Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/7256ec-c346-4b29-b7f5-3e40d01740b2/1/dhLjvgLxlmzbW1crtsRMuC94YYY.roa
File: dhLjvgLxlmzbW1crtsRMuC94YYY.roa (raw, json)
Hash identifier: W0lUvmcjzIiKieK6zuji1hCWJ/OCpc8kv85e4lt7ujc=
Subject key identifier: 76:12:E3:BE:02:F1:96:6C:DB:5B:57:2B:B6:C4:4C:B8:2F:78:61:86
Certificate issuer: /CN=d10d5b30b46c7b97b2dbc4589cea3622ad756156
Certificate serial: 07F91EDB
Authority key identifier: D1:0D:5B:30:B4:6C:7B:97:B2:DB:C4:58:9C:EA:36:22:AD:75:61:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Q1bMLRse5ey28RYnOo2Iq11YVY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/7256ec-c346-4b29-b7f5-3e40d01740b2/1/dhLjvgLxlmzbW1crtsRMuC94YYY.roa
Signing time: Sat 01 Jan 2022 04:58:20 +0000
ROA not before: Sat 01 Jan 2022 04:58:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15830
IP address blocks: 87.108.0.0/16 maxlen: 16
217.64.176.0/20 maxlen: 20
194.187.212.0/22 maxlen: 22
82.133.128.0/17 maxlen: 17
81.17.200.0/21 maxlen: 21
109.75.232.0/21 maxlen: 21
81.90.64.0/20 maxlen: 20
2001:a68::/32 maxlen: 48
2a00:16a0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 133766875 (0x7f91edb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d10d5b30b46c7b97b2dbc4589cea3622ad756156
Validity
Not Before: Jan 1 04:58:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7612e3be02f1966cdb5b572bb6c44cb82f786186
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:df:42:9d:08:c5:c5:0a:6c:b0:fb:2c:1b:7e:
ae:16:99:06:b0:2b:34:a7:18:41:49:88:3a:a5:97:
58:7e:b3:b6:66:f7:c1:dc:f9:f4:12:59:6a:65:b9:
59:16:f6:2e:8a:b1:4d:f4:b8:f6:e3:ae:c6:93:41:
57:47:5b:2b:85:a4:e9:57:a3:51:1f:01:de:8f:69:
15:02:26:9a:d8:a6:93:35:cc:5d:1b:7e:03:0f:59:
ba:28:db:cf:88:7d:1b:4b:65:f0:53:c2:58:7a:29:
9f:3d:77:f4:2b:44:3d:b1:4e:a1:72:17:35:66:00:
50:d5:24:8b:47:dd:56:0d:5e:b1:03:dd:bf:a7:fe:
23:d2:8f:e2:f1:97:e2:74:c6:3c:1f:04:3a:05:8a:
a3:65:3e:be:fd:f8:00:e9:9a:e2:01:90:0f:45:10:
5e:5e:67:c7:22:ca:b4:52:a9:e2:2a:cf:8e:6c:39:
96:68:82:89:32:e9:52:29:a6:66:2c:11:9a:77:2d:
ce:34:fb:fd:67:1d:ce:e0:b0:6b:41:f1:38:24:f3:
a9:99:75:b8:e8:83:d1:43:56:a3:f9:cb:54:6c:91:
38:e7:24:14:e2:68:f2:e0:8a:4b:03:d9:aa:af:3a:
67:bc:4e:2e:4d:7f:9a:2f:34:ac:1d:57:74:b6:3c:
d4:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:12:E3:BE:02:F1:96:6C:DB:5B:57:2B:B6:C4:4C:B8:2F:78:61:86
X509v3 Authority Key Identifier:
keyid:D1:0D:5B:30:B4:6C:7B:97:B2:DB:C4:58:9C:EA:36:22:AD:75:61:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Q1bMLRse5ey28RYnOo2Iq11YVY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/7256ec-c346-4b29-b7f5-3e40d01740b2/1/dhLjvgLxlmzbW1crtsRMuC94YYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/7256ec-c346-4b29-b7f5-3e40d01740b2/1/0Q1bMLRse5ey28RYnOo2Iq11YVY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.17.200.0/21
81.90.64.0/20
82.133.128.0/17
87.108.0.0/16
109.75.232.0/21
194.187.212.0/22
217.64.176.0/20
IPv6:
2001:a68::/32
2a00:16a0::/32
Signature Algorithm: sha256WithRSAEncryption
67:c9:2c:a0:12:1a:ed:8c:6a:f5:18:51:8d:47:f3:e5:89:a7:
72:e3:a8:d4:d4:0e:14:f4:6e:33:be:c6:62:96:f8:66:fc:05:
23:07:98:e0:91:55:3d:ea:02:99:89:4b:d7:65:7e:8e:43:a5:
a7:0a:b8:01:58:99:b9:e6:52:3b:26:0a:bc:af:80:1c:e5:ef:
0b:aa:a0:8e:f6:f8:28:83:3e:b1:49:aa:16:c6:a7:9e:fc:fa:
e1:a8:52:fe:29:1c:44:71:83:fb:ad:5e:60:e9:b7:d8:8e:59:
c0:9a:d2:02:62:57:9c:ff:7a:4d:bb:92:be:ed:fb:ff:86:5e:
e1:99:69:8e:ab:ba:0a:79:30:b5:00:83:fd:c4:ef:34:20:cc:
a8:65:ee:da:5c:c9:90:84:4e:94:05:85:f5:ed:0a:d6:2d:e0:
1f:c6:f1:42:ec:13:61:f9:db:8d:11:d6:e5:f3:8c:3a:f5:cc:
a3:cc:48:a5:fa:aa:bf:37:77:aa:b9:48:2d:3d:62:11:34:82:
a1:dd:07:f7:26:36:ce:10:1c:2b:a2:fe:87:89:a7:df:42:43:
5d:32:36:c7:ba:30:52:84:31:6c:57:2b:86:4a:9b:90:de:7f:
c5:3e:b8:03:fd:68:97:6d:13:de:58:00:bb:f2:f3:e6:51:ab:
03:55:0d:ab
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIEB/ke2zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MTBkNWIzMGI0NmM3Yjk3YjJkYmM0NTg5Y2VhMzYyMmFkNzU2MTU2MB4XDTIyMDEw
MTA0NTgyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzYxMmUzYmUwMmYx
OTY2Y2RiNWI1NzJiYjZjNDRjYjgyZjc4NjE4NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALXfQp0IxcUKbLD7LBt+rhaZBrArNKcYQUmIOqWXWH6ztmb3
wdz59BJZamW5WRb2LoqxTfS49uOuxpNBV0dbK4Wk6VejUR8B3o9pFQImmtimkzXM
XRt+Aw9Zuijbz4h9G0tl8FPCWHopnz139CtEPbFOoXIXNWYAUNUki0fdVg1esQPd
v6f+I9KP4vGX4nTGPB8EOgWKo2U+vv34AOma4gGQD0UQXl5nxyLKtFKp4irPjmw5
lmiCiTLpUimmZiwRmnctzjT7/WcdzuCwa0HxOCTzqZl1uOiD0UNWo/nLVGyROOck
FOJo8uCKSwPZqq86Z7xOLk1/mi80rB1XdLY81H8CAwEAAaOCAkIwggI+MB0GA1Ud
DgQWBBR2EuO+AvGWbNtbVyu2xEy4L3hhhjAfBgNVHSMEGDAWgBTRDVswtGx7l7Lb
xFic6jYirXVhVjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBRMWJNTFJzZTVleTI4UlluT28ySXExMVlWWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmEvNzI1NmVjLWMzNDYtNGIyOS1iN2Y1LTNlNDBkMDE3NDBiMi8x
L2RoTGp2Z0x4bG16YlcxY3J0c1JNdUM5NFlZWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmEv
NzI1NmVjLWMzNDYtNGIyOS1iN2Y1LTNlNDBkMDE3NDBiMi8xLzBRMWJNTFJzZTVl
eTI4UlluT28ySXExMVlWWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBY
BggrBgEFBQcBBwEB/wRJMEcwLwQCAAEwKQMEA1ERyAMEBFFaQAMEB1KFgAMDAFds
AwQDbUvoAwQCwrvUAwQE2UCwMBQEAgACMA4DBQAgAQpoAwUAKgAWoDANBgkqhkiG
9w0BAQsFAAOCAQEAZ8ksoBIa7Yxq9RhRjUfz5YmncuOo1NQOFPRuM77GYpb4ZvwF
IweY4JFVPeoCmYlL12V+jkOlpwq4AViZueZSOyYKvK+AHOXvC6qgjvb4KIM+sUmq
Fsannvz64ahS/ikcRHGD+61eYOm32I5ZwJrSAmJXnP96TbuSvu37/4Ze4Zlpjqu6
CnkwtQCD/cTvNCDMqGXu2lzJkIROlAWF9e0K1i3gH8bxQuwTYfnbjRHW5fOMOvXM
o8xIpfqqvzd3qrlILT1iETSCod0H9yY2zhAcK6L+h4mn30JDXTI2x7owUoQxbFcr
hkqbkN5/xT64A/1ol20T3lgAu/Lz5lGrA1UNqw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:13 2024 by rpki-client on console-ams.rpki-client.org