Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/1QPPCpdMYaTE5ewyeOkcVwUmtMs.roa
File: 1QPPCpdMYaTE5ewyeOkcVwUmtMs.roa (raw, json)
Hash identifier: aU4/VgrP/TIGVKbTX+dInuBFff+X7sjjGrAE4pzvc8g=
Subject key identifier: D5:03:CF:0A:97:4C:61:A4:C4:E5:EC:32:78:E9:1C:57:05:26:B4:CB
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 01833B1E9F57FC163D9E2CB46177E816BCE5
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/1QPPCpdMYaTE5ewyeOkcVwUmtMs.roa
Signing time: Wed 14 Sep 2022 08:30:05 +0000
ROA not before: Wed 14 Sep 2022 08:30:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 87.254.2.0/24 maxlen: 24
185.210.168.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:3b:1e:9f:57:fc:16:3d:9e:2c:b4:61:77:e8:16:bc:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Sep 14 08:30:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d503cf0a974c61a4c4e5ec3278e91c570526b4cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:8f:6d:7d:33:7b:66:90:27:91:cc:97:19:dd:
9f:59:d7:52:37:fc:bd:07:ad:c5:bf:93:03:68:fc:
67:19:c3:b6:fc:ae:1b:f7:33:cd:a2:f2:77:ff:ff:
64:fb:4d:25:09:d8:63:01:0d:0f:62:94:f0:8e:ee:
62:09:94:0d:2f:41:5f:72:cc:9b:1a:ee:8a:1b:b9:
55:5d:42:61:93:6a:aa:76:da:db:cf:c0:cc:ec:47:
86:f7:6a:c4:0b:eb:69:87:98:f0:b4:04:d7:ea:52:
e9:35:90:23:34:29:cb:8a:02:b1:9e:4f:a0:a9:cf:
5f:9f:f3:ab:77:8d:b3:c1:78:71:ba:a3:94:a8:03:
e7:78:2b:d2:dd:0d:95:92:bc:09:5f:42:72:76:99:
85:4a:0a:e5:f6:b9:f8:b5:8a:ce:81:b7:be:24:da:
47:01:ab:99:b3:8b:9d:d4:b0:72:ab:21:29:41:1e:
db:f6:79:8e:75:ff:3f:ba:08:9f:cc:5e:15:06:2e:
c1:4a:f8:57:2e:0b:18:6e:8e:89:77:b2:cf:01:2b:
b0:89:68:4e:eb:54:96:ea:a1:98:06:ae:a3:63:cb:
7a:44:d4:4a:6d:96:c2:aa:96:d7:99:06:cd:c8:79:
4f:f9:9e:3d:e7:df:2e:cb:1b:1f:d6:11:2e:ef:f9:
cf:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:03:CF:0A:97:4C:61:A4:C4:E5:EC:32:78:E9:1C:57:05:26:B4:CB
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/1QPPCpdMYaTE5ewyeOkcVwUmtMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.2.0/24
185.210.168.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:f0:65:99:d0:89:af:bd:59:e6:aa:a9:de:3a:8e:01:8b:47:
9a:b9:fe:1d:67:30:c6:86:7b:b2:f7:e0:69:27:ed:0e:06:20:
eb:1d:5e:c7:ef:cb:a1:65:63:05:a5:c2:c2:94:b3:9f:83:58:
62:a8:2b:d2:ac:34:2c:da:73:85:39:e7:86:fc:c7:b3:26:e6:
18:4c:8b:ac:27:b9:87:55:97:84:d1:83:4d:f9:9d:c0:9c:8d:
66:64:cf:5c:1f:9b:ea:ff:47:dd:dc:b0:49:5c:7b:dc:a7:17:
8c:ce:c6:25:3d:90:4c:f5:4a:b3:21:c4:0b:e7:b9:b5:f5:3e:
52:64:8f:e3:dd:9f:a4:d6:77:0a:1c:ec:d8:7a:05:b2:ff:1e:
c3:9d:fb:94:01:73:44:ff:2d:89:e5:c7:7b:ab:14:d7:d5:04:
dd:55:ac:63:71:07:c9:de:62:16:b0:45:16:3f:87:81:89:9f:
98:dd:c5:81:f3:17:70:5b:b0:86:b3:0a:bd:0c:3e:49:f5:35:
d0:1d:d5:91:45:89:75:54:78:9a:51:66:72:1f:b8:29:6d:f1:
d7:ce:51:34:3a:aa:23:a7:41:67:89:32:ef:37:d3:4e:80:82:
6b:25:45:c0:f2:ce:7c:22:12:58:d6:40:41:98:2b:c3:ba:6c:
c5:32:50:e0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYM7Hp9X/BY9niy0YXfoFrzlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjIwOTE0MDgzMDA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTAzY2YwYTk3NGM2MWE0YzRlNWVjMzI3OGU5MWM1NzA1MjZiNGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlY9tfTN7ZpAnkcyXGd2fWddSN/y9
B63Fv5MDaPxnGcO2/K4b9zPNovJ3//9k+00lCdhjAQ0PYpTwju5iCZQNL0Ffcsyb
Gu6KG7lVXUJhk2qqdtrbz8DM7EeG92rEC+tph5jwtATX6lLpNZAjNCnLigKxnk+g
qc9fn/Ord42zwXhxuqOUqAPneCvS3Q2VkrwJX0JydpmFSgrl9rn4tYrOgbe+JNpH
AauZs4ud1LByqyEpQR7b9nmOdf8/ugifzF4VBi7BSvhXLgsYbo6Jd7LPASuwiWhO
61SW6qGYBq6jY8t6RNRKbZbCqpbXmQbNyHlP+Z49598uyxsf1hEu7/nPMQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNUDzwqXTGGkxOXsMnjpHFcFJrTLMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvMVFQUENwZE1ZYVRFNWV3eWVPa2NWd1VtdE1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAV/4CAwQC
udKoMA0GCSqGSIb3DQEBCwUAA4IBAQAP8GWZ0ImvvVnmqqneOo4Bi0eauf4dZzDG
hnuy9+BpJ+0OBiDrHV7H78uhZWMFpcLClLOfg1hiqCvSrDQs2nOFOeeG/MezJuYY
TIusJ7mHVZeE0YNN+Z3AnI1mZM9cH5vq/0fd3LBJXHvcpxeMzsYlPZBM9UqzIcQL
57m19T5SZI/j3Z+k1ncKHOzYegWy/x7DnfuUAXNE/y2J5cd7qxTX1QTdVaxjcQfJ
3mIWsEUWP4eBiZ+Y3cWB8xdwW7CGswq9DD5J9TXQHdWRRYl1VHiaUWZyH7gpbfHX
zlE0Oqojp0FniTLvN9NOgIJrJUXA8s58IhJY1kBBmCvDumzFMlDg
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:48 2023 by rpki-client on console-fra.rpki-client.org