Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/QFohiIxrWkSCktRrCZDkJpAJvZg.roa
File: QFohiIxrWkSCktRrCZDkJpAJvZg.roa (raw, json)
Hash identifier: C4zfXG9AxsOiowCI9WK8037KUJST7FkhbVj3GtJ1qsY=
Subject key identifier: 40:5A:21:88:8C:6B:5A:44:82:92:D4:6B:09:90:E4:26:90:09:BD:98
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 37B3A46C
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/QFohiIxrWkSCktRrCZDkJpAJvZg.roa
Signing time: Sat 01 Jan 2022 08:55:54 +0000
ROA not before: Sat 01 Jan 2022 08:55:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208555
IP address blocks: 87.107.152.0/24 maxlen: 24
87.107.153.0/24 maxlen: 24
87.107.166.0/24 maxlen: 24
87.107.167.0/24 maxlen: 24
87.107.174.0/24 maxlen: 24
87.107.175.0/24 maxlen: 24
87.107.144.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 934519916 (0x37b3a46c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Jan 1 08:55:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=405a21888c6b5a448292d46b0990e4269009bd98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:81:57:c0:5b:9b:78:a6:11:93:bb:43:eb:4a:
ac:04:9c:d8:a7:41:29:50:43:f6:54:68:5a:b8:56:
15:05:bd:79:1d:ef:65:d2:d0:d0:d0:ff:31:8a:08:
01:fc:0c:89:5f:ee:91:45:ad:06:f9:3a:8a:1c:b0:
4c:64:26:ce:90:5c:32:19:d4:ac:c4:3a:9b:8d:68:
e9:a7:88:1f:cc:cd:d7:ab:89:e6:20:58:d7:81:3a:
b7:80:67:88:c9:cb:c4:0f:67:5e:70:69:6a:ae:54:
e7:4c:7e:4a:86:07:7d:b6:f5:42:38:4e:e3:81:ff:
8b:05:eb:a4:dd:f9:d5:40:05:15:d0:68:ab:c3:b5:
04:25:31:0b:b4:0c:5a:d1:eb:5e:e6:9a:32:da:0c:
6f:9e:c2:a0:44:83:79:16:26:90:02:cd:8b:e3:99:
ae:4b:75:36:63:09:a2:85:1b:9e:01:5a:48:13:30:
2d:ea:43:f3:3d:60:74:81:df:77:fa:a7:2d:bd:b3:
89:dc:38:17:e5:ee:04:2e:76:d8:aa:31:d0:3a:81:
dc:9c:c3:03:70:c2:8e:1a:e2:83:64:0b:f9:73:00:
c6:8b:c3:75:52:36:f4:ce:dd:99:67:bd:97:6c:25:
6e:92:00:92:9e:47:0f:d5:5a:8f:99:6d:a5:86:88:
3e:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:5A:21:88:8C:6B:5A:44:82:92:D4:6B:09:90:E4:26:90:09:BD:98
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/QFohiIxrWkSCktRrCZDkJpAJvZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.107.144.0/24
87.107.152.0/23
87.107.166.0/23
87.107.174.0/23
Signature Algorithm: sha256WithRSAEncryption
2a:15:25:c8:04:69:d7:16:9c:41:90:a6:b9:31:67:75:c8:86:
d6:1e:4a:ea:b3:cc:7f:33:0a:4e:e8:1c:33:54:12:23:9f:18:
31:bd:59:ae:7c:25:3a:64:b2:a5:4c:88:f2:2a:7d:11:22:18:
9e:6a:b0:a9:ff:09:3f:0a:a5:2b:72:d7:4f:95:3c:59:86:c8:
5a:63:08:83:a3:68:1e:38:7b:6d:ab:c9:d4:29:30:df:ac:82:
43:6d:19:01:61:4c:99:54:2f:9b:56:53:b5:44:9b:a2:b3:ac:
96:9f:68:12:51:12:13:24:41:40:29:a3:7c:c9:83:15:17:b5:
7e:17:a3:5a:2d:0d:57:83:ac:a0:ac:53:c0:a1:e2:05:0a:c0:
2d:8f:74:e3:c2:ea:22:61:ab:b4:c0:df:02:c1:ef:61:50:85:
5a:1d:70:b8:aa:9f:f1:8d:bf:71:ec:1f:4a:f7:a4:fe:9b:fb:
3d:75:48:17:18:32:a4:b0:42:7a:a4:c3:e7:be:9c:15:03:4f:
ce:fe:ba:e5:cc:5c:a2:44:1e:e4:45:8e:bb:a5:88:9a:05:51:
89:37:a0:aa:b1:26:c6:07:2f:fc:a6:81:d3:87:50:39:ba:fb:
67:f4:f7:95:9d:9b:b4:97:46:8d:da:25:ea:7b:36:69:8b:a6:
ba:17:35:67
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEN7OkbDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MDc3NWQ5NDcxYjg1ZDk2M2ZlZjZkMjgzNTkwZTJkOTQyZGQ1YzIxMB4XDTIyMDEw
MTA4NTU1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDA1YTIxODg4YzZi
NWE0NDgyOTJkNDZiMDk5MGU0MjY5MDA5YmQ5ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKaBV8Bbm3imEZO7Q+tKrASc2KdBKVBD9lRoWrhWFQW9eR3v
ZdLQ0ND/MYoIAfwMiV/ukUWtBvk6ihywTGQmzpBcMhnUrMQ6m41o6aeIH8zN16uJ
5iBY14E6t4BniMnLxA9nXnBpaq5U50x+SoYHfbb1QjhO44H/iwXrpN351UAFFdBo
q8O1BCUxC7QMWtHrXuaaMtoMb57CoESDeRYmkALNi+OZrkt1NmMJooUbngFaSBMw
LepD8z1gdIHfd/qnLb2zidw4F+XuBC522Kox0DqB3JzDA3DCjhrig2QL+XMAxovD
dVI29M7dmWe9l2wlbpIAkp5HD9Vaj5ltpYaIPjsCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBRAWiGIjGtaRIKS1GsJkOQmkAm9mDAfBgNVHSMEGDAWgBQAd12Ucbhdlj/v
bSg1kOLZQt1cITAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FIZGRsSEc0WFpZXzcyMG9OWkRpMlVMZFhDRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjYvNjM3NjBjLWUyMWItNGJhZi1hOWE0LTc2YjMzZTRjZTgyMS8x
L1FGb2hpSXhyV2tTQ2t0UnJDWkRrSnBBSnZaZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjYv
NjM3NjBjLWUyMWItNGJhZi1hOWE0LTc2YjMzZTRjZTgyMS8xL0FIZGRsSEc0WFpZ
XzcyMG9OWkRpMlVMZFhDRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAFdrkAMEAVdrmAMEAVdrpgMEAVdr
rjANBgkqhkiG9w0BAQsFAAOCAQEAKhUlyARp1xacQZCmuTFndciG1h5K6rPMfzMK
TugcM1QSI58YMb1ZrnwlOmSypUyI8ip9ESIYnmqwqf8JPwqlK3LXT5U8WYbIWmMI
g6NoHjh7bavJ1Ckw36yCQ20ZAWFMmVQvm1ZTtUSborOslp9oElESEyRBQCmjfMmD
FRe1fhejWi0NV4OsoKxTwKHiBQrALY9048LqImGrtMDfAsHvYVCFWh1wuKqf8Y2/
cewfSvek/pv7PXVIFxgypLBCeqTD576cFQNPzv665cxcokQe5EWOu6WImgVRiTeg
qrEmxgcv/KaB04dQObr7Z/T3lZ2btJdGjdol6ns2aYumuhc1Zw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:33 2023 by rpki-client on console-ams.rpki-client.org