Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/54c70d-f57a-4a56-b20c-1399ad37c4e3/1/2Y-ZEYXC0Ha2mY-RU4RCG2if0ok.roa
File: 2Y-ZEYXC0Ha2mY-RU4RCG2if0ok.roa (raw, json)
Hash identifier: K5EwlNdlMKQ0Px0tpyHE+VpFpl7AyhKwurejVph4Jtk=
Subject key identifier: D9:8F:99:11:85:C2:D0:76:B6:99:8F:91:53:84:42:1B:68:9F:D2:89
Certificate issuer: /CN=432ebe0b60bae2ecbf21ef14fc5fdc9ddb9a3f21
Certificate serial: 01856F5DE1089348C2C7793B20CC5F4DF6BA
Authority key identifier: 43:2E:BE:0B:60:BA:E2:EC:BF:21:EF:14:FC:5F:DC:9D:DB:9A:3F:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qy6-C2C64uy_Ie8U_F_cnduaPyE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/54c70d-f57a-4a56-b20c-1399ad37c4e3/1/2Y-ZEYXC0Ha2mY-RU4RCG2if0ok.roa
Signing time: Sun 01 Jan 2023 22:05:01 +0000
ROA not before: Sun 01 Jan 2023 22:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 77.73.210.0/24 maxlen: 24
77.73.209.0/24 maxlen: 24
77.73.208.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:e1:08:93:48:c2:c7:79:3b:20:cc:5f:4d:f6:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=432ebe0b60bae2ecbf21ef14fc5fdc9ddb9a3f21
Validity
Not Before: Jan 1 22:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d98f991185c2d076b6998f915384421b689fd289
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:f6:3f:7c:75:4b:68:33:91:cd:55:35:03:52:
d3:ca:4a:c0:c3:88:f9:54:10:c8:85:fd:98:66:a0:
3f:74:b0:d4:b7:d5:ad:27:ab:e1:57:67:64:b2:38:
dc:7b:9a:30:2a:59:64:86:49:13:f6:6a:71:b2:fb:
24:b2:b9:0a:ff:4d:8e:80:1e:ea:76:27:c7:4a:a9:
27:d4:d7:f3:17:a6:d2:dc:35:7f:0e:0d:74:38:e6:
a5:66:df:03:9d:18:a0:fe:04:ef:2e:aa:e0:23:b8:
0f:be:30:89:b1:02:cb:7a:dc:08:c9:4b:32:7d:fe:
f9:fc:ec:66:0f:3a:99:4f:04:b0:85:60:38:04:b8:
48:48:58:cb:d5:ca:8f:cc:61:a9:e5:d5:79:94:6a:
f8:f5:63:9c:0f:6b:45:f5:46:45:1a:7a:f7:ca:0e:
fb:11:2c:25:b0:4f:d9:c9:2b:57:fe:96:c4:85:15:
90:0d:54:b1:ae:5c:ba:c9:f7:e1:54:29:17:63:fa:
ed:5c:27:0c:2b:6a:bd:e0:4d:17:35:7b:a0:c4:7e:
d6:74:fc:a8:63:66:d4:f2:14:96:47:77:04:8a:85:
49:42:84:bf:88:9b:7d:83:e9:e2:42:c4:b3:7b:28:
fb:4f:5e:64:f7:cf:11:fa:d8:e9:1e:54:5f:52:07:
e3:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:8F:99:11:85:C2:D0:76:B6:99:8F:91:53:84:42:1B:68:9F:D2:89
X509v3 Authority Key Identifier:
keyid:43:2E:BE:0B:60:BA:E2:EC:BF:21:EF:14:FC:5F:DC:9D:DB:9A:3F:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qy6-C2C64uy_Ie8U_F_cnduaPyE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/54c70d-f57a-4a56-b20c-1399ad37c4e3/1/2Y-ZEYXC0Ha2mY-RU4RCG2if0ok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/54c70d-f57a-4a56-b20c-1399ad37c4e3/1/Qy6-C2C64uy_Ie8U_F_cnduaPyE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.73.208.0-77.73.210.255
Signature Algorithm: sha256WithRSAEncryption
83:49:9e:c1:fe:35:0a:3a:89:a3:6e:d9:fc:38:17:a1:7e:7e:
4d:79:2e:2f:af:90:e7:f8:87:1a:ed:38:41:95:95:40:e2:79:
87:f5:b1:63:a2:27:49:c3:a2:33:04:e5:d9:d0:7a:77:0d:68:
53:70:b3:75:c4:ed:fb:2a:d0:c4:61:86:49:a2:56:0b:02:1b:
ba:e4:24:cd:e1:1e:fe:aa:34:c3:33:c3:9f:c6:b0:78:29:e9:
af:0b:2d:58:c8:f8:29:8c:0a:c3:45:cf:91:af:16:3b:49:4b:
64:3b:fb:9d:d6:ca:86:ac:36:7b:d8:e8:82:f0:f1:e6:07:02:
ed:04:ba:14:8e:b7:6f:0b:3e:84:d8:91:66:21:84:fc:85:9a:
f8:ee:b7:43:25:42:54:01:c1:5b:e8:17:f6:0d:58:4d:15:d2:
cf:3d:1d:7f:c5:5a:f2:4b:8d:05:ed:20:85:5f:12:a6:51:d1:
3e:80:ed:cb:e6:f3:ae:79:e1:f2:28:36:8a:93:3d:2e:ad:a7:
59:3b:0c:d0:93:97:af:9b:68:1c:74:ab:fd:f8:6f:f0:62:22:
08:b4:0e:c9:8e:53:aa:65:13:6c:56:7d:b0:aa:3c:15:21:ff:
2f:f2:bd:15:d7:50:b1:58:43:b9:06:30:ec:83:f3:30:e6:67:
fd:23:ae:d1
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVvXeEIk0jCx3k7IMxfTfa6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMmViZTBiNjBiYWUyZWNiZjIxZWYxNGZjNWZkYzlkZGI5
YTNmMjEwHhcNMjMwMTAxMjIwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOThmOTkxMTg1YzJkMDc2YjY5OThmOTE1Mzg0NDIxYjY4OWZkMjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgPY/fHVLaDORzVU1A1LTykrAw4j5
VBDIhf2YZqA/dLDUt9WtJ6vhV2dksjjce5owKllkhkkT9mpxsvsksrkK/02OgB7q
difHSqkn1NfzF6bS3DV/Dg10OOalZt8DnRig/gTvLqrgI7gPvjCJsQLLetwIyUsy
ff75/OxmDzqZTwSwhWA4BLhISFjL1cqPzGGp5dV5lGr49WOcD2tF9UZFGnr3yg77
ESwlsE/ZyStX/pbEhRWQDVSxrly6yffhVCkXY/rtXCcMK2q94E0XNXugxH7WdPyo
Y2bU8hSWR3cEioVJQoS/iJt9g+niQsSzeyj7T15k988R+tjpHlRfUgfjYQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNmPmRGFwtB2tpmPkVOEQhton9KJMB8GA1UdIwQY
MBaAFEMuvgtguuLsvyHvFPxf3J3bmj8hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXk2LUMyQzY0dXlfSWU4VV9GX2NuZHVhUHlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC81NGM3MGQtZjU3YS00YTU2LWIyMGMt
MTM5OWFkMzdjNGUzLzEvMlktWkVZWEMwSGEybVktUlU0UkNHMmlmMG9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC81NGM3MGQtZjU3YS00YTU2LWIyMGMtMTM5OWFkMzdjNGUz
LzEvUXk2LUMyQzY0dXlfSWU4VV9GX2NuZHVhUHlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBARNSdAD
BABNSdIwDQYJKoZIhvcNAQELBQADggEBAINJnsH+NQo6iaNu2fw4F6F+fk15Li+v
kOf4hxrtOEGVlUDieYf1sWOiJ0nDojME5dnQencNaFNws3XE7fsq0MRhhkmiVgsC
G7rkJM3hHv6qNMMzw5/GsHgp6a8LLVjI+CmMCsNFz5GvFjtJS2Q7+53WyoasNnvY
6ILw8eYHAu0EuhSOt28LPoTYkWYhhPyFmvjut0MlQlQBwVvoF/YNWE0V0s89HX/F
WvJLjQXtIIVfEqZR0T6A7cvm86554fIoNoqTPS6tp1k7DNCTl6+baBx0q/34b/Bi
Igi0DsmOU6plE2xWfbCqPBUh/y/yvRXXULFYQ7kGMOyD8zDmZ/0jrtE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:07 2025 by rpki-client