Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/f01f35-2cca-4e5a-828a-6bffcb7c0f0a/1/CInGOBrm3AQ8XLuG1-8NGzf1qJg.roa
File: CInGOBrm3AQ8XLuG1-8NGzf1qJg.roa (raw, json)
Hash identifier: gRcU2eFRNjSdEzJK938DRYujETW344s+mJNZgAZcveQ=
Subject key identifier: 08:89:C6:38:1A:E6:DC:04:3C:5C:BB:86:D7:EF:0D:1B:37:F5:A8:98
Certificate issuer: /CN=d504e641e55a48aee0141e2c0d26227102caa6d4
Certificate serial: 0187E1CF78FA725711FA30804908C15F10EC
Authority key identifier: D5:04:E6:41:E5:5A:48:AE:E0:14:1E:2C:0D:26:22:71:02:CA:A6:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1QTmQeVaSK7gFB4sDSYicQLKptQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/f01f35-2cca-4e5a-828a-6bffcb7c0f0a/1/CInGOBrm3AQ8XLuG1-8NGzf1qJg.roa
Signing time: Wed 03 May 2023 13:31:23 +0000
ROA not before: Wed 03 May 2023 13:31:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9123
IP address blocks: 77.232.132.0/22 maxlen: 22
77.232.132.0/24 maxlen: 24
77.232.136.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e1:cf:78:fa:72:57:11:fa:30:80:49:08:c1:5f:10:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d504e641e55a48aee0141e2c0d26227102caa6d4
Validity
Not Before: May 3 13:31:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0889c6381ae6dc043c5cbb86d7ef0d1b37f5a898
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:69:c5:0b:b1:76:60:c1:eb:d5:98:da:0e:c8:
b8:1f:d0:d2:e2:50:99:e8:b8:f2:19:1d:9f:ec:0d:
a4:6f:f0:c8:84:61:2a:72:f2:36:8a:49:c5:22:3c:
09:c0:16:a9:cd:1d:7f:2f:77:75:b0:b8:68:a0:c6:
ce:2b:b9:a0:a3:67:8a:62:82:ab:58:47:06:c9:ce:
b0:63:83:00:12:a6:4e:16:f6:6f:e4:51:92:8c:c6:
7c:f8:55:42:f2:75:60:6f:de:9f:87:1f:71:84:8e:
3c:c1:f2:dc:7a:d1:a7:e1:c6:02:5e:66:1a:a7:bd:
1d:ec:3a:fe:3f:46:b0:85:dd:c7:8f:c2:57:a1:b8:
73:62:5a:ec:4a:11:f8:a7:1c:89:26:e2:84:6a:52:
7c:5f:4e:a6:9f:35:9d:93:c5:9e:f2:e8:d9:3a:15:
85:88:37:d9:50:00:9d:ed:34:db:85:2c:47:ac:31:
82:7b:81:f8:7e:a0:d2:c2:db:88:a6:3b:9e:05:f8:
37:89:e9:c3:cc:cc:5f:69:16:9a:91:f6:94:89:8b:
c4:aa:4c:6a:4f:4a:f9:5e:2c:c6:0a:65:42:5b:63:
50:1a:e6:d3:2f:03:7d:88:36:c1:d2:3d:c0:3e:8e:
4e:5b:d7:79:d8:8a:0f:1f:a7:72:a1:17:ec:2a:ee:
bb:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:89:C6:38:1A:E6:DC:04:3C:5C:BB:86:D7:EF:0D:1B:37:F5:A8:98
X509v3 Authority Key Identifier:
keyid:D5:04:E6:41:E5:5A:48:AE:E0:14:1E:2C:0D:26:22:71:02:CA:A6:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1QTmQeVaSK7gFB4sDSYicQLKptQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/f01f35-2cca-4e5a-828a-6bffcb7c0f0a/1/CInGOBrm3AQ8XLuG1-8NGzf1qJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/f01f35-2cca-4e5a-828a-6bffcb7c0f0a/1/1QTmQeVaSK7gFB4sDSYicQLKptQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.232.132.0-77.232.139.255
Signature Algorithm: sha256WithRSAEncryption
8e:66:13:ac:eb:91:00:4a:94:65:80:59:9f:d9:70:1f:44:f6:
96:a7:f4:d5:9a:87:b8:43:d3:eb:7d:b9:0b:21:25:e1:f8:fa:
e2:a6:3a:b4:a1:aa:1f:46:ff:92:19:5c:4d:e1:5e:bc:fe:03:
f5:e2:d2:ca:10:1b:40:13:9a:bf:e3:68:13:f5:42:31:26:f4:
b3:fa:ee:9f:65:85:ea:56:dd:57:b6:1e:cf:f1:7e:94:8f:0f:
ef:af:cc:6d:a4:d8:cf:5e:91:64:5c:1c:84:e5:98:1d:0a:f7:
07:d1:d1:b3:d8:63:f4:e1:9d:8a:d0:2e:39:0b:37:db:fa:be:
73:1f:a9:fd:92:f4:cc:d1:1c:e0:3e:7f:fa:dd:ea:98:31:86:
fa:7c:fe:8b:08:af:96:a8:91:b6:20:2d:cf:e1:9f:45:73:89:
8b:f8:f0:ce:6f:ac:c1:e4:d7:05:3c:f1:88:d0:16:0e:88:06:
c0:76:08:4e:f7:70:93:cc:ae:83:0f:61:c1:32:bc:d8:15:1f:
de:fd:bd:2f:14:5d:c7:38:f0:d8:5c:2c:00:d1:c6:4d:01:62:
17:97:ed:cb:a9:25:8c:2a:94:cb:d4:b4:83:46:12:aa:f6:11:
77:17:1b:2b:31:f1:29:b7:f6:da:ad:bc:9b:9e:e3:c5:98:f9:
b3:33:ee:7b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYfhz3j6clcR+jCASQjBXxDsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MDRlNjQxZTU1YTQ4YWVlMDE0MWUyYzBkMjYyMjcxMDJj
YWE2ZDQwHhcNMjMwNTAzMTMzMTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODg5YzYzODFhZTZkYzA0M2M1Y2JiODZkN2VmMGQxYjM3ZjVhODk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWnFC7F2YMHr1ZjaDsi4H9DS4lCZ
6LjyGR2f7A2kb/DIhGEqcvI2iknFIjwJwBapzR1/L3d1sLhooMbOK7mgo2eKYoKr
WEcGyc6wY4MAEqZOFvZv5FGSjMZ8+FVC8nVgb96fhx9xhI48wfLcetGn4cYCXmYa
p70d7Dr+P0awhd3Hj8JXobhzYlrsShH4pxyJJuKEalJ8X06mnzWdk8We8ujZOhWF
iDfZUACd7TTbhSxHrDGCe4H4fqDSwtuIpjueBfg3ienDzMxfaRaakfaUiYvEqkxq
T0r5XizGCmVCW2NQGubTLwN9iDbB0j3APo5OW9d52IoPH6dyoRfsKu67OQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAiJxjga5twEPFy7htfvDRs39aiYMB8GA1UdIwQY
MBaAFNUE5kHlWkiu4BQeLA0mInECyqbUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVFUbVFlVmFTSzdnRkI0c0RTWWljUUxLcHRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9mMDFmMzUtMmNjYS00ZTVhLTgyOGEt
NmJmZmNiN2MwZjBhLzEvQ0luR09Ccm0zQVE4WEx1RzEtOE5HemYxcUpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9mMDFmMzUtMmNjYS00ZTVhLTgyOGEtNmJmZmNiN2MwZjBh
LzEvMVFUbVFlVmFTSzdnRkI0c0RTWWljUUxLcHRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAJN6IQD
BAJN6IgwDQYJKoZIhvcNAQELBQADggEBAI5mE6zrkQBKlGWAWZ/ZcB9E9pan9NWa
h7hD0+t9uQshJeH4+uKmOrShqh9G/5IZXE3hXrz+A/Xi0soQG0ATmr/jaBP1QjEm
9LP67p9lhepW3Ve2Hs/xfpSPD++vzG2k2M9ekWRcHITlmB0K9wfR0bPYY/ThnYrQ
LjkLN9v6vnMfqf2S9MzRHOA+f/rd6pgxhvp8/osIr5aokbYgLc/hn0VziYv48M5v
rMHk1wU88YjQFg6IBsB2CE73cJPMroMPYcEyvNgVH979vS8UXcc48NhcLADRxk0B
YheX7cupJYwqlMvUtINGEqr2EXcXGysx8Sm39tqtvJue48WY+bMz7ns=
-----END CERTIFICATE-----
Generated at Mon Apr 28 01:08:20 2025 by rpki-client