Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/ghlxBBDRczK_P2o_q6CvJSxbAN4.roa
File: ghlxBBDRczK_P2o_q6CvJSxbAN4.roa (raw, json)
Hash identifier: jgrnnxQBA6dMUyw71SjF+oD9w/2SfUOhYQvdInIpe5E=
Subject key identifier: 82:19:71:04:10:D1:73:32:BF:3F:6A:3F:AB:A0:AF:25:2C:5B:00:DE
Certificate issuer: /CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Certificate serial: 0184CD3D930EC558430E12C8202F3B06F44B
Authority key identifier: 77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/ghlxBBDRczK_P2o_q6CvJSxbAN4.roa
Signing time: Thu 01 Dec 2022 10:31:15 +0000
ROA not before: Thu 01 Dec 2022 10:31:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211975
IP address blocks: 87.248.133.0/24 maxlen: 24
87.248.151.0/24 maxlen: 24
87.248.157.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:cd:3d:93:0e:c5:58:43:0e:12:c8:20:2f:3b:06:f4:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Validity
Not Before: Dec 1 10:31:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8219710410d17332bf3f6a3faba0af252c5b00de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:c4:41:86:9c:b4:78:84:41:76:7a:38:3d:85:
c1:81:3a:43:78:bf:e2:aa:34:78:64:8a:78:10:35:
5f:6d:4b:90:92:ad:a5:e7:66:98:bb:0d:ae:d5:d1:
67:82:41:96:4c:b5:2d:bc:2a:35:fc:57:4b:49:71:
ff:cf:14:e7:cd:03:00:7a:de:3c:bb:b3:cf:f4:64:
5a:26:38:ca:c9:fb:82:b7:9c:df:a6:96:d3:bb:a9:
a6:c5:e0:5f:3e:d6:94:38:da:3c:de:db:fa:82:ea:
f2:6d:61:7b:be:f9:93:94:df:23:86:cb:f1:02:6c:
5a:97:27:91:42:8e:57:26:0e:b2:cd:f3:8f:b4:ca:
31:fe:08:48:0b:4e:7c:40:7c:3b:73:3c:f5:a0:96:
58:b7:ab:f9:c8:38:54:59:cf:aa:93:a9:ae:ba:15:
f7:e2:56:a8:fa:e3:f3:3c:52:a6:40:18:c6:92:9d:
b4:26:df:15:df:a8:c7:24:dc:03:30:09:ae:6e:c7:
a4:01:71:8a:35:7e:a4:8e:d5:8a:07:c4:fb:01:ad:
a3:e2:50:39:22:ca:8f:5a:df:fb:28:09:55:22:cf:
1c:e0:44:b6:e0:24:47:55:ae:92:4e:8f:00:db:d1:
63:e9:47:e6:99:c8:47:5c:5f:a8:fd:b7:aa:1e:17:
d7:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:19:71:04:10:D1:73:32:BF:3F:6A:3F:AB:A0:AF:25:2C:5B:00:DE
X509v3 Authority Key Identifier:
keyid:77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/ghlxBBDRczK_P2o_q6CvJSxbAN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.248.133.0/24
87.248.151.0/24
87.248.157.0/24
Signature Algorithm: sha256WithRSAEncryption
73:ec:bc:17:67:8b:f8:58:43:b4:e8:04:e2:6f:81:32:d0:f7:
e2:b5:4e:0c:80:77:a7:76:62:f6:17:bc:7b:55:c4:16:18:b2:
c6:90:82:ab:ef:e0:19:17:bc:14:3e:6e:61:f3:be:15:06:93:
03:0c:16:b5:a3:25:a2:89:2c:fa:da:f9:2a:eb:44:79:cc:25:
e7:be:01:94:4e:0b:77:4d:d8:b7:8a:16:63:72:af:e8:7d:82:
1b:71:a0:1a:86:a9:80:08:59:f5:3a:62:9e:6d:1c:de:bb:d1:
58:ef:8a:e0:50:24:f1:77:23:cd:3c:e6:3f:a8:e9:8f:d2:c9:
4c:7e:08:cb:9a:7e:43:eb:de:37:ad:68:f8:58:d4:95:7c:d0:
68:9f:e5:29:0a:17:c8:9d:4a:99:95:0c:0f:41:e8:53:64:6d:
bd:40:ac:4d:df:d8:23:25:5a:cf:93:43:d7:63:21:d3:06:bb:
de:b5:e0:f3:bb:29:e3:2e:1e:c6:24:e2:9a:2c:dd:e7:02:7e:
9a:a2:c4:4c:56:26:b5:19:d0:51:3c:45:40:99:b6:a9:47:91:
e4:c2:e4:da:c5:7b:61:ce:ab:99:e7:06:80:ff:43:3f:9e:fc:
40:58:43:d3:7d:c4:a2:f6:5e:5a:fd:27:44:a6:dd:37:df:db:
b2:a1:ae:41
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYTNPZMOxVhDDhLIIC87BvRLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjYxZmM3YzBhYjQxY2UxNTRlN2JjYjA4ZWY5NjIzNTFh
NDY3ODQwHhcNMjIxMjAxMTAzMTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjE5NzEwNDEwZDE3MzMyYmYzZjZhM2ZhYmEwYWYyNTJjNWIwMGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosRBhpy0eIRBdno4PYXBgTpDeL/i
qjR4ZIp4EDVfbUuQkq2l52aYuw2u1dFngkGWTLUtvCo1/FdLSXH/zxTnzQMAet48
u7PP9GRaJjjKyfuCt5zfppbTu6mmxeBfPtaUONo83tv6gurybWF7vvmTlN8jhsvx
AmxalyeRQo5XJg6yzfOPtMox/ghIC058QHw7czz1oJZYt6v5yDhUWc+qk6muuhX3
4lao+uPzPFKmQBjGkp20Jt8V36jHJNwDMAmubsekAXGKNX6kjtWKB8T7Aa2j4lA5
IsqPWt/7KAlVIs8c4ES24CRHVa6STo8A29Fj6UfmmchHXF+o/beqHhfXIwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIIZcQQQ0XMyvz9qP6ugryUsWwDeMB8GA1UdIwQY
MBaAFHf2H8fAq0HOFU57ywjvliNRpGeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjkt
ZWRjOWQwMmZhZjU0LzEvZ2hseEJCRFJjektfUDJvX3E2Q3ZKU3hiQU40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjktZWRjOWQwMmZhZjU0
LzEvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAV/iFAwQA
V/iXAwQAV/idMA0GCSqGSIb3DQEBCwUAA4IBAQBz7LwXZ4v4WEO06ATib4Ey0Pfi
tU4MgHendmL2F7x7VcQWGLLGkIKr7+AZF7wUPm5h874VBpMDDBa1oyWiiSz62vkq
60R5zCXnvgGUTgt3Tdi3ihZjcq/ofYIbcaAahqmACFn1OmKebRzeu9FY74rgUCTx
dyPNPOY/qOmP0slMfgjLmn5D6943rWj4WNSVfNBon+UpChfInUqZlQwPQehTZG29
QKxN39gjJVrPk0PXYyHTBrveteDzuynjLh7GJOKaLN3nAn6aosRMVia1GdBRPEVA
mbapR5HkwuTaxXthzquZ5waA/0M/nvxAWEPTfcSi9l5a/SdEpt0339uyoa5B
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:35 2024 by rpki-client on console-fra.rpki-client.org