Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/Nr-PQud4Ql-H1S6XZbxLwb7Jkag.roa
File: Nr-PQud4Ql-H1S6XZbxLwb7Jkag.roa (raw, json)
Hash identifier: 27OIguWkKH19cSosMwmAqxbCuEHgbvlGo2urdE264PI=
Subject key identifier: 36:BF:8F:42:E7:78:42:5F:87:D5:2E:97:65:BC:4B:C1:BE:C9:91:A8
Certificate issuer: /CN=03c33e43ef56527a169d6ac6d7e62c63d1973051
Certificate serial: 0184141ACF1476D9008290EFDEE4939C098A
Authority key identifier: 03:C3:3E:43:EF:56:52:7A:16:9D:6A:C6:D7:E6:2C:63:D1:97:30:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/Nr-PQud4Ql-H1S6XZbxLwb7Jkag.roa
Signing time: Wed 26 Oct 2022 11:43:31 +0000
ROA not before: Wed 26 Oct 2022 11:43:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198930
IP address blocks: 77.87.185.0/24 maxlen: 24
185.66.177.0/24 maxlen: 24
185.66.179.0/24 maxlen: 24
185.66.176.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:14:1a:cf:14:76:d9:00:82:90:ef:de:e4:93:9c:09:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03c33e43ef56527a169d6ac6d7e62c63d1973051
Validity
Not Before: Oct 26 11:43:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=36bf8f42e778425f87d52e9765bc4bc1bec991a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:e5:4f:59:0c:24:8b:44:1c:ed:cb:7e:68:3d:
e5:f4:0c:1c:fa:43:4c:0d:a3:17:e4:39:ce:f3:36:
a9:0f:19:da:b9:d9:6d:c9:f9:7c:15:bc:91:c6:25:
1d:a7:38:3a:4b:ed:af:64:16:f0:90:79:30:93:58:
0c:31:14:b6:ba:83:3c:5a:7e:a6:8a:10:8e:f8:c5:
d5:38:04:cb:52:90:fb:11:17:67:61:5b:10:89:0f:
3d:03:48:51:b0:ba:6d:35:d2:89:aa:d0:c3:15:a5:
60:eb:13:bd:89:9d:bc:3b:67:22:d0:40:f4:30:52:
1b:f2:41:66:f0:6b:c0:f7:d9:42:ad:fc:26:46:54:
c6:06:e4:84:2a:12:3d:7d:01:fb:e6:7a:61:0a:cc:
28:d1:83:f7:b6:d9:f2:f1:98:6b:67:40:de:67:b9:
ed:a8:a8:bd:bc:2a:74:c7:8d:1c:da:9a:f5:3f:39:
a6:03:9a:9d:dd:46:e0:6b:6f:c9:30:9e:32:cd:5e:
90:2e:3f:84:fb:89:06:5d:44:de:fa:c9:c8:99:f1:
74:84:7e:af:66:46:80:f3:cc:d5:5d:f0:0c:90:f1:
aa:8a:98:4e:18:d7:94:72:df:ce:e0:53:d0:50:f1:
f1:05:cb:a9:06:54:fc:20:d1:d7:ad:b5:e1:4c:b0:
c1:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:BF:8F:42:E7:78:42:5F:87:D5:2E:97:65:BC:4B:C1:BE:C9:91:A8
X509v3 Authority Key Identifier:
keyid:03:C3:3E:43:EF:56:52:7A:16:9D:6A:C6:D7:E6:2C:63:D1:97:30:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/Nr-PQud4Ql-H1S6XZbxLwb7Jkag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.87.185.0/24
185.66.176.0/23
185.66.179.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:45:94:96:87:3e:cb:c3:2e:f4:17:2c:9e:5a:c8:4c:1c:ba:
b9:ac:7a:97:11:fd:81:55:51:ad:ce:7d:19:ee:94:0e:09:ec:
45:44:7f:ff:e6:30:6f:c3:f2:85:8f:91:e2:0d:98:9e:b6:18:
93:e0:1b:48:70:87:64:b7:33:e9:f4:5d:02:45:51:21:c1:ca:
97:91:79:17:ec:e1:e6:c5:8a:80:01:af:d4:cc:7f:c2:42:49:
a6:eb:88:8f:9a:28:70:75:10:2b:13:de:42:75:14:49:82:fb:
98:9a:2e:52:90:f0:d1:27:a5:4e:34:85:61:98:c6:26:d2:41:
1f:2f:12:1e:b6:c5:b7:40:c5:92:02:1d:54:99:d0:c2:c0:99:
64:bd:69:78:ec:3f:fc:a0:c7:00:f4:9a:13:91:f4:1c:c4:33:
a3:8b:bd:72:b4:30:a5:27:bb:54:fa:88:ad:c9:57:5c:5e:51:
37:32:ce:13:64:25:34:6d:c7:5d:a2:c6:d1:83:e9:14:76:54:
c7:d6:b9:a0:07:f8:62:d9:1e:a8:79:f1:f2:13:cb:c5:4c:4c:
50:58:31:89:3b:19:48:3f:98:ef:e1:4b:05:10:fc:68:f2:e2:
4c:d0:75:4b:20:31:86:7c:d9:9c:62:6a:de:46:60:6f:33:cd:
56:40:12:f2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYQUGs8UdtkAgpDv3uSTnAmKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzYzMzZTQzZWY1NjUyN2ExNjlkNmFjNmQ3ZTYyYzYzZDE5
NzMwNTEwHhcNMjIxMDI2MTE0MzMxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmJmOGY0MmU3Nzg0MjVmODdkNTJlOTc2NWJjNGJjMWJlYzk5MWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAieVPWQwki0Qc7ct+aD3l9Awc+kNM
DaMX5DnO8zapDxnaudltyfl8FbyRxiUdpzg6S+2vZBbwkHkwk1gMMRS2uoM8Wn6m
ihCO+MXVOATLUpD7ERdnYVsQiQ89A0hRsLptNdKJqtDDFaVg6xO9iZ28O2ci0ED0
MFIb8kFm8GvA99lCrfwmRlTGBuSEKhI9fQH75nphCswo0YP3ttny8ZhrZ0DeZ7nt
qKi9vCp0x40c2pr1PzmmA5qd3Ubga2/JMJ4yzV6QLj+E+4kGXUTe+snImfF0hH6v
ZkaA88zVXfAMkPGqiphOGNeUct/O4FPQUPHxBcupBlT8INHXrbXhTLDBGQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDa/j0LneEJfh9Uul2W8S8G+yZGoMB8GA1UdIwQY
MBaAFAPDPkPvVlJ6Fp1qxtfmLGPRlzBRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQThNLVEtOVdVbm9XbldyRzEtWXNZOUdYTUZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jMTdjMTUtYTE0Mi00YjM3LWI4ZmUt
YTNhM2ViODc5ZjJiLzEvTnItUFF1ZDRRbC1IMVM2WFpieEx3YjdKa2FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jMTdjMTUtYTE0Mi00YjM3LWI4ZmUtYTNhM2ViODc5ZjJi
LzEvQThNLVEtOVdVbm9XbldyRzEtWXNZOUdYTUZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATVe5AwQB
uUKwAwQAuUKzMA0GCSqGSIb3DQEBCwUAA4IBAQCfRZSWhz7Lwy70FyyeWshMHLq5
rHqXEf2BVVGtzn0Z7pQOCexFRH//5jBvw/KFj5HiDZiethiT4BtIcIdktzPp9F0C
RVEhwcqXkXkX7OHmxYqAAa/UzH/CQkmm64iPmihwdRArE95CdRRJgvuYmi5SkPDR
J6VONIVhmMYm0kEfLxIetsW3QMWSAh1UmdDCwJlkvWl47D/8oMcA9JoTkfQcxDOj
i71ytDClJ7tU+oityVdcXlE3Ms4TZCU0bcddosbRg+kUdlTH1rmgB/hi2R6oefHy
E8vFTExQWDGJOxlIP5jv4UsFEPxo8uJM0HVLIDGGfNmcYmreRmBvM81WQBLy
-----END CERTIFICATE-----
Generated at Sat Apr 12 18:32:15 2025 by rpki-client