Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/1kRYIOXvdxqYJAFU-Ne9ZqpwW6c.roa
File: 1kRYIOXvdxqYJAFU-Ne9ZqpwW6c.roa (raw, json)
Hash identifier: UTijrUDBTvkdPzAqo6F64DQ3XvF2pb9Wvd9UX+BHTS0=
Subject key identifier: D6:44:58:20:E5:EF:77:1A:98:24:01:54:F8:D7:BD:66:AA:70:5B:A7
Certificate issuer: /CN=ff31492473a78c6fe9f539f9fa7d2252560a2b7e
Certificate serial: 063E8D14
Authority key identifier: FF:31:49:24:73:A7:8C:6F:E9:F5:39:F9:FA:7D:22:52:56:0A:2B:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_zFJJHOnjG_p9Tn5-n0iUlYKK34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/1kRYIOXvdxqYJAFU-Ne9ZqpwW6c.roa
Signing time: Thu 03 Feb 2022 23:20:16 +0000
ROA not before: Thu 03 Feb 2022 23:20:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44716
IP address blocks: 87.225.128.0/17 maxlen: 17
212.42.224.0/19 maxlen: 24
212.42.244.0/24 maxlen: 24
212.21.64.0/19 maxlen: 24
2001:bf0::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 104762644 (0x63e8d14)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff31492473a78c6fe9f539f9fa7d2252560a2b7e
Validity
Not Before: Feb 3 23:20:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d6445820e5ef771a98240154f8d7bd66aa705ba7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:78:c6:7b:a6:de:c3:4d:c6:44:e2:c5:64:98:
5c:78:27:ca:6c:9e:8f:66:e3:84:b6:62:d3:8b:78:
0c:89:0b:f9:26:02:db:3b:c3:8e:f8:9d:65:12:17:
ff:11:99:72:a5:b5:78:f6:b9:07:f4:1a:4e:de:49:
45:08:ed:f1:d6:cf:be:06:5a:8a:8e:6b:f4:0f:71:
fc:bc:9c:7e:43:41:13:ff:7a:a1:14:cb:8a:f4:b0:
2a:47:d2:85:0d:10:9f:e4:97:35:6f:07:0e:6c:47:
64:23:98:7f:11:66:62:e4:12:92:73:b4:42:9f:3a:
49:d6:b4:ee:e8:5d:27:5e:ec:be:4b:5f:d3:02:63:
b8:91:5d:4f:0f:6e:7e:8a:cb:b9:3e:61:09:a3:2b:
de:0a:e5:63:63:1d:70:36:ea:38:e6:92:4b:fe:5f:
a3:b5:c6:f1:4d:6c:a2:6b:79:30:d2:96:98:a0:20:
2d:d5:5d:91:40:54:85:d0:a9:0e:ca:6c:11:a4:27:
75:a7:6d:b9:8c:0b:d9:7a:9c:02:83:86:b1:db:65:
06:dd:3f:6c:59:58:c1:ce:f0:86:76:95:9f:30:85:
40:b8:be:57:51:bc:bf:1e:f4:4c:60:13:e3:b8:85:
0e:a5:01:a9:2e:eb:1f:14:c8:4b:37:6b:27:f0:30:
5c:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:44:58:20:E5:EF:77:1A:98:24:01:54:F8:D7:BD:66:AA:70:5B:A7
X509v3 Authority Key Identifier:
keyid:FF:31:49:24:73:A7:8C:6F:E9:F5:39:F9:FA:7D:22:52:56:0A:2B:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_zFJJHOnjG_p9Tn5-n0iUlYKK34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/1kRYIOXvdxqYJAFU-Ne9ZqpwW6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/_zFJJHOnjG_p9Tn5-n0iUlYKK34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.225.128.0/17
212.21.64.0/19
212.42.224.0/19
IPv6:
2001:bf0::/29
Signature Algorithm: sha256WithRSAEncryption
40:5c:03:ee:01:b3:ee:05:3a:15:42:46:44:a9:26:60:f1:b4:
28:97:d0:37:b0:39:7b:12:0b:ad:1b:7c:19:36:79:a6:dd:ed:
d3:17:52:37:20:b5:20:e2:46:44:90:7e:df:2d:49:fb:92:30:
bb:2f:36:12:a0:53:09:43:8e:dc:9c:9e:39:06:f1:d6:ca:7f:
0d:fb:67:0d:cf:f2:43:f7:5c:9b:91:1b:00:e3:54:98:59:00:
f3:9a:f2:11:44:98:72:ce:25:67:57:e3:82:37:e4:f9:1d:c2:
0f:82:1d:0c:41:61:28:4b:7f:3a:3d:a1:0b:5f:94:72:b2:46:
85:43:24:4f:ac:df:76:56:0c:6d:71:ca:4f:f1:2e:3f:76:9f:
b4:d3:27:36:1c:b4:43:dc:72:d4:78:cb:25:3d:d3:08:78:00:
b1:0f:4c:87:14:98:32:1f:25:7a:94:92:c0:d1:9e:ae:5f:17:
f2:42:58:61:2d:6b:c1:ab:86:4a:5c:ac:5f:cf:d2:66:88:fe:
9a:47:30:3b:d5:59:32:e2:6e:0c:98:32:ff:ca:f0:3a:0c:7a:
a9:95:74:ab:42:34:59:cf:13:bd:c7:34:69:51:f8:1d:04:8c:
bf:d6:ca:ea:ef:97:cb:5e:1a:d5:b0:ae:e9:0f:2d:70:66:52:
63:e7:ef:70
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEBj6NFDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZjMxNDkyNDczYTc4YzZmZTlmNTM5ZjlmYTdkMjI1MjU2MGEyYjdlMB4XDTIyMDIw
MzIzMjAxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDY0NDU4MjBlNWVm
NzcxYTk4MjQwMTU0ZjhkN2JkNjZhYTcwNWJhNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIh4xnum3sNNxkTixWSYXHgnymyej2bjhLZi04t4DIkL+SYC
2zvDjvidZRIX/xGZcqW1ePa5B/QaTt5JRQjt8dbPvgZaio5r9A9x/LycfkNBE/96
oRTLivSwKkfShQ0Qn+SXNW8HDmxHZCOYfxFmYuQSknO0Qp86Sda07uhdJ17svktf
0wJjuJFdTw9uforLuT5hCaMr3grlY2MdcDbqOOaSS/5fo7XG8U1somt5MNKWmKAg
LdVdkUBUhdCpDspsEaQndadtuYwL2XqcAoOGsdtlBt0/bFlYwc7whnaVnzCFQLi+
V1G8vx70TGAT47iFDqUBqS7rHxTISzdrJ/AwXA0CAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBTWRFgg5e93GpgkAVT4171mqnBbpzAfBgNVHSMEGDAWgBT/MUkkc6eMb+n1
Ofn6fSJSVgorfjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L196RkpKSE9uakdfcDlUbjUtbjBpVWxZS0szNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzMvMWI0MTA1LTM0NzEtNDU5Mi1iZjA3LTczZmQzYmMxOWFhNy8x
LzFrUllJT1h2ZHhxWUpBRlUtTmU5WnFwd1c2Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMv
MWI0MTA1LTM0NzEtNDU5Mi1iZjA3LTczZmQzYmMxOWFhNy8xL196RkpKSE9uakdf
cDlUbjUtbjBpVWxZS0szNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEB1fhgAMEBdQVQAMEBdQq4DANBAIA
AjAHAwUDIAEL8DANBgkqhkiG9w0BAQsFAAOCAQEAQFwD7gGz7gU6FUJGRKkmYPG0
KJfQN7A5exILrRt8GTZ5pt3t0xdSNyC1IOJGRJB+3y1J+5Iwuy82EqBTCUOO3Jye
OQbx1sp/DftnDc/yQ/dcm5EbAONUmFkA85ryEUSYcs4lZ1fjgjfk+R3CD4IdDEFh
KEt/Oj2hC1+UcrJGhUMkT6zfdlYMbXHKT/EuP3aftNMnNhy0Q9xy1HjLJT3TCHgA
sQ9MhxSYMh8lepSSwNGerl8X8kJYYS1rwauGSlysX8/SZoj+mkcwO9VZMuJuDJgy
/8rwOgx6qZV0q0I0Wc8Tvcc0aVH4HQSMv9bK6u+Xy14a1bCu6Q8tcGZSY+fvcA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:28 2023 by rpki-client on console-fra.rpki-client.org