Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/2wWdprrn6sst1St_PmLqGP5kgp4.roa
File: 2wWdprrn6sst1St_PmLqGP5kgp4.roa (raw, json)
Hash identifier: +ErjlJypIdruC/xp3XCZNDdxPUyxAxGStD1ryuCv5DE=
Subject key identifier: DB:05:9D:A6:BA:E7:EA:CB:2D:D5:2B:7F:3E:62:EA:18:FE:64:82:9E
Certificate issuer: /CN=85e1567b1681833c944a5f2640a9e03be8ef0bf4
Certificate serial: 01856D81B53019F563AC8BF35933C418DD07
Authority key identifier: 85:E1:56:7B:16:81:83:3C:94:4A:5F:26:40:A9:E0:3B:E8:EF:0B:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/heFWexaBgzyUSl8mQKngO-jvC_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/2wWdprrn6sst1St_PmLqGP5kgp4.roa
Signing time: Sun 01 Jan 2023 13:24:55 +0000
ROA not before: Sun 01 Jan 2023 13:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42334
IP address blocks: 77.235.148.0/24 maxlen: 24
185.131.39.0/24 maxlen: 24
77.235.147.0/24 maxlen: 24
77.235.146.0/24 maxlen: 24
77.235.151.0/24 maxlen: 24
77.235.150.0/24 maxlen: 24
77.235.149.0/24 maxlen: 24
77.235.152.0/24 maxlen: 24
77.235.158.0/24 maxlen: 24
77.235.157.0/24 maxlen: 24
77.235.159.0/24 maxlen: 24
77.235.154.0/24 maxlen: 24
77.235.130.0/24 maxlen: 24
77.235.129.0/24 maxlen: 24
77.235.128.0/24 maxlen: 24
77.235.132.0/24 maxlen: 24
77.235.131.0/24 maxlen: 24
77.235.134.0/24 maxlen: 24
77.235.133.0/24 maxlen: 24
77.235.137.0/24 maxlen: 24
77.235.136.0/24 maxlen: 24
77.235.135.0/24 maxlen: 24
77.235.139.0/24 maxlen: 24
77.235.138.0/24 maxlen: 24
77.235.144.0/24 maxlen: 24
185.131.36.0/24 maxlen: 24
77.235.143.0/24 maxlen: 24
185.131.38.0/24 maxlen: 24
77.235.145.0/24 maxlen: 24
185.131.37.0/24 maxlen: 24
77.235.141.0/24 maxlen: 24
77.235.140.0/24 maxlen: 24
2a02:4180::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:b5:30:19:f5:63:ac:8b:f3:59:33:c4:18:dd:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85e1567b1681833c944a5f2640a9e03be8ef0bf4
Validity
Not Before: Jan 1 13:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db059da6bae7eacb2dd52b7f3e62ea18fe64829e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b5:43:ed:f1:00:d6:ca:91:e1:dd:5a:c9:8c:
47:89:46:53:aa:94:d0:8c:32:86:85:c6:8d:1a:09:
c1:19:55:17:36:fb:ef:79:cf:54:08:26:ca:24:33:
4b:54:e3:8f:d6:c9:01:ea:e4:be:17:67:ed:19:75:
22:d8:ec:4b:c2:ec:aa:3e:15:7f:45:f7:b5:e6:8c:
a4:26:8a:74:e5:bd:3c:fe:4d:de:ba:e1:62:e5:35:
6c:94:64:90:3b:fb:b6:4f:6c:61:08:91:be:28:b4:
4e:37:55:34:69:e7:d9:c2:3f:27:f3:de:11:bb:0e:
0d:fc:d0:b5:17:cc:8c:f9:3a:c0:51:63:98:15:d6:
7f:51:fd:0c:f2:36:fc:c4:04:39:11:4e:bf:11:37:
b3:39:8a:4b:d8:6c:4a:f6:91:0b:12:e8:01:4c:cb:
dc:70:51:6e:67:51:dd:c9:47:58:dc:8f:4c:52:29:
4f:60:a2:0c:39:8c:c5:73:fb:20:09:f4:c9:32:b6:
77:54:7c:c2:15:2a:e8:4b:5f:16:75:6d:3d:0d:37:
17:3f:fb:22:8c:b5:d4:8e:30:2d:6d:07:9e:4a:e4:
90:06:ea:3e:0d:8f:1c:14:ec:47:06:7a:a8:53:53:
c7:da:4e:10:63:85:7c:62:c3:e4:0b:43:95:a4:50:
2d:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:05:9D:A6:BA:E7:EA:CB:2D:D5:2B:7F:3E:62:EA:18:FE:64:82:9E
X509v3 Authority Key Identifier:
keyid:85:E1:56:7B:16:81:83:3C:94:4A:5F:26:40:A9:E0:3B:E8:EF:0B:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/heFWexaBgzyUSl8mQKngO-jvC_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/2wWdprrn6sst1St_PmLqGP5kgp4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.235.128.0-77.235.141.255
77.235.143.0-77.235.152.255
77.235.154.0/24
77.235.157.0-77.235.159.255
185.131.36.0/22
IPv6:
2a02:4180::/32
Signature Algorithm: sha256WithRSAEncryption
2c:2f:3c:e7:97:02:a3:28:0d:2b:89:7b:93:c9:d0:eb:68:fe:
5f:a6:35:bd:a8:88:de:cd:7c:0e:2b:f5:70:23:a2:2d:ba:be:
c2:fa:23:da:4c:e6:87:c6:45:4c:ea:3f:70:32:3f:24:8a:70:
8c:2e:a2:8c:9b:82:eb:cc:c9:a4:eb:c2:9e:37:f3:26:40:74:
87:a7:49:56:b4:8c:b2:fd:d0:9c:ed:f2:06:e6:e7:29:f7:de:
7b:f5:82:35:eb:ee:e4:a1:d9:1d:e4:a5:30:b3:ff:64:0e:be:
82:33:20:fe:2e:17:55:62:58:c4:5a:e4:1e:4b:dd:55:83:d1:
7d:64:85:a9:8b:35:e0:09:c0:1e:d0:85:35:1e:7e:84:e4:73:
9c:9e:18:06:9e:f1:69:86:8a:1a:17:eb:a4:ce:47:5e:a4:3a:
6e:37:86:ee:fc:38:99:f1:78:a5:8d:91:29:fd:6e:96:93:34:
26:d7:24:8c:f1:21:ad:6c:10:b4:d5:09:9d:0b:05:76:95:bc:
7e:b0:50:a0:e1:a8:c2:15:85:d1:f7:a7:ce:08:5b:ce:8b:e6:
1a:2b:06:41:2a:e2:ca:86:22:d8:1e:81:27:cd:51:89:df:4f:
29:61:24:da:4b:cc:ff:76:d3:30:a4:1a:ae:47:78:67:52:66:
82:76:f3:b7
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYVtgbUwGfVjrIvzWTPEGN0HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZTE1NjdiMTY4MTgzM2M5NDRhNWYyNjQwYTllMDNiZThl
ZjBiZjQwHhcNMjMwMTAxMTMyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjA1OWRhNmJhZTdlYWNiMmRkNTJiN2YzZTYyZWExOGZlNjQ4MjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxLVD7fEA1sqR4d1ayYxHiUZTqpTQ
jDKGhcaNGgnBGVUXNvvvec9UCCbKJDNLVOOP1skB6uS+F2ftGXUi2OxLwuyqPhV/
Rfe15oykJop05b08/k3euuFi5TVslGSQO/u2T2xhCJG+KLRON1U0aefZwj8n894R
uw4N/NC1F8yM+TrAUWOYFdZ/Uf0M8jb8xAQ5EU6/ETezOYpL2GxK9pELEugBTMvc
cFFuZ1HdyUdY3I9MUilPYKIMOYzFc/sgCfTJMrZ3VHzCFSroS18WdW09DTcXP/si
jLXUjjAtbQeeSuSQBuo+DY8cFOxHBnqoU1PH2k4QY4V8YsPkC0OVpFAttwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFNsFnaa65+rLLdUrfz5i6hj+ZIKeMB8GA1UdIwQY
MBaAFIXhVnsWgYM8lEpfJkCp4Dvo7wv0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGVGV2V4YUJnenlVU2w4bVFLbmdPLWp2Q19RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9kZjQ5NDUtZjUzMi00YTAxLWE3ZmEt
NTNhOTk4ZGU2M2UzLzEvMndXZHBycm42c3N0MVN0X1BtTHFHUDVrZ3A0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9kZjQ5NDUtZjUzMi00YTAxLWE3ZmEtNTNhOTk4ZGU2M2Uz
LzEvaGVGV2V4YUJnenlVU2w4bVFLbmdPLWp2Q19RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2MAwDBAdN64AD
BAFN64wwDAMEAE3rjwMEAE3rmAMEAE3rmjAMAwQATeudAwQFTeuAAwQCuYMkMA0E
AgACMAcDBQAqAkGAMA0GCSqGSIb3DQEBCwUAA4IBAQAsLzznlwKjKA0riXuTydDr
aP5fpjW9qIjezXwOK/VwI6Itur7C+iPaTOaHxkVM6j9wMj8kinCMLqKMm4LrzMmk
68KeN/MmQHSHp0lWtIyy/dCc7fIG5ucp99579YI16+7kodkd5KUws/9kDr6CMyD+
LhdVYljEWuQeS91Vg9F9ZIWpizXgCcAe0IU1Hn6E5HOcnhgGnvFphooaF+ukzkde
pDpuN4bu/DiZ8XiljZEp/W6WkzQm1ySM8SGtbBC01QmdCwV2lbx+sFCg4ajCFYXR
96fOCFvOi+YaKwZBKuLKhiLYHoEnzVGJ308pYSTaS8z/dtMwpBquR3hnUmaCdvO3
-----END CERTIFICATE-----
Generated at Fri May 2 23:23:10 2025 by rpki-client