Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/sHb2qaIc2tzPzLXWAS9p3BkskC0.roa
File: sHb2qaIc2tzPzLXWAS9p3BkskC0.roa (raw, json)
Hash identifier: mkRTVVu7ZC5RjvhvtT4NQYAEpuHSLdJ5/EuWsvcrjPE=
Subject key identifier: B0:76:F6:A9:A2:1C:DA:DC:CF:CC:B5:D6:01:2F:69:DC:19:2C:90:2D
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 0183FE4B4F108D043B6998BEBEDD0DBFF2CA
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/sHb2qaIc2tzPzLXWAS9p3BkskC0.roa
Signing time: Sat 22 Oct 2022 06:04:51 +0000
ROA not before: Sat 22 Oct 2022 06:04:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48944
IP address blocks: 87.107.148.0/22 maxlen: 24
81.12.112.0/22 maxlen: 22
87.107.176.0/21 maxlen: 21
87.107.184.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:fe:4b:4f:10:8d:04:3b:69:98:be:be:dd:0d:bf:f2:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Oct 22 06:04:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b076f6a9a21cdadccfccb5d6012f69dc192c902d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:21:1e:3e:b2:a0:cc:c9:5d:bb:97:ed:b6:8e:
b9:a4:71:d6:a5:1e:1e:1d:e0:cc:2a:5e:41:ea:13:
40:94:28:74:e7:d1:0f:7e:10:11:fb:84:54:01:a3:
1b:1e:5b:ca:e1:d7:f3:10:34:82:57:5e:95:70:d1:
a3:cb:80:e6:32:25:04:25:f8:8a:76:21:33:65:78:
88:34:6c:52:e7:e3:24:e0:2c:fe:30:f0:2d:e1:ef:
af:14:70:05:a9:47:a0:90:e5:ad:c9:37:91:c6:da:
74:70:4f:3e:ea:62:b9:50:46:fa:19:7e:42:9a:25:
db:96:95:ef:ae:4e:76:d2:e4:76:5b:4d:dd:95:74:
81:7c:44:90:1b:e9:c0:b9:77:9d:6e:de:be:31:8e:
71:6f:6d:ae:ba:1c:02:2b:c8:12:62:8e:3d:18:7e:
45:ec:52:e0:16:70:38:ec:12:ee:88:4d:ca:22:76:
ee:10:56:d5:32:c6:a5:d7:56:73:a1:da:b4:04:20:
e9:e6:ce:d4:2c:ae:ee:33:66:ce:4b:aa:93:e3:ba:
0b:b3:69:80:c4:9f:2d:7f:dc:58:3c:cd:1f:b6:e6:
83:a5:0f:12:49:85:fe:aa:27:25:be:99:9a:55:03:
cb:9f:f8:88:40:e1:aa:b9:57:80:6a:16:b2:f2:c7:
74:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:76:F6:A9:A2:1C:DA:DC:CF:CC:B5:D6:01:2F:69:DC:19:2C:90:2D
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/sHb2qaIc2tzPzLXWAS9p3BkskC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.12.112.0/22
87.107.148.0/22
87.107.176.0-87.107.187.255
Signature Algorithm: sha256WithRSAEncryption
ac:16:4f:b1:a5:f1:63:69:f4:02:59:1b:b4:1a:10:23:d3:f6:
6d:58:ed:91:2e:9d:50:1b:df:93:4f:8c:f0:dd:a9:76:a5:92:
4e:f8:ac:af:c8:b1:75:d5:c1:30:42:b1:37:7a:95:cb:52:86:
8d:ea:f1:da:e5:a2:c7:de:f5:ef:fa:7e:a9:61:d7:78:ef:16:
ca:f2:28:17:08:9a:06:4f:b8:51:9d:af:79:6e:82:9e:8a:3a:
4d:ab:34:e1:b8:06:ee:3a:1c:15:0d:0c:aa:10:51:b3:ab:ea:
8d:9d:75:e5:d1:5d:f2:13:d7:73:ee:8f:6a:c6:cc:5c:5e:79:
f6:84:3f:8a:ac:20:fd:63:79:e3:33:7b:f7:f7:ae:3c:17:ab:
ed:07:9a:31:2e:5f:39:9a:97:e0:73:bf:ee:cd:37:89:ce:13:
75:3d:64:fa:f4:7d:68:07:94:28:21:55:9e:3d:08:72:b7:ef:
9d:17:49:1f:1f:ce:6e:6a:d8:c0:28:8e:81:e0:4d:b0:d3:f6:
d6:21:fc:53:fd:49:cd:7e:0e:8b:ed:a6:70:e5:89:c5:2a:ec:
36:29:88:34:fd:34:d2:14:8d:ec:01:8e:c5:26:65:21:7f:c1:
27:2b:0f:3f:e2:f7:99:f5:69:f4:76:e5:93:64:f6:18:3e:b2:
bf:80:94:a1
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYP+S08QjQQ7aZi+vt0Nv/LKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjIxMDIyMDYwNDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDc2ZjZhOWEyMWNkYWRjY2ZjY2I1ZDYwMTJmNjlkYzE5MmM5MDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCEePrKgzMldu5ftto65pHHWpR4e
HeDMKl5B6hNAlCh059EPfhAR+4RUAaMbHlvK4dfzEDSCV16VcNGjy4DmMiUEJfiK
diEzZXiINGxS5+Mk4Cz+MPAt4e+vFHAFqUegkOWtyTeRxtp0cE8+6mK5UEb6GX5C
miXblpXvrk520uR2W03dlXSBfESQG+nAuXedbt6+MY5xb22uuhwCK8gSYo49GH5F
7FLgFnA47BLuiE3KInbuEFbVMsal11Zzodq0BCDp5s7ULK7uM2bOS6qT47oLs2mA
xJ8tf9xYPM0ftuaDpQ8SSYX+qiclvpmaVQPLn/iIQOGquVeAahay8sd0XQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLB29qmiHNrcz8y11gEvadwZLJAtMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvc0hiMnFhSWMydHpQekxYV0FTOXAzQmtza0MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCUQxwAwQC
V2uUMAwDBARXa7ADBAJXa7gwDQYJKoZIhvcNAQELBQADggEBAKwWT7Gl8WNp9AJZ
G7QaECPT9m1Y7ZEunVAb35NPjPDdqXalkk74rK/IsXXVwTBCsTd6lctSho3q8drl
osfe9e/6fqlh13jvFsryKBcImgZPuFGdr3lugp6KOk2rNOG4Bu46HBUNDKoQUbOr
6o2ddeXRXfIT13Puj2rGzFxeefaEP4qsIP1jeeMze/f3rjwXq+0HmjEuXzmal+Bz
v+7NN4nOE3U9ZPr0fWgHlCghVZ49CHK3750XSR8fzm5q2MAojoHgTbDT9tYh/FP9
Sc1+DovtpnDlicUq7DYpiDT9NNIUjewBjsUmZSF/wScrDz/i95n1afR25ZNk9hg+
sr+AlKE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:12 2025 by rpki-client