Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/OiUIGTcpPNM41tlsi6fFoz4Ch68.roa
File: OiUIGTcpPNM41tlsi6fFoz4Ch68.roa (raw, json)
Hash identifier: J6ywPgCUFzQ6cALU9cJN3r2nVX1zC4zjC3c8/wznF+c=
Subject key identifier: 3A:25:08:19:37:29:3C:D3:38:D6:D9:6C:8B:A7:C5:A3:3E:02:87:AF
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 0188B41E96B41DA011AB16CB1ED7BEC9F94D
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/OiUIGTcpPNM41tlsi6fFoz4Ch68.roa
Signing time: Tue 13 Jun 2023 09:38:03 +0000
ROA not before: Tue 13 Jun 2023 09:38:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21341
IP address blocks: 87.107.42.0/23 maxlen: 23
87.107.41.0/24 maxlen: 24
87.107.40.0/24 maxlen: 24
87.107.51.0/24 maxlen: 24
87.107.50.0/24 maxlen: 24
87.107.50.0/23 maxlen: 24
87.107.52.0/23 maxlen: 23
87.107.68.0/22 maxlen: 24
87.107.88.0/22 maxlen: 22
87.107.24.0/22 maxlen: 22
87.107.34.0/23 maxlen: 23
62.220.120.0/22 maxlen: 22
62.220.124.0/23 maxlen: 23
87.107.168.0/22 maxlen: 24
87.107.173.0/24 maxlen: 24
185.60.136.0/24 maxlen: 24
185.60.139.0/24 maxlen: 24
185.60.138.0/24 maxlen: 24
185.60.137.0/24 maxlen: 24
87.107.96.0/22 maxlen: 24
87.107.112.0/22 maxlen: 24
87.107.116.0/23 maxlen: 23
87.107.120.0/21 maxlen: 24
87.107.128.0/22 maxlen: 22
87.107.132.0/22 maxlen: 22
62.220.96.0/21 maxlen: 24
62.220.104.0/21 maxlen: 24
81.12.8.0/22 maxlen: 22
81.12.12.0/22 maxlen: 22
81.12.16.0/21 maxlen: 21
81.12.24.0/22 maxlen: 22
81.12.48.0/22 maxlen: 24
81.12.58.0/24 maxlen: 24
81.12.52.0/23 maxlen: 23
81.12.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b4:1e:96:b4:1d:a0:11:ab:16:cb:1e:d7:be:c9:f9:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Jun 13 09:38:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a25081937293cd338d6d96c8ba7c5a33e0287af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:b9:e7:bd:29:76:8a:d1:a8:1e:3c:cb:90:de:
58:1e:94:c0:c6:8e:cd:fd:bf:3a:e6:00:3d:fa:c8:
0f:1c:9b:dc:61:04:31:ea:e4:68:87:a6:af:01:c6:
f2:e3:e3:6a:6a:3c:14:8a:6d:0a:76:09:68:ee:df:
35:e2:2f:2f:4a:a0:b2:e7:c1:a4:79:d2:0f:38:b0:
58:0d:f2:33:1d:77:ac:92:e0:63:9e:a5:23:53:8b:
f8:73:8c:8d:57:a7:24:be:d4:0c:39:8e:6c:31:c4:
0a:d1:25:87:69:be:4a:2e:aa:f0:88:2e:af:29:56:
63:9c:8e:05:67:41:9f:b5:47:26:b9:38:c7:05:78:
1e:d5:5f:ea:82:33:86:00:4f:83:27:5a:8f:17:a7:
bb:80:67:28:76:fb:6e:dd:5c:a1:95:6b:36:78:41:
0a:b6:db:f3:c5:d5:f9:36:89:f0:7e:b5:ab:eb:bb:
3a:77:05:7f:39:03:b6:27:cd:32:7b:e0:6b:8b:cc:
6c:41:25:d8:c3:bd:15:fb:5d:94:9d:7b:0c:a3:7e:
b8:06:9c:6a:3e:8d:f2:6f:96:38:de:f3:cd:e3:36:
d9:88:ab:f0:c8:c3:af:a5:9b:da:0d:fc:1e:88:b9:
6f:c5:e0:27:f3:3e:11:d0:41:8d:f1:d8:49:69:38:
f8:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:25:08:19:37:29:3C:D3:38:D6:D9:6C:8B:A7:C5:A3:3E:02:87:AF
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/OiUIGTcpPNM41tlsi6fFoz4Ch68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.220.96.0/20
62.220.120.0-62.220.125.255
81.12.8.0-81.12.27.255
81.12.48.0-81.12.53.255
81.12.58.0/23
87.107.24.0/22
87.107.34.0/23
87.107.40.0/22
87.107.50.0-87.107.53.255
87.107.68.0/22
87.107.88.0/22
87.107.96.0/22
87.107.112.0-87.107.117.255
87.107.120.0-87.107.135.255
87.107.168.0/22
87.107.173.0/24
185.60.136.0/22
Signature Algorithm: sha256WithRSAEncryption
68:fd:3d:51:d2:c8:4f:b6:b4:63:30:a6:a6:d0:2e:29:8a:1a:
c0:99:88:34:a6:69:b6:e0:c7:58:d9:de:83:10:cb:d6:28:af:
c9:cd:d3:a5:6f:2d:86:08:ce:65:0b:5b:e6:9f:dc:ea:de:0b:
19:fa:15:6b:04:4b:ff:33:43:c4:40:2c:54:a7:83:aa:cc:f7:
33:f5:92:12:54:13:7d:df:84:c7:0f:25:57:bb:6f:97:9a:d1:
9f:cb:85:3d:03:05:95:cd:b7:20:cc:82:be:94:58:7f:7f:6f:
4e:4f:17:76:22:85:b7:50:7c:a8:f4:23:af:cf:43:a2:bd:f6:
28:59:fa:39:f0:af:4c:9f:2c:27:20:6a:67:b3:30:ea:16:5e:
af:75:24:18:e8:fc:a7:3f:fe:dc:8e:82:a1:e5:d4:fc:85:20:
96:e1:75:78:ab:40:8d:f1:19:bb:8e:fb:06:f4:30:71:e8:62:
08:0a:2a:6d:78:71:34:a4:08:ee:7f:c7:af:ce:de:88:db:59:
f4:01:3f:84:bb:6d:23:ed:6b:72:44:13:6e:e3:8a:55:4f:cb:
a8:87:2a:7e:12:48:e4:99:62:55:af:83:cd:97:d0:50:64:93:
32:09:83:f1:1b:d8:59:8a:00:3b:2a:0c:9f:3c:42:06:3c:a7:
12:6b:f1:3f
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAYi0Hpa0HaARqxbLHte+yflNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjMwNjEzMDkzODAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTI1MDgxOTM3MjkzY2QzMzhkNmQ5NmM4YmE3YzVhMzNlMDI4N2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLnnvSl2itGoHjzLkN5YHpTAxo7N
/b865gA9+sgPHJvcYQQx6uRoh6avAcby4+NqajwUim0Kdglo7t814i8vSqCy58Gk
edIPOLBYDfIzHXeskuBjnqUjU4v4c4yNV6ckvtQMOY5sMcQK0SWHab5KLqrwiC6v
KVZjnI4FZ0GftUcmuTjHBXge1V/qgjOGAE+DJ1qPF6e7gGcodvtu3VyhlWs2eEEK
ttvzxdX5NonwfrWr67s6dwV/OQO2J80ye+Bri8xsQSXYw70V+12UnXsMo364Bpxq
Po3yb5Y43vPN4zbZiKvwyMOvpZvaDfweiLlvxeAn8z4R0EGN8dhJaTj41QIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFDolCBk3KTzTONbZbIunxaM+AoevMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvT2lVSUdUY3BQTk00MXRsc2k2ZkZvejRDaDY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBnQQCAAEwgZYDBAQ+
3GAwDAMEAz7ceAMEAT7cfDAMAwQDUQwIAwQCUQwYMAwDBARRDDADBAFRDDQDBAFR
DDoDBAJXaxgDBAFXayIDBAJXaygwDAMEAVdrMgMEAVdrNAMEAldrRAMEAldrWAME
AldrYDAMAwQEV2twAwQBV2t0MAwDBANXa3gDBANXa4ADBAJXa6gDBABXa60DBAK5
PIgwDQYJKoZIhvcNAQELBQADggEBAGj9PVHSyE+2tGMwpqbQLimKGsCZiDSmabbg
x1jZ3oMQy9Yor8nN06VvLYYIzmULW+af3OreCxn6FWsES/8zQ8RALFSng6rM9zP1
khJUE33fhMcPJVe7b5ea0Z/LhT0DBZXNtyDMgr6UWH9/b05PF3YihbdQfKj0I6/P
Q6K99ihZ+jnwr0yfLCcgamezMOoWXq91JBjo/Kc//tyOgqHl1PyFIJbhdXirQI3x
GbuO+wb0MHHoYggKKm14cTSkCO5/x6/O3ojbWfQBP4S7bSPta3JEE27jilVPy6iH
Kn4SSOSZYlWvg82X0FBkkzIJg/Eb2FmKADsqDJ88QgY8pxJr8T8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:52 2025 by rpki-client