59:42:CF:A7:DC:85:C6:18:38:00
X509v3 Authority Key Identifier:
keyid:1C:7A:D7:75:47:95:DD:D6:05:F2:88:38:BB:7C:C3:59:DF:7A:26:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHrXdUeV3dYF8og4u3zDWd96Jmo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/cpuPnrrUAIjuj1lCz6fchcYYOAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/HHrXdUeV3dYF8og4u3zDWd96Jmo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.87.248.0/21
84.246.120.0/21
91.234.22.0/24
185.217.192.0/22
193.28.228.0/24
193.138.81.0/24
194.116.234.0/23
IPv6:
2a01:1f8::/32
Signature Algorithm: sha256WithRSAEncryption
9f:df:b5:9e:20:68:63:c6:b7:ec:75:57:a2:03:6b:d9:70:34:
db:e9:a6:38:3a:4a:97:a6:01:cc:3c:de:84:b3:7c:dd:24:71:
95:66:b7:ee:5c:65:a1:71:58:1c:5c:f4:31:6b:2c:7e:7e:6c:
f8:a7:56:37:8e:40:d1:9e:d3:cb:d5:de:d7:46:06:f7:6c:93:
d9:2f:8f:c0:04:e7:7c:74:cf:5f:b6:fa:b3:d1:28:09:dc:dc:
1a:69:0e:90:01:61:dc:1c:c0:b5:3d:f5:df:96:60:3f:58:38:
92:ba:db:e2:bb:13:4d:49:a4:1c:ee:ef:ef:e0:4e:41:b8:d8:
94:fb:23:97:44:c9:e9:b8:b2:61:7c:5c:6f:23:57:83:a1:29:
d6:b0:4d:68:72:7b:35:51:6a:3f:c1:b6:ca:12:9c:4c:89:c3:
47:5d:c4:99:8f:10:11:86:d3:53:8e:bf:aa:c3:38:24:f9:57:
95:14:c9:78:bc:b3:12:79:ed:9a:3a:27:2d:02:81:9a:be:a4:
ee:bb:1a:56:99:5e:61:00:5f:b4:10:e0:0c:1c:be:a8:54:74:
3b:6c:6a:72:f2:f5:65:b8:9a:34:f0:3f:37:e9:61:0e:6f:4d:
eb:75:47:14:1b:3f:48:a4:14:d5:11:b7:89:66:fc:5c:94:f8:
a8:d0:b6:d4
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYVwZy/fPc//SeFsWVQmk4w+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjN2FkNzc1NDc5NWRkZDYwNWYyODgzOGJiN2NjMzU5ZGY3
YTI2NmEwHhcNMjMwMTAyMDI1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjliOGY5ZWJhZDQwMDg4ZWU4ZjU5NDJjZmE3ZGM4NWM2MTgzODAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxUh5vc6rJNrVE8dXvv3kPvzPpfb
r3cknN1kbJl+8dEk662m6rhy+tTH5TzZwtVj3c0e/riVqjZru5vZkvkFFF8tmZyW
6JYJyL/vHJdrghqHkyxtbSewDl1qSOIvknSbgImdSUHyc6haRfBxmu4D+p4VOZ9i
Xg5r/EkBnlG08rBLNiEcaSRpbx/IhQlhDXA4HWZ0JcMaWER0OqdNojHZkMksH3xs
Z3nSaa314g2UpQPaGn5DuXxtInFxNWg0vvF6KGb5JgJhv4MUfYvJynuamm7USdyR
kfKibQmU0PQTnQ4LM5l7fqD61fMZVCVHcPmmOsnWKAodquLWn2X99B7pxwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFHKbj5661ACI7o9ZQs+n3IXGGDgAMB8GA1UdIwQY
MBaAFBx613VHld3WBfKIOLt8w1nfeiZqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhyWGRVZVYzZFlGOG9nNHUzekRXZDk2Sm1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9jNWE5ZTMtNjcyMi00YjZhLWJlNTgt
YWRhNWMyMGUzZjdiLzEvY3B1UG5yclVBSWp1ajFsQ3o2ZmNoY1lZT0FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9jNWE5ZTMtNjcyMi00YjZhLWJlNTgtYWRhNWMyMGUzZjdi
LzEvSEhyWGRVZVYzZFlGOG9nNHUzekRXZDk2Sm1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDTVf4AwQD
VPZ4AwQAW+oWAwQCudnAAwQAwRzkAwQAwYpRAwQBwnTqMA0EAgACMAcDBQAqAQH4
MA0GCSqGSIb3DQEBCwUAA4IBAQCf37WeIGhjxrfsdVeiA2vZcDTb6aY4OkqXpgHM
PN6Es3zdJHGVZrfuXGWhcVgcXPQxayx+fmz4p1Y3jkDRntPL1d7XRgb3bJPZL4/A
BOd8dM9ftvqz0SgJ3NwaaQ6QAWHcHMC1PfXflmA/WDiSutviuxNNSaQc7u/v4E5B
uNiU+yOXRMnpuLJhfFxvI1eDoSnWsE1ocns1UWo/wbbKEpxMicNHXcSZjxARhtNT
jr+qwzgk+VeVFMl4vLMSee2aOictAoGavqTuuxpWmV5hAF+0EOAMHL6oVHQ7bGpy
8vVluJo08D836WEOb03rdUcUGz9IpBTVEbeJZvxclPio0LbU
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:09:28 2025 by rpki-client