Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/R-xr-q1HAM2bunKRzurKcCHTPr0.roa
File: R-xr-q1HAM2bunKRzurKcCHTPr0.roa (raw, json)
Hash identifier: dLV/g8vqme2I73BQRGa1P8xKF/C8N9mTMImeOPu6aV4=
Subject key identifier: 47:EC:6B:FA:AD:47:00:CD:9B:BA:72:91:CE:EA:CA:70:21:D3:3E:BD
Certificate issuer: /CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Certificate serial: 1C0ABEC4
Authority key identifier: 77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/R-xr-q1HAM2bunKRzurKcCHTPr0.roa
Signing time: Mon 09 May 2022 05:08:22 +0000
ROA not before: Mon 09 May 2022 05:08:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47843
IP address blocks: 87.248.132.0/23 maxlen: 24
87.248.128.0/24 maxlen: 24
87.248.143.0/24 maxlen: 24
87.248.148.0/24 maxlen: 24
87.248.155.0/24 maxlen: 24
87.248.156.0/24 maxlen: 24
87.248.157.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 470466244 (0x1c0abec4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Validity
Not Before: May 9 05:08:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=47ec6bfaad4700cd9bba7291ceeaca7021d33ebd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:be:2a:e5:bd:ce:89:57:6b:f1:5a:d1:42:61:
61:3f:2d:d4:b9:cb:fb:a5:b4:01:6c:10:1c:ac:81:
e3:0a:a8:11:e6:54:01:b4:dd:0d:dc:4a:47:c6:ab:
d4:8d:a8:45:57:23:3f:32:53:ea:22:3d:11:90:99:
9b:ff:0c:58:3d:7a:78:a3:f6:2d:fd:1b:53:0a:0d:
f5:42:7d:b4:ae:e6:21:76:cc:3d:65:7b:48:24:f7:
a7:4f:75:3f:67:78:68:0f:c2:36:ec:f3:37:17:db:
49:ff:31:51:93:e1:49:57:9a:15:78:7d:ad:37:07:
31:40:20:44:db:2b:c7:1a:be:f3:fc:70:f4:63:5e:
c1:9f:59:be:01:6d:54:fd:5c:4d:97:4b:cf:9e:7b:
d9:a8:97:15:e1:65:e5:04:5a:84:d5:00:95:14:c1:
29:8c:b6:73:7c:aa:09:56:12:1d:00:b8:de:02:b6:
aa:6c:df:94:61:a0:64:80:23:ef:2c:23:87:a2:dc:
93:52:0d:1e:cd:11:9e:13:2e:70:e6:ef:be:1a:c9:
bf:16:33:2d:e5:87:50:89:81:2c:53:67:cb:47:3f:
12:a6:d8:28:b6:2d:d7:dd:47:93:cf:ce:2d:de:f1:
8f:d8:7a:3e:0e:8a:e1:31:08:f2:55:8a:1c:c0:77:
b9:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:EC:6B:FA:AD:47:00:CD:9B:BA:72:91:CE:EA:CA:70:21:D3:3E:BD
X509v3 Authority Key Identifier:
keyid:77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/R-xr-q1HAM2bunKRzurKcCHTPr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.248.128.0/24
87.248.132.0/23
87.248.143.0/24
87.248.148.0/24
87.248.155.0-87.248.157.255
Signature Algorithm: sha256WithRSAEncryption
72:a8:81:06:6b:b8:a1:f4:67:6a:37:db:eb:68:dc:b8:ae:c0:
d0:b0:d7:da:fa:3a:f2:7c:c7:e2:95:b3:93:3e:9d:37:4a:dc:
47:3e:4c:25:b4:b6:cd:94:32:69:4f:a4:48:ac:58:93:08:38:
3f:66:e9:c6:fc:82:89:f4:0b:af:44:4c:94:59:4e:69:bd:fe:
59:c5:a9:d4:b9:bc:d0:ba:0f:16:18:df:f5:1c:32:79:23:b8:
ce:fe:d3:2f:11:89:01:57:86:ab:a3:67:81:ea:36:cf:1f:5f:
7f:9e:56:30:e9:29:10:5c:3d:72:e1:4c:c8:c3:23:16:df:7c:
78:c7:66:7a:d9:25:f4:0e:c6:6d:4b:d5:d7:26:58:cf:c8:72:
7d:ad:1a:c7:62:48:3a:88:90:2a:28:31:28:58:19:04:0d:60:
43:28:78:05:65:e1:34:b3:ed:3b:97:30:03:68:5e:c1:a3:64:
43:e5:2a:79:6f:8d:e2:ec:6a:b3:18:d2:fb:34:75:43:a5:49:
6e:01:bc:61:76:90:ae:1e:a9:71:64:9f:3e:6e:a4:72:bd:be:
96:ba:12:0d:b0:7d:b2:1f:1d:5b:e5:73:95:bd:95:55:b6:18:
23:2e:be:b6:6d:9e:45:bc:41:8e:dc:e5:0f:a0:31:5d:17:c1:
75:73:9c:b0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIEHAq+xDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
N2Y2MWZjN2MwYWI0MWNlMTU0ZTdiY2IwOGVmOTYyMzUxYTQ2Nzg0MB4XDTIyMDUw
OTA1MDgyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDdlYzZiZmFhZDQ3
MDBjZDliYmE3MjkxY2VlYWNhNzAyMWQzM2ViZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKe+KuW9zolXa/Fa0UJhYT8t1LnL+6W0AWwQHKyB4wqoEeZU
AbTdDdxKR8ar1I2oRVcjPzJT6iI9EZCZm/8MWD16eKP2Lf0bUwoN9UJ9tK7mIXbM
PWV7SCT3p091P2d4aA/CNuzzNxfbSf8xUZPhSVeaFXh9rTcHMUAgRNsrxxq+8/xw
9GNewZ9ZvgFtVP1cTZdLz5572aiXFeFl5QRahNUAlRTBKYy2c3yqCVYSHQC43gK2
qmzflGGgZIAj7ywjh6Lck1INHs0RnhMucObvvhrJvxYzLeWHUImBLFNny0c/EqbY
KLYt191Hk8/OLd7xj9h6Pg6K4TEI8lWKHMB3uSsCAwEAAaOCAikwggIlMB0GA1Ud
DgQWBBRH7Gv6rUcAzZu6cpHO6spwIdM+vTAfBgNVHSMEGDAWgBR39h/HwKtBzhVO
e8sI75YjUaRnhDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RfWWZ4OENyUWM0VlRudkxDTy1XSTFHa1o0US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvOTIxM2VjLTg1YTktNDhkNi1hYTY5LWVkYzlkMDJmYWY1NC8x
L1IteHItcTFIQU0yYnVuS1J6dXJLY0NIVFByMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
OTIxM2VjLTg1YTktNDhkNi1hYTY5LWVkYzlkMDJmYWY1NC8xL2RfWWZ4OENyUWM0
VlRudkxDTy1XSTFHa1o0US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA/
BggrBgEFBQcBBwEB/wQwMC4wLAQCAAEwJgMEAFf4gAMEAVf4hAMEAFf4jwMEAFf4
lDAMAwQAV/ibAwQBV/icMA0GCSqGSIb3DQEBCwUAA4IBAQByqIEGa7ih9GdqN9vr
aNy4rsDQsNfa+jryfMfilbOTPp03StxHPkwltLbNlDJpT6RIrFiTCDg/ZunG/IKJ
9AuvREyUWU5pvf5ZxanUubzQug8WGN/1HDJ5I7jO/tMvEYkBV4aro2eB6jbPH19/
nlYw6SkQXD1y4UzIwyMW33x4x2Z62SX0DsZtS9XXJljPyHJ9rRrHYkg6iJAqKDEo
WBkEDWBDKHgFZeE0s+07lzADaF7Bo2RD5Sp5b43i7GqzGNL7NHVDpUluAbxhdpCu
HqlxZJ8+bqRyvb6WuhINsH2yHx1b5XOVvZVVthgjLr62bZ5FvEGO3OUPoDFdF8F1
c5yw
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:21 2023 by rpki-client on console-fra.rpki-client.org