Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/01nxjI5TieDh_vnXqgoWgILkmRo.roa
File: 01nxjI5TieDh_vnXqgoWgILkmRo.roa (raw, json)
Hash identifier: GJfUrimCnllFIcTcl5Gve9Dvw7pjTZ7qBlXNZ5kG2dI=
Subject key identifier: D3:59:F1:8C:8E:53:89:E0:E1:FE:F9:D7:AA:0A:16:80:82:E4:99:1A
Certificate issuer: /CN=03c33e43ef56527a169d6ac6d7e62c63d1973051
Certificate serial: 018206FC57426A1DD4013AB835474A5DE4C5
Authority key identifier: 03:C3:3E:43:EF:56:52:7A:16:9D:6A:C6:D7:E6:2C:63:D1:97:30:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/01nxjI5TieDh_vnXqgoWgILkmRo.roa
Signing time: Sat 16 Jul 2022 12:29:36 +0000
ROA not before: Sat 16 Jul 2022 12:29:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198930
IP address blocks: 77.87.185.0/24 maxlen: 24
185.66.177.0/24 maxlen: 24
185.66.179.0/24 maxlen: 24
185.66.176.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:06:fc:57:42:6a:1d:d4:01:3a:b8:35:47:4a:5d:e4:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03c33e43ef56527a169d6ac6d7e62c63d1973051
Validity
Not Before: Jul 16 12:29:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d359f18c8e5389e0e1fef9d7aa0a168082e4991a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:0c:38:13:ba:69:f5:55:2c:29:11:39:ca:29:
53:bd:bb:e5:47:37:6e:19:b1:b5:96:0b:5d:7b:89:
48:bc:9f:ca:24:11:75:6d:62:27:7b:14:4a:5b:6b:
75:9f:a4:63:34:36:b1:97:1f:89:a6:80:91:04:8a:
0f:93:cc:4c:97:a6:9e:a6:ff:84:cf:83:04:4c:08:
c9:9a:c5:0b:9a:20:ae:4a:5b:7c:47:32:14:98:df:
15:74:1c:9e:f9:1d:e9:07:5b:0f:57:71:d4:9a:41:
ac:f6:c0:cc:02:5a:48:e2:e9:71:59:a8:6c:c1:34:
a2:16:ea:0c:8f:91:dd:be:df:51:20:06:53:1e:90:
49:b1:ea:8d:c8:03:f3:3e:37:c0:0e:f9:a7:6c:f0:
2a:e0:24:88:ee:a5:b1:fb:e6:66:3c:38:b4:1a:63:
8e:96:35:45:36:a8:23:97:2d:e4:27:90:73:8e:e7:
5f:8e:34:2a:e6:53:47:11:2d:35:44:ff:6b:8b:e9:
96:5f:54:67:16:29:c9:1d:f3:e0:09:20:44:a1:4d:
70:b7:73:d6:ca:12:70:ae:f1:a4:7b:cd:80:c9:d2:
e7:0f:20:22:5b:8e:bd:d4:4b:c7:e1:d2:91:cd:4a:
e3:0d:dd:cd:19:d7:f7:ec:e3:d2:bd:e4:55:8b:1f:
62:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:59:F1:8C:8E:53:89:E0:E1:FE:F9:D7:AA:0A:16:80:82:E4:99:1A
X509v3 Authority Key Identifier:
keyid:03:C3:3E:43:EF:56:52:7A:16:9D:6A:C6:D7:E6:2C:63:D1:97:30:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/01nxjI5TieDh_vnXqgoWgILkmRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.87.185.0/24
185.66.176.0/23
185.66.179.0/24
Signature Algorithm: sha256WithRSAEncryption
61:a7:63:10:89:37:5a:a4:21:1f:98:33:93:d0:5a:8a:b9:5b:
84:ab:e9:fb:83:b0:91:50:a5:59:2e:d8:4a:47:ea:9e:a5:16:
c6:09:dd:d2:7e:8c:57:4a:85:1e:cf:c3:14:aa:7e:67:1c:74:
9b:59:2c:b8:8d:8f:29:ab:e0:93:ed:b7:79:8a:65:77:95:be:
26:68:84:ef:46:90:17:18:98:64:64:34:7a:f8:4c:6d:ed:d7:
cd:a6:64:4c:02:0e:8d:73:e7:cb:bb:b4:79:97:5f:10:48:c1:
98:2a:85:e7:ce:cd:fa:e6:38:0a:df:da:e9:9a:82:75:23:b5:
fb:a6:30:78:85:5e:c6:be:f0:b8:c2:9d:57:76:1f:85:56:67:
47:37:56:f6:f9:4f:cb:eb:39:12:17:40:b2:a5:16:cf:3e:51:
d2:96:90:43:0f:13:9b:3f:7e:d0:d0:bb:e8:3b:0f:38:a1:13:
f1:85:44:76:a8:f2:ab:b4:be:75:59:71:8a:61:11:aa:2e:11:
1b:7b:32:c1:3b:7d:b7:05:1f:2f:b9:23:50:b6:62:5b:24:e3:
d9:72:d1:e3:97:b6:b4:d9:1e:cc:78:04:8c:33:8a:86:a2:a9:
14:12:a6:93:55:09:12:aa:29:b8:69:6b:a7:c3:72:ea:9b:55:
c2:86:ab:ea
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYIG/FdCah3UATq4NUdKXeTFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzYzMzZTQzZWY1NjUyN2ExNjlkNmFjNmQ3ZTYyYzYzZDE5
NzMwNTEwHhcNMjIwNzE2MTIyOTM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzU5ZjE4YzhlNTM4OWUwZTFmZWY5ZDdhYTBhMTY4MDgyZTQ5OTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQw4E7pp9VUsKRE5yilTvbvlRzdu
GbG1lgtde4lIvJ/KJBF1bWInexRKW2t1n6RjNDaxlx+JpoCRBIoPk8xMl6aepv+E
z4METAjJmsULmiCuSlt8RzIUmN8VdBye+R3pB1sPV3HUmkGs9sDMAlpI4ulxWahs
wTSiFuoMj5Hdvt9RIAZTHpBJseqNyAPzPjfADvmnbPAq4CSI7qWx++ZmPDi0GmOO
ljVFNqgjly3kJ5BzjudfjjQq5lNHES01RP9ri+mWX1RnFinJHfPgCSBEoU1wt3PW
yhJwrvGke82AydLnDyAiW4691EvH4dKRzUrjDd3NGdf37OPSveRVix9iFwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNNZ8YyOU4ng4f7516oKFoCC5JkaMB8GA1UdIwQY
MBaAFAPDPkPvVlJ6Fp1qxtfmLGPRlzBRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQThNLVEtOVdVbm9XbldyRzEtWXNZOUdYTUZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jMTdjMTUtYTE0Mi00YjM3LWI4ZmUt
YTNhM2ViODc5ZjJiLzEvMDFueGpJNVRpZURoX3ZuWHFnb1dnSUxrbVJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jMTdjMTUtYTE0Mi00YjM3LWI4ZmUtYTNhM2ViODc5ZjJi
LzEvQThNLVEtOVdVbm9XbldyRzEtWXNZOUdYTUZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATVe5AwQB
uUKwAwQAuUKzMA0GCSqGSIb3DQEBCwUAA4IBAQBhp2MQiTdapCEfmDOT0FqKuVuE
q+n7g7CRUKVZLthKR+qepRbGCd3SfoxXSoUez8MUqn5nHHSbWSy4jY8pq+CT7bd5
imV3lb4maITvRpAXGJhkZDR6+Ext7dfNpmRMAg6Nc+fLu7R5l18QSMGYKoXnzs36
5jgK39rpmoJ1I7X7pjB4hV7GvvC4wp1Xdh+FVmdHN1b2+U/L6zkSF0CypRbPPlHS
lpBDDxObP37Q0LvoOw84oRPxhUR2qPKrtL51WXGKYRGqLhEbezLBO323BR8vuSNQ
tmJbJOPZctHjl7a02R7MeASMM4qGoqkUEqaTVQkSqim4aWunw3Lqm1XChqvq
-----END CERTIFICATE-----
Generated at Sat Apr 12 18:34:36 2025 by rpki-client