Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/pi9xR9UCElz-HLzio_uKF6kxKuQ.roa
File: pi9xR9UCElz-HLzio_uKF6kxKuQ.roa (raw, json)
Hash identifier: KAI/mj+zHxnoVXuiXOy/RL790u4BPJZTwBsPC7v3DRA=
Subject key identifier: A6:2F:71:47:D5:02:12:5C:FE:1C:BC:E2:A3:FB:8A:17:A9:31:2A:E4
Certificate issuer: /CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Certificate serial: 1BC6806C
Authority key identifier: 77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/pi9xR9UCElz-HLzio_uKF6kxKuQ.roa
Signing time: Mon 18 Apr 2022 10:04:12 +0000
ROA not before: Mon 18 Apr 2022 10:04:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47843
IP address blocks: 87.248.132.0/23 maxlen: 24
87.248.128.0/24 maxlen: 24
87.248.129.0/24 maxlen: 24
87.248.138.0/24 maxlen: 24
87.248.136.0/24 maxlen: 24
87.248.137.0/24 maxlen: 24
87.248.143.0/24 maxlen: 24
87.248.148.0/24 maxlen: 24
87.248.149.0/24 maxlen: 24
87.248.155.0/24 maxlen: 24
87.248.156.0/24 maxlen: 24
87.248.157.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 465993836 (0x1bc6806c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Validity
Not Before: Apr 18 10:04:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a62f7147d502125cfe1cbce2a3fb8a17a9312ae4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:39:7b:1a:2d:ad:20:ba:ca:36:85:11:e2:79:
ad:cf:b7:25:b8:75:e4:c7:54:e7:11:01:a0:c4:37:
d7:fe:44:bb:05:16:3f:9a:1a:76:ef:78:63:43:e8:
fd:36:5f:64:9d:2a:c9:79:2f:5d:0a:ab:33:ca:3b:
78:80:26:9e:c0:a9:dc:f1:69:83:2e:48:65:d8:02:
2e:3c:38:46:65:47:70:1d:4c:69:f2:52:8b:76:4e:
c3:3b:6b:75:5c:e8:02:b8:b0:3e:31:ea:92:90:0d:
a1:38:8e:07:a8:db:f0:c8:3f:ce:11:ed:76:89:8f:
18:be:8f:79:93:ed:cc:15:e4:39:b3:da:c5:dd:da:
6b:74:e0:04:fe:b8:32:f9:ac:3c:16:36:62:bf:25:
e2:77:f5:ee:44:99:d9:e2:2d:af:9b:29:64:c2:99:
34:f5:ed:4e:b5:92:74:ad:95:5d:60:58:9c:18:16:
5d:27:d5:89:d5:19:2d:90:68:b2:f6:6e:4f:da:6a:
5e:3c:4d:3c:bc:8d:af:f2:14:33:75:ff:d8:75:a0:
c0:a0:9d:b0:ec:97:d4:df:af:e8:94:ee:bd:8a:04:
b1:a8:01:98:1e:ac:f0:a5:62:95:a0:7b:0b:b2:dc:
37:d1:29:b4:d0:75:f0:fd:7a:de:a4:1f:fe:00:e7:
dc:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:2F:71:47:D5:02:12:5C:FE:1C:BC:E2:A3:FB:8A:17:A9:31:2A:E4
X509v3 Authority Key Identifier:
keyid:77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/pi9xR9UCElz-HLzio_uKF6kxKuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.248.128.0/23
87.248.132.0/23
87.248.136.0-87.248.138.255
87.248.143.0/24
87.248.148.0/23
87.248.155.0-87.248.157.255
Signature Algorithm: sha256WithRSAEncryption
37:7a:4d:4e:85:ef:c3:9b:da:7f:3d:b6:d3:fd:2d:e6:ea:7b:
b1:d7:9d:2e:3c:15:03:00:dc:a8:9d:3e:ad:37:ee:89:f9:37:
99:ea:09:67:8d:2c:9a:41:5c:af:5d:74:a5:4e:06:e0:4e:cb:
d2:71:55:1b:11:a0:91:89:ea:ea:b0:33:f0:55:53:cd:f3:d8:
bb:3c:50:ed:d5:d2:d5:ed:98:f8:9c:5f:a0:c2:bd:d7:04:9d:
92:07:55:49:10:a1:bf:a5:75:93:29:7a:91:82:25:73:99:b4:
ae:95:13:7c:da:e4:d0:f1:a1:23:66:cc:62:d9:c5:60:ad:e1:
ce:dc:2e:6e:12:38:51:8d:a9:8b:bc:30:b4:47:a4:97:7d:92:
7d:3e:99:83:b4:29:83:b4:3b:ae:e2:2e:5f:85:2b:0a:39:27:
68:1e:f9:eb:bd:b3:b8:38:ab:ac:c3:16:d3:36:57:24:ad:df:
28:96:aa:72:a5:7d:8c:8e:04:72:17:55:a2:32:b2:5b:8b:e0:
6f:65:88:d3:94:67:d0:8f:d5:fd:b0:c4:a4:2f:e2:d4:6d:df:
25:1e:0e:ff:a0:8c:15:a3:7c:bf:80:20:44:72:15:40:39:6a:
f6:8e:27:de:65:c3:a2:86:b8:e6:d8:bc:e6:b8:9e:d6:a1:45:
98:fa:bc:64
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIEG8aAbDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
N2Y2MWZjN2MwYWI0MWNlMTU0ZTdiY2IwOGVmOTYyMzUxYTQ2Nzg0MB4XDTIyMDQx
ODEwMDQxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTYyZjcxNDdkNTAy
MTI1Y2ZlMWNiY2UyYTNmYjhhMTdhOTMxMmFlNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMc5exotrSC6yjaFEeJ5rc+3Jbh15MdU5xEBoMQ31/5EuwUW
P5oadu94Y0Po/TZfZJ0qyXkvXQqrM8o7eIAmnsCp3PFpgy5IZdgCLjw4RmVHcB1M
afJSi3ZOwztrdVzoAriwPjHqkpANoTiOB6jb8Mg/zhHtdomPGL6PeZPtzBXkObPa
xd3aa3TgBP64MvmsPBY2Yr8l4nf17kSZ2eItr5spZMKZNPXtTrWSdK2VXWBYnBgW
XSfVidUZLZBosvZuT9pqXjxNPLyNr/IUM3X/2HWgwKCdsOyX1N+v6JTuvYoEsagB
mB6s8KVilaB7C7LcN9EptNB18P163qQf/gDn3CcCAwEAAaOCAjcwggIzMB0GA1Ud
DgQWBBSmL3FH1QISXP4cvOKj+4oXqTEq5DAfBgNVHSMEGDAWgBR39h/HwKtBzhVO
e8sI75YjUaRnhDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RfWWZ4OENyUWM0VlRudkxDTy1XSTFHa1o0US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvOTIxM2VjLTg1YTktNDhkNi1hYTY5LWVkYzlkMDJmYWY1NC8x
L3BpOXhSOVVDRWx6LUhMemlvX3VLRjZreEt1US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
OTIxM2VjLTg1YTktNDhkNi1hYTY5LWVkYzlkMDJmYWY1NC8xL2RfWWZ4OENyUWM0
VlRudkxDTy1XSTFHa1o0US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBN
BggrBgEFBQcBBwEB/wQ+MDwwOgQCAAEwNAMEAVf4gAMEAVf4hDAMAwQDV/iIAwQA
V/iKAwQAV/iPAwQBV/iUMAwDBABX+JsDBAFX+JwwDQYJKoZIhvcNAQELBQADggEB
ADd6TU6F78Ob2n89ttP9Lebqe7HXnS48FQMA3KidPq037on5N5nqCWeNLJpBXK9d
dKVOBuBOy9JxVRsRoJGJ6uqwM/BVU83z2Ls8UO3V0tXtmPicX6DCvdcEnZIHVUkQ
ob+ldZMpepGCJXOZtK6VE3za5NDxoSNmzGLZxWCt4c7cLm4SOFGNqYu8MLRHpJd9
kn0+mYO0KYO0O67iLl+FKwo5J2ge+eu9s7g4q6zDFtM2VySt3yiWqnKlfYyOBHIX
VaIysluL4G9liNOUZ9CP1f2wxKQv4tRt3yUeDv+gjBWjfL+AIERyFUA5avaOJ95l
w6KGuObYvOa4ntahRZj6vGQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:09 2023 by rpki-client on console-ams.rpki-client.org