Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/GdFR9BJjTApI4vbM5vEz_7Wyr_s.roa
File: GdFR9BJjTApI4vbM5vEz_7Wyr_s.roa (raw, json)
Hash identifier: Lal2wd41cQb9zMsQNdJfwmhz6YgdhK81jSYKPxI7yIo=
Subject key identifier: 19:D1:51:F4:12:63:4C:0A:48:E2:F6:CC:E6:F1:33:FF:B5:B2:AF:FB
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 018B3804954148074E375218DD7DD638A2F9
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/GdFR9BJjTApI4vbM5vEz_7Wyr_s.roa
Signing time: Mon 16 Oct 2023 10:25:06 +0000
ROA not before: Mon 16 Oct 2023 10:25:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208555
IP address blocks: 87.107.152.0/23 maxlen: 24
87.107.166.0/23 maxlen: 24
81.12.24.0/22 maxlen: 24
62.220.126.0/23 maxlen: 24
87.107.174.0/23 maxlen: 24
81.12.30.0/23 maxlen: 24
87.107.144.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:38:04:95:41:48:07:4e:37:52:18:dd:7d:d6:38:a2:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Oct 16 10:25:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=19d151f412634c0a48e2f6cce6f133ffb5b2affb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d8:a4:2d:93:7d:da:93:1d:a5:1b:cd:70:84:
ce:4c:62:71:d1:c6:8b:90:35:7a:1e:ab:cd:18:82:
67:1b:66:d5:a1:0c:3b:4d:be:d8:25:7b:ab:d5:50:
e7:0a:38:06:7d:52:d9:a4:47:93:9c:39:50:02:a2:
e0:4f:49:17:e7:b3:00:1d:bc:b6:7b:cd:3b:3d:2c:
79:48:73:d8:6d:bc:39:0c:f1:c2:91:d6:47:b2:c7:
f1:f5:83:92:ba:79:2a:86:09:be:08:77:e6:81:e6:
21:38:e5:44:38:3f:3e:79:71:76:b2:c4:d7:83:3d:
05:f4:7b:cf:25:12:f1:29:e1:f7:9d:cf:4a:75:b4:
89:7b:5a:63:bb:a7:a3:73:89:4f:bb:93:5b:2a:75:
98:e5:fd:7c:ad:fa:ef:b8:91:ff:d1:f5:d2:fa:e6:
b3:dc:74:95:17:a9:52:95:25:30:4e:91:8e:ff:5c:
42:87:65:24:2e:e7:db:21:be:c6:c7:53:db:af:c2:
9b:38:86:8d:63:e4:86:4d:2b:7a:4f:21:66:2e:49:
b1:2c:d1:fd:57:6f:e5:90:b4:af:8a:49:f7:df:5f:
eb:98:ee:f1:47:3d:60:c0:09:4d:9b:7c:ef:2d:58:
2e:1c:80:4b:b1:24:6d:dc:44:8f:d0:5f:6d:fb:5c:
dc:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:D1:51:F4:12:63:4C:0A:48:E2:F6:CC:E6:F1:33:FF:B5:B2:AF:FB
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/GdFR9BJjTApI4vbM5vEz_7Wyr_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.220.126.0/23
81.12.24.0/22
81.12.30.0/23
87.107.144.0/24
87.107.152.0/23
87.107.166.0/23
87.107.174.0/23
Signature Algorithm: sha256WithRSAEncryption
bc:be:aa:7a:88:5d:4d:a8:04:02:8b:50:48:a4:2f:72:f6:22:
ae:c3:65:a6:4e:41:4a:77:77:e8:5e:d1:30:1c:78:72:f7:a7:
9e:68:42:ea:9c:33:6e:30:27:e8:d4:67:f4:43:90:a1:a7:12:
ae:b1:e2:19:31:88:e5:4c:08:1d:1b:31:e8:2d:13:d7:e3:05:
3e:e9:38:e8:d4:7b:58:8b:56:06:7a:81:4b:3b:1c:94:89:79:
75:e5:56:bd:72:a2:93:23:f8:88:23:46:84:c0:dd:9c:50:9e:
e8:2c:65:61:3c:39:f8:6f:98:7d:78:94:e2:1a:d2:23:45:97:
f3:b4:a8:31:ac:ac:b6:68:72:64:2a:eb:99:9f:b3:2f:70:cc:
b8:1d:13:db:b9:db:56:28:dd:c5:d0:58:25:94:ce:91:86:91:
1c:d5:9c:c1:ac:65:ff:58:ac:c9:9b:fa:9f:14:9e:1d:f1:ee:
84:a5:92:df:d2:fb:11:79:77:53:c0:ba:da:4c:22:ab:36:f9:
62:03:05:8d:61:04:b7:68:79:bd:04:23:3f:e2:0c:46:5d:b9:
b0:82:be:61:fd:93:96:c7:29:a2:43:af:fc:04:b1:56:5b:e1:
0a:6c:d0:db:86:8a:18:b1:3b:37:24:8e:a3:59:c7:27:2a:28:
53:d4:2b:91
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYs4BJVBSAdON1IY3X3WOKL5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjMxMDE2MTAyNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWQxNTFmNDEyNjM0YzBhNDhlMmY2Y2NlNmYxMzNmZmI1YjJhZmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtikLZN92pMdpRvNcITOTGJx0caL
kDV6HqvNGIJnG2bVoQw7Tb7YJXur1VDnCjgGfVLZpEeTnDlQAqLgT0kX57MAHby2
e807PSx5SHPYbbw5DPHCkdZHssfx9YOSunkqhgm+CHfmgeYhOOVEOD8+eXF2ssTX
gz0F9HvPJRLxKeH3nc9KdbSJe1pju6ejc4lPu5NbKnWY5f18rfrvuJH/0fXS+uaz
3HSVF6lSlSUwTpGO/1xCh2UkLufbIb7Gx1Pbr8KbOIaNY+SGTSt6TyFmLkmxLNH9
V2/lkLSvikn331/rmO7xRz1gwAlNm3zvLVguHIBLsSRt3ESP0F9t+1zctwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFBnRUfQSY0wKSOL2zObxM/+1sq/7MB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvR2RGUjlCSmpUQXBJNHZiTTV2RXpfN1d5cl9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBPtx+AwQC
UQwYAwQBUQweAwQAV2uQAwQBV2uYAwQBV2umAwQBV2uuMA0GCSqGSIb3DQEBCwUA
A4IBAQC8vqp6iF1NqAQCi1BIpC9y9iKuw2WmTkFKd3foXtEwHHhy96eeaELqnDNu
MCfo1Gf0Q5ChpxKuseIZMYjlTAgdGzHoLRPX4wU+6Tjo1HtYi1YGeoFLOxyUiXl1
5Va9cqKTI/iII0aEwN2cUJ7oLGVhPDn4b5h9eJTiGtIjRZfztKgxrKy2aHJkKuuZ
n7MvcMy4HRPbudtWKN3F0FgllM6RhpEc1ZzBrGX/WKzJm/qfFJ4d8e6EpZLf0vsR
eXdTwLraTCKrNvliAwWNYQS3aHm9BCM/4gxGXbmwgr5h/ZOWxymiQ6/8BLFWW+EK
bNDbhooYsTs3JI6jWccnKihT1CuR
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:02 2025 by rpki-client