Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/T0QpHfwtsmSm8lrKNI900PkPjto.roa
File: T0QpHfwtsmSm8lrKNI900PkPjto.roa (raw, json)
Hash identifier: zGICI7uof1vWIwSgtrDik94LRlx/p+oe6wnXfePczDU=
Subject key identifier: 4F:44:29:1D:FC:2D:B2:64:A6:F2:5A:CA:34:8F:74:D0:F9:0F:8E:DA
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 01856F5DB13A7E4B94BA6131ACB15799B94C
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/T0QpHfwtsmSm8lrKNI900PkPjto.roa
Signing time: Sun 01 Jan 2023 22:04:49 +0000
ROA not before: Sun 01 Jan 2023 22:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21341
IP address blocks: 87.107.42.0/23 maxlen: 23
87.107.41.0/24 maxlen: 24
87.107.40.0/24 maxlen: 24
87.107.51.0/24 maxlen: 24
87.107.50.0/23 maxlen: 23
87.107.50.0/24 maxlen: 24
87.107.52.0/23 maxlen: 23
87.107.68.0/22 maxlen: 22
87.107.88.0/22 maxlen: 22
87.107.24.0/22 maxlen: 22
87.107.34.0/23 maxlen: 23
62.220.120.0/22 maxlen: 22
62.220.124.0/22 maxlen: 22
87.107.173.0/24 maxlen: 24
185.60.136.0/24 maxlen: 24
185.60.139.0/24 maxlen: 24
185.60.138.0/24 maxlen: 24
185.60.137.0/24 maxlen: 24
87.107.96.0/22 maxlen: 22
87.107.116.0/23 maxlen: 23
87.107.120.0/21 maxlen: 21
87.107.122.0/24 maxlen: 24
87.107.128.0/22 maxlen: 22
87.107.132.0/22 maxlen: 22
62.220.96.0/21 maxlen: 21
62.220.104.0/21 maxlen: 21
81.12.8.0/22 maxlen: 22
81.12.12.0/22 maxlen: 22
81.12.16.0/21 maxlen: 21
81.12.24.0/22 maxlen: 22
81.12.48.0/22 maxlen: 22
81.12.58.0/24 maxlen: 24
81.12.52.0/23 maxlen: 23
81.12.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:b1:3a:7e:4b:94:ba:61:31:ac:b1:57:99:b9:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Jan 1 22:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4f44291dfc2db264a6f25aca348f74d0f90f8eda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:5f:ca:aa:1c:ce:ae:b7:2a:f7:12:5c:57:81:
7c:ed:84:dc:ad:84:56:52:4a:33:de:83:2e:c8:a7:
bd:e2:b3:7e:b6:33:38:0b:d6:6f:1a:e0:58:a4:9e:
fc:03:cf:10:a8:8e:92:83:4f:3d:f7:2d:99:5f:d1:
83:f0:49:bd:d9:69:b3:c1:b5:60:47:37:99:e7:ff:
c9:bd:9b:7c:9c:db:3d:f0:99:dc:e9:e0:fb:3f:37:
41:a7:5e:7f:4d:4a:cf:8d:8e:c3:91:45:86:6d:78:
ad:6b:82:35:18:fc:86:8c:e2:e5:2d:7e:90:06:10:
85:f7:ba:ee:15:82:8e:b4:22:94:52:ca:a2:96:21:
86:36:2b:ac:e4:1f:93:ba:90:91:a3:53:21:1f:b2:
69:81:62:ac:bc:01:26:e8:37:fc:51:d3:5c:3f:79:
dd:d2:d2:59:f5:22:66:0e:5c:77:94:a4:2a:1a:ec:
2a:4a:d6:22:cc:46:65:68:0e:1d:cd:8d:59:89:91:
b9:49:d2:1a:99:dd:11:d7:14:c8:6a:e4:0c:80:1a:
76:c3:81:bd:1e:42:2b:1e:67:37:61:c3:86:ed:e2:
e0:b6:91:5b:96:5b:14:76:2d:91:98:d0:3d:18:c3:
8e:9f:3f:ca:17:13:fc:78:f7:7e:81:b6:91:32:df:
8b:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:44:29:1D:FC:2D:B2:64:A6:F2:5A:CA:34:8F:74:D0:F9:0F:8E:DA
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/T0QpHfwtsmSm8lrKNI900PkPjto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.220.96.0/20
62.220.120.0/21
81.12.8.0-81.12.27.255
81.12.48.0-81.12.53.255
81.12.58.0/23
87.107.24.0/22
87.107.34.0/23
87.107.40.0/22
87.107.50.0-87.107.53.255
87.107.68.0/22
87.107.88.0/22
87.107.96.0/22
87.107.116.0/23
87.107.120.0-87.107.135.255
87.107.173.0/24
185.60.136.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:8c:d8:b2:18:0d:09:8a:e8:a5:6b:70:cd:ec:2a:aa:c3:33:
c2:12:68:7f:09:02:2b:1a:cf:49:7c:5b:6d:eb:cf:9f:76:e0:
ba:31:f3:b5:da:34:4e:7a:b9:fc:15:f9:a0:ae:ca:55:c2:c5:
5f:7b:cb:4e:59:58:69:d0:ef:9a:4c:68:38:b2:24:b5:94:a5:
c5:b2:0b:d7:32:0c:71:a3:ea:9d:0d:2e:a9:f5:2e:9a:6b:16:
14:79:37:30:b7:c3:47:ba:a5:0d:d0:67:8a:46:07:c0:1a:ed:
40:e5:77:3e:95:c1:c3:55:a4:fa:a7:d6:bf:a0:83:ae:ea:4d:
2b:e0:40:2a:14:4b:b1:44:97:6c:0c:24:ed:c3:09:fc:05:f8:
0d:bf:b0:80:74:ca:66:c8:0b:c7:a5:97:a1:ed:78:9d:56:03:
92:9c:d7:66:39:81:12:7b:4e:f9:70:7a:67:9b:b2:4a:8d:51:
a3:2c:cb:48:b9:dc:93:21:8c:b5:f0:fc:b3:f4:6b:64:fa:60:
22:04:32:e8:f5:c0:4c:6d:00:40:d8:f5:02:57:99:3f:7d:b8:
09:5d:11:bf:a6:4d:27:37:4f:57:ca:9f:6c:a6:82:87:1b:4b:
73:13:e8:b2:dc:89:2b:20:d7:fe:3c:85:b4:f9:f1:a3:a3:70:
09:62:0f:da
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAYVvXbE6fkuUumExrLFXmblMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjMwMTAxMjIwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjQ0MjkxZGZjMmRiMjY0YTZmMjVhY2EzNDhmNzRkMGY5MGY4ZWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1/KqhzOrrcq9xJcV4F87YTcrYRW
Ukoz3oMuyKe94rN+tjM4C9ZvGuBYpJ78A88QqI6Sg0899y2ZX9GD8Em92WmzwbVg
RzeZ5//JvZt8nNs98Jnc6eD7PzdBp15/TUrPjY7DkUWGbXita4I1GPyGjOLlLX6Q
BhCF97ruFYKOtCKUUsqiliGGNius5B+TupCRo1MhH7JpgWKsvAEm6Df8UdNcP3nd
0tJZ9SJmDlx3lKQqGuwqStYizEZlaA4dzY1ZiZG5SdIamd0R1xTIauQMgBp2w4G9
HkIrHmc3YcOG7eLgtpFbllsUdi2RmNA9GMOOnz/KFxP8ePd+gbaRMt+LTQIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFE9EKR38LbJkpvJayjSPdND5D47aMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvVDBRcEhmd3RzbVNtOGxyS05JOTAwUGtQanRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijCBhwQCAAEwgYADBAQ+
3GADBAM+3HgwDAMEA1EMCAMEAlEMGDAMAwQEUQwwAwQBUQw0AwQBUQw6AwQCV2sY
AwQBV2siAwQCV2soMAwDBAFXazIDBAFXazQDBAJXa0QDBAJXa1gDBAJXa2ADBAFX
a3QwDAMEA1dreAMEA1drgAMEAFdrrQMEArk8iDANBgkqhkiG9w0BAQsFAAOCAQEA
G4zYshgNCYropWtwzewqqsMzwhJofwkCKxrPSXxbbevPn3bgujHztdo0Tnq5/BX5
oK7KVcLFX3vLTllYadDvmkxoOLIktZSlxbIL1zIMcaPqnQ0uqfUummsWFHk3MLfD
R7qlDdBnikYHwBrtQOV3PpXBw1Wk+qfWv6CDrupNK+BAKhRLsUSXbAwk7cMJ/AX4
Db+wgHTKZsgLx6WXoe14nVYDkpzXZjmBEntO+XB6Z5uySo1RoyzLSLnckyGMtfD8
s/RrZPpgIgQy6PXATG0AQNj1AleZP324CV0Rv6ZNJzdPV8qfbKaChxtLcxPostyJ
KyDX/jyFtPnxo6NwCWIP2g==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:17 2025 by rpki-client