Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/t_mWTp3G0S0rVsOD5yBDcnr6Eoc.roa
File: t_mWTp3G0S0rVsOD5yBDcnr6Eoc.roa (raw, json)
Hash identifier: nFN655QdCpUTnchkp7gp0q/aABhf6HwOCBvn6SQHaRA=
Subject key identifier: B7:F9:96:4E:9D:C6:D1:2D:2B:56:C3:83:E7:20:43:72:7A:FA:12:87
Certificate issuer: /CN=03c33e43ef56527a169d6ac6d7e62c63d1973051
Certificate serial: 0184131064FD309EF7A0D39C6C18CD330E50
Authority key identifier: 03:C3:3E:43:EF:56:52:7A:16:9D:6A:C6:D7:E6:2C:63:D1:97:30:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/t_mWTp3G0S0rVsOD5yBDcnr6Eoc.roa
Signing time: Wed 26 Oct 2022 06:52:32 +0000
ROA not before: Wed 26 Oct 2022 06:52:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212341
IP address blocks: 77.87.185.0/24 maxlen: 24
185.66.176.0/22 maxlen: 22
185.66.177.0/24 maxlen: 24
185.66.179.0/24 maxlen: 24
185.66.176.0/24 maxlen: 24
185.66.178.0/24 maxlen: 24
2a05:900::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:13:10:64:fd:30:9e:f7:a0:d3:9c:6c:18:cd:33:0e:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03c33e43ef56527a169d6ac6d7e62c63d1973051
Validity
Not Before: Oct 26 06:52:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b7f9964e9dc6d12d2b56c383e72043727afa1287
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:16:1e:dc:35:45:91:cf:62:de:57:c4:11:ca:
74:9d:c2:dc:1f:f1:8f:4d:6d:4e:e0:55:f0:b7:8e:
26:d4:6b:da:98:10:56:43:22:77:e8:38:16:6a:f4:
56:d4:b4:1b:b8:a3:63:59:36:a6:f8:ee:2f:c0:00:
c1:65:42:f7:77:b6:54:f0:ca:47:12:e7:41:2b:6b:
c6:19:b7:ce:7e:1d:ef:d3:34:3c:81:7a:d7:a3:ac:
bc:9e:6f:bf:ce:9d:79:1c:e7:a7:43:d8:1e:d2:1d:
f6:b5:67:5e:8f:88:4f:39:89:e4:9f:a0:ad:b0:d2:
72:bc:5f:4a:3b:92:9b:b3:d1:f1:c4:39:49:3d:b3:
74:20:eb:11:4d:72:ba:21:2b:6c:be:6c:52:6a:41:
e9:e9:2b:4f:76:be:88:f2:38:c6:6a:0f:59:49:5f:
9e:8c:8d:e1:5a:12:37:7a:01:8f:1c:07:e6:ff:7f:
a3:2a:93:aa:81:b4:ab:11:bb:cb:8b:06:c9:2a:56:
ca:65:ea:2b:60:9c:66:82:af:3b:07:b4:18:cd:bb:
2b:67:51:79:43:b9:af:c5:08:7f:be:8e:22:74:a6:
67:eb:08:c2:2a:1c:74:f4:da:58:20:00:51:f2:78:
8b:21:ab:38:5a:b8:f1:c3:be:ed:24:cc:36:61:43:
c0:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:F9:96:4E:9D:C6:D1:2D:2B:56:C3:83:E7:20:43:72:7A:FA:12:87
X509v3 Authority Key Identifier:
keyid:03:C3:3E:43:EF:56:52:7A:16:9D:6A:C6:D7:E6:2C:63:D1:97:30:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/t_mWTp3G0S0rVsOD5yBDcnr6Eoc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.87.185.0/24
185.66.176.0/22
IPv6:
2a05:900::/29
Signature Algorithm: sha256WithRSAEncryption
7a:1f:50:74:7c:0e:bc:a7:c9:d8:76:1e:8e:0d:0a:e4:07:bc:
09:66:0e:b7:55:a2:e5:89:3d:e5:f2:05:4b:51:f6:ef:e2:8c:
fc:02:ca:1a:c7:25:d5:7e:c3:71:9e:8c:aa:0d:39:b7:7e:44:
82:c2:97:45:b6:0f:8c:f0:76:ce:dc:e4:87:79:a7:bd:25:31:
5d:f6:1a:05:78:16:5d:d4:9a:dc:d6:94:35:a9:26:3d:99:49:
12:ef:95:6d:5a:fe:ea:59:46:d4:a0:d7:2c:91:db:f9:de:26:
87:67:3a:7c:58:fc:d3:77:40:80:ce:fb:35:4b:c3:03:a7:6c:
9c:39:45:07:3d:f9:23:6d:a2:98:47:c6:f6:f4:a5:b1:57:ba:
2d:2f:d3:34:d6:97:85:85:6a:78:69:aa:cf:bd:c4:42:14:c2:
37:f9:bc:cb:b8:71:5d:62:a7:46:ae:3d:8c:87:2e:f9:c4:0d:
eb:e8:2b:33:58:64:d5:78:58:18:19:6f:78:2b:8f:88:7d:3e:
13:4b:8a:3f:bd:fe:e6:bd:38:64:8a:e5:46:1c:70:ba:a0:df:
67:e2:a0:72:67:5d:42:ac:a7:b8:fe:37:0c:ba:24:59:26:ce:
81:cd:23:9a:31:5f:ba:e2:51:9b:e9:28:82:7f:03:a7:5b:cf:
f2:8b:ea:76
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYQTEGT9MJ73oNOcbBjNMw5QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzYzMzZTQzZWY1NjUyN2ExNjlkNmFjNmQ3ZTYyYzYzZDE5
NzMwNTEwHhcNMjIxMDI2MDY1MjMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2Y5OTY0ZTlkYzZkMTJkMmI1NmMzODNlNzIwNDM3MjdhZmExMjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBYe3DVFkc9i3lfEEcp0ncLcH/GP
TW1O4FXwt44m1GvamBBWQyJ36DgWavRW1LQbuKNjWTam+O4vwADBZUL3d7ZU8MpH
EudBK2vGGbfOfh3v0zQ8gXrXo6y8nm+/zp15HOenQ9ge0h32tWdej4hPOYnkn6Ct
sNJyvF9KO5Kbs9HxxDlJPbN0IOsRTXK6IStsvmxSakHp6StPdr6I8jjGag9ZSV+e
jI3hWhI3egGPHAfm/3+jKpOqgbSrEbvLiwbJKlbKZeorYJxmgq87B7QYzbsrZ1F5
Q7mvxQh/vo4idKZn6wjCKhx09NpYIABR8niLIas4Wrjxw77tJMw2YUPAcQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLf5lk6dxtEtK1bDg+cgQ3J6+hKHMB8GA1UdIwQY
MBaAFAPDPkPvVlJ6Fp1qxtfmLGPRlzBRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQThNLVEtOVdVbm9XbldyRzEtWXNZOUdYTUZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jMTdjMTUtYTE0Mi00YjM3LWI4ZmUt
YTNhM2ViODc5ZjJiLzEvdF9tV1RwM0cwUzByVnNPRDV5QkRjbnI2RW9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jMTdjMTUtYTE0Mi00YjM3LWI4ZmUtYTNhM2ViODc5ZjJi
LzEvQThNLVEtOVdVbm9XbldyRzEtWXNZOUdYTUZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQATVe5AwQC
uUKwMA0EAgACMAcDBQMqBQkAMA0GCSqGSIb3DQEBCwUAA4IBAQB6H1B0fA68p8nY
dh6ODQrkB7wJZg63VaLliT3l8gVLUfbv4oz8AsoaxyXVfsNxnoyqDTm3fkSCwpdF
tg+M8HbO3OSHeae9JTFd9hoFeBZd1Jrc1pQ1qSY9mUkS75VtWv7qWUbUoNcskdv5
3iaHZzp8WPzTd0CAzvs1S8MDp2ycOUUHPfkjbaKYR8b29KWxV7otL9M01peFhWp4
aarPvcRCFMI3+bzLuHFdYqdGrj2Mhy75xA3r6CszWGTVeFgYGW94K4+IfT4TS4o/
vf7mvThkiuVGHHC6oN9n4qByZ11CrKe4/jcMuiRZJs6BzSOaMV+64lGb6SiCfwOn
W8/yi+p2
-----END CERTIFICATE-----
Generated at Sat Apr 12 18:09:59 2025 by rpki-client