Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/hpzbli9XT0G7g2bmiolLQZ1p30s.roa
File: hpzbli9XT0G7g2bmiolLQZ1p30s.roa (raw, json)
Hash identifier: HpHK9M6hHr1eZhWNVoNmogAKLRQIeVw4g8MSXHF5ptg=
Subject key identifier: 86:9C:DB:96:2F:57:4F:41:BB:83:66:E6:8A:89:4B:41:9D:69:DF:4B
Certificate issuer: /CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Certificate serial: 018303174FC138DA38A4291E04FE59C0F448
Authority key identifier: 77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/hpzbli9XT0G7g2bmiolLQZ1p30s.roa
Signing time: Sat 03 Sep 2022 11:23:22 +0000
ROA not before: Sat 03 Sep 2022 11:23:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208161
IP address blocks: 87.248.139.0/24 maxlen: 24
87.248.152.0/23 maxlen: 24
87.248.150.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:03:17:4f:c1:38:da:38:a4:29:1e:04:fe:59:c0:f4:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Validity
Not Before: Sep 3 11:23:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=869cdb962f574f41bb8366e68a894b419d69df4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:36:1e:27:2c:06:a3:94:e0:01:d2:75:f2:96:
79:65:ce:d9:6b:ec:26:41:e0:e6:f7:f8:2b:e9:5e:
80:da:c4:8b:e3:d2:d8:8c:7b:5e:7e:ab:2d:84:93:
8d:23:94:72:9e:31:b4:d3:56:34:d6:81:ba:40:63:
92:87:6b:0f:55:ec:f6:5a:cc:59:18:3f:5d:a0:30:
a4:4b:bd:6f:6a:72:60:37:8d:c3:5a:b5:b3:eb:35:
71:14:54:6e:3e:86:2d:1a:d4:56:0e:36:38:54:54:
15:86:67:d5:32:f8:e3:ca:18:2a:c3:70:af:44:77:
3e:1f:a6:9e:bf:14:0b:64:dd:7e:3e:f7:0e:5a:81:
8e:14:0a:c3:98:d2:f1:5d:d2:e4:6b:5e:71:92:13:
7e:9a:c8:2e:03:0c:86:b5:19:c3:4f:f7:f8:5c:ae:
89:1b:31:99:31:ce:8c:06:84:e4:ce:16:83:1f:a4:
c6:d5:57:70:f8:24:d8:f2:54:06:e4:35:7c:7b:42:
67:be:04:ef:73:88:a5:fd:f9:35:96:b2:bd:d4:5f:
6a:e3:13:fb:cc:05:9c:f6:2c:d3:1b:87:a9:b5:8e:
68:3c:47:04:e7:e1:8a:e0:71:71:f9:82:ab:7e:0c:
e7:64:f7:ac:34:48:ad:87:6e:a9:79:94:e6:ee:db:
94:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:9C:DB:96:2F:57:4F:41:BB:83:66:E6:8A:89:4B:41:9D:69:DF:4B
X509v3 Authority Key Identifier:
keyid:77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/hpzbli9XT0G7g2bmiolLQZ1p30s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.248.139.0/24
87.248.150.0/24
87.248.152.0/23
Signature Algorithm: sha256WithRSAEncryption
a8:51:ab:ba:de:3f:4e:44:f5:43:f2:a2:bc:26:a0:4a:eb:6f:
c4:b5:c2:d5:42:95:f9:76:42:20:aa:2e:a7:6e:cc:76:22:f2:
8b:62:97:f5:ae:61:0b:74:1f:9b:00:a6:a9:57:be:83:4d:7a:
47:48:4a:aa:c6:34:35:48:62:bc:44:a5:7f:b3:86:ba:27:b1:
11:89:99:2f:94:5a:e7:a8:77:bb:f6:aa:43:01:6d:9e:73:9b:
c0:be:56:27:56:eb:ed:df:6e:29:59:cd:f9:d3:ba:8d:56:fc:
3d:58:7d:ce:0b:2e:82:81:9f:69:89:c7:b3:62:44:28:33:31:
5f:db:e1:e6:3a:19:01:e1:57:f0:c7:d2:35:57:82:bc:80:e7:
db:8e:a6:63:ca:2f:2f:f2:ed:7d:74:d5:85:16:86:21:f2:08:
34:1c:61:de:43:f9:d3:9b:c8:da:ed:77:b5:ab:fa:6b:ff:a6:
9b:14:77:c5:b8:4b:86:5f:9c:ef:83:34:fd:b7:bb:e1:1e:01:
eb:c6:28:2f:59:70:2a:35:35:99:20:e7:7e:35:d5:d6:50:e8:
80:c9:94:9f:ac:60:e2:bf:36:f3:08:3f:92:3d:70:c0:3d:6b:
ab:75:f8:fb:80:b8:a1:55:3d:2e:94:e4:4a:44:e1:a1:d1:3c:
8c:4c:e5:30
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYMDF0/BONo4pCkeBP5ZwPRIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjYxZmM3YzBhYjQxY2UxNTRlN2JjYjA4ZWY5NjIzNTFh
NDY3ODQwHhcNMjIwOTAzMTEyMzIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjljZGI5NjJmNTc0ZjQxYmI4MzY2ZTY4YTg5NGI0MTlkNjlkZjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzYeJywGo5TgAdJ18pZ5Zc7Za+wm
QeDm9/gr6V6A2sSL49LYjHtefqsthJONI5RynjG001Y01oG6QGOSh2sPVez2WsxZ
GD9doDCkS71vanJgN43DWrWz6zVxFFRuPoYtGtRWDjY4VFQVhmfVMvjjyhgqw3Cv
RHc+H6aevxQLZN1+PvcOWoGOFArDmNLxXdLka15xkhN+msguAwyGtRnDT/f4XK6J
GzGZMc6MBoTkzhaDH6TG1Vdw+CTY8lQG5DV8e0JnvgTvc4il/fk1lrK91F9q4xP7
zAWc9izTG4eptY5oPEcE5+GK4HFx+YKrfgznZPesNEith26peZTm7tuUywIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIac25YvV09Bu4Nm5oqJS0Gdad9LMB8GA1UdIwQY
MBaAFHf2H8fAq0HOFU57ywjvliNRpGeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjkt
ZWRjOWQwMmZhZjU0LzEvaHB6YmxpOVhUMEc3ZzJibWlvbExRWjFwMzBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjktZWRjOWQwMmZhZjU0
LzEvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAV/iLAwQA
V/iWAwQBV/iYMA0GCSqGSIb3DQEBCwUAA4IBAQCoUau63j9ORPVD8qK8JqBK62/E
tcLVQpX5dkIgqi6nbsx2IvKLYpf1rmELdB+bAKapV76DTXpHSEqqxjQ1SGK8RKV/
s4a6J7ERiZkvlFrnqHe79qpDAW2ec5vAvlYnVuvt324pWc3507qNVvw9WH3OCy6C
gZ9picezYkQoMzFf2+HmOhkB4Vfwx9I1V4K8gOfbjqZjyi8v8u19dNWFFoYh8gg0
HGHeQ/nTm8ja7Xe1q/pr/6abFHfFuEuGX5zvgzT9t7vhHgHrxigvWXAqNTWZIOd+
NdXWUOiAyZSfrGDivzbzCD+SPXDAPWurdfj7gLihVT0ulORKROGh0TyMTOUw
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:22 2023 by rpki-client on console-fra.rpki-client.org