Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/443f87-4ae0-4198-bcb8-104a33437665/1/gZJSmQxCTpr-a1xDFSO2ro4bIqw.roa
File: gZJSmQxCTpr-a1xDFSO2ro4bIqw.roa (raw, json)
Hash identifier: o32aYl+TBEHW08Kh6QCZuJcDhr0Cf3oAjDHAutHyflk=
Subject key identifier: 81:92:52:99:0C:42:4E:9A:FE:6B:5C:43:15:23:B6:AE:8E:1B:22:AC
Certificate issuer: /CN=13a0f7143ffa22113442dc8589ee1352ebe3daa3
Certificate serial: 018571F10C2FD9DB17AAC28E7970280D9A12
Authority key identifier: 13:A0:F7:14:3F:FA:22:11:34:42:DC:85:89:EE:13:52:EB:E3:DA:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E6D3FD_6IhE0QtyFie4TUuvj2qM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/443f87-4ae0-4198-bcb8-104a33437665/1/gZJSmQxCTpr-a1xDFSO2ro4bIqw.roa
Signing time: Mon 02 Jan 2023 10:05:00 +0000
ROA not before: Mon 02 Jan 2023 10:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50889
IP address blocks: 185.136.71.0/24 maxlen: 24
185.136.69.0/24 maxlen: 24
77.111.250.0/24 maxlen: 24
77.111.251.0/24 maxlen: 24
77.111.248.0/24 maxlen: 24
77.111.249.0/24 maxlen: 24
80.84.166.0/24 maxlen: 24
80.84.160.0/24 maxlen: 24
80.84.164.0/24 maxlen: 24
80.84.165.0/24 maxlen: 24
80.84.163.0/24 maxlen: 24
80.84.161.0/24 maxlen: 24
80.84.162.0/24 maxlen: 24
80.84.167.0/24 maxlen: 24
80.84.171.0/24 maxlen: 24
80.84.172.0/24 maxlen: 24
80.84.170.0/24 maxlen: 24
80.84.168.0/24 maxlen: 24
80.84.169.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f1:0c:2f:d9:db:17:aa:c2:8e:79:70:28:0d:9a:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13a0f7143ffa22113442dc8589ee1352ebe3daa3
Validity
Not Before: Jan 2 10:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=819252990c424e9afe6b5c431523b6ae8e1b22ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:39:b8:f9:b4:0e:0e:63:be:8a:8c:bc:04:21:
09:49:5c:43:aa:59:f0:83:00:43:13:c3:61:77:39:
27:7a:7c:5d:3a:3b:ef:8b:6b:1c:19:0f:62:9f:0b:
64:db:9f:74:c3:e7:f3:6c:c4:03:0a:1f:6b:4a:75:
fb:25:5b:08:c1:a2:13:b2:16:91:43:84:1a:5d:dd:
37:2b:d0:6a:25:02:b0:92:7b:79:6b:11:cd:33:0f:
b7:3f:1e:2d:e3:9b:2c:cf:cc:84:18:19:2f:0a:d1:
53:84:92:10:d5:3e:30:0a:e4:a2:f9:13:37:b2:03:
e5:e8:56:af:17:46:a9:fe:bc:e8:02:d4:a6:bd:60:
24:bc:51:ca:96:ef:e0:c7:93:eb:8a:9c:ab:b3:6f:
9c:7e:27:08:32:59:54:d3:48:32:00:14:01:d0:69:
d2:fb:01:63:0c:10:12:8d:18:9e:74:9e:4e:0e:84:
5f:e9:a2:40:61:b6:f1:5a:a6:7e:5e:c6:e1:f1:16:
58:87:e9:c4:79:95:d6:1c:33:2c:f1:c8:ec:ee:45:
f7:bc:cb:62:4c:6b:d6:a1:6f:4b:58:ac:79:3b:63:
7e:81:14:43:8b:47:28:69:6d:b7:26:6a:d2:a8:0e:
c4:4f:7b:86:c7:88:d2:29:3a:22:20:f8:80:05:53:
5f:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:92:52:99:0C:42:4E:9A:FE:6B:5C:43:15:23:B6:AE:8E:1B:22:AC
X509v3 Authority Key Identifier:
keyid:13:A0:F7:14:3F:FA:22:11:34:42:DC:85:89:EE:13:52:EB:E3:DA:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E6D3FD_6IhE0QtyFie4TUuvj2qM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/443f87-4ae0-4198-bcb8-104a33437665/1/gZJSmQxCTpr-a1xDFSO2ro4bIqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/443f87-4ae0-4198-bcb8-104a33437665/1/E6D3FD_6IhE0QtyFie4TUuvj2qM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.111.248.0/22
80.84.160.0-80.84.172.255
185.136.69.0/24
185.136.71.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:6e:05:c3:04:db:9b:80:ef:a3:d7:a4:68:e1:b3:44:0b:e9:
be:15:66:1b:15:f4:9c:64:72:bf:86:f2:25:30:93:5b:45:d8:
7f:71:b2:97:07:9f:77:d7:95:86:76:d0:43:40:44:2b:7b:4e:
ea:f3:83:35:73:1f:53:35:5d:17:b5:eb:32:7d:f3:1b:8b:d6:
bc:0d:5d:ca:01:32:86:52:9e:ac:e4:19:70:62:0f:e1:8b:cc:
44:c0:01:d2:1b:7e:84:65:07:24:37:ba:c3:08:a4:95:d3:41:
75:74:fa:ae:88:83:8f:95:ff:45:f6:d5:72:0d:ba:57:49:6f:
7e:fa:43:a8:59:b0:73:1e:6d:a4:7b:76:29:c6:82:2b:b2:08:
a6:a5:4a:0a:06:78:ce:05:4f:67:48:59:9a:0e:8b:8b:2a:28:
eb:b3:04:1f:e2:ec:48:ac:cb:00:36:2e:39:45:4d:54:a7:8a:
3c:85:05:21:3c:e5:83:ac:c3:08:56:d1:b2:79:0d:e5:fc:d9:
eb:64:7b:d6:84:1c:c3:b4:25:12:24:25:72:6d:95:8c:41:8a:
bc:12:e7:b6:1b:31:de:b5:5e:86:5a:7f:6e:86:16:5e:b7:c1:
76:34:80:98:82:df:92:61:7c:15:56:b7:6f:5c:bb:b6:d1:45:
dc:6e:b4:4e
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVx8Qwv2dsXqsKOeXAoDZoSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzYTBmNzE0M2ZmYTIyMTEzNDQyZGM4NTg5ZWUxMzUyZWJl
M2RhYTMwHhcNMjMwMTAyMTAwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTkyNTI5OTBjNDI0ZTlhZmU2YjVjNDMxNTIzYjZhZThlMWIyMmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmzm4+bQODmO+ioy8BCEJSVxDqlnw
gwBDE8NhdzknenxdOjvvi2scGQ9inwtk2590w+fzbMQDCh9rSnX7JVsIwaITshaR
Q4QaXd03K9BqJQKwknt5axHNMw+3Px4t45ssz8yEGBkvCtFThJIQ1T4wCuSi+RM3
sgPl6FavF0ap/rzoAtSmvWAkvFHKlu/gx5Pripyrs2+cficIMllU00gyABQB0GnS
+wFjDBASjRiedJ5ODoRf6aJAYbbxWqZ+Xsbh8RZYh+nEeZXWHDMs8cjs7kX3vMti
TGvWoW9LWKx5O2N+gRRDi0coaW23JmrSqA7ET3uGx4jSKToiIPiABVNfWwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFIGSUpkMQk6a/mtcQxUjtq6OGyKsMB8GA1UdIwQY
MBaAFBOg9xQ/+iIRNELchYnuE1Lr49qjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTZEM0ZEXzZJaEUwUXR5RmllNFRVdXZqMnFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi80NDNmODctNGFlMC00MTk4LWJjYjgt
MTA0YTMzNDM3NjY1LzEvZ1pKU21ReENUcHItYTF4REZTTzJybzRiSXF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi80NDNmODctNGFlMC00MTk4LWJjYjgtMTA0YTMzNDM3NjY1
LzEvRTZEM0ZEXzZJaEUwUXR5RmllNFRVdXZqMnFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCTW/4MAwD
BAVQVKADBABQVKwDBAC5iEUDBAC5iEcwDQYJKoZIhvcNAQELBQADggEBAA9uBcME
25uA76PXpGjhs0QL6b4VZhsV9Jxkcr+G8iUwk1tF2H9xspcHn3fXlYZ20ENARCt7
TurzgzVzH1M1XRe16zJ98xuL1rwNXcoBMoZSnqzkGXBiD+GLzETAAdIbfoRlByQ3
usMIpJXTQXV0+q6Ig4+V/0X21XINuldJb376Q6hZsHMebaR7dinGgiuyCKalSgoG
eM4FT2dIWZoOi4sqKOuzBB/i7EisywA2LjlFTVSnijyFBSE85YOswwhW0bJ5DeX8
2etke9aEHMO0JRIkJXJtlYxBirwS57YbMd61XoZaf26GFl63wXY0gJiC35JhfBVW
t29cu7bRRdxutE4=
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:19:57 2025 by rpki-client