Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/DDr4byhogs3mAEO7741QEXjNMwQ.roa
File: DDr4byhogs3mAEO7741QEXjNMwQ.roa (raw, json)
Hash identifier: K2SdMst09i/TvBLG1gIikQrKoGfd34PQm64jyVdzMXc=
Subject key identifier: 0C:3A:F8:6F:28:68:82:CD:E6:00:43:BB:EF:8D:50:11:78:CD:33:04
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018414AC4DC2CEC355C62CCDD29BE943D697
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/DDr4byhogs3mAEO7741QEXjNMwQ.roa
Signing time: Wed 26 Oct 2022 14:22:27 +0000
ROA not before: Wed 26 Oct 2022 14:22:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31261
IP address blocks: 77.74.79.0/24 maxlen: 24
81.23.0.0/21 maxlen: 21
5.8.177.0/24 maxlen: 24
81.23.9.0/24 maxlen: 24
81.23.8.0/23 maxlen: 23
81.23.14.0/24 maxlen: 24
37.16.80.0/22 maxlen: 22
77.242.15.0/24 maxlen: 24
77.74.72.0/22 maxlen: 22
77.220.211.0/24 maxlen: 24
77.74.78.0/24 maxlen: 24
77.220.209.0/24 maxlen: 24
77.74.77.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:14:ac:4d:c2:ce:c3:55:c6:2c:cd:d2:9b:e9:43:d6:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Oct 26 14:22:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0c3af86f286882cde60043bbef8d501178cd3304
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:10:d1:5b:01:c5:24:01:ac:9c:0f:e9:c8:0a:
92:be:94:a1:e2:36:a7:65:2b:e4:f3:6b:20:59:bc:
35:bb:8c:05:35:0e:a1:5f:87:e5:81:61:c5:83:ab:
01:dc:f6:c1:75:e9:ae:84:a2:0c:f1:ed:c9:76:55:
97:a3:42:ab:93:f2:9c:a1:58:95:06:f0:69:07:20:
9d:51:2f:d8:0b:fe:c3:ff:50:9c:0d:88:2b:24:e0:
e6:34:91:77:f6:74:6a:2a:0b:1c:5b:80:f1:6f:07:
cf:3d:f1:10:54:a1:b1:71:91:60:dd:42:a4:eb:11:
18:0f:bc:e8:38:a7:3d:16:50:46:74:68:09:4c:4b:
bb:01:87:8b:6f:a9:0f:d1:dd:b0:93:1d:07:c5:84:
aa:b0:4d:2e:dc:3e:a8:c3:f7:61:92:8d:33:d0:a4:
7e:be:53:01:86:df:3b:df:30:a0:3c:1d:c5:62:75:
d3:f5:92:45:1d:e9:0c:21:4e:ec:15:e5:f0:6d:de:
e0:33:ec:32:a7:5b:c7:d0:5d:d4:09:14:a7:ab:6a:
ac:89:68:60:32:8e:1f:ea:0b:c5:56:6d:a9:87:83:
bb:37:ec:c3:3a:39:19:d1:fb:04:87:4a:c4:10:ba:
89:a6:a3:b5:9e:aa:60:fd:db:fa:16:99:20:17:b6:
28:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:3A:F8:6F:28:68:82:CD:E6:00:43:BB:EF:8D:50:11:78:CD:33:04
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/DDr4byhogs3mAEO7741QEXjNMwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.177.0/24
37.16.80.0/22
77.74.72.0/22
77.74.77.0-77.74.79.255
77.220.209.0/24
77.220.211.0/24
77.242.15.0/24
81.23.0.0-81.23.9.255
81.23.14.0/24
Signature Algorithm: sha256WithRSAEncryption
66:0f:42:a1:c9:5d:b4:cb:8c:8b:f7:3a:60:35:3a:2d:ee:a4:
a4:fd:5b:73:a7:1e:66:0d:f5:6a:89:6e:0f:3a:ee:26:98:82:
58:99:2e:ad:1a:4b:af:bd:c8:63:74:4c:d2:28:56:ac:46:ef:
aa:f8:18:cf:9a:85:71:5a:b3:56:9b:d5:d2:17:a9:c0:d3:d6:
09:82:e4:b3:fc:53:ab:75:2b:30:fc:58:49:ca:3c:10:ec:94:
fa:f3:1e:03:94:06:64:5e:50:c4:55:ff:59:fe:00:c4:da:13:
a7:97:15:8b:1e:8c:b8:d5:3a:d7:0d:54:40:15:ca:ae:5c:5c:
07:44:e2:e3:7b:86:a9:b2:c7:a5:8f:ec:f1:68:ce:7d:a2:12:
07:8b:11:39:de:2f:48:03:6a:09:82:f4:94:db:cc:99:2a:8f:
8e:1c:b7:58:bd:76:c8:b8:87:84:e2:38:0f:55:8c:04:17:c4:
38:f5:c7:3b:4c:70:38:97:f6:c2:ef:b6:a8:d1:ff:69:bb:11:
40:28:af:fd:c2:1b:d1:64:83:23:d8:5c:64:e1:ee:a2:87:40:
18:fb:fa:72:b0:0a:24:66:07:88:13:6a:7a:91:91:fa:4e:bc:
20:71:f1:0a:63:ce:d4:2c:b2:27:7d:53:9d:df:62:13:86:3e:
fb:2e:ba:f0
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYQUrE3CzsNVxizN0pvpQ9aXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMDI2MTQyMjI3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzNhZjg2ZjI4Njg4MmNkZTYwMDQzYmJlZjhkNTAxMTc4Y2QzMzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxDRWwHFJAGsnA/pyAqSvpSh4jan
ZSvk82sgWbw1u4wFNQ6hX4flgWHFg6sB3PbBdemuhKIM8e3JdlWXo0Krk/KcoViV
BvBpByCdUS/YC/7D/1CcDYgrJODmNJF39nRqKgscW4DxbwfPPfEQVKGxcZFg3UKk
6xEYD7zoOKc9FlBGdGgJTEu7AYeLb6kP0d2wkx0HxYSqsE0u3D6ow/dhko0z0KR+
vlMBht873zCgPB3FYnXT9ZJFHekMIU7sFeXwbd7gM+wyp1vH0F3UCRSnq2qsiWhg
Mo4f6gvFVm2ph4O7N+zDOjkZ0fsEh0rEELqJpqO1nqpg/dv6FpkgF7YoHwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFAw6+G8oaILN5gBDu++NUBF4zTMEMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvRERyNGJ5aG9nczNtQUVPNzc0MVFFWGpOTXdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTBLBAIAATBFAwQABQixAwQC
JRBQAwQCTUpIMAwDBABNSk0DBARNSkADBABN3NEDBABN3NMDBABN8g8wCwMDAFEX
AwQBURcIAwQAURcOMA0GCSqGSIb3DQEBCwUAA4IBAQBmD0KhyV20y4yL9zpgNTot
7qSk/Vtzpx5mDfVqiW4POu4mmIJYmS6tGkuvvchjdEzSKFasRu+q+BjPmoVxWrNW
m9XSF6nA09YJguSz/FOrdSsw/FhJyjwQ7JT68x4DlAZkXlDEVf9Z/gDE2hOnlxWL
Hoy41TrXDVRAFcquXFwHROLje4apsselj+zxaM59ohIHixE53i9IA2oJgvSU28yZ
Ko+OHLdYvXbIuIeE4jgPVYwEF8Q49cc7THA4l/bC77ao0f9puxFAKK/9whvRZIMj
2Fxk4e6ih0AY+/pysAokZgeIE2p6kZH6TrwgcfEKY87ULLInfVOd32IThj77Lrrw
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:41 2025 by rpki-client