Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/hFJ4q0En0sb0cNbZX2ooYB-0oLY.roa
File: hFJ4q0En0sb0cNbZX2ooYB-0oLY.roa (raw, json)
Hash identifier: ETWpt+AbAS7Za8mdL9mp0np93DV9d3Nty6Z8IihWlvs=
Subject key identifier: 84:52:78:AB:41:27:D2:C6:F4:70:D6:D9:5F:6A:28:60:1F:B4:A0:B6
Certificate issuer: /CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Certificate serial: 04975A84
Authority key identifier: 07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/hFJ4q0En0sb0cNbZX2ooYB-0oLY.roa
Signing time: Sat 01 Jan 2022 15:04:27 +0000
ROA not before: Sat 01 Jan 2022 15:04:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20803
IP address blocks: 87.251.89.0/24 maxlen: 24
80.66.65.0/24 maxlen: 24
80.66.70.0/24 maxlen: 24
80.66.66.0/23 maxlen: 23
80.66.68.0/23 maxlen: 23
80.66.77.0/24 maxlen: 24
80.66.78.0/23 maxlen: 23
80.66.75.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77027972 (0x4975a84)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Validity
Not Before: Jan 1 15:04:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=845278ab4127d2c6f470d6d95f6a28601fb4a0b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:1e:46:ec:99:1f:f3:ea:68:9c:90:d4:e4:43:
0c:ff:18:b4:f5:7b:ef:f3:bd:e0:58:c1:d2:bd:2a:
63:6b:ef:1f:a8:cd:79:33:78:c2:1c:d3:3f:fd:e8:
32:fc:e2:9b:37:a4:53:93:f3:4b:be:01:e3:cb:e4:
96:0c:b7:0d:52:b6:7b:03:a4:65:43:87:0e:4b:cd:
45:90:6b:19:e9:b2:af:25:b5:92:fe:0d:bc:63:b0:
9b:90:05:7e:c0:3f:3b:1f:43:57:19:a6:76:7d:7d:
d1:81:b8:b8:d2:34:87:72:9a:b7:48:9c:06:66:35:
d3:2e:21:1e:dd:b1:cf:2f:0a:5f:f0:c8:5b:83:dc:
0d:f6:48:b7:5e:a1:44:15:27:a6:2e:b0:9a:2a:b8:
96:c3:5e:27:c6:e1:ed:17:af:f8:3b:52:9f:c5:56:
b7:66:a6:2e:be:be:3b:be:db:74:03:f0:c6:6d:e3:
ea:37:43:42:f7:07:19:f6:69:7b:a8:57:a6:48:2e:
70:7b:56:52:a7:5c:9c:55:cc:5e:c9:5b:eb:a0:58:
d0:10:71:0f:67:72:f6:c6:83:6e:b8:fc:9f:a5:ca:
28:bc:b5:f2:3d:6a:34:ee:9e:40:6e:0d:56:9f:7a:
b8:5c:97:f1:65:c6:c9:ea:01:9f:61:5a:98:c9:11:
bc:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:52:78:AB:41:27:D2:C6:F4:70:D6:D9:5F:6A:28:60:1F:B4:A0:B6
X509v3 Authority Key Identifier:
keyid:07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/hFJ4q0En0sb0cNbZX2ooYB-0oLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.66.65.0-80.66.70.255
80.66.75.0/24
80.66.77.0-80.66.79.255
87.251.89.0/24
Signature Algorithm: sha256WithRSAEncryption
82:e6:48:57:94:bc:a1:50:7f:a0:27:b6:8a:33:20:59:47:3c:
1a:68:dc:41:b1:ff:84:66:31:9a:99:e6:b7:ac:81:d6:13:65:
a8:ab:fc:5e:73:81:c7:16:21:74:6b:ff:da:cb:0d:6b:cc:98:
66:7b:f8:0f:e2:af:d6:00:67:dd:f0:ac:78:6f:6f:53:36:41:
84:0e:a9:ac:4c:cf:53:82:14:dc:ae:8f:a6:47:3a:56:3c:fb:
c2:31:c1:b8:7e:76:ae:5b:ae:94:c0:ef:99:ca:85:20:e7:a6:
74:6d:55:0b:4a:cb:8d:08:1e:0e:e7:1d:d5:28:c3:f4:bb:87:
49:46:61:07:8c:ba:3a:88:fa:2b:1b:e2:79:3b:e7:2d:eb:81:
01:8b:3b:53:37:43:41:8f:3e:8d:84:ed:56:aa:ce:82:e8:b3:
67:99:1e:e6:2b:55:16:a6:ed:ca:ad:6b:17:3f:ee:40:96:4b:
ac:70:cc:fc:44:a8:e5:c8:36:0e:b4:62:12:f1:91:09:c4:fc:
0f:7f:8c:3a:ea:a1:2f:b8:df:2a:a2:8a:c8:b8:2e:ab:0a:6a:
95:a6:de:b9:ee:7d:4e:a9:2a:41:09:66:35:ac:25:58:41:76:
1e:1f:4a:47:c1:ce:7d:08:53:35:f9:d3:88:b7:76:2a:a3:97:
7c:9a:0c:ed
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIEBJdahDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NzNiNGMxMjQ4YzRiY2YyMmIwNTc3ZGZjYTliMTRkOTA2M2MyOGMwMB4XDTIyMDEw
MTE1MDQyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODQ1Mjc4YWI0MTI3
ZDJjNmY0NzBkNmQ5NWY2YTI4NjAxZmI0YTBiNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALYeRuyZH/PqaJyQ1ORDDP8YtPV77/O94FjB0r0qY2vvH6jN
eTN4whzTP/3oMvzimzekU5PzS74B48vklgy3DVK2ewOkZUOHDkvNRZBrGemyryW1
kv4NvGOwm5AFfsA/Ox9DVxmmdn190YG4uNI0h3Kat0icBmY10y4hHt2xzy8KX/DI
W4PcDfZIt16hRBUnpi6wmiq4lsNeJ8bh7Rev+DtSn8VWt2amLr6+O77bdAPwxm3j
6jdDQvcHGfZpe6hXpkgucHtWUqdcnFXMXslb66BY0BBxD2dy9saDbrj8n6XKKLy1
8j1qNO6eQG4NVp96uFyX8WXGyeoBn2FamMkRvNUCAwEAAaOCAiswggInMB0GA1Ud
DgQWBBSEUnirQSfSxvRw1tlfaihgH7SgtjAfBgNVHSMEGDAWgBQHO0wSSMS88isF
d9/KmxTZBjwowDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0J6dE1Fa2pFdlBJckJYZmZ5cHNVMlFZOEtNQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvNjNkYmU1LTVhYTMtNGYxOS04ZGE0LWE4ZDM2MWNlNjRhYS8x
L2hGSjRxMEVuMHNiMGNOYlpYMm9vWUItMG9MWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
NjNkYmU1LTVhYTMtNGYxOS04ZGE0LWE4ZDM2MWNlNjRhYS8xL0J6dE1Fa2pFdlBJ
ckJYZmZ5cHNVMlFZOEtNQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwLgQCAAEwKDAMAwQAUEJBAwQAUEJGAwQAUEJLMAwD
BABQQk0DBARQQkADBABX+1kwDQYJKoZIhvcNAQELBQADggEBAILmSFeUvKFQf6An
toozIFlHPBpo3EGx/4RmMZqZ5resgdYTZair/F5zgccWIXRr/9rLDWvMmGZ7+A/i
r9YAZ93wrHhvb1M2QYQOqaxMz1OCFNyuj6ZHOlY8+8Ixwbh+dq5brpTA75nKhSDn
pnRtVQtKy40IHg7nHdUow/S7h0lGYQeMujqI+isb4nk75y3rgQGLO1M3Q0GPPo2E
7VaqzoLos2eZHuYrVRam7cqtaxc/7kCWS6xwzPxEqOXINg60YhLxkQnE/A9/jDrq
oS+43yqiisi4LqsKapWm3rnufU6pKkEJZjWsJVhBdh4fSkfBzn0IUzX504i3diqj
l3yaDO0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:36 2023 by rpki-client on console-ams.rpki-client.org