Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/3nmCGnXkqw6rfyf4DdyZE71QWIk.roa
File: 3nmCGnXkqw6rfyf4DdyZE71QWIk.roa (raw, json)
Hash identifier: ENAaG6zDMTlLDDF0BiCjoF+eYZisMGnKuXTxisxhrpI=
Subject key identifier: DE:79:82:1A:75:E4:AB:0E:AB:7F:27:F8:0D:DC:99:13:BD:50:58:89
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 0183C1868275135A55221B8F96725F0BB03C
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/3nmCGnXkqw6rfyf4DdyZE71QWIk.roa
Signing time: Mon 10 Oct 2022 10:52:41 +0000
ROA not before: Mon 10 Oct 2022 10:52:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 87.254.2.0/24 maxlen: 24
87.254.11.0/24 maxlen: 24
185.210.168.0/22 maxlen: 24
87.254.16.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c1:86:82:75:13:5a:55:22:1b:8f:96:72:5f:0b:b0:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Oct 10 10:52:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=de79821a75e4ab0eab7f27f80ddc9913bd505889
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:dd:2f:82:af:87:03:5b:76:b2:76:e3:9e:94:
d0:13:20:4e:38:9b:3d:1f:b8:70:eb:3f:10:c3:77:
49:ab:bd:59:02:e6:17:79:91:86:11:07:5b:f3:9a:
6d:83:ce:71:26:63:f0:de:c0:aa:b3:e6:58:fd:71:
06:b7:89:39:81:13:06:34:1f:24:49:1a:b4:76:17:
55:5a:96:e5:9b:63:fa:19:d7:49:78:bf:81:a3:42:
67:51:60:f1:2f:57:38:20:4d:ae:92:94:7e:83:fa:
ab:2e:2d:0c:16:e1:80:7f:53:94:b1:d8:bd:70:d1:
05:e7:d6:0d:16:47:92:f0:25:ef:f4:19:65:0d:c2:
cb:3e:76:aa:24:c4:cc:dc:dc:dc:2d:8c:87:32:1a:
12:0b:3d:62:7a:85:00:a9:1c:3f:ca:20:bd:f3:60:
e5:04:13:07:c3:e9:0b:d8:4e:79:20:b1:4e:6b:9b:
63:09:3b:04:00:03:7a:09:19:79:1c:c3:90:e8:60:
8e:1e:28:ab:ff:fe:2d:83:db:3c:5d:b2:80:ee:de:
d5:5f:1f:fb:e1:7d:0c:cc:67:f0:bc:c1:0f:e2:91:
1d:70:e3:a3:ba:bf:3c:7f:79:60:52:76:d3:fa:6d:
7a:30:9c:c9:ef:d4:0f:2d:07:33:88:25:d6:5e:12:
7a:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:79:82:1A:75:E4:AB:0E:AB:7F:27:F8:0D:DC:99:13:BD:50:58:89
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/3nmCGnXkqw6rfyf4DdyZE71QWIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.2.0/24
87.254.11.0/24
87.254.16.0/24
185.210.168.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:4d:02:90:3c:bf:4b:20:c8:76:26:e6:f5:37:ea:71:7d:7d:
60:cb:e0:bd:68:27:5b:98:d7:c4:3e:95:eb:41:1e:e8:c6:49:
d2:15:0e:a1:85:60:91:2f:07:81:25:4c:dd:c1:bc:07:82:54:
a9:63:c6:d3:c6:aa:d2:48:96:0c:78:0d:21:82:24:aa:8b:90:
37:40:df:2b:78:8c:a2:58:4b:91:3c:b8:b3:96:7f:fa:2b:13:
99:35:e2:13:2a:aa:8a:4d:03:df:0e:cd:22:d3:74:07:11:51:
ee:93:8d:d6:69:9d:09:04:9c:b3:57:d2:c5:f5:59:2d:19:e1:
3c:5c:90:13:97:a7:ed:b2:e7:ad:01:1f:e2:c9:07:58:54:db:
76:df:46:dd:86:d9:38:c2:79:c9:ec:7e:6c:ee:5a:48:37:a2:
18:dc:e8:5b:a5:a9:ac:67:eb:17:60:3d:5f:dc:92:2d:bb:05:
7c:f7:e0:02:5a:c2:ea:d9:25:bd:2e:d3:25:94:5d:16:3f:10:
56:b9:1c:c3:0d:e9:be:ac:be:2e:01:84:08:de:91:20:8d:b0:
b3:08:f6:a5:94:8d:f1:af:f3:65:dc:ee:10:d4:5e:66:16:65:
ef:dd:ea:15:be:96:fb:1b:e0:a7:fe:56:f9:e6:b6:81:c6:5d:
fc:15:a7:31
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYPBhoJ1E1pVIhuPlnJfC7A8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjIxMDEwMTA1MjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTc5ODIxYTc1ZTRhYjBlYWI3ZjI3ZjgwZGRjOTkxM2JkNTA1ODg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkd0vgq+HA1t2snbjnpTQEyBOOJs9
H7hw6z8Qw3dJq71ZAuYXeZGGEQdb85ptg85xJmPw3sCqs+ZY/XEGt4k5gRMGNB8k
SRq0dhdVWpblm2P6GddJeL+Bo0JnUWDxL1c4IE2ukpR+g/qrLi0MFuGAf1OUsdi9
cNEF59YNFkeS8CXv9BllDcLLPnaqJMTM3NzcLYyHMhoSCz1ieoUAqRw/yiC982Dl
BBMHw+kL2E55ILFOa5tjCTsEAAN6CRl5HMOQ6GCOHiir//4tg9s8XbKA7t7VXx/7
4X0MzGfwvMEP4pEdcOOjur88f3lgUnbT+m16MJzJ79QPLQcziCXWXhJ6CwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFN55ghp15KsOq38n+A3cmRO9UFiJMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvM25tQ0duWGtxdzZyZnlmNERkeVpFNzFRV0lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAV/4CAwQA
V/4LAwQAV/4QAwQCudKoMA0GCSqGSIb3DQEBCwUAA4IBAQA7TQKQPL9LIMh2Jub1
N+pxfX1gy+C9aCdbmNfEPpXrQR7oxknSFQ6hhWCRLweBJUzdwbwHglSpY8bTxqrS
SJYMeA0hgiSqi5A3QN8reIyiWEuRPLizln/6KxOZNeITKqqKTQPfDs0i03QHEVHu
k43WaZ0JBJyzV9LF9VktGeE8XJATl6ftsuetAR/iyQdYVNt230bdhtk4wnnJ7H5s
7lpIN6IY3OhbpamsZ+sXYD1f3JItuwV89+ACWsLq2SW9LtMllF0WPxBWuRzDDem+
rL4uAYQI3pEgjbCzCPallI3xr/Nl3O4Q1F5mFmXv3eoVvpb7G+Cn/lb55raBxl38
Facx
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:38 2023 by rpki-client on console-ams.rpki-client.org