Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/b8e940-2201-406e-8aaf-4060e9eeeb9e/1/hmHu89GLmqBm5NBo9BU4MaJk7RI.roa
File: hmHu89GLmqBm5NBo9BU4MaJk7RI.roa (raw, json)
Hash identifier: bY+ZSD9uZ/7PlCdU+bCK7AEbEjNAFxoVNRtIKzjYIs4=
Subject key identifier: 86:61:EE:F3:D1:8B:9A:A0:66:E4:D0:68:F4:15:38:31:A2:64:ED:12
Certificate issuer: /CN=68383ffa9f20bf021c090262994212d71667ed02
Certificate serial: 01843DFCD2DE87717348ED096A82CD8C2FFF
Authority key identifier: 68:38:3F:FA:9F:20:BF:02:1C:09:02:62:99:42:12:D7:16:67:ED:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aDg_-p8gvwIcCQJimUIS1xZn7QI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/b8e940-2201-406e-8aaf-4060e9eeeb9e/1/hmHu89GLmqBm5NBo9BU4MaJk7RI.roa
Signing time: Thu 03 Nov 2022 14:54:49 +0000
ROA not before: Thu 03 Nov 2022 14:54:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48901
IP address blocks: 81.90.128.0/20 maxlen: 24
81.90.131.0/28 maxlen: 28
81.90.134.0/24 maxlen: 24
81.90.136.0/23 maxlen: 24
2a00:e27::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3d:fc:d2:de:87:71:73:48:ed:09:6a:82:cd:8c:2f:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68383ffa9f20bf021c090262994212d71667ed02
Validity
Not Before: Nov 3 14:54:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8661eef3d18b9aa066e4d068f4153831a264ed12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:40:9d:86:65:91:d0:4f:75:24:3a:b5:f3:8c:
0b:5e:18:9b:9f:36:18:f7:11:54:97:50:9c:ee:1a:
04:8d:46:b5:73:fa:c7:bf:b2:21:e2:19:95:ba:32:
79:13:4b:3c:fe:04:05:60:d8:48:13:29:9b:8f:de:
03:36:6d:4b:87:e9:66:27:78:19:db:2c:ac:78:df:
aa:47:32:a1:c0:08:cf:ae:9d:c8:a3:72:7c:c1:c6:
7d:c7:cb:2e:06:64:24:09:76:8d:45:5d:d5:c3:a0:
db:47:f4:9d:b7:fb:20:88:01:26:c2:4c:c1:ee:63:
d3:e0:57:3a:a9:e4:55:ef:b5:fe:4d:73:89:97:dc:
57:c3:75:aa:ea:b6:d3:40:14:09:ed:76:c3:2a:cd:
07:ca:37:1f:92:b5:f8:30:8f:ff:f9:19:52:9d:0d:
41:1b:b1:ad:97:c8:7c:5b:de:f7:a5:93:b3:f4:9a:
a4:79:16:b4:60:19:ce:19:6a:07:19:99:5d:37:51:
5a:26:17:4b:db:e5:92:0d:de:57:a4:5c:27:5a:41:
82:aa:4e:cf:f4:12:7a:0b:30:87:a6:23:29:81:7a:
3d:07:21:f2:39:47:a2:37:d1:01:45:01:86:c4:78:
18:b6:20:65:59:7b:01:f5:bc:46:3d:09:d4:37:38:
6a:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:61:EE:F3:D1:8B:9A:A0:66:E4:D0:68:F4:15:38:31:A2:64:ED:12
X509v3 Authority Key Identifier:
keyid:68:38:3F:FA:9F:20:BF:02:1C:09:02:62:99:42:12:D7:16:67:ED:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aDg_-p8gvwIcCQJimUIS1xZn7QI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b8e940-2201-406e-8aaf-4060e9eeeb9e/1/hmHu89GLmqBm5NBo9BU4MaJk7RI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b8e940-2201-406e-8aaf-4060e9eeeb9e/1/aDg_-p8gvwIcCQJimUIS1xZn7QI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.90.128.0/20
IPv6:
2a00:e27::/32
Signature Algorithm: sha256WithRSAEncryption
84:83:17:d9:e0:bb:79:a0:76:a9:6b:b3:be:43:0d:bd:92:19:
0c:35:7b:c7:2e:d5:9c:dd:87:f5:2f:2e:35:a1:8b:37:fe:9b:
df:e9:5f:ad:57:c4:3c:02:0a:e4:5f:09:1c:ff:09:3f:26:33:
0b:22:88:11:1e:83:ef:61:7c:d4:3d:19:a9:c1:63:4a:96:22:
0e:45:6e:a9:5c:fa:05:33:e3:7f:43:1a:22:d3:7c:b1:cf:2e:
10:db:04:88:ed:64:0e:4e:63:eb:84:fa:dd:38:43:d8:9d:1d:
db:b7:d7:7d:ab:35:73:21:8f:34:80:62:9a:a0:36:49:92:be:
ad:68:1f:8f:36:4b:09:51:d7:89:71:e4:71:bc:22:98:90:02:
a9:b9:e5:c6:75:6b:f7:4a:e2:c4:5e:be:19:8e:43:7d:5e:fb:
83:83:30:30:f2:5f:1d:bf:56:9c:df:67:c6:39:18:ec:8a:bb:
f5:b8:80:c9:82:41:5e:96:09:6f:29:2e:e8:29:ea:2d:34:0f:
aa:f7:cd:9e:d7:d0:2a:c1:c5:10:28:52:08:e0:26:c5:41:f5:
10:49:dd:24:d9:a3:7f:b0:4f:1d:10:e0:be:22:9c:77:20:78:
b7:a5:5f:06:8f:61:f6:9e:65:99:a6:7c:5d:90:fb:4f:b2:e5:
6a:a6:31:76
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYQ9/NLeh3FzSO0JaoLNjC//MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MzgzZmZhOWYyMGJmMDIxYzA5MDI2Mjk5NDIxMmQ3MTY2
N2VkMDIwHhcNMjIxMTAzMTQ1NDQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjYxZWVmM2QxOGI5YWEwNjZlNGQwNjhmNDE1MzgzMWEyNjRlZDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0CdhmWR0E91JDq184wLXhibnzYY
9xFUl1Cc7hoEjUa1c/rHv7Ih4hmVujJ5E0s8/gQFYNhIEymbj94DNm1Lh+lmJ3gZ
2yyseN+qRzKhwAjPrp3Io3J8wcZ9x8suBmQkCXaNRV3Vw6DbR/Sdt/sgiAEmwkzB
7mPT4Fc6qeRV77X+TXOJl9xXw3Wq6rbTQBQJ7XbDKs0HyjcfkrX4MI//+RlSnQ1B
G7Gtl8h8W973pZOz9JqkeRa0YBnOGWoHGZldN1FaJhdL2+WSDd5XpFwnWkGCqk7P
9BJ6CzCHpiMpgXo9ByHyOUeiN9EBRQGGxHgYtiBlWXsB9bxGPQnUNzhqJQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIZh7vPRi5qgZuTQaPQVODGiZO0SMB8GA1UdIwQY
MBaAFGg4P/qfIL8CHAkCYplCEtcWZ+0CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYURnXy1wOGd2d0ljQ1FKaW1VSVMxeFpuN1FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9iOGU5NDAtMjIwMS00MDZlLThhYWYt
NDA2MGU5ZWVlYjllLzEvaG1IdTg5R0xtcUJtNU5CbzlCVTRNYUprN1JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9iOGU5NDAtMjIwMS00MDZlLThhYWYtNDA2MGU5ZWVlYjll
LzEvYURnXy1wOGd2d0ljQ1FKaW1VSVMxeFpuN1FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEUVqAMA0E
AgACMAcDBQAqAA4nMA0GCSqGSIb3DQEBCwUAA4IBAQCEgxfZ4Lt5oHapa7O+Qw29
khkMNXvHLtWc3Yf1Ly41oYs3/pvf6V+tV8Q8AgrkXwkc/wk/JjMLIogRHoPvYXzU
PRmpwWNKliIORW6pXPoFM+N/Qxoi03yxzy4Q2wSI7WQOTmPrhPrdOEPYnR3bt9d9
qzVzIY80gGKaoDZJkr6taB+PNksJUdeJceRxvCKYkAKpueXGdWv3SuLEXr4ZjkN9
XvuDgzAw8l8dv1ac32fGORjsirv1uIDJgkFelglvKS7oKeotNA+q982e19AqwcUQ
KFII4CbFQfUQSd0k2aN/sE8dEOC+Ipx3IHi3pV8Gj2H2nmWZpnxdkPtPsuVqpjF2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:04 2024 by rpki-client on console-fra.rpki-client.org