Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/dGwSLvSV_A-OOzbfgfnkuT5uh4E.roa
File: dGwSLvSV_A-OOzbfgfnkuT5uh4E.roa (raw, json)
Hash identifier: 28bnwRbOTi9vi90vGvGPvwyusJi+2IOL+yIU586VyLQ=
Subject key identifier: 74:6C:12:2E:F4:95:FC:0F:8E:3B:36:DF:81:F9:E4:B9:3E:6E:87:81
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 01852509276599BF09ABF9E4C6F9D0016FEF
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/dGwSLvSV_A-OOzbfgfnkuT5uh4E.roa
Signing time: Sun 18 Dec 2022 11:40:34 +0000
ROA not before: Sun 18 Dec 2022 11:40:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212063
IP address blocks: 87.107.54.0/24 maxlen: 24
87.107.172.0/24 maxlen: 24
87.107.189.0/24 maxlen: 24
87.107.188.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:25:09:27:65:99:bf:09:ab:f9:e4:c6:f9:d0:01:6f:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Dec 18 11:40:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=746c122ef495fc0f8e3b36df81f9e4b93e6e8781
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:0d:1a:0b:6e:a2:8a:ab:b1:42:19:e9:65:d7:
24:b8:a8:de:df:18:a9:8b:9d:de:7b:50:91:15:83:
38:e6:d6:89:a3:4e:b1:c0:37:74:a6:dc:32:8c:af:
4d:31:b1:e9:0e:b0:05:60:84:9e:4a:c9:f2:7e:93:
ae:fa:c6:b3:20:34:c4:f9:5c:7f:fa:09:d0:55:cb:
a0:65:f9:56:c1:7a:2b:7e:61:d4:50:03:35:65:e3:
b6:65:03:12:97:a9:80:29:c2:d4:f9:72:1f:f9:0e:
ff:61:56:af:ad:71:ce:bb:23:9f:df:7e:49:08:f3:
34:a4:d9:d0:56:70:fa:3e:07:0e:b4:b2:6a:4d:1f:
e1:07:b2:bc:f7:cb:4a:cb:a6:fd:c2:b6:af:fb:26:
0c:54:3b:b0:58:88:c5:fb:ed:1b:90:29:ee:9b:4e:
10:0e:94:68:23:9c:01:63:51:5a:ae:35:d5:88:9d:
32:f9:df:f0:36:6d:b1:d6:15:cf:2b:b5:36:17:39:
a5:be:52:08:96:26:60:0e:53:c7:9a:ec:72:31:06:
2c:d7:88:41:5c:4a:26:5b:91:9b:5c:16:29:b5:c6:
80:0a:a5:83:93:f1:9b:73:53:f6:e6:0b:be:b3:b7:
22:c0:a5:45:c0:36:45:15:9a:c1:6a:05:ae:b8:a9:
be:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:6C:12:2E:F4:95:FC:0F:8E:3B:36:DF:81:F9:E4:B9:3E:6E:87:81
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/dGwSLvSV_A-OOzbfgfnkuT5uh4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.107.54.0/24
87.107.172.0/24
87.107.188.0/23
Signature Algorithm: sha256WithRSAEncryption
80:3e:44:f9:f9:cf:d4:e1:17:fc:14:9e:7b:35:41:e9:94:a2:
b3:f3:e1:fd:b6:24:96:0c:57:26:0a:bd:df:aa:c5:0f:d8:59:
88:e5:ea:6b:b3:27:4b:52:52:2e:a4:3e:4d:bb:19:8e:2c:a5:
f8:65:5e:98:ac:50:5b:6d:42:ff:18:84:56:05:a4:4d:98:3b:
aa:f3:19:5e:84:e2:c0:c9:4a:ef:e2:c2:67:52:aa:c5:9f:ca:
9b:68:d1:9c:dd:21:7c:fb:10:0b:0a:9e:2a:2b:0b:c5:84:28:
e1:1b:8d:95:3f:87:eb:de:de:0a:4b:43:2b:cf:16:65:e2:03:
9c:dc:57:6b:87:54:0c:b0:89:f3:c4:e1:6f:c6:48:52:ab:65:
ca:4d:d9:e8:b4:e2:4e:a1:46:37:f4:14:53:fd:e1:e1:7f:e1:
ce:f0:93:01:52:05:6d:a4:d0:33:c7:4a:4a:60:0a:89:23:5b:
11:e9:55:db:d6:79:27:0f:32:ca:41:a3:d6:4a:63:60:b7:24:
63:43:18:56:1d:d5:1f:4c:18:05:5f:ed:c6:2d:fa:5b:18:ae:
3e:54:ae:09:be:12:6d:6b:fa:d4:c2:68:a3:23:96:b6:cb:39:
c8:de:36:b2:2b:a3:34:0b:f9:80:13:98:5f:37:06:96:d0:30:
d9:dd:e6:13
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYUlCSdlmb8Jq/nkxvnQAW/vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjIxMjE4MTE0MDM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDZjMTIyZWY0OTVmYzBmOGUzYjM2ZGY4MWY5ZTRiOTNlNmU4NzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjg0aC26iiquxQhnpZdckuKje3xip
i53ee1CRFYM45taJo06xwDd0ptwyjK9NMbHpDrAFYISeSsnyfpOu+sazIDTE+Vx/
+gnQVcugZflWwXorfmHUUAM1ZeO2ZQMSl6mAKcLU+XIf+Q7/YVavrXHOuyOf335J
CPM0pNnQVnD6PgcOtLJqTR/hB7K898tKy6b9wrav+yYMVDuwWIjF++0bkCnum04Q
DpRoI5wBY1FarjXViJ0y+d/wNm2x1hXPK7U2FzmlvlIIliZgDlPHmuxyMQYs14hB
XEomW5GbXBYptcaACqWDk/Gbc1P25gu+s7ciwKVFwDZFFZrBagWuuKm+EQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHRsEi70lfwPjjs234H55Lk+boeBMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvZEd3U0x2U1ZfQS1PT3piZmdmbmt1VDV1aDRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAV2s2AwQA
V2usAwQBV2u8MA0GCSqGSIb3DQEBCwUAA4IBAQCAPkT5+c/U4Rf8FJ57NUHplKKz
8+H9tiSWDFcmCr3fqsUP2FmI5eprsydLUlIupD5NuxmOLKX4ZV6YrFBbbUL/GIRW
BaRNmDuq8xlehOLAyUrv4sJnUqrFn8qbaNGc3SF8+xALCp4qKwvFhCjhG42VP4fr
3t4KS0MrzxZl4gOc3Fdrh1QMsInzxOFvxkhSq2XKTdnotOJOoUY39BRT/eHhf+HO
8JMBUgVtpNAzx0pKYAqJI1sR6VXb1nknDzLKQaPWSmNgtyRjQxhWHdUfTBgFX+3G
LfpbGK4+VK4JvhJta/rUwmijI5a2yznI3jayK6M0C/mAE5hfNwaW0DDZ3eYT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:56 2024 by rpki-client on console-fra.rpki-client.org