Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/1eVqPT7TfciEHakYAyH_KvtoXl4.roa
File: 1eVqPT7TfciEHakYAyH_KvtoXl4.roa (raw, json)
Hash identifier: VW/B1BwMH5KGVSKeD5SYaj7NDVpo841nVlX0dTo/nAU=
Subject key identifier: D5:E5:6A:3D:3E:D3:7D:C8:84:1D:A9:18:03:21:FF:2A:FB:68:5E:5E
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 0184BD946DAED60773EE102162BA89CD0C58
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/1eVqPT7TfciEHakYAyH_KvtoXl4.roa
Signing time: Mon 28 Nov 2022 09:32:12 +0000
ROA not before: Mon 28 Nov 2022 09:32:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20915
IP address blocks: 87.254.25.0/24 maxlen: 24
87.254.2.0/24 maxlen: 24
87.254.0.0/19 maxlen: 19
87.254.10.0/24 maxlen: 24
87.254.11.0/24 maxlen: 24
217.25.0.0/20 maxlen: 20
87.254.19.0/24 maxlen: 24
2a00:eac0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:bd:94:6d:ae:d6:07:73:ee:10:21:62:ba:89:cd:0c:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Nov 28 09:32:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d5e56a3d3ed37dc8841da9180321ff2afb685e5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:73:66:d2:54:7a:de:d9:d8:6d:31:33:d6:b1:
4b:2f:6d:b1:dd:55:4f:e9:bb:a7:4e:0e:f8:b4:45:
84:db:aa:75:32:70:bc:53:71:2c:bb:da:2c:f2:e6:
54:26:ee:a3:ef:67:68:de:0e:56:28:e7:5f:b2:c3:
43:95:8b:f5:62:c5:d0:a1:e1:02:46:de:95:aa:4a:
51:34:b1:b0:b3:bc:aa:5c:53:40:50:67:f8:3f:dc:
f5:2d:e2:23:96:2f:8c:79:0d:9d:7f:d9:b9:fb:2e:
2f:15:98:b4:0b:9b:15:0b:8d:8c:9b:c4:8c:d3:be:
87:7b:80:23:1f:59:f0:31:27:7e:72:db:57:7e:bc:
d3:a6:9a:8b:86:4a:15:52:52:79:d0:ac:b6:2a:97:
95:f3:e7:02:8d:25:dc:c2:b3:48:3f:47:e0:36:9e:
fb:8e:83:e5:58:d0:83:fa:38:2e:6b:4f:09:c3:6e:
fb:32:ad:2d:61:08:e8:11:67:ed:02:0a:fc:c1:48:
84:71:18:cb:a4:b1:19:87:3c:6a:e4:6f:fc:a9:57:
43:4f:3e:50:06:78:f9:df:d3:e0:30:9a:bb:c0:63:
9d:e6:73:e6:b2:39:dd:dd:f9:48:3a:17:e2:4c:3e:
51:12:ac:05:91:04:e5:5e:5a:4a:93:cc:8c:92:47:
d0:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:E5:6A:3D:3E:D3:7D:C8:84:1D:A9:18:03:21:FF:2A:FB:68:5E:5E
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/1eVqPT7TfciEHakYAyH_KvtoXl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.0.0/19
217.25.0.0/20
IPv6:
2a00:eac0::/32
Signature Algorithm: sha256WithRSAEncryption
78:f1:4c:76:9e:ba:39:d2:5e:2a:d5:66:04:20:45:21:14:e3:
91:03:f4:af:15:57:f8:f6:4f:08:eb:f0:df:2d:27:93:c9:fe:
09:30:b4:0a:36:ef:74:c4:d6:76:f5:0c:9a:c5:1b:d7:2a:da:
c2:72:f3:28:cd:83:e1:88:a1:b7:82:01:de:1d:22:0c:4b:a3:
c6:6f:99:da:a4:81:03:f0:bf:bf:13:59:aa:ae:81:c3:b7:2c:
30:cc:66:19:5d:e1:96:5e:ae:66:13:a8:1e:b6:88:2f:ae:d0:
e9:79:fb:1e:f3:54:64:1f:17:16:5b:55:0b:02:6a:56:a1:1b:
15:25:40:be:ac:e4:ec:c3:79:e0:27:ce:d9:df:26:17:2a:16:
66:26:70:21:ba:3d:38:94:df:b2:8a:ac:3b:95:33:4e:2f:8e:
b9:10:b2:0c:ef:fc:eb:8f:24:b9:ee:ca:3a:8f:82:25:50:13:
fc:5d:26:13:3a:be:1c:ec:93:37:18:ef:8f:32:d9:25:66:b4:
60:e7:1a:0b:eb:38:3e:8e:35:0c:fe:b2:50:40:fc:d4:4a:63:
f8:51:6b:a6:80:0b:32:af:c5:3b:af:93:ec:7d:cd:05:8c:73:
0c:5c:bf:f0:6c:af:1f:4f:58:60:1e:ce:d1:ec:e5:95:3c:b3:
62:85:c9:9d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYS9lG2u1gdz7hAhYrqJzQxYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjIxMTI4MDkzMjEyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWU1NmEzZDNlZDM3ZGM4ODQxZGE5MTgwMzIxZmYyYWZiNjg1ZTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXNm0lR63tnYbTEz1rFLL22x3VVP
6bunTg74tEWE26p1MnC8U3Esu9os8uZUJu6j72do3g5WKOdfssNDlYv1YsXQoeEC
Rt6VqkpRNLGws7yqXFNAUGf4P9z1LeIjli+MeQ2df9m5+y4vFZi0C5sVC42Mm8SM
076He4AjH1nwMSd+cttXfrzTppqLhkoVUlJ50Ky2KpeV8+cCjSXcwrNIP0fgNp77
joPlWNCD+jgua08Jw277Mq0tYQjoEWftAgr8wUiEcRjLpLEZhzxq5G/8qVdDTz5Q
Bnj539PgMJq7wGOd5nPmsjnd3flIOhfiTD5REqwFkQTlXlpKk8yMkkfQxwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNXlaj0+033IhB2pGAMh/yr7aF5eMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvMWVWcVBUN1RmY2lFSGFrWUF5SF9LdnRvWGw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFV/4AAwQE
2RkAMA0EAgACMAcDBQAqAOrAMA0GCSqGSIb3DQEBCwUAA4IBAQB48Ux2nro50l4q
1WYEIEUhFOORA/SvFVf49k8I6/DfLSeTyf4JMLQKNu90xNZ29QyaxRvXKtrCcvMo
zYPhiKG3ggHeHSIMS6PGb5napIED8L+/E1mqroHDtywwzGYZXeGWXq5mE6getogv
rtDpefse81RkHxcWW1ULAmpWoRsVJUC+rOTsw3ngJ87Z3yYXKhZmJnAhuj04lN+y
iqw7lTNOL465ELIM7/zrjyS57so6j4IlUBP8XSYTOr4c7JM3GO+PMtklZrRg5xoL
6zg+jjUM/rJQQPzUSmP4UWumgAsyr8U7r5Psfc0FjHMMXL/wbK8fT1hgHs7R7OWV
PLNihcmd
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:38 2023 by rpki-client on console-ams.rpki-client.org