Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/b9OxglMK77h2gigNKJDls5Fls28.roa
File: b9OxglMK77h2gigNKJDls5Fls28.roa (raw, json)
Hash identifier: b7zj+lPXa9GZ7ld9uezjKOdSVr3qLbCgGFM9rEnKZ4w=
Subject key identifier: 6F:D3:B1:82:53:0A:EF:B8:76:82:28:0D:28:90:E5:B3:91:65:B3:6F
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 01856F5DB0A0D40D5C2CCC9BA9155D26090D
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/b9OxglMK77h2gigNKJDls5Fls28.roa
Signing time: Sun 01 Jan 2023 22:04:49 +0000
ROA not before: Sun 01 Jan 2023 22:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16322
IP address blocks: 87.107.134.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:b0:a0:d4:0d:5c:2c:cc:9b:a9:15:5d:26:09:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Jan 1 22:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6fd3b182530aefb87682280d2890e5b39165b36f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:44:15:b1:e5:aa:be:90:53:59:da:09:de:3d:
e0:df:9c:61:4e:fb:81:06:46:6c:66:89:4b:dc:70:
c6:87:8e:05:cc:47:a0:ea:db:d1:b2:b8:0d:2a:81:
e0:cf:76:cb:74:03:62:72:fa:79:6e:43:f3:94:ed:
58:1c:b2:55:8c:1d:3d:2b:a5:be:d6:5b:30:56:c9:
1e:0a:0b:5b:2d:c8:ad:58:9d:1d:6e:5b:25:95:ae:
51:af:6a:f0:cd:ee:27:7c:1e:4e:a7:dc:c2:4d:ea:
74:37:7b:1f:13:56:2c:b2:5e:f4:57:0b:a3:e3:e5:
b3:b1:51:be:f6:b6:6b:bd:29:26:86:68:4f:2a:0c:
5d:63:4b:d1:33:09:4f:4a:4d:35:7b:98:ce:6a:0d:
60:94:a3:3b:42:12:fd:6a:1c:73:0a:ac:e5:5a:ad:
9e:df:68:3a:ac:2f:5c:0d:d7:09:cc:b4:01:ad:ca:
08:ef:be:a5:89:f9:7b:fb:f9:b7:5b:0e:d7:b9:a2:
6d:79:f0:de:58:5b:ea:0a:2e:6d:f8:6c:69:ad:7f:
7a:cd:ed:df:5e:55:77:fe:39:b0:2c:19:3c:3a:e5:
4a:2f:a1:66:04:f8:f4:63:cf:a8:b6:9a:6c:8d:1f:
98:6d:96:96:d6:ce:1b:c3:09:c4:6c:55:ab:4f:d6:
05:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:D3:B1:82:53:0A:EF:B8:76:82:28:0D:28:90:E5:B3:91:65:B3:6F
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/b9OxglMK77h2gigNKJDls5Fls28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.107.134.0/23
Signature Algorithm: sha256WithRSAEncryption
b5:a5:31:3f:f3:10:d0:f8:22:85:e5:ad:f7:f4:66:1a:2d:ca:
61:94:cb:d3:84:a9:ec:c1:7d:d3:c7:0a:00:30:00:07:94:f3:
72:72:12:35:d4:c0:aa:90:a1:1d:db:70:3d:de:51:b2:94:a6:
be:fb:d6:93:93:76:e1:f7:ca:08:7d:59:49:3b:f9:77:65:f5:
a5:03:c9:06:9f:c5:52:76:34:86:a6:3a:56:ab:04:26:94:3d:
44:7c:31:9e:58:39:91:aa:a1:3e:71:fa:50:30:cb:50:0f:a1:
0a:19:65:6b:d8:a1:28:79:f9:8d:25:d2:a9:48:f2:0d:7e:d5:
33:64:e1:99:2f:b6:f1:95:09:f3:92:ef:5d:5f:34:49:05:3c:
e2:de:50:98:72:d6:90:29:f3:c8:08:5b:22:35:e1:f1:18:53:
1e:16:80:f3:a1:fc:88:64:9d:fa:11:00:b5:f4:2b:cf:ce:98:
ec:cc:25:6a:f0:34:6c:60:fc:d6:77:4e:96:82:55:e7:cc:b9:
23:da:4f:c4:58:d6:1a:c4:97:73:1e:6a:27:e1:35:7e:22:0c:
a8:a2:44:f4:bd:5e:b1:a9:13:c7:43:c5:e4:3d:a3:c9:f4:b2:
c5:b0:1d:ba:fa:a8:56:63:de:5a:be:1b:d3:43:87:14:24:c6:
bf:33:09:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvXbCg1A1cLMybqRVdJgkNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjMwMTAxMjIwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmQzYjE4MjUzMGFlZmI4NzY4MjI4MGQyODkwZTViMzkxNjViMzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkQVseWqvpBTWdoJ3j3g35xhTvuB
BkZsZolL3HDGh44FzEeg6tvRsrgNKoHgz3bLdANicvp5bkPzlO1YHLJVjB09K6W+
1lswVskeCgtbLcitWJ0dblslla5Rr2rwze4nfB5Op9zCTep0N3sfE1Yssl70Vwuj
4+WzsVG+9rZrvSkmhmhPKgxdY0vRMwlPSk01e5jOag1glKM7QhL9ahxzCqzlWq2e
32g6rC9cDdcJzLQBrcoI776lifl7+/m3Ww7XuaJtefDeWFvqCi5t+GxprX96ze3f
XlV3/jmwLBk8OuVKL6FmBPj0Y8+otppsjR+YbZaW1s4bwwnEbFWrT9YFsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG/TsYJTCu+4doIoDSiQ5bORZbNvMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvYjlPeGdsTUs3N2gyZ2lnTktKRGxzNUZsczI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBV2uGMA0G
CSqGSIb3DQEBCwUAA4IBAQC1pTE/8xDQ+CKF5a339GYaLcphlMvThKnswX3TxwoA
MAAHlPNychI11MCqkKEd23A93lGylKa++9aTk3bh98oIfVlJO/l3ZfWlA8kGn8VS
djSGpjpWqwQmlD1EfDGeWDmRqqE+cfpQMMtQD6EKGWVr2KEoefmNJdKpSPINftUz
ZOGZL7bxlQnzku9dXzRJBTzi3lCYctaQKfPICFsiNeHxGFMeFoDzofyIZJ36EQC1
9CvPzpjszCVq8DRsYPzWd06WglXnzLkj2k/EWNYaxJdzHmon4TV+IgyookT0vV6x
qRPHQ8XkPaPJ9LLFsB26+qhWY95avhvTQ4cUJMa/Mwmm
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:22:37 2025 by rpki-client