Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/U21IadRjShIcXa6A2gVLN2GIQcc.roa
File: U21IadRjShIcXa6A2gVLN2GIQcc.roa (raw, json)
Hash identifier: 7XU+GJoBMbhBgaMMMg+/isnHPkrijMEc8xjfKaDjaIU=
Subject key identifier: 53:6D:48:69:D4:63:4A:12:1C:5D:AE:80:DA:05:4B:37:61:88:41:C7
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 0183FC7026B587383653EAB6ACE6251EFEC7
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/U21IadRjShIcXa6A2gVLN2GIQcc.roa
Signing time: Fri 21 Oct 2022 21:25:51 +0000
ROA not before: Fri 21 Oct 2022 21:25:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21341
IP address blocks: 87.107.42.0/23 maxlen: 23
87.107.41.0/24 maxlen: 24
87.107.40.0/24 maxlen: 24
87.107.51.0/24 maxlen: 24
87.107.50.0/23 maxlen: 23
87.107.50.0/24 maxlen: 24
87.107.52.0/23 maxlen: 23
87.107.68.0/22 maxlen: 22
87.107.88.0/22 maxlen: 22
87.107.24.0/22 maxlen: 22
87.107.34.0/23 maxlen: 23
62.220.120.0/22 maxlen: 22
62.220.124.0/22 maxlen: 22
87.107.173.0/24 maxlen: 24
185.60.136.0/24 maxlen: 24
185.60.139.0/24 maxlen: 24
185.60.138.0/24 maxlen: 24
185.60.137.0/24 maxlen: 24
87.107.96.0/22 maxlen: 22
87.107.116.0/23 maxlen: 23
87.107.120.0/21 maxlen: 21
87.107.122.0/24 maxlen: 24
87.107.128.0/22 maxlen: 22
87.107.132.0/22 maxlen: 22
62.220.96.0/21 maxlen: 21
62.220.104.0/21 maxlen: 21
81.12.8.0/22 maxlen: 22
81.12.12.0/22 maxlen: 22
81.12.16.0/21 maxlen: 21
81.12.24.0/22 maxlen: 22
81.12.48.0/22 maxlen: 22
81.12.58.0/24 maxlen: 24
81.12.52.0/23 maxlen: 23
81.12.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:fc:70:26:b5:87:38:36:53:ea:b6:ac:e6:25:1e:fe:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Oct 21 21:25:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=536d4869d4634a121c5dae80da054b37618841c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:a0:6e:47:43:cc:a2:cd:48:05:13:f3:0a:bc:
72:77:57:3d:bd:65:51:08:23:e8:59:6f:59:25:3c:
d2:86:40:f8:f5:f0:f7:a7:3b:90:ee:70:b3:8c:3b:
38:c2:da:2c:bb:7c:7b:9b:a9:1c:1a:7e:e5:0d:58:
41:d0:78:39:8b:e1:5f:8c:0a:36:42:29:29:f1:0f:
28:7c:f3:c4:3f:b0:5d:17:8f:93:e8:3a:9e:47:58:
6b:43:4e:de:38:78:ea:62:2f:60:9b:a2:75:22:b7:
9c:1a:e0:70:3e:9e:b1:52:7c:10:02:43:2b:f7:fa:
12:54:6d:07:43:54:74:2d:1b:03:9b:7c:a9:c2:1b:
97:98:9b:ec:d8:e8:1b:66:ed:54:8d:ab:72:71:f9:
b0:b0:f3:a2:19:46:12:10:4b:b2:f6:27:40:4b:b2:
b5:b2:f5:36:37:e2:35:63:60:ed:2f:cb:d4:bd:fb:
98:59:63:a0:80:64:6b:e6:ed:50:c5:ee:3c:0d:97:
2d:7e:23:7b:01:f4:cd:49:f9:66:2e:12:20:91:c2:
33:4d:01:62:80:dd:ab:4e:a7:16:cc:da:0e:79:b3:
c8:b6:8f:c4:88:40:fa:bc:85:29:20:5e:5c:5b:1f:
ce:ec:7b:64:52:a4:3e:11:db:f8:a4:a7:f8:74:3d:
73:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:6D:48:69:D4:63:4A:12:1C:5D:AE:80:DA:05:4B:37:61:88:41:C7
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/U21IadRjShIcXa6A2gVLN2GIQcc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.220.96.0/20
62.220.120.0/21
81.12.8.0-81.12.27.255
81.12.48.0-81.12.53.255
81.12.58.0/23
87.107.24.0/22
87.107.34.0/23
87.107.40.0/22
87.107.50.0-87.107.53.255
87.107.68.0/22
87.107.88.0/22
87.107.96.0/22
87.107.116.0/23
87.107.120.0-87.107.135.255
87.107.173.0/24
185.60.136.0/22
Signature Algorithm: sha256WithRSAEncryption
37:26:f7:4c:fb:c9:c5:41:29:81:34:9d:11:a2:39:e0:cd:73:
2d:62:88:f2:9d:0d:19:3c:5d:81:32:81:b4:6f:7e:ad:2c:21:
41:68:fe:c2:85:37:3d:df:93:75:8c:15:37:6b:70:75:80:22:
21:38:f9:e8:07:4b:f0:67:88:e7:44:77:f1:aa:7e:21:2e:ae:
26:c8:fb:ab:dd:4f:73:21:7f:bd:35:86:4f:06:26:1c:24:ff:
80:88:58:65:c8:9a:51:d2:77:4e:9a:44:3c:2a:05:af:bc:8a:
ca:1b:00:13:20:ef:fb:f3:56:30:b5:97:df:22:1b:ed:0d:ab:
4c:b6:68:4b:b7:39:46:a9:18:ea:c2:f8:db:a6:87:f6:25:4d:
66:42:a5:fe:9b:1f:a3:1a:6a:23:8f:d8:94:71:ae:31:c9:85:
e9:e5:38:a3:f5:ab:bf:12:95:ed:20:63:7b:8e:5f:46:65:0d:
61:aa:16:ed:af:f0:42:ec:45:59:d9:5e:0d:aa:64:c4:df:b6:
89:e9:37:05:b9:bc:6f:b8:ce:84:e0:b1:eb:fb:47:60:73:57:
98:dd:6f:fb:a5:cf:db:cd:76:4d:12:af:ad:0f:c4:51:4f:46:
0b:d7:1e:b6:c2:ab:c5:91:0d:4b:51:bb:6e:6b:c6:20:2c:86:
4d:2a:dc:cb
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAYP8cCa1hzg2U+q2rOYlHv7HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjIxMDIxMjEyNTUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzZkNDg2OWQ0NjM0YTEyMWM1ZGFlODBkYTA1NGIzNzYxODg0MWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqBuR0PMos1IBRPzCrxyd1c9vWVR
CCPoWW9ZJTzShkD49fD3pzuQ7nCzjDs4wtosu3x7m6kcGn7lDVhB0Hg5i+FfjAo2
Qikp8Q8ofPPEP7BdF4+T6DqeR1hrQ07eOHjqYi9gm6J1IrecGuBwPp6xUnwQAkMr
9/oSVG0HQ1R0LRsDm3ypwhuXmJvs2OgbZu1UjatycfmwsPOiGUYSEEuy9idAS7K1
svU2N+I1Y2DtL8vUvfuYWWOggGRr5u1Qxe48DZctfiN7AfTNSflmLhIgkcIzTQFi
gN2rTqcWzNoOebPIto/EiED6vIUpIF5cWx/O7HtkUqQ+Edv4pKf4dD1zLQIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFFNtSGnUY0oSHF2ugNoFSzdhiEHHMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvVTIxSWFkUmpTaEljWGE2QTJnVkxOMkdJUWNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijCBhwQCAAEwgYADBAQ+
3GADBAM+3HgwDAMEA1EMCAMEAlEMGDAMAwQEUQwwAwQBUQw0AwQBUQw6AwQCV2sY
AwQBV2siAwQCV2soMAwDBAFXazIDBAFXazQDBAJXa0QDBAJXa1gDBAJXa2ADBAFX
a3QwDAMEA1dreAMEA1drgAMEAFdrrQMEArk8iDANBgkqhkiG9w0BAQsFAAOCAQEA
Nyb3TPvJxUEpgTSdEaI54M1zLWKI8p0NGTxdgTKBtG9+rSwhQWj+woU3Pd+TdYwV
N2twdYAiITj56AdL8GeI50R38ap+IS6uJsj7q91PcyF/vTWGTwYmHCT/gIhYZcia
UdJ3TppEPCoFr7yKyhsAEyDv+/NWMLWX3yIb7Q2rTLZoS7c5RqkY6sL426aH9iVN
ZkKl/psfoxpqI4/YlHGuMcmF6eU4o/WrvxKV7SBje45fRmUNYaoW7a/wQuxFWdle
DapkxN+2iek3Bbm8b7jOhOCx6/tHYHNXmN1v+6XP2812TRKvrQ/EUU9GC9cetsKr
xZENS1G7bmvGICyGTSrcyw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:30 2025 by rpki-client