Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/hKl2n2nJAUtqDIwL3cXA8lSZGs8.roa
File: hKl2n2nJAUtqDIwL3cXA8lSZGs8.roa (raw, json)
Hash identifier: 0FXwR7/scRLO+cEI1d/x1KNFT1Ipl2QGs/Wn6YjG4HM=
Subject key identifier: 84:A9:76:9F:69:C9:01:4B:6A:0C:8C:0B:DD:C5:C0:F2:54:99:1A:CF
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 018824A5ACF72FD0D8EB901F74746CA01E62
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/hKl2n2nJAUtqDIwL3cXA8lSZGs8.roa
Signing time: Tue 16 May 2023 13:00:17 +0000
ROA not before: Tue 16 May 2023 13:00:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21341
IP address blocks: 87.107.42.0/23 maxlen: 23
87.107.41.0/24 maxlen: 24
87.107.40.0/24 maxlen: 24
87.107.51.0/24 maxlen: 24
87.107.50.0/23 maxlen: 24
87.107.50.0/24 maxlen: 24
87.107.52.0/23 maxlen: 23
87.107.68.0/22 maxlen: 24
87.107.88.0/22 maxlen: 22
87.107.24.0/22 maxlen: 22
87.107.34.0/23 maxlen: 23
62.220.120.0/22 maxlen: 22
62.220.124.0/23 maxlen: 23
87.107.168.0/22 maxlen: 24
87.107.173.0/24 maxlen: 24
185.60.136.0/24 maxlen: 24
185.60.139.0/24 maxlen: 24
185.60.138.0/24 maxlen: 24
185.60.137.0/24 maxlen: 24
87.107.96.0/22 maxlen: 24
87.107.112.0/22 maxlen: 24
87.107.108.0/22 maxlen: 23
87.107.116.0/23 maxlen: 23
87.107.120.0/21 maxlen: 24
87.107.122.0/24 maxlen: 24
87.107.128.0/22 maxlen: 22
87.107.132.0/22 maxlen: 22
62.220.96.0/21 maxlen: 24
62.220.104.0/21 maxlen: 24
81.12.8.0/22 maxlen: 22
81.12.12.0/22 maxlen: 22
81.12.16.0/21 maxlen: 21
81.12.24.0/22 maxlen: 22
81.12.48.0/22 maxlen: 22
81.12.58.0/24 maxlen: 24
81.12.52.0/23 maxlen: 23
81.12.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:24:a5:ac:f7:2f:d0:d8:eb:90:1f:74:74:6c:a0:1e:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: May 16 13:00:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84a9769f69c9014b6a0c8c0bddc5c0f254991acf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:1a:f0:ec:49:f3:c2:c4:26:2e:5b:ce:c8:93:
9c:5d:2b:91:24:76:dc:f2:dc:a9:e3:4f:e3:06:2b:
b4:6d:02:fc:d3:74:cc:47:5d:4d:e3:18:91:ed:60:
48:e6:ce:2b:fc:eb:79:5f:e3:1b:4f:c8:0e:12:bc:
05:3b:7a:a5:93:d4:cd:3c:03:60:0b:11:9c:1d:54:
e1:01:2a:e0:99:2b:ad:a8:c2:16:9b:10:b4:9a:88:
43:f1:97:e1:6c:bf:82:23:3d:34:fe:77:a5:d2:5f:
d2:e2:f0:02:61:a5:79:46:d9:89:9f:a9:ca:61:2f:
ff:da:65:85:3b:4c:15:4c:40:ac:1b:9d:bf:69:f9:
81:2a:16:85:1d:49:43:78:70:c4:91:d2:98:64:c6:
ae:22:69:ca:62:09:f7:ab:0c:cc:7d:dc:09:cd:b4:
ab:61:ff:85:f4:92:f6:95:26:bb:c9:00:de:cf:57:
c2:2e:94:70:9a:ef:34:09:08:b0:dc:f6:96:2f:73:
aa:f5:7f:da:d0:29:81:46:df:25:3d:40:ab:40:92:
47:1c:a5:74:fb:0c:b5:02:af:e0:8e:02:1f:cf:30:
ff:2d:50:38:ab:af:08:f3:f8:2c:e5:5c:de:95:df:
6a:36:f5:33:1c:02:af:06:c3:5f:b8:a7:8c:9a:af:
bb:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:A9:76:9F:69:C9:01:4B:6A:0C:8C:0B:DD:C5:C0:F2:54:99:1A:CF
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/hKl2n2nJAUtqDIwL3cXA8lSZGs8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.220.96.0/20
62.220.120.0-62.220.125.255
81.12.8.0-81.12.27.255
81.12.48.0-81.12.53.255
81.12.58.0/23
87.107.24.0/22
87.107.34.0/23
87.107.40.0/22
87.107.50.0-87.107.53.255
87.107.68.0/22
87.107.88.0/22
87.107.96.0/22
87.107.108.0-87.107.117.255
87.107.120.0-87.107.135.255
87.107.168.0/22
87.107.173.0/24
185.60.136.0/22
Signature Algorithm: sha256WithRSAEncryption
21:4a:e5:a6:ef:02:ba:d3:ac:cf:20:02:aa:6c:54:4e:3a:5a:
a4:03:09:11:f5:a4:dd:43:94:d7:e9:83:3c:9c:4d:8e:2d:70:
50:53:93:e2:d0:89:8e:0c:78:3b:03:aa:51:98:7a:7d:f6:53:
5d:ea:21:ca:48:8c:d1:b1:0e:cc:d5:8c:25:c8:ec:0d:53:9d:
b9:0d:fb:3a:24:03:85:84:b9:5d:ba:12:2a:3b:cd:68:53:f1:
3e:8c:57:2a:52:22:a6:05:b5:a8:7b:4e:a8:eb:d1:03:71:68:
a1:9e:86:f1:0f:a2:2c:b7:8d:7c:e1:af:6e:61:6f:ab:4d:af:
d7:c9:c0:69:16:f4:68:e6:69:c0:1b:96:65:dd:6e:78:de:c7:
66:eb:b2:96:1c:c9:61:16:ac:06:cb:4a:87:0d:4e:84:c9:80:
5f:a8:3a:54:88:79:8c:70:d5:9b:51:c4:fe:a8:f0:74:c3:f6:
84:3c:c0:1d:80:a6:51:4d:4f:54:e9:f6:ff:7a:28:39:5b:46:
57:d2:a9:1e:78:35:48:ed:7b:67:62:43:f6:fd:8d:5f:b6:66:
46:51:e2:bd:2b:00:64:11:2d:0f:e1:a6:a7:91:fa:6c:b1:26:
8b:53:de:ca:9a:6c:51:75:55:73:80:13:f1:99:6e:62:0d:e5:
0e:7a:99:07
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAYgkpaz3L9DY65AfdHRsoB5iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjMwNTE2MTMwMDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGE5NzY5ZjY5YzkwMTRiNmEwYzhjMGJkZGM1YzBmMjU0OTkxYWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Rrw7EnzwsQmLlvOyJOcXSuRJHbc
8typ40/jBiu0bQL803TMR11N4xiR7WBI5s4r/Ot5X+MbT8gOErwFO3qlk9TNPANg
CxGcHVThASrgmSutqMIWmxC0mohD8ZfhbL+CIz00/nel0l/S4vACYaV5RtmJn6nK
YS//2mWFO0wVTECsG52/afmBKhaFHUlDeHDEkdKYZMauImnKYgn3qwzMfdwJzbSr
Yf+F9JL2lSa7yQDez1fCLpRwmu80CQiw3PaWL3Oq9X/a0CmBRt8lPUCrQJJHHKV0
+wy1Aq/gjgIfzzD/LVA4q68I8/gs5Vzeld9qNvUzHAKvBsNfuKeMmq+7wQIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFISpdp9pyQFLagyMC93FwPJUmRrPMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvaEtsMm4ybkpBVXRxREl3TDNjWEE4bFNaR3M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBnQQCAAEwgZYDBAQ+
3GAwDAMEAz7ceAMEAT7cfDAMAwQDUQwIAwQCUQwYMAwDBARRDDADBAFRDDQDBAFR
DDoDBAJXaxgDBAFXayIDBAJXaygwDAMEAVdrMgMEAVdrNAMEAldrRAMEAldrWAME
AldrYDAMAwQCV2tsAwQBV2t0MAwDBANXa3gDBANXa4ADBAJXa6gDBABXa60DBAK5
PIgwDQYJKoZIhvcNAQELBQADggEBACFK5abvArrTrM8gAqpsVE46WqQDCRH1pN1D
lNfpgzycTY4tcFBTk+LQiY4MeDsDqlGYen32U13qIcpIjNGxDszVjCXI7A1TnbkN
+zokA4WEuV26Eio7zWhT8T6MVypSIqYFtah7Tqjr0QNxaKGehvEPoiy3jXzhr25h
b6tNr9fJwGkW9GjmacAblmXdbnjex2brspYcyWEWrAbLSocNToTJgF+oOlSIeYxw
1ZtRxP6o8HTD9oQ8wB2AplFNT1Tp9v96KDlbRlfSqR54NUjte2diQ/b9jV+2ZkZR
4r0rAGQRLQ/hpqeR+myxJotT3sqabFF1VXOAE/GZbmIN5Q56mQc=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:32:49 2025 by rpki-client