Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/hgKbZvRsbw0MR1kCFp2gVT-N4pQ.roa
File: hgKbZvRsbw0MR1kCFp2gVT-N4pQ.roa (raw, json)
Hash identifier: xPl/kXiKRJT3m3ocbbNPv0nQJC79TE20UeRC8AqC870=
Subject key identifier: 86:02:9B:66:F4:6C:6F:0D:0C:47:59:02:16:9D:A0:55:3F:8D:E2:94
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 0367A67C
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/hgKbZvRsbw0MR1kCFp2gVT-N4pQ.roa
Signing time: Wed 01 Jun 2022 07:56:21 +0000
ROA not before: Wed 01 Jun 2022 07:56:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 87.254.3.0/24 maxlen: 24
87.254.11.0/24 maxlen: 24
87.254.10.0/24 maxlen: 24
87.254.23.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57124476 (0x367a67c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Jun 1 07:56:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=86029b66f46c6f0d0c475902169da0553f8de294
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:73:2a:53:da:5e:20:1c:b1:07:7b:53:50:64:
d7:d6:e4:68:45:7c:0a:67:09:8f:dd:2b:2c:8f:40:
a6:2a:69:fb:53:c5:2e:e1:43:9d:83:cc:aa:eb:e4:
93:99:e2:b4:63:3d:db:ba:63:56:71:2c:61:af:37:
24:f9:a3:6f:10:0e:9f:3d:28:e1:06:1e:dd:af:4c:
44:65:7c:44:26:78:13:c7:96:6a:54:b3:6c:78:d5:
9a:14:3f:d2:03:f1:bf:f1:cb:f2:a9:c9:28:63:87:
73:e9:d8:9d:f7:e8:1a:65:23:21:ce:1a:76:89:6e:
cd:89:b9:ee:f0:04:11:eb:aa:1f:50:57:10:5e:98:
88:2a:d2:07:38:cc:8a:4b:d5:08:95:c8:1f:75:7b:
de:05:67:00:1f:74:28:de:fd:b8:6d:e0:b9:2e:f1:
f8:62:10:7f:e0:27:fc:fa:ce:03:bc:3f:e4:39:48:
4f:c0:63:8c:95:b5:62:99:45:f9:1c:55:6b:ae:1f:
0e:bc:fb:53:96:c2:58:8e:59:cd:25:12:62:b2:d7:
4b:73:90:c3:cd:2b:8f:57:44:0c:27:68:04:97:a2:
c6:03:49:e6:14:2c:35:d6:0c:23:bf:9b:d9:c6:42:
05:b6:2f:66:96:68:ae:89:41:9b:f7:a1:7c:8c:ed:
42:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:02:9B:66:F4:6C:6F:0D:0C:47:59:02:16:9D:A0:55:3F:8D:E2:94
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/hgKbZvRsbw0MR1kCFp2gVT-N4pQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.3.0/24
87.254.10.0/23
87.254.23.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:39:db:11:0b:da:8a:01:ea:8b:26:66:67:b6:65:18:39:de:
f5:96:4e:af:58:06:83:8b:db:ed:c4:3d:30:bf:88:e6:b7:49:
37:00:0b:2f:ed:d3:a1:2d:9b:a6:0f:90:c4:50:38:d0:26:ec:
ae:5a:bb:95:68:6e:9f:77:d8:52:aa:14:b2:94:e7:eb:d1:73:
12:29:ff:96:07:46:5d:18:c3:83:fc:e5:75:04:10:0d:df:2e:
17:60:83:db:2b:27:09:e1:2f:59:da:c6:32:12:c8:ae:76:17:
30:e2:a7:14:8d:36:3c:87:47:ba:c3:57:08:b5:cc:c0:b9:8e:
76:4e:fe:6f:89:03:bc:0d:57:47:87:39:26:a8:bb:aa:d8:74:
e9:4d:db:ef:60:8c:e8:49:e6:e8:ef:ad:af:1c:81:96:fb:49:
f8:56:1e:28:82:17:fd:97:7e:c0:15:e9:f2:2c:96:20:6f:0d:
fa:84:e3:fb:96:08:d2:f7:af:cc:a4:3d:89:c2:ad:1a:b7:9e:
cc:07:d9:7d:c2:8d:e9:aa:00:68:ca:84:37:da:61:14:83:f3:
b0:d8:b6:bc:05:9c:5b:44:36:a9:c2:12:58:e2:f9:69:77:77:
44:c3:67:c8:e0:21:9f:9f:4f:cf:df:94:c0:0b:d1:47:fa:0b:
08:79:32:8a
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEA2emfDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZmY4MGNiZGZlMTgzNTRhM2NmZGJhMmZlMDc5YWEyZWJjNThkY2Q0MB4XDTIyMDYw
MTA3NTYyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODYwMjliNjZmNDZj
NmYwZDBjNDc1OTAyMTY5ZGEwNTUzZjhkZTI5NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMVzKlPaXiAcsQd7U1Bk19bkaEV8CmcJj90rLI9Apipp+1PF
LuFDnYPMquvkk5nitGM927pjVnEsYa83JPmjbxAOnz0o4QYe3a9MRGV8RCZ4E8eW
alSzbHjVmhQ/0gPxv/HL8qnJKGOHc+nYnffoGmUjIc4adoluzYm57vAEEeuqH1BX
EF6YiCrSBzjMikvVCJXIH3V73gVnAB90KN79uG3guS7x+GIQf+An/PrOA7w/5DlI
T8BjjJW1YplF+RxVa64fDrz7U5bCWI5ZzSUSYrLXS3OQw80rj1dEDCdoBJeixgNJ
5hQsNdYMI7+b2cZCBbYvZpZorolBm/ehfIztQu0CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSGAptm9GxvDQxHWQIWnaBVP43ilDAfBgNVHSMEGDAWgBQP+Ay9/hg1Sjz9
ui/geaouvFjc1DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RfZ012ZjRZTlVvOF9ib3Y0SG1xTHJ4WTNOUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTkvMTI5NTY0LWYxZGItNGRjNS04OTA2LTZmY2RjZDVhYjY2MC8x
L2hnS2JadlJzYncwTVIxa0NGcDJnVlQtTjRwUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTkv
MTI5NTY0LWYxZGItNGRjNS04OTA2LTZmY2RjZDVhYjY2MC8xL0RfZ012ZjRZTlVv
OF9ib3Y0SG1xTHJ4WTNOUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAFf+AwMEAVf+CgMEAFf+FzANBgkq
hkiG9w0BAQsFAAOCAQEADznbEQvaigHqiyZmZ7ZlGDne9ZZOr1gGg4vb7cQ9ML+I
5rdJNwALL+3ToS2bpg+QxFA40Cbsrlq7lWhun3fYUqoUspTn69FzEin/lgdGXRjD
g/zldQQQDd8uF2CD2ysnCeEvWdrGMhLIrnYXMOKnFI02PIdHusNXCLXMwLmOdk7+
b4kDvA1XR4c5Jqi7qth06U3b72CM6Enm6O+trxyBlvtJ+FYeKIIX/Zd+wBXp8iyW
IG8N+oTj+5YI0vevzKQ9icKtGreezAfZfcKN6aoAaMqEN9phFIPzsNi2vAWcW0Q2
qcISWOL5aXd3RMNnyOAhn59Pz9+UwAvRR/oLCHkyig==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:38 2023 by rpki-client on console-ams.rpki-client.org