Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/LrENQgqnZVTy76EqDCtAL72nu98.roa
File: LrENQgqnZVTy76EqDCtAL72nu98.roa (raw, json)
Hash identifier: 3n3DoPZoydgpkwaEXVD7wEwal6/4qvb7X4I5JYyVOFo=
Subject key identifier: 2E:B1:0D:42:0A:A7:65:54:F2:EF:A1:2A:0C:2B:40:2F:BD:A7:BB:DF
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 0184561FB906CB36E01AB6EA61AAA13060F2
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/LrENQgqnZVTy76EqDCtAL72nu98.roa
Signing time: Tue 08 Nov 2022 07:23:50 +0000
ROA not before: Tue 08 Nov 2022 07:23:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212063
IP address blocks: 87.107.172.0/24 maxlen: 24
87.107.189.0/24 maxlen: 24
87.107.188.0/24 maxlen: 24
87.107.188.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:56:1f:b9:06:cb:36:e0:1a:b6:ea:61:aa:a1:30:60:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Nov 8 07:23:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2eb10d420aa76554f2efa12a0c2b402fbda7bbdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:d0:2e:6c:cd:ce:16:c8:1b:79:f5:1f:13:58:
7a:39:96:34:b4:ef:27:b8:da:1a:38:94:9e:b7:c6:
e0:5f:92:78:0a:6b:0a:f8:09:f2:2e:ab:39:c3:e9:
70:0e:32:6f:08:a3:cc:5f:bc:fa:22:9c:4c:fc:0e:
7d:a0:1c:00:84:b7:c2:ea:f7:8e:d1:11:b6:a5:19:
45:a8:43:05:2b:fb:68:17:d7:85:7b:2b:c1:aa:5f:
ca:64:6b:9f:cf:58:c0:aa:c8:c8:05:8a:10:6a:ec:
ec:a5:3c:0b:d7:23:c1:b1:ec:2e:9f:05:ac:1b:70:
69:c4:79:b2:b1:c0:5a:d9:ed:9b:ef:fc:17:2c:70:
c7:26:f0:10:a8:2b:9d:52:51:ce:4f:dc:51:4d:c1:
4a:a3:96:fa:7a:5b:25:be:de:75:24:0f:37:62:0f:
de:00:27:2e:d1:a5:81:1b:e2:49:5e:4b:b7:7d:75:
2a:7f:e5:05:e3:ac:2c:65:2e:c8:3e:e3:e5:63:d1:
22:6e:92:5d:ac:a5:fc:c5:67:4d:29:83:76:8a:cd:
ea:a2:6e:53:9c:38:7f:5e:d9:e3:9e:23:e6:6c:0d:
69:42:e6:48:24:d6:67:80:b9:65:a0:b7:0d:94:be:
06:72:31:b9:84:2b:02:02:ec:f5:6f:98:e4:c0:09:
ca:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:B1:0D:42:0A:A7:65:54:F2:EF:A1:2A:0C:2B:40:2F:BD:A7:BB:DF
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/LrENQgqnZVTy76EqDCtAL72nu98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.107.172.0/24
87.107.188.0/23
Signature Algorithm: sha256WithRSAEncryption
55:80:56:e4:63:21:0d:54:55:47:1a:1a:5f:f9:32:51:43:65:
bf:0c:41:00:ac:c3:c5:a3:7c:1f:be:3a:aa:85:a6:0f:a7:77:
4f:ac:e0:56:35:cc:0a:6d:f3:b9:c2:e0:08:99:be:90:b7:ba:
83:68:c4:5b:39:b9:ed:3d:7a:2c:8b:59:49:8e:4c:f0:87:41:
6e:93:4a:39:c1:a5:f0:55:0e:01:bd:49:fa:88:c4:eb:2f:b1:
7c:60:4b:c5:b5:25:93:93:9c:9c:c3:55:0a:bc:42:ec:c6:60:
92:d5:f0:52:c3:92:e5:45:c7:7c:1d:46:0b:c4:cb:b0:d8:e1:
6d:94:c5:ea:68:c0:ce:74:c5:f1:39:36:bc:9b:2a:ff:6b:cb:
ae:02:54:69:76:de:24:a2:b9:61:37:ab:ee:e1:c0:34:91:8a:
4e:50:1b:1f:65:03:d4:f5:df:7c:c0:7c:3d:ad:42:40:f2:21:
fe:96:1f:ce:c0:cc:57:43:7b:8b:b1:db:c0:e6:26:6d:cc:be:
27:9f:2e:3e:fe:9e:78:7c:06:12:ff:b8:c7:36:c8:a6:3c:7e:
2c:84:ca:c2:66:d9:bc:1a:48:65:85:bd:7e:9c:2f:05:0c:db:
8c:7a:aa:b6:f9:25:4c:8f:d3:8b:63:05:4c:f7:75:a3:1c:a5:
ad:4c:2a:f2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYRWH7kGyzbgGrbqYaqhMGDyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjIxMTA4MDcyMzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWIxMGQ0MjBhYTc2NTU0ZjJlZmExMmEwYzJiNDAyZmJkYTdiYmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtAubM3OFsgbefUfE1h6OZY0tO8n
uNoaOJSet8bgX5J4CmsK+AnyLqs5w+lwDjJvCKPMX7z6IpxM/A59oBwAhLfC6veO
0RG2pRlFqEMFK/toF9eFeyvBql/KZGufz1jAqsjIBYoQauzspTwL1yPBsewunwWs
G3BpxHmyscBa2e2b7/wXLHDHJvAQqCudUlHOT9xRTcFKo5b6elslvt51JA83Yg/e
ACcu0aWBG+JJXku3fXUqf+UF46wsZS7IPuPlY9EibpJdrKX8xWdNKYN2is3qom5T
nDh/XtnjniPmbA1pQuZIJNZngLlloLcNlL4GcjG5hCsCAuz1b5jkwAnKUwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC6xDUIKp2VU8u+hKgwrQC+9p7vfMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvTHJFTlFncW5aVlR5NzZFcURDdEFMNzJudTk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAV2usAwQB
V2u8MA0GCSqGSIb3DQEBCwUAA4IBAQBVgFbkYyENVFVHGhpf+TJRQ2W/DEEArMPF
o3wfvjqqhaYPp3dPrOBWNcwKbfO5wuAImb6Qt7qDaMRbObntPXosi1lJjkzwh0Fu
k0o5waXwVQ4BvUn6iMTrL7F8YEvFtSWTk5ycw1UKvELsxmCS1fBSw5LlRcd8HUYL
xMuw2OFtlMXqaMDOdMXxOTa8myr/a8uuAlRpdt4korlhN6vu4cA0kYpOUBsfZQPU
9d98wHw9rUJA8iH+lh/OwMxXQ3uLsdvA5iZtzL4nny4+/p54fAYS/7jHNsimPH4s
hMrCZtm8Gkhlhb1+nC8FDNuMeqq2+SVMj9OLYwVM93WjHKWtTCry
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:33 2023 by rpki-client on console-ams.rpki-client.org