Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/NDdGxlK5MT5Hp8lGmkPJViqkdxM.roa
File: NDdGxlK5MT5Hp8lGmkPJViqkdxM.roa (raw, json)
Hash identifier: Hv0myDIECXeUFRw6t59C1J0LMDxbhrJxqrEAueMf0ow=
Subject key identifier: 34:37:46:C6:52:B9:31:3E:47:A7:C9:46:9A:43:C9:56:2A:A4:77:13
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 0183F60E5BCF9DB7E6D9D9AAA935009D49EB
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/NDdGxlK5MT5Hp8lGmkPJViqkdxM.roa
Signing time: Thu 20 Oct 2022 15:41:19 +0000
ROA not before: Thu 20 Oct 2022 15:41:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43395
IP address blocks: 87.107.85.0/24 maxlen: 24
81.12.90.0/23 maxlen: 23
87.107.31.0/24 maxlen: 24
87.107.142.0/23 maxlen: 23
87.107.32.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f6:0e:5b:cf:9d:b7:e6:d9:d9:aa:a9:35:00:9d:49:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Oct 20 15:41:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=343746c652b9313e47a7c9469a43c9562aa47713
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:0d:78:d9:b7:84:31:ae:7d:a5:d7:67:33:eb:
34:c3:97:93:0c:27:ac:19:cf:1e:43:d6:21:3a:15:
2d:18:03:4a:ae:aa:ad:05:63:56:ba:d2:03:12:9d:
27:04:37:d8:81:db:90:da:ad:11:81:ac:6b:28:47:
8e:2f:f5:e7:bd:01:d7:a7:38:cc:63:11:a3:17:40:
02:96:7d:ce:3a:9b:95:18:e5:36:2b:c9:a4:ce:1f:
48:5b:38:5b:7f:5c:f0:cf:ce:0c:e9:ec:2b:0d:9b:
7d:a6:20:88:32:84:e9:56:5b:7d:40:9f:93:81:12:
ab:4b:85:21:c4:5a:c1:7f:c2:f2:b0:de:1f:35:63:
e9:98:05:ed:af:f9:96:87:47:fa:66:6e:92:e0:54:
e1:38:14:0e:cc:23:01:d0:c9:24:73:e1:c3:35:20:
0a:7e:02:e0:cc:7c:ee:a1:54:b5:a7:51:09:6f:c6:
fc:20:85:ca:ed:02:3c:bb:37:1e:45:b9:d7:e3:14:
2d:ba:38:5d:f8:38:23:b4:56:5d:38:15:cf:75:d4:
b2:e5:e0:68:38:c7:80:e5:de:1c:80:ca:b8:6d:74:
bb:ef:31:6a:a4:61:42:1f:bc:48:71:6c:93:4a:e6:
bd:84:c0:22:ad:d1:2b:16:6c:e7:29:5a:80:a4:38:
ad:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:37:46:C6:52:B9:31:3E:47:A7:C9:46:9A:43:C9:56:2A:A4:77:13
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/NDdGxlK5MT5Hp8lGmkPJViqkdxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.12.90.0/23
87.107.31.0-87.107.33.255
87.107.85.0/24
87.107.142.0/23
Signature Algorithm: sha256WithRSAEncryption
19:8e:38:2e:b3:29:d2:df:43:70:c8:69:48:7f:34:bb:a2:db:
c5:1d:8c:85:0e:49:66:58:6e:2d:6e:42:51:fa:f6:b7:51:30:
d3:f0:98:89:8a:f6:91:1b:21:89:7e:8c:2a:f9:d9:1c:67:fb:
6f:0d:96:b8:05:96:fc:d1:0c:e6:68:a1:e5:e5:5d:e6:96:6e:
55:3e:29:21:26:52:83:70:ca:c0:bb:b3:2f:91:2a:bc:a0:a2:
75:8b:88:37:8a:44:e2:60:60:73:54:88:3f:ab:12:3e:ea:c9:
b3:01:a8:38:5c:2a:d0:76:d8:96:0e:7a:9b:b6:3d:cf:72:e2:
22:57:f3:0d:2c:1d:55:92:04:63:27:d6:ce:27:1f:7c:a4:75:
6f:bb:62:03:41:ce:54:4c:0d:8b:6a:ae:2a:ee:aa:00:b0:5d:
2f:f9:5b:67:e0:07:09:f4:da:8a:31:61:28:0c:91:74:c7:a7:
89:8a:ce:ed:65:71:5a:64:a8:08:d3:33:ca:8c:7d:1e:7e:8c:
04:22:f4:f4:e6:ba:83:70:83:9b:d6:14:84:86:08:fd:74:f5:
96:ed:62:a7:b5:69:6b:10:d3:25:8b:f8:29:1f:33:b7:c7:14:
cb:e8:8b:b6:2b:9f:62:88:fc:a0:e2:51:05:2a:14:c1:c3:a5:
09:ce:4d:76
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYP2DlvPnbfm2dmqqTUAnUnrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjIxMDIwMTU0MTE5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDM3NDZjNjUyYjkzMTNlNDdhN2M5NDY5YTQzYzk1NjJhYTQ3NzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQ142beEMa59pddnM+s0w5eTDCes
Gc8eQ9YhOhUtGANKrqqtBWNWutIDEp0nBDfYgduQ2q0RgaxrKEeOL/XnvQHXpzjM
YxGjF0ACln3OOpuVGOU2K8mkzh9IWzhbf1zwz84M6ewrDZt9piCIMoTpVlt9QJ+T
gRKrS4UhxFrBf8LysN4fNWPpmAXtr/mWh0f6Zm6S4FThOBQOzCMB0Mkkc+HDNSAK
fgLgzHzuoVS1p1EJb8b8IIXK7QI8uzceRbnX4xQtujhd+DgjtFZdOBXPddSy5eBo
OMeA5d4cgMq4bXS77zFqpGFCH7xIcWyTSua9hMAirdErFmznKVqApDit0wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFDQ3RsZSuTE+R6fJRppDyVYqpHcTMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvTkRkR3hsSzVNVDVIcDhsR21rUEpWaXFrZHhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBUQxaMAwD
BABXax8DBAFXayADBABXa1UDBAFXa44wDQYJKoZIhvcNAQELBQADggEBABmOOC6z
KdLfQ3DIaUh/NLui28UdjIUOSWZYbi1uQlH69rdRMNPwmImK9pEbIYl+jCr52Rxn
+28NlrgFlvzRDOZooeXlXeaWblU+KSEmUoNwysC7sy+RKrygonWLiDeKROJgYHNU
iD+rEj7qybMBqDhcKtB22JYOepu2Pc9y4iJX8w0sHVWSBGMn1s4nH3ykdW+7YgNB
zlRMDYtqriruqgCwXS/5W2fgBwn02ooxYSgMkXTHp4mKzu1lcVpkqAjTM8qMfR5+
jAQi9PTmuoNwg5vWFISGCP109ZbtYqe1aWsQ0yWL+CkfM7fHFMvoi7Yrn2KI/KDi
UQUqFMHDpQnOTXY=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:33 2023 by rpki-client on console-ams.rpki-client.org