Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/zNiEROfZ7GhslGK2DahJAEymPoQ.roa
File: zNiEROfZ7GhslGK2DahJAEymPoQ.roa (raw, json)
Hash identifier: R9Uon40h2+RBY5F6D9eucn8CcV8Js2xA4DHQ22SHrLs=
Subject key identifier: CC:D8:84:44:E7:D9:EC:68:6C:94:62:B6:0D:A8:49:00:4C:A6:3E:84
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 0181DDDE5132134E9542305EE8B03AD371C4
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/zNiEROfZ7GhslGK2DahJAEymPoQ.roa
Signing time: Fri 08 Jul 2022 12:52:23 +0000
ROA not before: Fri 08 Jul 2022 12:52:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20915
IP address blocks: 87.254.25.0/24 maxlen: 24
87.254.2.0/24 maxlen: 24
87.254.0.0/19 maxlen: 19
87.254.10.0/24 maxlen: 24
87.254.11.0/24 maxlen: 24
87.254.12.0/24 maxlen: 24
87.254.13.0/24 maxlen: 24
217.25.0.0/20 maxlen: 20
87.254.19.0/24 maxlen: 24
2a00:eac0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:dd:de:51:32:13:4e:95:42:30:5e:e8:b0:3a:d3:71:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Jul 8 12:52:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ccd88444e7d9ec686c9462b60da849004ca63e84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:44:f1:ec:73:54:a3:42:0a:53:ce:47:ff:84:
da:db:40:4e:fd:b2:f8:5a:5f:05:62:39:ff:29:f0:
75:f5:c5:5a:fa:08:f7:dc:b8:55:6f:3f:42:3c:2c:
87:4e:4c:13:f5:dc:10:be:41:5f:87:b8:37:73:0e:
a0:d0:1a:8d:89:c1:0b:c4:4a:6b:ef:1f:3b:e9:ad:
cd:51:dc:38:31:ba:4a:1e:54:bc:06:b0:b0:73:4e:
99:97:26:ac:72:e2:39:aa:32:6f:7c:23:5a:38:d9:
d1:60:2e:5a:1d:aa:a9:46:48:73:d9:02:98:04:97:
46:e8:3b:86:dc:78:ab:12:03:50:3d:c7:bb:5b:72:
4d:f6:c2:b8:90:b1:3f:a3:5b:52:9d:0d:d4:ea:62:
c6:ea:dd:0a:bb:e4:58:89:69:3d:1f:9b:ec:40:73:
15:df:d8:44:00:ee:f9:7e:e2:43:12:f7:6c:8e:27:
77:ab:2c:18:1b:76:02:66:0b:60:fd:cd:c2:6a:60:
9d:78:ba:7c:2c:28:a3:00:d3:09:68:87:ca:e3:f3:
db:74:22:aa:bc:1d:4c:df:76:ca:57:7c:9d:ab:17:
78:6f:db:22:b9:58:79:6b:64:b7:5d:55:e9:a0:a6:
54:af:d9:82:bb:ee:44:5c:6b:cb:ed:c5:11:a6:7c:
f2:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:D8:84:44:E7:D9:EC:68:6C:94:62:B6:0D:A8:49:00:4C:A6:3E:84
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/zNiEROfZ7GhslGK2DahJAEymPoQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.0.0/19
217.25.0.0/20
IPv6:
2a00:eac0::/32
Signature Algorithm: sha256WithRSAEncryption
74:f1:50:13:9f:1a:68:4c:12:94:91:4b:2d:0d:1f:db:7a:eb:
1b:0b:1c:81:82:01:70:e5:98:07:f0:82:ee:cc:10:6e:ca:1d:
c7:ed:cf:f8:d1:e0:cc:bd:aa:86:50:24:25:b4:2e:e7:b1:6d:
7d:c2:ed:12:35:13:fc:74:86:2d:a7:fa:24:fe:3d:11:c9:20:
ba:f4:53:2f:b1:3b:85:c8:44:fb:f1:08:4b:8a:e0:34:5d:e9:
39:9d:79:66:8c:47:43:59:bc:e5:77:a7:a2:9d:b2:ad:ec:8f:
7d:ed:2f:5e:5f:89:5b:3c:1d:e4:f1:e6:48:95:ea:a9:b7:be:
94:ef:ab:26:2f:74:aa:7e:24:37:36:90:2d:a6:1b:71:43:80:
ae:ce:c4:9e:9f:ab:3e:7e:14:a6:7b:e7:ee:2d:ec:17:99:26:
49:c7:f9:65:29:4e:27:ad:56:8f:ef:f6:ff:49:39:71:43:3c:
7e:ee:55:bd:ee:59:6f:d7:2c:d4:67:7f:87:0c:39:62:4c:de:
63:23:de:4f:e1:01:a5:d1:ae:c4:af:44:68:f5:56:fd:dc:3e:
17:e9:98:44:14:5b:db:0a:3a:73:49:f7:88:c4:ec:a6:f8:61:
43:c2:4c:f3:a7:14:d4:1e:5f:c5:63:a9:75:53:7b:8f:14:be:
c8:b8:67:b1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYHd3lEyE06VQjBe6LA603HEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjIwNzA4MTI1MjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2Q4ODQ0NGU3ZDllYzY4NmM5NDYyYjYwZGE4NDkwMDRjYTYzZTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhETx7HNUo0IKU85H/4Ta20BO/bL4
Wl8FYjn/KfB19cVa+gj33LhVbz9CPCyHTkwT9dwQvkFfh7g3cw6g0BqNicELxEpr
7x876a3NUdw4MbpKHlS8BrCwc06ZlyascuI5qjJvfCNaONnRYC5aHaqpRkhz2QKY
BJdG6DuG3HirEgNQPce7W3JN9sK4kLE/o1tSnQ3U6mLG6t0Ku+RYiWk9H5vsQHMV
39hEAO75fuJDEvdsjid3qywYG3YCZgtg/c3CamCdeLp8LCijANMJaIfK4/PbdCKq
vB1M33bKV3ydqxd4b9siuVh5a2S3XVXpoKZUr9mCu+5EXGvL7cURpnzyjwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMzYhETn2exobJRitg2oSQBMpj6EMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvek5pRVJPZlo3R2hzbEdLMkRhaEpBRXltUG9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFV/4AAwQE
2RkAMA0EAgACMAcDBQAqAOrAMA0GCSqGSIb3DQEBCwUAA4IBAQB08VATnxpoTBKU
kUstDR/beusbCxyBggFw5ZgH8ILuzBBuyh3H7c/40eDMvaqGUCQltC7nsW19wu0S
NRP8dIYtp/ok/j0RySC69FMvsTuFyET78QhLiuA0Xek5nXlmjEdDWbzld6einbKt
7I997S9eX4lbPB3k8eZIleqpt76U76smL3SqfiQ3NpAtphtxQ4CuzsSen6s+fhSm
e+fuLewXmSZJx/llKU4nrVaP7/b/STlxQzx+7lW97llv1yzUZ3+HDDliTN5jI95P
4QGl0a7Er0Ro9Vb93D4X6ZhEFFvbCjpzSfeIxOym+GFDwkzzpxTUHl/FY6l1U3uP
FL7IuGex
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:48 2023 by rpki-client on console-fra.rpki-client.org