Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/nvp5UMIxFNfS7JlGn9zmw8ZeiYo.roa
File: nvp5UMIxFNfS7JlGn9zmw8ZeiYo.roa (raw, json)
Hash identifier: mBaNo4IuBLGBWjlmJOoJHpwZL7o+ZAtPyvzdpZthjlc=
Subject key identifier: 9E:FA:79:50:C2:31:14:D7:D2:EC:99:46:9F:DC:E6:C3:C6:5E:89:8A
Certificate issuer: /CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Certificate serial: 1BD024DE
Authority key identifier: 77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/nvp5UMIxFNfS7JlGn9zmw8ZeiYo.roa
Signing time: Wed 20 Apr 2022 11:08:02 +0000
ROA not before: Wed 20 Apr 2022 11:08:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47843
IP address blocks: 87.248.132.0/23 maxlen: 24
87.248.128.0/24 maxlen: 24
87.248.138.0/24 maxlen: 24
87.248.136.0/24 maxlen: 24
87.248.137.0/24 maxlen: 24
87.248.143.0/24 maxlen: 24
87.248.148.0/24 maxlen: 24
87.248.155.0/24 maxlen: 24
87.248.156.0/24 maxlen: 24
87.248.157.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 466625758 (0x1bd024de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Validity
Not Before: Apr 20 11:08:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9efa7950c23114d7d2ec99469fdce6c3c65e898a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:ea:aa:8c:fc:88:74:33:3b:59:78:67:93:43:
ab:be:2d:fd:13:ff:de:c5:20:34:cc:c5:a2:e4:80:
1a:0c:0f:67:00:6e:08:38:fa:34:77:19:32:2f:63:
67:5b:97:a1:2a:d1:0f:98:0d:88:c0:c2:ba:20:7b:
e1:c7:ac:03:b1:aa:7a:5d:25:b7:ee:13:ca:45:f2:
94:eb:dd:d5:57:d2:e8:0b:1f:6c:35:51:70:57:e8:
a5:b4:40:bb:c9:d0:b0:ae:1a:4a:02:13:24:88:05:
9d:d6:45:98:40:3d:13:3a:f7:c8:69:83:51:ae:d7:
19:a6:47:23:80:e3:40:b1:c7:34:37:1e:2a:21:18:
ff:d9:42:de:ab:8b:a2:ae:e4:3b:33:17:50:d1:5b:
e1:e6:cb:08:58:90:42:30:39:bd:2a:6f:86:19:7b:
3c:15:85:df:be:8e:b1:78:5e:f2:ea:25:68:48:1e:
54:35:ff:ff:bd:a9:b9:a6:1f:40:d4:92:1a:9b:ae:
93:f3:5b:ed:28:09:39:93:16:df:04:40:f9:17:ff:
43:e1:9e:6e:05:78:3d:f6:3b:c5:fe:96:fc:67:77:
e8:b9:40:6b:b9:b5:ee:fe:3b:1c:67:5c:e7:19:10:
ab:73:43:e7:a4:07:a7:a5:06:52:ef:89:dc:57:53:
73:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:FA:79:50:C2:31:14:D7:D2:EC:99:46:9F:DC:E6:C3:C6:5E:89:8A
X509v3 Authority Key Identifier:
keyid:77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/nvp5UMIxFNfS7JlGn9zmw8ZeiYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.248.128.0/24
87.248.132.0/23
87.248.136.0-87.248.138.255
87.248.143.0/24
87.248.148.0/24
87.248.155.0-87.248.157.255
Signature Algorithm: sha256WithRSAEncryption
28:7d:f5:42:8f:fc:d1:f3:64:54:ec:33:0e:92:b7:a4:c7:a2:
1f:8b:be:d2:35:4d:f2:6e:56:96:86:34:92:ba:74:55:85:e9:
ba:c0:08:de:5f:17:a4:4a:46:80:29:c0:90:04:dc:29:88:8e:
cb:5b:c4:62:5f:67:b1:3b:58:4b:cd:7d:d2:c1:a1:d1:3c:b6:
0f:20:12:58:fc:b3:30:0d:73:9e:bb:90:c4:f1:c1:6b:a5:16:
18:6b:d4:1b:fb:af:83:a9:81:94:49:1b:9f:44:cc:ac:21:6f:
e5:f2:f6:05:79:1e:b7:ee:a0:6a:a9:03:55:46:39:2b:7c:38:
60:9c:5c:7e:79:71:b6:66:29:4e:67:26:26:08:fb:27:e7:db:
c5:1e:91:c5:82:c8:9c:a6:ea:d8:98:8b:f0:89:38:b4:be:8c:
6d:9f:fa:4f:be:67:79:9a:e9:e3:7d:07:7f:22:e3:de:30:dd:
9d:58:5f:a8:f7:18:bd:f3:98:53:ed:df:99:61:25:7f:89:5f:
d4:a5:8c:27:ea:7c:87:f3:bf:21:71:7b:9f:69:22:8d:44:34:
77:f4:ec:ac:95:eb:bd:11:0e:43:bd:f5:ca:77:d5:39:55:52:
79:c0:21:db:fe:16:99:b8:88:11:ee:fb:47:bc:e7:72:c5:c4:
a0:2e:4e:6d
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIEG9Ak3jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
N2Y2MWZjN2MwYWI0MWNlMTU0ZTdiY2IwOGVmOTYyMzUxYTQ2Nzg0MB4XDTIyMDQy
MDExMDgwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWVmYTc5NTBjMjMx
MTRkN2QyZWM5OTQ2OWZkY2U2YzNjNjVlODk4YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIbqqoz8iHQzO1l4Z5NDq74t/RP/3sUgNMzFouSAGgwPZwBu
CDj6NHcZMi9jZ1uXoSrRD5gNiMDCuiB74cesA7Gqel0lt+4TykXylOvd1VfS6Asf
bDVRcFfopbRAu8nQsK4aSgITJIgFndZFmEA9Ezr3yGmDUa7XGaZHI4DjQLHHNDce
KiEY/9lC3quLoq7kOzMXUNFb4ebLCFiQQjA5vSpvhhl7PBWF376OsXhe8uolaEge
VDX//72puaYfQNSSGpuuk/Nb7SgJOZMW3wRA+Rf/Q+GebgV4PfY7xf6W/Gd36LlA
a7m17v47HGdc5xkQq3ND56QHp6UGUu+J3FdTc6cCAwEAAaOCAjcwggIzMB0GA1Ud
DgQWBBSe+nlQwjEU19LsmUaf3ObDxl6JijAfBgNVHSMEGDAWgBR39h/HwKtBzhVO
e8sI75YjUaRnhDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RfWWZ4OENyUWM0VlRudkxDTy1XSTFHa1o0US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvOTIxM2VjLTg1YTktNDhkNi1hYTY5LWVkYzlkMDJmYWY1NC8x
L252cDVVTUl4Rk5mUzdKbEduOXptdzhaZWlZby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
OTIxM2VjLTg1YTktNDhkNi1hYTY5LWVkYzlkMDJmYWY1NC8xL2RfWWZ4OENyUWM0
VlRudkxDTy1XSTFHa1o0US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBN
BggrBgEFBQcBBwEB/wQ+MDwwOgQCAAEwNAMEAFf4gAMEAVf4hDAMAwQDV/iIAwQA
V/iKAwQAV/iPAwQAV/iUMAwDBABX+JsDBAFX+JwwDQYJKoZIhvcNAQELBQADggEB
ACh99UKP/NHzZFTsMw6St6THoh+LvtI1TfJuVpaGNJK6dFWF6brACN5fF6RKRoAp
wJAE3CmIjstbxGJfZ7E7WEvNfdLBodE8tg8gElj8szANc567kMTxwWulFhhr1Bv7
r4OpgZRJG59EzKwhb+Xy9gV5HrfuoGqpA1VGOSt8OGCcXH55cbZmKU5nJiYI+yfn
28UekcWCyJym6tiYi/CJOLS+jG2f+k++Z3ma6eN9B38i494w3Z1YX6j3GL3zmFPt
35lhJX+JX9SljCfqfIfzvyFxe59pIo1ENHf07KyV670RDkO99cp31TlVUnnAIdv+
Fpm4iBHu+0e853LFxKAuTm0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:22 2023 by rpki-client on console-fra.rpki-client.org