Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/a8df58-eabc-45d4-9437-b57616136ab6/1/AaXoJDa43hdn0x-etxRWxRj4H8M.roa
File: AaXoJDa43hdn0x-etxRWxRj4H8M.roa (raw, json)
Hash identifier: 7e1H0mWUK+VdIW151ecQ4XDcyowRNED0VAX6i57oY3U=
Subject key identifier: 01:A5:E8:24:36:B8:DE:17:67:D3:1F:9E:B7:14:56:C5:18:F8:1F:C3
Certificate issuer: /CN=83fd967c6c19a31b7e38e9e5c9ca8fa0de3d6149
Certificate serial: 027AD557
Authority key identifier: 83:FD:96:7C:6C:19:A3:1B:7E:38:E9:E5:C9:CA:8F:A0:DE:3D:61:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g_2WfGwZoxt-OOnlycqPoN49YUk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/a8df58-eabc-45d4-9437-b57616136ab6/1/AaXoJDa43hdn0x-etxRWxRj4H8M.roa
Signing time: Sat 01 Jan 2022 11:56:23 +0000
ROA not before: Sat 01 Jan 2022 11:56:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39620
IP address blocks: 81.29.48.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41604439 (0x27ad557)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83fd967c6c19a31b7e38e9e5c9ca8fa0de3d6149
Validity
Not Before: Jan 1 11:56:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=01a5e82436b8de1767d31f9eb71456c518f81fc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:8f:16:91:23:23:a5:23:fe:72:fb:44:af:39:
5a:b5:eb:b3:68:b8:52:c7:47:0e:f3:02:c4:bf:57:
41:ab:da:1e:51:73:59:ab:d6:fc:35:2a:e7:40:4d:
f7:9d:f5:1f:be:3d:db:45:c0:d5:48:67:59:b1:20:
13:b9:d5:a5:c7:41:1b:5a:af:bf:9f:0f:ed:35:26:
84:d7:a5:f5:1d:45:ff:b2:f3:9d:7a:71:3c:fb:94:
05:4a:06:ea:a1:f5:6b:d6:ac:02:15:cc:66:6b:e4:
33:ae:60:8e:db:c9:91:51:b2:7c:d7:ae:7f:f8:41:
ee:69:44:78:3d:40:b0:4b:e9:ab:cd:44:42:64:3f:
47:af:a2:f4:55:21:fc:23:b2:7e:62:4a:b0:b3:a6:
7b:2d:d4:29:50:a6:85:02:93:4d:74:24:28:86:af:
39:04:90:0d:0c:c9:17:a5:9c:68:fb:93:d5:53:b3:
ca:fa:a1:cf:f1:41:14:ab:00:bb:95:09:9a:e3:1b:
17:20:04:89:70:ba:f6:ed:d5:64:a4:fc:59:74:e0:
4f:0d:9d:5e:c8:50:89:7b:de:9e:44:22:03:7b:23:
7a:67:fc:6f:e2:c4:64:62:34:54:18:dc:6f:c5:37:
5f:e4:f2:8e:2e:ff:1c:09:c6:41:fe:70:0d:42:65:
91:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:A5:E8:24:36:B8:DE:17:67:D3:1F:9E:B7:14:56:C5:18:F8:1F:C3
X509v3 Authority Key Identifier:
keyid:83:FD:96:7C:6C:19:A3:1B:7E:38:E9:E5:C9:CA:8F:A0:DE:3D:61:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g_2WfGwZoxt-OOnlycqPoN49YUk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/a8df58-eabc-45d4-9437-b57616136ab6/1/AaXoJDa43hdn0x-etxRWxRj4H8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/a8df58-eabc-45d4-9437-b57616136ab6/1/g_2WfGwZoxt-OOnlycqPoN49YUk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.29.48.0/20
Signature Algorithm: sha256WithRSAEncryption
31:c1:5f:38:4c:7b:5c:f8:6d:84:cc:5f:e3:5c:6d:ff:63:4c:
54:08:c4:81:27:03:e4:b1:28:53:a6:6d:61:ab:cf:5a:27:ec:
97:f9:e9:db:68:ce:dd:6a:5b:d1:29:1b:2d:a4:31:40:b6:10:
1e:4c:21:23:86:28:8e:73:3e:fa:d3:59:43:e2:34:76:64:87:
d5:58:a9:e2:b6:5b:2f:69:d9:e6:80:ea:04:d8:56:8c:63:68:
ab:75:27:10:97:61:88:f1:db:d2:7c:83:de:fd:bf:a9:4e:fa:
77:8b:d4:e2:e2:e5:bf:86:29:2f:f5:f9:1f:44:5f:e1:84:c1:
b6:a5:bb:d6:43:6b:91:3c:c1:f5:d8:07:3f:5c:bb:e8:40:0f:
9d:86:d5:8a:84:83:ee:60:e0:78:a2:1f:fa:05:82:82:b2:02:
19:20:35:d7:ef:ba:07:30:c3:4c:49:20:51:3a:c2:73:27:d8:
11:14:2e:e4:4f:32:f4:e0:dd:56:7f:27:75:e8:3a:6f:1b:d1:
5d:a2:09:ba:34:a1:be:b5:f1:41:0c:e8:d7:49:3f:01:b8:4f:
0d:1b:83:05:e7:9e:10:a6:ca:f4:ea:c9:82:a6:61:5a:da:22:
2b:da:e5:6c:30:36:d1:71:c5:bc:35:43:9a:38:84:93:f7:c7:
9a:96:da:f5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAnrVVzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
M2ZkOTY3YzZjMTlhMzFiN2UzOGU5ZTVjOWNhOGZhMGRlM2Q2MTQ5MB4XDTIyMDEw
MTExNTYyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDFhNWU4MjQzNmI4
ZGUxNzY3ZDMxZjllYjcxNDU2YzUxOGY4MWZjMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOmPFpEjI6Uj/nL7RK85WrXrs2i4UsdHDvMCxL9XQavaHlFz
WavW/DUq50BN9531H74920XA1UhnWbEgE7nVpcdBG1qvv58P7TUmhNel9R1F/7Lz
nXpxPPuUBUoG6qH1a9asAhXMZmvkM65gjtvJkVGyfNeuf/hB7mlEeD1AsEvpq81E
QmQ/R6+i9FUh/COyfmJKsLOmey3UKVCmhQKTTXQkKIavOQSQDQzJF6WcaPuT1VOz
yvqhz/FBFKsAu5UJmuMbFyAEiXC69u3VZKT8WXTgTw2dXshQiXvenkQiA3sjemf8
b+LEZGI0VBjcb8U3X+Tyji7/HAnGQf5wDUJlkX8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQBpegkNrjeF2fTH563FFbFGPgfwzAfBgNVHSMEGDAWgBSD/ZZ8bBmjG344
6eXJyo+g3j1hSTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dfMldmR3dab3h0LU9Pbmx5Y3FQb040OVlVay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWIvYThkZjU4LWVhYmMtNDVkNC05NDM3LWI1NzYxNjEzNmFiNi8x
L0FhWG9KRGE0M2hkbjB4LWV0eFJXeFJqNEg4TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWIv
YThkZjU4LWVhYmMtNDVkNC05NDM3LWI1NzYxNjEzNmFiNi8xL2dfMldmR3dab3h0
LU9Pbmx5Y3FQb040OVlVay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBFEdMDANBgkqhkiG9w0BAQsFAAOC
AQEAMcFfOEx7XPhthMxf41xt/2NMVAjEgScD5LEoU6ZtYavPWifsl/np22jO3Wpb
0SkbLaQxQLYQHkwhI4YojnM++tNZQ+I0dmSH1Vip4rZbL2nZ5oDqBNhWjGNoq3Un
EJdhiPHb0nyD3v2/qU76d4vU4uLlv4YpL/X5H0Rf4YTBtqW71kNrkTzB9dgHP1y7
6EAPnYbVioSD7mDgeKIf+gWCgrICGSA11++6BzDDTEkgUTrCcyfYERQu5E8y9ODd
Vn8ndeg6bxvRXaIJujShvrXxQQzo10k/AbhPDRuDBeeeEKbK9OrJgqZhWtoiK9rl
bDA20XHFvDVDmjiEk/fHmpba9Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:53 2024 by rpki-client on console-ams.rpki-client.org