Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/e3UnXuSviwlMJuv26C0kTcw6_Js.roa
File: e3UnXuSviwlMJuv26C0kTcw6_Js.roa (raw, json)
Hash identifier: uGuPbNSEMA/grkOF5Ugidob01DWeCSM2kdVOAI3Jy34=
Subject key identifier: 7B:75:27:5E:E4:AF:8B:09:4C:26:EB:F6:E8:2D:24:4D:CC:3A:FC:9B
Certificate issuer: /CN=03c33e43ef56527a169d6ac6d7e62c63d1973051
Certificate serial: 0182F3C1862CBDDB3B27F9CB9C921AECF311
Authority key identifier: 03:C3:3E:43:EF:56:52:7A:16:9D:6A:C6:D7:E6:2C:63:D1:97:30:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/e3UnXuSviwlMJuv26C0kTcw6_Js.roa
Signing time: Wed 31 Aug 2022 11:55:22 +0000
ROA not before: Wed 31 Aug 2022 11:55:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212341
IP address blocks: 77.87.185.0/24 maxlen: 24
185.66.177.0/24 maxlen: 24
185.66.179.0/24 maxlen: 24
185.66.176.0/24 maxlen: 24
185.66.178.0/24 maxlen: 24
2a05:900::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:f3:c1:86:2c:bd:db:3b:27:f9:cb:9c:92:1a:ec:f3:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03c33e43ef56527a169d6ac6d7e62c63d1973051
Validity
Not Before: Aug 31 11:55:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7b75275ee4af8b094c26ebf6e82d244dcc3afc9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c7:36:18:a7:7a:5f:c2:48:37:70:24:85:a3:
3a:a6:2c:ab:a4:cf:e8:f8:f6:b3:f0:a7:73:63:84:
f4:0a:7f:fa:25:be:09:ef:ba:71:4c:0a:72:d2:ca:
78:4e:2a:ed:ba:03:fd:23:d8:03:55:80:7f:e3:2a:
e8:27:43:b4:37:25:5d:63:3f:97:a6:22:7f:2b:8f:
bd:c4:45:a1:a0:4e:6c:ba:9e:fe:0f:94:d7:4a:fb:
8a:a3:00:05:98:a2:25:e4:6a:8d:db:a6:52:82:7c:
17:8d:7b:61:02:5f:95:db:8e:a8:88:72:7f:41:9a:
c3:4c:6b:de:eb:df:bd:85:01:08:bc:72:c4:c5:ff:
5e:51:17:96:64:b2:ee:c4:83:c2:5f:9a:15:c4:00:
a4:77:3c:a4:bb:92:54:a0:55:f1:2a:c0:22:f9:bb:
8a:dd:19:fc:ab:67:ef:de:36:a2:c2:43:a3:56:99:
44:1f:21:79:d0:04:cd:3e:d7:a9:11:56:b7:6d:46:
c4:de:98:84:a2:7a:60:03:53:9a:9c:91:a9:38:a8:
73:bd:7d:1a:4e:f2:ce:1a:4e:bb:52:9c:9c:9e:2e:
23:9d:81:30:ae:7a:b2:62:68:b2:53:d8:6f:ff:b6:
f6:78:79:9e:02:9f:11:5c:d7:95:b3:60:e9:eb:07:
25:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:75:27:5E:E4:AF:8B:09:4C:26:EB:F6:E8:2D:24:4D:CC:3A:FC:9B
X509v3 Authority Key Identifier:
keyid:03:C3:3E:43:EF:56:52:7A:16:9D:6A:C6:D7:E6:2C:63:D1:97:30:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/e3UnXuSviwlMJuv26C0kTcw6_Js.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.87.185.0/24
185.66.176.0/22
IPv6:
2a05:900::/29
Signature Algorithm: sha256WithRSAEncryption
36:dc:a7:f1:9e:a6:9a:28:a3:bd:ce:9c:f6:e5:68:fc:e2:49:
6d:48:66:44:5e:df:20:08:81:e7:da:55:5f:3b:e0:c8:32:ce:
9d:39:1a:fc:d5:fc:13:ab:fa:ae:21:24:87:23:d6:54:e7:70:
ae:5c:63:d7:ad:40:8c:ff:26:83:94:53:68:62:34:c9:df:e3:
74:ef:e6:37:c2:64:5f:8e:4b:8f:c5:13:01:94:06:74:56:bd:
c6:60:6d:f2:57:11:14:f8:60:f3:cf:0c:11:3e:cf:a9:3f:77:
4c:56:da:40:91:fa:46:5d:43:d1:61:bb:1a:82:b6:47:42:ab:
ff:cf:c4:30:ab:70:16:f0:d6:58:f1:5e:32:7e:90:97:ce:aa:
33:91:34:13:e4:a6:b5:61:fe:14:cb:24:d6:df:bb:37:28:af:
ef:a6:6d:c3:1b:2d:22:b0:6e:85:af:a6:fb:19:9b:e5:f5:76:
c9:dd:63:f8:8a:2a:aa:d2:b1:4e:3d:63:ce:ab:26:98:6d:40:
c2:33:f5:8c:4e:90:fd:1f:80:ff:92:e3:bd:28:e8:e2:8a:90:
63:53:f2:8c:af:21:95:15:99:b9:f6:61:c9:07:43:db:28:53:
1f:61:a8:19:d5:69:0e:f6:15:76:eb:11:55:45:b8:19:f0:05:
fd:41:fd:f0
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYLzwYYsvds7J/nLnJIa7PMRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzYzMzZTQzZWY1NjUyN2ExNjlkNmFjNmQ3ZTYyYzYzZDE5
NzMwNTEwHhcNMjIwODMxMTE1NTIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Yjc1Mjc1ZWU0YWY4YjA5NGMyNmViZjZlODJkMjQ0ZGNjM2FmYzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqcc2GKd6X8JIN3AkhaM6piyrpM/o
+Paz8KdzY4T0Cn/6Jb4J77pxTApy0sp4TirtugP9I9gDVYB/4yroJ0O0NyVdYz+X
piJ/K4+9xEWhoE5sup7+D5TXSvuKowAFmKIl5GqN26ZSgnwXjXthAl+V246oiHJ/
QZrDTGve69+9hQEIvHLExf9eUReWZLLuxIPCX5oVxACkdzyku5JUoFXxKsAi+buK
3Rn8q2fv3jaiwkOjVplEHyF50ATNPtepEVa3bUbE3piEonpgA1OanJGpOKhzvX0a
TvLOGk67Upycni4jnYEwrnqyYmiyU9hv/7b2eHmeAp8RXNeVs2Dp6wcl+QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHt1J17kr4sJTCbr9ugtJE3MOvybMB8GA1UdIwQY
MBaAFAPDPkPvVlJ6Fp1qxtfmLGPRlzBRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQThNLVEtOVdVbm9XbldyRzEtWXNZOUdYTUZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jMTdjMTUtYTE0Mi00YjM3LWI4ZmUt
YTNhM2ViODc5ZjJiLzEvZTNVblh1U3Zpd2xNSnV2MjZDMGtUY3c2X0pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jMTdjMTUtYTE0Mi00YjM3LWI4ZmUtYTNhM2ViODc5ZjJi
LzEvQThNLVEtOVdVbm9XbldyRzEtWXNZOUdYTUZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQATVe5AwQC
uUKwMA0EAgACMAcDBQMqBQkAMA0GCSqGSIb3DQEBCwUAA4IBAQA23KfxnqaaKKO9
zpz25Wj84kltSGZEXt8gCIHn2lVfO+DIMs6dORr81fwTq/quISSHI9ZU53CuXGPX
rUCM/yaDlFNoYjTJ3+N07+Y3wmRfjkuPxRMBlAZ0Vr3GYG3yVxEU+GDzzwwRPs+p
P3dMVtpAkfpGXUPRYbsagrZHQqv/z8Qwq3AW8NZY8V4yfpCXzqozkTQT5Ka1Yf4U
yyTW37s3KK/vpm3DGy0isG6Fr6b7GZvl9XbJ3WP4iiqq0rFOPWPOqyaYbUDCM/WM
TpD9H4D/kuO9KOjiipBjU/KMryGVFZm59mHJB0PbKFMfYagZ1WkO9hV26xFVRbgZ
8AX9Qf3w
-----END CERTIFICATE-----
Generated at Sat Apr 12 18:10:02 2025 by rpki-client