Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/DXYWw9ovWOe2KcnqsTRFIjRuON8.roa
File: DXYWw9ovWOe2KcnqsTRFIjRuON8.roa (raw, json)
Hash identifier: CrWnmzndPFlEh/r//FuhfWbv8X/GgUmntXc5aSCzFm0=
Subject key identifier: 0D:76:16:C3:DA:2F:58:E7:B6:29:C9:EA:B1:34:45:22:34:6E:38:DF
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 0183DBAE9E770D1164CAC123B778796B2B32
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/DXYWw9ovWOe2KcnqsTRFIjRuON8.roa
Signing time: Sat 15 Oct 2022 12:46:37 +0000
ROA not before: Sat 15 Oct 2022 12:46:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208555
IP address blocks: 87.107.152.0/24 maxlen: 24
87.107.153.0/24 maxlen: 24
87.107.166.0/24 maxlen: 24
87.107.167.0/24 maxlen: 24
87.107.174.0/24 maxlen: 24
87.107.175.0/24 maxlen: 24
81.12.30.0/23 maxlen: 24
87.107.144.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:db:ae:9e:77:0d:11:64:ca:c1:23:b7:78:79:6b:2b:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Oct 15 12:46:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0d7616c3da2f58e7b629c9eab1344522346e38df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:76:62:0e:b5:10:c7:a2:3c:5a:3d:a9:aa:be:
3c:7d:c9:19:20:7a:27:b6:bf:96:18:2d:1d:6b:a8:
60:58:62:06:ee:44:ea:ab:02:c4:49:c9:cf:78:cb:
fa:a6:ae:64:ef:40:21:a5:ff:dc:d2:7a:10:f7:1d:
37:c1:aa:bb:2e:df:53:4e:7c:99:a9:c1:0f:e6:cc:
c9:c8:9c:a7:f8:d0:71:b5:d2:ff:c3:85:9b:aa:36:
b2:52:8f:47:63:cb:a4:d2:ed:09:5c:18:1b:e1:6e:
29:16:3a:f4:6b:14:db:70:10:71:42:46:ae:be:e7:
c4:0a:d3:55:76:8d:19:3d:10:ac:3f:f1:fb:bf:cb:
59:9f:4d:c8:6b:ca:b3:f3:58:2b:bf:50:c8:49:50:
ea:f1:a1:3a:b9:82:c9:de:7b:9f:48:f1:de:c3:1b:
c6:c1:15:ad:92:55:6d:22:18:70:f0:d2:44:70:78:
04:a1:50:92:8f:86:fc:54:d9:7b:3e:b6:e6:ed:86:
ee:fa:3c:05:6e:d3:7d:b4:9b:75:45:3f:0d:e6:f2:
11:0a:ec:95:67:39:95:81:77:41:d5:fa:85:f5:6a:
59:93:b8:0c:27:07:65:d1:cc:60:d4:e9:0b:eb:ef:
3d:68:74:e7:3c:05:7b:df:80:54:28:05:bb:c7:61:
67:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:76:16:C3:DA:2F:58:E7:B6:29:C9:EA:B1:34:45:22:34:6E:38:DF
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/DXYWw9ovWOe2KcnqsTRFIjRuON8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.12.30.0/23
87.107.144.0/24
87.107.152.0/23
87.107.166.0/23
87.107.174.0/23
Signature Algorithm: sha256WithRSAEncryption
25:70:fe:0c:db:63:f8:b7:de:53:d8:d5:e5:2a:1e:19:22:f4:
36:59:01:a4:06:a3:42:43:cf:bc:37:b9:4f:58:62:ed:a1:44:
d9:65:4a:2a:02:9a:76:34:40:90:a6:64:7f:79:76:60:a3:44:
85:a6:a5:ce:ce:31:59:33:29:02:11:8f:7e:52:14:25:10:e0:
e5:fb:a2:b6:6e:ca:78:23:bd:85:0b:11:0e:23:b5:43:43:7f:
cb:62:c2:58:e0:b6:51:2c:9a:3e:f6:81:d0:ee:54:68:bb:aa:
9e:8b:02:24:86:41:56:85:27:5d:c9:7e:d2:88:73:bb:d8:79:
20:fb:89:2d:29:9d:e8:3a:ba:07:42:de:e4:4e:33:4d:97:bd:
fa:4d:cb:05:1c:58:54:2f:f0:2a:e8:88:d5:b1:04:cb:e7:d5:
2c:33:be:15:d3:00:00:94:ae:0b:7e:9e:4b:53:1a:33:d3:3c:
d0:24:4f:8d:b0:26:92:dd:55:2d:b7:41:8c:cc:58:c5:80:b7:
b7:69:c5:b7:39:e2:8b:47:c6:56:4e:fe:bb:21:05:0b:56:49:
99:fe:4f:6a:ad:6c:f9:2d:82:39:e0:0c:fe:aa:de:dc:c4:90:
51:b6:a1:b3:27:b9:71:00:eb:c8:d3:b7:01:ea:86:96:68:db:
04:9a:c0:67
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYPbrp53DRFkysEjt3h5aysyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjIxMDE1MTI0NjM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDc2MTZjM2RhMmY1OGU3YjYyOWM5ZWFiMTM0NDUyMjM0NmUzOGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXZiDrUQx6I8Wj2pqr48fckZIHon
tr+WGC0da6hgWGIG7kTqqwLEScnPeMv6pq5k70Ahpf/c0noQ9x03waq7Lt9TTnyZ
qcEP5szJyJyn+NBxtdL/w4WbqjayUo9HY8uk0u0JXBgb4W4pFjr0axTbcBBxQkau
vufECtNVdo0ZPRCsP/H7v8tZn03Ia8qz81grv1DISVDq8aE6uYLJ3nufSPHewxvG
wRWtklVtIhhw8NJEcHgEoVCSj4b8VNl7Prbm7Ybu+jwFbtN9tJt1RT8N5vIRCuyV
ZzmVgXdB1fqF9WpZk7gMJwdl0cxg1OkL6+89aHTnPAV734BUKAW7x2FnDQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFA12FsPaL1jntinJ6rE0RSI0bjjfMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvRFhZV3c5b3ZXT2UyS2NucXNUUkZJalJ1T044LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBUQweAwQA
V2uQAwQBV2uYAwQBV2umAwQBV2uuMA0GCSqGSIb3DQEBCwUAA4IBAQAlcP4M22P4
t95T2NXlKh4ZIvQ2WQGkBqNCQ8+8N7lPWGLtoUTZZUoqApp2NECQpmR/eXZgo0SF
pqXOzjFZMykCEY9+UhQlEODl+6K2bsp4I72FCxEOI7VDQ3/LYsJY4LZRLJo+9oHQ
7lRou6qeiwIkhkFWhSddyX7SiHO72Hkg+4ktKZ3oOroHQt7kTjNNl736TcsFHFhU
L/Aq6IjVsQTL59UsM74V0wAAlK4Lfp5LUxoz0zzQJE+NsCaS3VUtt0GMzFjFgLe3
acW3OeKLR8ZWTv67IQULVkmZ/k9qrWz5LYI54Az+qt7cxJBRtqGzJ7lxAOvI07cB
6oaWaNsEmsBn
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:33 2023 by rpki-client on console-ams.rpki-client.org