Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/0aONzfyuhTOld2toZ7ELJQm-T3w.roa
File: 0aONzfyuhTOld2toZ7ELJQm-T3w.roa (raw, json)
Hash identifier: NwKnOY+IIgAqP+M08qlyK4IHLKKLl3sVHO0T6rIaUDE=
Subject key identifier: D1:A3:8D:CD:FC:AE:85:33:A5:77:6B:68:67:B1:0B:25:09:BE:4F:7C
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 0183DBAE9CBCF310058A48199BB6D3F28942
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/0aONzfyuhTOld2toZ7ELJQm-T3w.roa
Signing time: Sat 15 Oct 2022 12:46:36 +0000
ROA not before: Sat 15 Oct 2022 12:46:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204544
IP address blocks: 87.107.152.0/23 maxlen: 23
87.107.166.0/23 maxlen: 23
81.12.30.0/23 maxlen: 24
87.107.174.0/23 maxlen: 23
87.107.144.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:db:ae:9c:bc:f3:10:05:8a:48:19:9b:b6:d3:f2:89:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Oct 15 12:46:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d1a38dcdfcae8533a5776b6867b10b2509be4f7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:b7:bd:cb:f2:3f:6f:a6:f4:2c:a3:0a:51:34:
9a:b1:e7:da:93:e4:5b:30:24:c8:0e:0d:ff:b4:05:
28:19:2b:03:c9:1a:3d:57:82:43:78:53:53:a0:be:
a0:4e:8b:fa:3c:8a:c7:bf:83:94:14:1e:f8:17:b0:
19:12:cc:b7:a4:94:64:63:01:bc:78:f9:36:d8:7f:
55:c1:c4:5d:08:75:4e:17:fa:f4:2c:30:9a:af:f0:
3b:bc:9a:e8:97:4f:88:d8:bd:35:58:3d:87:90:16:
78:5f:57:a4:cf:94:09:be:fb:20:5e:b5:29:ef:79:
0e:d7:37:e2:eb:73:5d:05:09:e2:04:e3:6c:b6:90:
a2:45:f5:35:41:f1:f3:6f:02:80:ca:54:b9:50:37:
42:1c:07:88:d2:d6:db:5a:c1:59:3b:85:e6:4d:bd:
d6:07:c8:d2:f9:cf:7c:27:3f:f3:d4:0f:ef:3f:e7:
e1:a0:0a:13:56:2e:dd:91:7f:aa:51:82:42:02:f7:
6f:34:4a:78:71:6e:97:bc:98:71:19:45:3c:4b:75:
fd:1d:97:56:4f:b0:4a:b7:1b:5e:bc:2e:10:11:42:
b0:c1:20:ef:14:bb:9c:eb:a0:ca:71:4e:f4:7d:1a:
ac:c0:cc:9c:a4:f8:cb:a1:d0:76:c9:7a:5e:af:28:
08:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:A3:8D:CD:FC:AE:85:33:A5:77:6B:68:67:B1:0B:25:09:BE:4F:7C
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/0aONzfyuhTOld2toZ7ELJQm-T3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.12.30.0/23
87.107.144.0/24
87.107.152.0/23
87.107.166.0/23
87.107.174.0/23
Signature Algorithm: sha256WithRSAEncryption
23:84:73:a6:08:7a:76:0a:f0:0d:99:a3:09:07:53:19:66:6a:
b9:c0:6b:ec:b2:e8:b0:ac:a9:37:3d:47:b1:ad:86:47:ad:41:
57:70:17:7e:fb:e5:66:97:99:83:62:3d:ae:9d:08:77:9a:f4:
8a:a8:38:92:ec:d9:c5:28:09:7c:88:70:f6:0e:d9:82:36:2c:
b1:76:c9:fe:77:22:35:d3:7b:71:11:57:a3:35:89:2d:48:a2:
cc:c9:68:b1:0e:d0:80:84:52:ae:9e:af:ef:6e:14:26:96:8e:
91:2d:82:4f:4d:d3:38:e3:47:d4:f3:b5:dd:37:47:91:98:32:
3c:05:e1:44:1c:59:41:7f:39:15:41:a9:55:cc:77:21:f3:94:
34:c5:77:0f:8a:a5:82:6b:03:72:b9:49:36:8c:e7:9b:69:85:
7d:e8:f4:c9:f7:89:a1:5d:0d:0a:d2:9d:ca:45:67:ae:f0:a6:
73:8a:1a:c2:35:86:31:f3:47:72:11:56:df:b5:b8:23:a0:67:
32:01:b4:07:47:c1:7f:da:60:27:6e:47:e8:a0:37:c7:42:a4:
02:de:91:9b:73:94:c9:07:24:64:0f:28:36:9c:df:06:b7:38:
08:53:6e:17:91:3c:8d:8d:07:1a:0c:93:3a:ee:5f:92:31:cc:
19:73:ac:a7
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYPbrpy88xAFikgZm7bT8olCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjIxMDE1MTI0NjM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWEzOGRjZGZjYWU4NTMzYTU3NzZiNjg2N2IxMGIyNTA5YmU0ZjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbe9y/I/b6b0LKMKUTSasefak+Rb
MCTIDg3/tAUoGSsDyRo9V4JDeFNToL6gTov6PIrHv4OUFB74F7AZEsy3pJRkYwG8
ePk22H9VwcRdCHVOF/r0LDCar/A7vJrol0+I2L01WD2HkBZ4X1ekz5QJvvsgXrUp
73kO1zfi63NdBQniBONstpCiRfU1QfHzbwKAylS5UDdCHAeI0tbbWsFZO4XmTb3W
B8jS+c98Jz/z1A/vP+fhoAoTVi7dkX+qUYJCAvdvNEp4cW6XvJhxGUU8S3X9HZdW
T7BKtxtevC4QEUKwwSDvFLuc66DKcU70fRqswMycpPjLodB2yXperygIAQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNGjjc38roUzpXdraGexCyUJvk98MB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvMGFPTnpmeXVoVE9sZDJ0b1o3RUxKUW0tVDN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBUQweAwQA
V2uQAwQBV2uYAwQBV2umAwQBV2uuMA0GCSqGSIb3DQEBCwUAA4IBAQAjhHOmCHp2
CvANmaMJB1MZZmq5wGvssuiwrKk3PUexrYZHrUFXcBd+++Vml5mDYj2unQh3mvSK
qDiS7NnFKAl8iHD2DtmCNiyxdsn+dyI103txEVejNYktSKLMyWixDtCAhFKunq/v
bhQmlo6RLYJPTdM440fU87XdN0eRmDI8BeFEHFlBfzkVQalVzHch85Q0xXcPiqWC
awNyuUk2jOebaYV96PTJ94mhXQ0K0p3KRWeu8KZzihrCNYYx80dyEVbftbgjoGcy
AbQHR8F/2mAnbkfooDfHQqQC3pGbc5TJByRkDyg2nN8GtzgIU24XkTyNjQcaDJM6
7l+SMcwZc6yn
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:55 2025 by rpki-client