Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/yMeKIQLf-PvGnE14lGQg4aMXXjA.roa
File: yMeKIQLf-PvGnE14lGQg4aMXXjA.roa (raw, json)
Hash identifier: xTqovnsNv6CQYiazKQprguKcO6PxYr7k004a5w9VhE0=
Subject key identifier: C8:C7:8A:21:02:DF:F8:FB:C6:9C:4D:78:94:64:20:E1:A3:17:5E:30
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 1C542442
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/yMeKIQLf-PvGnE14lGQg4aMXXjA.roa
Signing time: Sat 01 Jan 2022 01:02:21 +0000
ROA not before: Sat 01 Jan 2022 01:02:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25206
IP address blocks: 87.120.112.0/24 maxlen: 24
87.120.113.0/24 maxlen: 24
87.120.115.0/24 maxlen: 24
87.120.117.0/24 maxlen: 24
87.120.112.0/21 maxlen: 21
87.120.112.0/20 maxlen: 20
87.120.114.0/24 maxlen: 24
87.120.116.0/24 maxlen: 24
87.120.118.0/24 maxlen: 24
87.120.119.0/24 maxlen: 24
87.120.121.0/24 maxlen: 24
87.120.123.0/24 maxlen: 24
87.120.125.0/24 maxlen: 24
87.120.120.0/21 maxlen: 21
87.120.120.0/24 maxlen: 24
87.120.122.0/24 maxlen: 24
87.120.124.0/24 maxlen: 24
87.120.127.0/24 maxlen: 24
87.120.126.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 475276354 (0x1c542442)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 1 01:02:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c8c78a2102dff8fbc69c4d78946420e1a3175e30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:4c:ce:60:0c:5a:66:23:19:aa:95:e5:f9:67:
b2:7d:39:e9:8d:43:27:da:99:99:f6:a8:b4:55:65:
80:a6:15:34:b9:36:07:56:3d:47:fb:06:55:aa:90:
fa:1d:64:14:83:fa:79:6c:b5:07:81:e7:f0:6a:11:
ef:57:cf:6f:7c:78:a8:e0:72:17:7d:f0:db:e8:8d:
7e:15:c0:b4:ee:59:08:f2:b0:75:6c:f6:e6:c6:11:
04:59:29:33:e6:9a:55:4b:ae:b0:cf:45:cc:3e:1c:
a4:ee:ca:7d:d4:56:7e:f6:6f:66:7e:9c:69:6b:57:
54:eb:e7:28:2b:77:54:19:a9:2b:a0:82:11:df:92:
2e:65:d3:37:b3:39:ef:09:2e:d9:fa:cd:da:bf:61:
a6:9b:12:4c:a8:f8:e4:2e:23:0f:eb:b9:6b:87:e9:
21:e7:4e:60:b5:9b:03:8e:e9:be:8b:21:25:ee:ce:
f6:d1:e4:4d:4d:8c:b2:7b:47:af:4a:49:6b:16:ef:
2d:ed:b2:d8:74:a2:54:92:c3:b6:d2:df:b8:69:49:
87:8f:ac:85:48:60:30:d8:45:f4:18:d4:b3:f5:95:
9d:ed:25:a5:0f:d4:fa:7b:df:87:43:6a:76:b6:7c:
d2:fb:22:56:d7:cd:a0:ca:a1:14:8d:e9:34:e1:3c:
d6:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:C7:8A:21:02:DF:F8:FB:C6:9C:4D:78:94:64:20:E1:A3:17:5E:30
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/yMeKIQLf-PvGnE14lGQg4aMXXjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.112.0/20
Signature Algorithm: sha256WithRSAEncryption
9d:07:bd:59:f5:41:f4:ca:dc:9a:79:f1:2c:c7:19:c4:d9:8e:
d3:b2:65:98:95:86:f1:dc:5b:8c:e2:21:ef:fe:f8:13:51:94:
53:0f:fa:d2:c9:fd:68:eb:92:e3:c4:63:47:ff:9c:1d:8e:b3:
f2:0c:0b:02:78:c6:fb:e3:b9:5b:b6:1e:05:09:86:c1:10:7d:
e0:ed:bd:44:69:9d:f7:a4:79:f8:c8:68:3f:84:64:e2:ce:67:
11:61:75:25:ff:36:c9:e6:41:75:fc:15:b3:91:7b:bf:f2:e5:
96:5d:23:38:9b:14:5f:b7:c3:30:6a:50:a7:71:da:c7:e8:f6:
a8:4d:ad:bd:73:f8:9e:02:fa:54:eb:1d:03:1d:fd:02:73:26:
61:6c:6e:2b:b9:71:8f:ae:9f:ee:fb:d3:e0:f5:92:99:e5:a2:
2c:c1:db:98:34:27:cc:fd:c5:36:64:cc:87:95:7e:d0:f7:e7:
41:ed:9d:a1:c1:d0:0d:db:bd:51:e0:47:cb:50:8a:9d:72:e8:
78:b4:10:4d:ca:a6:08:58:9e:c7:f7:e1:e1:51:32:f6:a1:ce:
4f:25:3c:87:39:1e:71:a7:43:56:14:32:c2:70:04:6b:33:8d:
97:11:d8:b3:16:54:fc:8c:10:91:55:e0:cc:c0:c1:9b:d5:25:
c2:9a:84:11
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEHFQkQjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDEw
MTAxMDIyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzhjNzhhMjEwMmRm
ZjhmYmM2OWM0ZDc4OTQ2NDIwZTFhMzE3NWUzMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANlMzmAMWmYjGaqV5flnsn056Y1DJ9qZmfaotFVlgKYVNLk2
B1Y9R/sGVaqQ+h1kFIP6eWy1B4Hn8GoR71fPb3x4qOByF33w2+iNfhXAtO5ZCPKw
dWz25sYRBFkpM+aaVUuusM9FzD4cpO7KfdRWfvZvZn6caWtXVOvnKCt3VBmpK6CC
Ed+SLmXTN7M57wku2frN2r9hppsSTKj45C4jD+u5a4fpIedOYLWbA47pvoshJe7O
9tHkTU2MsntHr0pJaxbvLe2y2HSiVJLDttLfuGlJh4+shUhgMNhF9BjUs/WVne0l
pQ/U+nvfh0NqdrZ80vsiVtfNoMqhFI3pNOE81jMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTIx4ohAt/4+8acTXiUZCDhoxdeMDAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
L3lNZUtJUUxmLVB2R25FMTRsR1FnNGFNWFhqQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBFd4cDANBgkqhkiG9w0BAQsFAAOC
AQEAnQe9WfVB9MrcmnnxLMcZxNmO07JlmJWG8dxbjOIh7/74E1GUUw/60sn9aOuS
48RjR/+cHY6z8gwLAnjG++O5W7YeBQmGwRB94O29RGmd96R5+MhoP4Rk4s5nEWF1
Jf82yeZBdfwVs5F7v/Llll0jOJsUX7fDMGpQp3Hax+j2qE2tvXP4ngL6VOsdAx39
AnMmYWxuK7lxj66f7vvT4PWSmeWiLMHbmDQnzP3FNmTMh5V+0PfnQe2docHQDdu9
UeBHy1CKnXLoeLQQTcqmCFiex/fh4VEy9qHOTyU8hzkecadDVhQywnAEazONlxHY
sxZU/IwQkVXgzMDBm9UlwpqEEQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:44 2023 by rpki-client on console-ams.rpki-client.org