Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/XE7TjEPM3e7Afeu9CuN9ZGHGB7E.roa
File: XE7TjEPM3e7Afeu9CuN9ZGHGB7E.roa (raw, json)
Hash identifier: LH8WHcUDnTmsDetpe5kEOKX693B1WLNaRexQ5SxpSVs=
Subject key identifier: 5C:4E:D3:8C:43:CC:DD:EE:C0:7D:EB:BD:0A:E3:7D:64:61:C6:07:B1
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 0187E24B10589E657A765738B8EFA99086A4
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/XE7TjEPM3e7Afeu9CuN9ZGHGB7E.roa
Signing time: Wed 03 May 2023 15:46:22 +0000
ROA not before: Wed 03 May 2023 15:46:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21502
IP address blocks: 77.128.0.0/13 maxlen: 24
89.157.88.0/21 maxlen: 21
89.157.96.0/19 maxlen: 19
77.140.0.0/14 maxlen: 24
79.80.0.0/12 maxlen: 24
77.144.0.0/12 maxlen: 24
78.112.0.0/12 maxlen: 24
77.192.0.0/12 maxlen: 24
77.136.0.0/16 maxlen: 24
81.64.0.0/14 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e2:4b:10:58:9e:65:7a:76:57:38:b8:ef:a9:90:86:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: May 3 15:46:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c4ed38c43ccddeec07debbd0ae37d6461c607b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:52:a6:48:40:d1:0f:42:8b:50:d2:fa:1b:44:
8a:44:44:1b:e0:76:98:53:0f:3d:1b:7a:5f:ae:db:
49:9e:ea:6c:f9:a9:47:af:87:40:23:45:74:be:17:
fd:05:88:32:83:51:a7:fb:3c:d4:27:73:9b:24:f4:
89:d4:bf:f7:8e:b9:9e:05:c7:35:a7:67:2b:95:98:
52:c7:9f:be:4b:4d:ee:78:b8:fb:d9:8c:25:7c:1f:
0c:c6:4f:ad:4b:81:61:a9:27:af:4d:d8:be:9a:8d:
33:1d:a0:ab:bb:28:05:3f:55:7b:66:be:92:1d:30:
f7:27:10:fe:5f:ea:c1:49:b3:2a:e7:29:76:4c:66:
70:10:f2:c0:34:26:7f:13:3e:98:35:d5:4a:b1:25:
7c:c8:68:fc:f5:49:ea:86:75:f6:7a:e5:fd:fd:4f:
f4:b9:f5:32:34:c6:b3:55:89:09:2c:8d:b2:f9:09:
0b:66:2e:93:1b:60:c1:cd:d0:93:ae:33:9c:ad:d5:
2e:62:8a:83:09:0c:af:02:ba:f1:08:b0:66:33:98:
d7:d9:77:c9:05:2b:dd:b7:75:aa:04:fb:3c:74:09:
6a:97:25:b5:b5:ac:74:a5:be:a2:a2:1d:55:e7:2d:
ba:bf:96:a6:62:c8:f5:02:5a:bd:58:db:22:0a:72:
3c:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:4E:D3:8C:43:CC:DD:EE:C0:7D:EB:BD:0A:E3:7D:64:61:C6:07:B1
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/XE7TjEPM3e7Afeu9CuN9ZGHGB7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.128.0.0-77.136.255.255
77.140.0.0-77.159.255.255
77.192.0.0/12
78.112.0.0/12
79.80.0.0/12
81.64.0.0/14
89.157.88.0-89.157.127.255
Signature Algorithm: sha256WithRSAEncryption
41:3d:85:14:f8:0b:50:de:35:b0:cb:3b:0b:79:f6:73:41:8b:
31:19:9b:23:09:bb:75:79:4c:d5:17:9c:a3:42:03:89:a9:3a:
0e:88:6f:e7:00:39:00:26:46:71:61:96:94:f4:a0:71:44:78:
71:b5:e4:c3:4f:f3:e9:37:58:d3:ed:8d:94:73:b1:f9:10:cb:
72:69:28:60:36:5d:d9:25:fe:29:85:85:cf:2a:bd:5e:9f:53:
14:82:50:cb:2e:03:67:f7:88:e7:11:79:67:1c:0a:8d:9e:30:
5b:77:0a:9f:d2:10:70:5a:29:19:7a:7b:b5:55:91:0d:57:82:
e6:89:06:f3:84:21:6b:5a:c2:ea:a9:2f:4c:97:31:97:d2:7d:
72:86:7d:4a:a5:aa:f4:f4:52:d4:8c:ca:aa:2e:8f:84:90:a8:
e1:54:72:6c:b4:25:87:e6:58:20:2f:ad:e4:1d:bd:5e:5f:01:
c7:fa:32:22:8b:7f:21:3c:8f:49:23:f0:bf:b7:ec:a6:41:d6:
c3:94:be:5f:b0:a2:86:60:93:d1:f8:ad:37:f6:5d:48:18:ed:
0c:c6:05:35:08:57:b6:16:8d:2f:50:1b:30:d9:20:dd:98:49:
09:d0:98:29:49:ee:51:19:2b:ce:44:46:1a:41:d0:80:5f:97:
dd:79:37:a5
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYfiSxBYnmV6dlc4uO+pkIakMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjMwNTAzMTU0NjIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzRlZDM4YzQzY2NkZGVlYzA3ZGViYmQwYWUzN2Q2NDYxYzYwN2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVKmSEDRD0KLUNL6G0SKREQb4HaY
Uw89G3pfrttJnups+alHr4dAI0V0vhf9BYgyg1Gn+zzUJ3ObJPSJ1L/3jrmeBcc1
p2crlZhSx5++S03ueLj72YwlfB8Mxk+tS4FhqSevTdi+mo0zHaCruygFP1V7Zr6S
HTD3JxD+X+rBSbMq5yl2TGZwEPLANCZ/Ez6YNdVKsSV8yGj89UnqhnX2euX9/U/0
ufUyNMazVYkJLI2y+QkLZi6TG2DBzdCTrjOcrdUuYoqDCQyvArrxCLBmM5jX2XfJ
BSvdt3WqBPs8dAlqlyW1tax0pb6ioh1V5y26v5amYsj1Alq9WNsiCnI85wIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFFxO04xDzN3uwH3rvQrjfWRhxgexMB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvWEU3VGpFUE0zZTdBZmV1OUN1TjlaR0hHQjdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6MAoDAwdNgAMD
AE2IMAoDAwJNjAMDBU2AAwMETcADAwROcAMDBE9QAwMCUUAwDAMEA1mdWAMEB1md
ADANBgkqhkiG9w0BAQsFAAOCAQEAQT2FFPgLUN41sMs7C3n2c0GLMRmbIwm7dXlM
1Reco0IDiak6Dohv5wA5ACZGcWGWlPSgcUR4cbXkw0/z6TdY0+2NlHOx+RDLcmko
YDZd2SX+KYWFzyq9Xp9TFIJQyy4DZ/eI5xF5ZxwKjZ4wW3cKn9IQcFopGXp7tVWR
DVeC5okG84Qha1rC6qkvTJcxl9J9coZ9SqWq9PRS1IzKqi6PhJCo4VRybLQlh+ZY
IC+t5B29Xl8Bx/oyIot/ITyPSSPwv7fspkHWw5S+X7CihmCT0fitN/ZdSBjtDMYF
NQhXthaNL1AbMNkg3ZhJCdCYKUnuURkrzkRGGkHQgF+X3Xk3pQ==
-----END CERTIFICATE-----
Generated at Mon Apr 28 03:00:09 2025 by rpki-client