Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/2NLMBsMmH2I-dzlzuzN_92lhUsY.roa
File: 2NLMBsMmH2I-dzlzuzN_92lhUsY.roa (raw, json)
Hash identifier: WN02ZLrfpEernQUbnGFcZ/mkF118gD8CgaoDmBOeV54=
Subject key identifier: D8:D2:CC:06:C3:26:1F:62:3E:77:39:73:BB:33:7F:F7:69:61:52:C6
Certificate issuer: /CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Certificate serial: 1BD6C39F
Authority key identifier: 77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/2NLMBsMmH2I-dzlzuzN_92lhUsY.roa
Signing time: Fri 22 Apr 2022 03:19:31 +0000
ROA not before: Fri 22 Apr 2022 03:19:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47843
IP address blocks: 87.248.132.0/23 maxlen: 24
87.248.128.0/24 maxlen: 24
87.248.138.0/24 maxlen: 24
87.248.137.0/24 maxlen: 24
87.248.143.0/24 maxlen: 24
87.248.148.0/24 maxlen: 24
87.248.155.0/24 maxlen: 24
87.248.156.0/24 maxlen: 24
87.248.157.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 467059615 (0x1bd6c39f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Validity
Not Before: Apr 22 03:19:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d8d2cc06c3261f623e773973bb337ff7696152c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:33:61:34:01:42:68:55:75:cf:b0:a2:d3:a1:
30:6d:7a:ce:c9:8d:8c:8c:53:a5:00:82:98:8c:1b:
3d:72:91:e3:bb:f7:c1:05:69:e6:15:b6:2e:7f:13:
ae:2d:0c:d7:54:18:43:cd:fa:2a:87:c4:64:78:c6:
16:47:12:f9:88:75:88:8c:b6:52:e4:33:90:af:1c:
25:e6:91:73:c4:bc:9d:0c:7d:71:d6:02:67:1d:99:
1e:71:49:8c:10:ea:da:81:3f:5b:37:67:0b:44:8f:
33:54:97:b3:3d:62:4e:9a:51:c6:ed:ee:5c:90:9a:
cd:fa:e9:28:e1:c8:ba:a5:b1:15:bd:fa:bb:f6:f8:
d2:82:ad:65:70:6c:52:3a:92:38:de:05:e1:b3:90:
73:53:b1:67:e0:ec:d3:a9:45:0f:f5:72:29:ab:7e:
20:ed:38:4e:b9:f8:01:6b:ec:80:4d:bf:5d:86:18:
1c:29:6b:93:28:9f:19:de:59:7b:84:40:2e:d1:c7:
bd:e5:b3:a2:49:27:e7:10:3a:bf:a0:ad:99:72:7b:
88:90:08:0e:ef:84:c3:1e:1b:87:e2:29:d9:93:67:
da:6e:f8:12:ec:fe:90:7d:5b:7d:de:3a:24:8f:e5:
d3:89:48:7d:3e:b4:86:4f:d5:a1:da:87:f5:22:94:
d4:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:D2:CC:06:C3:26:1F:62:3E:77:39:73:BB:33:7F:F7:69:61:52:C6
X509v3 Authority Key Identifier:
keyid:77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/2NLMBsMmH2I-dzlzuzN_92lhUsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.248.128.0/24
87.248.132.0/23
87.248.137.0-87.248.138.255
87.248.143.0/24
87.248.148.0/24
87.248.155.0-87.248.157.255
Signature Algorithm: sha256WithRSAEncryption
99:c4:8a:80:74:77:03:56:bf:65:bd:e2:81:97:f6:82:a2:65:
54:30:a7:12:ef:84:09:8d:e2:57:d3:85:d3:f5:d5:2b:c5:e6:
95:a6:40:cd:4d:4a:1a:bb:ad:fb:4b:c0:d7:36:45:8c:56:a5:
9d:4c:63:04:c2:ce:9a:be:25:26:dc:26:18:5c:a0:c4:ff:9d:
32:cc:a9:0f:2d:25:6c:cd:a2:d3:ac:d0:ee:8f:1f:29:c0:58:
ea:70:ea:8a:e0:74:5e:2f:58:7b:c5:13:89:2a:65:f9:35:d8:
9f:fa:47:7b:bc:55:5b:65:f4:af:3a:6f:cb:6b:ca:a5:e7:7b:
08:26:ea:f9:97:08:3c:ca:e0:52:bb:81:4a:ed:23:ae:2d:2d:
de:a7:02:be:bb:2d:03:0f:54:e0:75:89:4e:10:24:0c:7c:2b:
55:45:ec:84:05:84:0e:09:e2:61:25:c5:99:f6:3e:8a:9e:30:
b8:97:27:31:c7:16:b1:d5:9b:6a:a8:f5:0b:d2:24:29:be:22:
25:af:14:9f:9d:05:67:59:0f:90:94:f9:97:fc:33:ed:16:95:
92:97:dd:de:6e:a2:84:75:5a:e0:63:83:42:70:83:27:41:21:
e1:93:3a:84:1d:e7:f6:c2:2a:61:6a:57:cd:29:d0:54:8d:c6:
bf:0e:9a:b0
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIEG9bDnzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
N2Y2MWZjN2MwYWI0MWNlMTU0ZTdiY2IwOGVmOTYyMzUxYTQ2Nzg0MB4XDTIyMDQy
MjAzMTkzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDhkMmNjMDZjMzI2
MWY2MjNlNzczOTczYmIzMzdmZjc2OTYxNTJjNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKQzYTQBQmhVdc+wotOhMG16zsmNjIxTpQCCmIwbPXKR47v3
wQVp5hW2Ln8Tri0M11QYQ836KofEZHjGFkcS+Yh1iIy2UuQzkK8cJeaRc8S8nQx9
cdYCZx2ZHnFJjBDq2oE/WzdnC0SPM1SXsz1iTppRxu3uXJCazfrpKOHIuqWxFb36
u/b40oKtZXBsUjqSON4F4bOQc1OxZ+Ds06lFD/VyKat+IO04Trn4AWvsgE2/XYYY
HClrkyifGd5Ze4RALtHHveWzokkn5xA6v6CtmXJ7iJAIDu+Ewx4bh+Ip2ZNn2m74
Euz+kH1bfd46JI/l04lIfT60hk/VodqH9SKU1DcCAwEAAaOCAjcwggIzMB0GA1Ud
DgQWBBTY0swGwyYfYj53OXO7M3/3aWFSxjAfBgNVHSMEGDAWgBR39h/HwKtBzhVO
e8sI75YjUaRnhDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RfWWZ4OENyUWM0VlRudkxDTy1XSTFHa1o0US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvOTIxM2VjLTg1YTktNDhkNi1hYTY5LWVkYzlkMDJmYWY1NC8x
LzJOTE1Cc01tSDJJLWR6bHp1ek5fOTJsaFVzWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
OTIxM2VjLTg1YTktNDhkNi1hYTY5LWVkYzlkMDJmYWY1NC8xL2RfWWZ4OENyUWM0
VlRudkxDTy1XSTFHa1o0US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBN
BggrBgEFBQcBBwEB/wQ+MDwwOgQCAAEwNAMEAFf4gAMEAVf4hDAMAwQAV/iJAwQA
V/iKAwQAV/iPAwQAV/iUMAwDBABX+JsDBAFX+JwwDQYJKoZIhvcNAQELBQADggEB
AJnEioB0dwNWv2W94oGX9oKiZVQwpxLvhAmN4lfThdP11SvF5pWmQM1NShq7rftL
wNc2RYxWpZ1MYwTCzpq+JSbcJhhcoMT/nTLMqQ8tJWzNotOs0O6PHynAWOpw6org
dF4vWHvFE4kqZfk12J/6R3u8VVtl9K86b8tryqXnewgm6vmXCDzK4FK7gUrtI64t
Ld6nAr67LQMPVOB1iU4QJAx8K1VF7IQFhA4J4mElxZn2PoqeMLiXJzHHFrHVm2qo
9QvSJCm+IiWvFJ+dBWdZD5CU+Zf8M+0WlZKX3d5uooR1WuBjg0JwgydBIeGTOoQd
5/bCKmFqV80p0FSNxr8OmrA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:21 2023 by rpki-client on console-fra.rpki-client.org