Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/7f13a9-7289-4e1e-bb43-c7161dc5c087/1/ri_NZcjGcD9KLjUW8MZ6wOdKOcQ.roa
File: ri_NZcjGcD9KLjUW8MZ6wOdKOcQ.roa (raw, json)
Hash identifier: qK1Wv8ghtkxpox2HsfEdN4E27LSgX3SMlAVmg9z7adI=
Subject key identifier: AE:2F:CD:65:C8:C6:70:3F:4A:2E:35:16:F0:C6:7A:C0:E7:4A:39:C4
Certificate issuer: /CN=3b80edd425050865eafba8089db9da3f3519b334
Certificate serial: 0188B8CA4457797F1E1B8BD9B346314FE5F7
Authority key identifier: 3B:80:ED:D4:25:05:08:65:EA:FB:A8:08:9D:B9:DA:3F:35:19:B3:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O4Dt1CUFCGXq-6gInbnaPzUZszQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/7f13a9-7289-4e1e-bb43-c7161dc5c087/1/ri_NZcjGcD9KLjUW8MZ6wOdKOcQ.roa
Signing time: Wed 14 Jun 2023 07:24:03 +0000
ROA not before: Wed 14 Jun 2023 07:24:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1759
IP address blocks: 185.31.70.0/23 maxlen: 23
77.247.196.0/24 maxlen: 24
2a12:b440:100::/48 maxlen: 64
2a12:b440:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b8:ca:44:57:79:7f:1e:1b:8b:d9:b3:46:31:4f:e5:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b80edd425050865eafba8089db9da3f3519b334
Validity
Not Before: Jun 14 07:24:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae2fcd65c8c6703f4a2e3516f0c67ac0e74a39c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c2:1c:db:23:65:09:28:72:88:42:c9:6d:30:
06:ce:82:e2:05:31:6e:c9:69:d4:15:41:75:d4:36:
e5:4d:d7:e0:fa:56:94:93:c5:e0:d1:2b:98:d4:12:
cd:38:db:2a:a6:2a:2c:52:41:2c:bd:f7:7b:16:59:
31:6b:11:a7:44:16:fa:5e:36:4b:72:e5:00:68:04:
4f:de:c6:7e:d0:dc:e9:81:c6:a5:87:fa:2e:a0:c7:
a3:de:10:f5:97:72:e5:3f:5a:b7:5f:1a:3a:bb:0e:
22:cd:ab:2e:57:43:67:51:f6:29:e6:fe:fc:12:56:
18:21:26:b9:c6:d3:99:b2:13:ec:83:64:19:09:5c:
d8:52:fd:5c:8d:9b:db:be:48:a8:6b:dc:83:99:76:
2a:78:8d:26:c0:0f:b1:23:36:66:19:0b:46:46:fa:
d2:be:02:8b:64:a1:5d:1d:a3:32:61:e4:06:a2:1a:
9a:98:42:4f:10:12:b1:69:a8:5b:d1:b7:64:f9:02:
19:06:3c:fd:19:65:9b:49:f9:71:34:fb:11:a0:f7:
f5:7c:a8:22:25:a8:20:8a:ef:71:0b:09:a3:21:7c:
b8:37:6c:83:0c:b1:76:49:81:0e:8c:41:45:d9:52:
01:48:89:cd:36:b0:03:0e:7d:92:1c:a7:b0:e6:f5:
69:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:2F:CD:65:C8:C6:70:3F:4A:2E:35:16:F0:C6:7A:C0:E7:4A:39:C4
X509v3 Authority Key Identifier:
keyid:3B:80:ED:D4:25:05:08:65:EA:FB:A8:08:9D:B9:DA:3F:35:19:B3:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O4Dt1CUFCGXq-6gInbnaPzUZszQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/7f13a9-7289-4e1e-bb43-c7161dc5c087/1/ri_NZcjGcD9KLjUW8MZ6wOdKOcQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/7f13a9-7289-4e1e-bb43-c7161dc5c087/1/O4Dt1CUFCGXq-6gInbnaPzUZszQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.247.196.0/24
185.31.70.0/23
IPv6:
2a12:b440:1::/48
2a12:b440:100::/48
Signature Algorithm: sha256WithRSAEncryption
74:ff:14:37:99:8b:37:c3:00:52:31:2b:b1:f3:df:57:f9:b1:
6e:b1:4f:a5:b7:70:bc:ab:3f:70:8a:df:ca:b4:53:52:86:c6:
77:48:b3:b0:b9:21:80:b6:e1:b5:d8:9a:3f:f5:19:25:13:ae:
95:1c:7a:7f:f6:03:bb:79:1b:c4:ea:90:0d:33:8a:c5:35:d8:
42:e1:51:2f:12:ac:1f:36:59:c2:22:69:74:a6:4e:a8:a8:7c:
86:1f:9f:40:29:51:73:bb:4b:75:99:43:c9:c7:12:5c:72:e5:
8f:4d:91:a4:73:be:ef:17:e8:0a:6f:04:82:e4:55:00:56:43:
60:10:41:ab:cd:7e:ce:94:6c:16:8a:32:10:d2:d1:0e:9f:9e:
78:19:bf:ca:ac:ab:4d:08:e6:56:a3:74:8f:62:7c:e3:98:b1:
b5:67:98:5e:09:61:1a:96:88:b7:56:d1:84:84:74:11:53:5e:
77:36:d6:fa:ff:d3:31:e8:86:66:1d:3d:3f:f2:45:4c:af:d0:
17:cd:39:d3:3e:05:42:25:b6:8a:4e:55:61:ba:9a:af:a9:3f:
85:f5:47:32:53:3e:88:df:89:7b:f6:78:da:d0:8c:a5:ee:7b:
6f:d4:66:8b:cd:e7:cb:27:b3:f2:f1:0c:2a:c1:df:05:d3:cb:
62:b5:b9:f4
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYi4ykRXeX8eG4vZs0YxT+X3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiODBlZGQ0MjUwNTA4NjVlYWZiYTgwODlkYjlkYTNmMzUx
OWIzMzQwHhcNMjMwNjE0MDcyNDAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTJmY2Q2NWM4YzY3MDNmNGEyZTM1MTZmMGM2N2FjMGU3NGEzOWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8Ic2yNlCShyiELJbTAGzoLiBTFu
yWnUFUF11DblTdfg+laUk8Xg0SuY1BLNONsqpiosUkEsvfd7FlkxaxGnRBb6XjZL
cuUAaARP3sZ+0Nzpgcalh/ouoMej3hD1l3LlP1q3Xxo6uw4izasuV0NnUfYp5v78
ElYYISa5xtOZshPsg2QZCVzYUv1cjZvbvkioa9yDmXYqeI0mwA+xIzZmGQtGRvrS
vgKLZKFdHaMyYeQGohqamEJPEBKxaahb0bdk+QIZBjz9GWWbSflxNPsRoPf1fKgi
Jaggiu9xCwmjIXy4N2yDDLF2SYEOjEFF2VIBSInNNrADDn2SHKew5vVpTQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFK4vzWXIxnA/Si41FvDGesDnSjnEMB8GA1UdIwQY
MBaAFDuA7dQlBQhl6vuoCJ252j81GbM0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzREdDFDVUZDR1hxLTZnSW5ibmFQelVac3pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi83ZjEzYTktNzI4OS00ZTFlLWJiNDMt
YzcxNjFkYzVjMDg3LzEvcmlfTlpjakdjRDlLTGpVVzhNWjZ3T2RLT2NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi83ZjEzYTktNzI4OS00ZTFlLWJiNDMtYzcxNjFkYzVjMDg3
LzEvTzREdDFDVUZDR1hxLTZnSW5ibmFQelVac3pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQATffEAwQB
uR9GMBgEAgACMBIDBwAqErRAAAEDBwAqErRAAQAwDQYJKoZIhvcNAQELBQADggEB
AHT/FDeZizfDAFIxK7Hz31f5sW6xT6W3cLyrP3CK38q0U1KGxndIs7C5IYC24bXY
mj/1GSUTrpUcen/2A7t5G8TqkA0zisU12ELhUS8SrB82WcIiaXSmTqiofIYfn0Ap
UXO7S3WZQ8nHElxy5Y9NkaRzvu8X6ApvBILkVQBWQ2AQQavNfs6UbBaKMhDS0Q6f
nngZv8qsq00I5lajdI9ifOOYsbVnmF4JYRqWiLdW0YSEdBFTXnc21vr/0zHohmYd
PT/yRUyv0BfNOdM+BUIltopOVWG6mq+pP4X1RzJTPojfiXv2eNrQjKXue2/UZovN
58sns/LxDCrB3wXTy2K1ufQ=
-----END CERTIFICATE-----
Generated at Mon Apr 28 07:20:10 2025 by rpki-client