Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/0CdQu-VLK0sf2XC5hDJInPjXzoU.roa
File: 0CdQu-VLK0sf2XC5hDJInPjXzoU.roa (raw, json)
Hash identifier: RQaj+hw/n3eylXhuuGVKT9zgbaAink29TeeZ1Ij/wm4=
Subject key identifier: D0:27:50:BB:E5:4B:2B:4B:1F:D9:70:B9:84:32:48:9C:F8:D7:CE:85
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 0184A57542DAF912EF705BD550AA277DFEEE
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/0CdQu-VLK0sf2XC5hDJInPjXzoU.roa
Signing time: Wed 23 Nov 2022 17:07:16 +0000
ROA not before: Wed 23 Nov 2022 17:07:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20915
IP address blocks: 87.254.25.0/24 maxlen: 24
87.254.2.0/24 maxlen: 24
87.254.0.0/19 maxlen: 19
87.254.10.0/24 maxlen: 24
87.254.11.0/24 maxlen: 24
87.254.13.0/24 maxlen: 24
217.25.0.0/20 maxlen: 20
87.254.19.0/24 maxlen: 24
2a00:eac0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a5:75:42:da:f9:12:ef:70:5b:d5:50:aa:27:7d:fe:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Nov 23 17:07:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d02750bbe54b2b4b1fd970b98432489cf8d7ce85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:f8:fe:18:f9:b0:75:55:2d:c9:57:f4:e3:20:
ae:11:ca:4e:0e:07:6c:e2:13:ec:a7:ff:19:c1:dd:
f3:bf:17:e7:01:67:78:39:a0:cf:28:85:a8:7d:dd:
c3:40:d4:7a:7f:6c:14:19:d8:bc:a2:95:ae:be:c6:
ca:e0:6c:91:04:bb:78:7b:f4:1b:ec:6b:e5:4e:63:
82:b6:d4:11:4a:79:25:bc:0b:bf:1c:57:0e:87:4d:
94:e9:33:4c:02:e0:90:8f:f4:33:31:d0:de:f6:54:
d3:fe:4b:92:7f:a5:32:d1:e9:53:06:8f:6f:ea:48:
52:f2:da:f2:46:91:4e:70:4e:fa:1b:e2:44:16:68:
5b:3d:1f:ed:e3:1d:43:c2:44:8c:9d:27:14:2c:39:
c0:a8:6d:11:43:2f:05:3d:32:f4:f0:61:79:9a:34:
b8:c9:84:09:b2:7f:53:9c:ee:af:05:3b:0a:ca:38:
d7:08:9e:bc:34:4f:47:94:f2:4a:be:df:8a:12:93:
df:e7:27:a1:2c:50:30:81:53:6b:c1:1c:41:72:be:
86:c4:e1:55:bb:19:4d:ee:b3:f8:5c:37:bf:8a:78:
c9:2f:a5:01:b5:65:df:d1:eb:b9:d7:e1:40:ab:4e:
6e:e4:2b:fb:25:d3:3f:65:f8:e9:e4:08:d8:30:7f:
3e:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:27:50:BB:E5:4B:2B:4B:1F:D9:70:B9:84:32:48:9C:F8:D7:CE:85
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/0CdQu-VLK0sf2XC5hDJInPjXzoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.0.0/19
217.25.0.0/20
IPv6:
2a00:eac0::/32
Signature Algorithm: sha256WithRSAEncryption
55:25:11:83:9a:51:6e:96:16:cf:ac:62:fd:95:cc:47:a1:d5:
f4:62:ec:e2:36:4e:9e:3a:8b:47:3e:f0:63:92:4a:0b:a7:84:
08:3d:ea:80:dc:1a:d6:6b:d8:e2:37:1f:a2:5d:fe:ea:e8:36:
8c:80:3a:66:1f:78:64:8e:d5:8a:50:ca:51:ed:bd:c1:6c:c0:
c0:ab:be:85:ed:22:cc:cf:41:ea:13:7b:4c:49:db:0c:3a:c7:
fd:4c:25:db:66:86:b1:53:09:3a:07:93:91:e6:2b:e0:5c:59:
3f:00:da:80:73:80:83:37:41:9b:2d:69:11:2b:dd:12:f7:dd:
cf:05:a5:a4:e4:b4:e1:a8:8a:00:b0:81:5c:8a:32:66:33:06:
dd:1b:25:a8:ad:c8:e2:c2:fc:44:a8:73:ba:df:88:17:0d:00:
20:c9:0e:26:26:ae:12:4b:d3:31:60:b4:5e:a7:27:31:ec:df:
c9:6b:af:ed:e0:7a:c0:c6:87:a0:46:a2:c6:33:80:1b:41:0c:
bb:57:8f:af:a7:f6:d9:b3:15:e3:a6:84:86:f6:4e:01:12:f3:
78:43:ab:aa:72:f7:01:5a:14:eb:2a:3f:56:d9:ce:53:3b:67:
e0:16:30:82:ef:c7:b2:ea:d7:c4:48:c2:13:af:32:e4:82:28:
fc:ef:ed:19
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYSldULa+RLvcFvVUKonff7uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjIxMTIzMTcwNzE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDI3NTBiYmU1NGIyYjRiMWZkOTcwYjk4NDMyNDg5Y2Y4ZDdjZTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfj+GPmwdVUtyVf04yCuEcpODgds
4hPsp/8Zwd3zvxfnAWd4OaDPKIWofd3DQNR6f2wUGdi8opWuvsbK4GyRBLt4e/Qb
7GvlTmOCttQRSnklvAu/HFcOh02U6TNMAuCQj/QzMdDe9lTT/kuSf6Uy0elTBo9v
6khS8tryRpFOcE76G+JEFmhbPR/t4x1DwkSMnScULDnAqG0RQy8FPTL08GF5mjS4
yYQJsn9TnO6vBTsKyjjXCJ68NE9HlPJKvt+KEpPf5yehLFAwgVNrwRxBcr6GxOFV
uxlN7rP4XDe/injJL6UBtWXf0eu51+FAq05u5Cv7JdM/Zfjp5AjYMH8+RQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNAnULvlSytLH9lwuYQySJz4186FMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvMENkUXUtVkxLMHNmMlhDNWhESkluUGpYem9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFV/4AAwQE
2RkAMA0EAgACMAcDBQAqAOrAMA0GCSqGSIb3DQEBCwUAA4IBAQBVJRGDmlFulhbP
rGL9lcxHodX0YuziNk6eOotHPvBjkkoLp4QIPeqA3BrWa9jiNx+iXf7q6DaMgDpm
H3hkjtWKUMpR7b3BbMDAq76F7SLMz0HqE3tMSdsMOsf9TCXbZoaxUwk6B5OR5ivg
XFk/ANqAc4CDN0GbLWkRK90S993PBaWk5LThqIoAsIFcijJmMwbdGyWorcjiwvxE
qHO634gXDQAgyQ4mJq4SS9MxYLRepycx7N/Ja6/t4HrAxoegRqLGM4AbQQy7V4+v
p/bZsxXjpoSG9k4BEvN4Q6uqcvcBWhTrKj9W2c5TO2fgFjCC78ey6tfESMITrzLk
gij87+0Z
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:38 2023 by rpki-client on console-ams.rpki-client.org