Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/EP-CWpCUwvlFoxy6gZjrchDj1gw.roa
File: EP-CWpCUwvlFoxy6gZjrchDj1gw.roa (raw, json)
Hash identifier: Ch0pQu0HMdUO/Jx1RMnFA/8mhcvtm23JH7JCGV2SFB8=
Subject key identifier: 10:FF:82:5A:90:94:C2:F9:45:A3:1C:BA:81:98:EB:72:10:E3:D6:0C
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 3835451A
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/EP-CWpCUwvlFoxy6gZjrchDj1gw.roa
Signing time: Tue 22 Feb 2022 12:56:42 +0000
ROA not before: Tue 22 Feb 2022 12:56:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200370
IP address blocks: 87.107.1.0/24 maxlen: 24
87.107.0.0/24 maxlen: 24
87.107.2.0/24 maxlen: 24
87.107.3.0/24 maxlen: 24
87.107.4.0/24 maxlen: 24
87.107.0.0/23 maxlen: 23
87.107.2.0/23 maxlen: 23
87.107.4.0/23 maxlen: 23
87.107.4.0/22 maxlen: 22
87.107.0.0/21 maxlen: 21
87.107.0.0/22 maxlen: 22
87.107.5.0/24 maxlen: 24
87.107.6.0/24 maxlen: 24
87.107.6.0/23 maxlen: 23
87.107.7.0/24 maxlen: 24
87.107.130.0/23 maxlen: 23
87.107.130.0/24 maxlen: 24
87.107.131.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 943015194 (0x3835451a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Feb 22 12:56:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=10ff825a9094c2f945a31cba8198eb7210e3d60c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:bc:2a:9d:bd:17:ce:ce:c1:b0:f8:5b:5e:1f:
d5:7e:df:0e:ed:eb:c6:a0:19:27:0e:d7:65:6d:2f:
ae:ca:6e:f7:d1:68:63:47:36:36:53:a2:62:1b:3f:
58:d9:88:64:f7:ed:21:1e:b5:e6:71:66:b6:63:c3:
36:e8:66:d7:2d:a6:48:02:2a:1a:4a:d8:ca:54:d2:
00:f6:5b:8f:cd:1e:80:1c:c9:38:85:cb:aa:ef:3d:
aa:f2:a5:d7:15:f1:da:57:a3:f4:4e:8d:8a:f1:49:
51:a5:f3:1d:b3:d9:6f:2a:1d:d1:4a:41:39:f0:70:
5a:cb:a5:64:e2:76:99:fc:42:7f:a5:03:49:50:2d:
c5:b7:1b:31:8a:a2:66:f4:ec:cd:3b:5c:df:5e:7a:
1b:71:99:39:31:91:d6:6d:53:ed:d4:13:b1:c7:61:
3c:a3:9d:05:62:a3:ca:76:51:2e:11:00:f0:a4:8d:
72:5b:fd:a7:85:f0:51:35:82:d0:d6:e8:fe:ea:c3:
87:e4:57:c5:2a:ea:54:c8:33:8b:f0:15:72:90:e4:
e3:61:10:67:25:58:4e:73:5a:c8:6d:55:24:0c:31:
12:98:e7:76:c4:78:66:63:ac:f2:f2:2e:9a:70:f0:
f4:c3:ce:72:9d:10:66:f5:02:72:48:a5:6a:71:49:
90:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:FF:82:5A:90:94:C2:F9:45:A3:1C:BA:81:98:EB:72:10:E3:D6:0C
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/EP-CWpCUwvlFoxy6gZjrchDj1gw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.107.0.0/21
87.107.130.0/23
Signature Algorithm: sha256WithRSAEncryption
64:0e:b9:45:de:fb:e5:63:21:86:56:8b:18:50:f3:00:3d:62:
2e:84:a7:14:f7:ea:ae:7f:f4:ee:3a:7e:0a:a7:23:c0:d1:19:
19:75:80:b4:00:ee:0b:75:cd:13:6d:e3:34:84:9a:2d:32:14:
5e:d6:23:70:12:43:21:a1:ea:bc:5b:34:4e:9b:9e:9f:aa:0c:
c9:8b:c2:48:df:64:3f:d8:10:be:38:8e:db:4e:de:20:62:7b:
79:51:a3:a8:41:9a:8a:f8:3d:6b:dc:c2:de:e5:1a:45:64:0e:
d7:4a:16:e1:28:ff:83:37:5e:2c:fe:33:96:7c:e8:ae:a2:73:
7e:fb:86:2c:9d:66:05:f7:ec:b1:93:94:a2:b2:82:1e:90:64:
11:94:f4:4c:d2:7f:2e:4a:a0:44:d1:f2:4d:ea:90:d7:60:1d:
57:67:12:55:97:da:0e:ef:fe:19:64:fa:ae:4c:9e:75:07:31:
63:b1:4c:1f:63:ec:38:84:af:c4:56:4d:22:6c:ca:45:ba:9f:
22:b3:09:e2:4e:a9:40:70:01:a8:32:19:41:6e:77:b0:81:75:
59:11:0a:9f:a4:76:25:be:7a:b6:58:78:c1:39:4a:8c:a6:71:
51:bd:3f:93:d1:67:af:81:f0:94:d2:67:ea:33:7d:67:ec:4e:
51:60:56:8c
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEODVFGjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MDc3NWQ5NDcxYjg1ZDk2M2ZlZjZkMjgzNTkwZTJkOTQyZGQ1YzIxMB4XDTIyMDIy
MjEyNTY0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTBmZjgyNWE5MDk0
YzJmOTQ1YTMxY2JhODE5OGViNzIxMGUzZDYwYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK68Kp29F87OwbD4W14f1X7fDu3rxqAZJw7XZW0vrspu99Fo
Y0c2NlOiYhs/WNmIZPftIR615nFmtmPDNuhm1y2mSAIqGkrYylTSAPZbj80egBzJ
OIXLqu89qvKl1xXx2lej9E6NivFJUaXzHbPZbyod0UpBOfBwWsulZOJ2mfxCf6UD
SVAtxbcbMYqiZvTszTtc3156G3GZOTGR1m1T7dQTscdhPKOdBWKjynZRLhEA8KSN
clv9p4XwUTWC0Nbo/urDh+RXxSrqVMgzi/AVcpDk42EQZyVYTnNayG1VJAwxEpjn
dsR4ZmOs8vIumnDw9MPOcp0QZvUCckilanFJkGMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQQ/4JakJTC+UWjHLqBmOtyEOPWDDAfBgNVHSMEGDAWgBQAd12Ucbhdlj/v
bSg1kOLZQt1cITAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FIZGRsSEc0WFpZXzcyMG9OWkRpMlVMZFhDRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjYvNjM3NjBjLWUyMWItNGJhZi1hOWE0LTc2YjMzZTRjZTgyMS8x
L0VQLUNXcENVd3ZsRm94eTZnWmpyY2hEajFndy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjYv
NjM3NjBjLWUyMWItNGJhZi1hOWE0LTc2YjMzZTRjZTgyMS8xL0FIZGRsSEc0WFpZ
XzcyMG9OWkRpMlVMZFhDRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA1drAAMEAVdrgjANBgkqhkiG9w0B
AQsFAAOCAQEAZA65Rd775WMhhlaLGFDzAD1iLoSnFPfqrn/07jp+CqcjwNEZGXWA
tADuC3XNE23jNISaLTIUXtYjcBJDIaHqvFs0Tpuen6oMyYvCSN9kP9gQvjiO207e
IGJ7eVGjqEGaivg9a9zC3uUaRWQO10oW4Sj/gzdeLP4zlnzorqJzfvuGLJ1mBffs
sZOUorKCHpBkEZT0TNJ/LkqgRNHyTeqQ12AdV2cSVZfaDu/+GWT6rkyedQcxY7FM
H2PsOISvxFZNImzKRbqfIrMJ4k6pQHABqDIZQW53sIF1WREKn6R2Jb56tlh4wTlK
jKZxUb0/k9Fnr4HwlNJn6jN9Z+xOUWBWjA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:39 2023 by rpki-client on console-fra.rpki-client.org