Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/PIj1LkoLu14Wf4inHeFJAsDiQfA.roa
File: PIj1LkoLu14Wf4inHeFJAsDiQfA.roa (raw, json)
Hash identifier: Vzug827n+Hkz7XU3eNYhzPW0FLxskqdl1eaun5Cgzto=
Subject key identifier: 3C:88:F5:2E:4A:0B:BB:5E:16:7F:88:A7:1D:E1:49:02:C0:E2:41:F0
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 01852EF32B208AA5F1DE4F914EF336A2EAAF
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/PIj1LkoLu14Wf4inHeFJAsDiQfA.roa
Signing time: Tue 20 Dec 2022 09:52:46 +0000
ROA not before: Tue 20 Dec 2022 09:52:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 81.22.133.0/24 maxlen: 24
89.185.24.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2e:f3:2b:20:8a:a5:f1:de:4f:91:4e:f3:36:a2:ea:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Dec 20 09:52:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3c88f52e4a0bbb5e167f88a71de14902c0e241f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:0a:63:b5:43:2f:37:e9:33:72:79:a6:6a:c3:
b2:7e:0f:50:fc:b0:e9:3d:65:7f:8f:6b:61:03:b1:
60:18:6a:0c:54:67:51:6c:6b:9e:92:87:a6:df:64:
f5:94:7c:8d:f9:f7:8c:22:1d:63:02:f8:60:36:96:
2e:9f:f2:5d:9b:7f:a7:22:32:a9:9e:88:1a:d3:de:
71:d8:15:4a:b9:df:5a:a4:45:65:f3:45:c9:e0:ce:
3e:6f:a8:3a:4c:48:ff:76:03:73:c7:d1:fc:9f:3f:
b7:2c:1f:2a:11:7f:aa:ae:06:14:2a:07:c4:f4:ee:
1d:d7:11:7a:ca:9a:fa:57:3a:5c:1e:38:91:a1:ff:
a3:38:e1:bd:d4:80:24:12:dc:0c:8c:06:3d:bc:e8:
07:3d:ec:a6:50:f7:d2:eb:34:63:a9:1e:5e:15:70:
57:05:21:c8:ef:41:02:39:7d:ef:7b:61:44:6a:c3:
a0:05:51:7e:0f:9d:6e:7b:46:4e:69:6e:6f:8c:90:
bc:32:ac:63:0e:7d:04:d5:e1:f8:65:37:41:92:b2:
cc:d3:ae:f7:e7:0e:2c:85:cd:5a:34:0c:c7:50:78:
9c:f6:f0:11:7b:1a:b6:40:28:59:8a:30:47:d3:b4:
d6:4f:c2:b0:9a:ac:fe:dd:7c:f5:bd:37:05:64:3b:
ff:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:88:F5:2E:4A:0B:BB:5E:16:7F:88:A7:1D:E1:49:02:C0:E2:41:F0
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/PIj1LkoLu14Wf4inHeFJAsDiQfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.133.0/24
89.185.24.0/22
Signature Algorithm: sha256WithRSAEncryption
24:c2:34:e9:b4:b6:41:47:a3:50:74:3c:26:95:92:16:52:cf:
9a:e3:84:ea:28:d2:95:cd:b8:9d:9a:a0:2f:de:d3:84:9b:a5:
31:15:b3:c9:73:9e:5c:bd:2a:da:6d:fa:53:9f:1e:9b:fe:47:
be:8d:56:02:85:8d:7d:cd:14:9b:3a:38:25:13:2b:21:16:86:
97:2b:48:6e:5e:a8:4a:95:f5:d0:ec:06:be:de:a8:0d:5d:f5:
3c:be:4a:fd:73:ba:53:4f:d8:4d:63:9c:4b:38:60:01:9c:8d:
a7:5c:34:2e:51:cf:1b:cb:3c:20:c2:81:cd:b3:b3:d8:79:f6:
da:62:e8:fc:4e:30:91:39:15:ff:87:93:2e:d0:b8:ec:59:e1:
6d:02:45:34:96:38:4d:70:ad:77:0c:18:0b:32:07:b6:97:4e:
56:9e:5a:2f:87:e7:48:42:b5:3c:7d:e4:b2:18:58:d7:3c:86:
fd:7f:49:1e:b6:b7:61:5f:52:9f:a7:b5:f5:a7:11:a2:2e:79:
c1:cc:c0:96:53:d1:e4:62:ce:b3:f3:2a:6e:4a:98:36:1a:04:
cb:26:f5:40:94:a4:00:18:bf:3d:e5:90:72:cc:24:94:fb:58:
f8:1a:77:04:d8:c2:e9:4b:24:93:4e:3e:3e:9b:18:78:09:04:
d9:72:26:0a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYUu8ysgiqXx3k+RTvM2ouqvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjIxMjIwMDk1MjQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzg4ZjUyZTRhMGJiYjVlMTY3Zjg4YTcxZGUxNDkwMmMwZTI0MWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkApjtUMvN+kzcnmmasOyfg9Q/LDp
PWV/j2thA7FgGGoMVGdRbGuekoem32T1lHyN+feMIh1jAvhgNpYun/Jdm3+nIjKp
noga095x2BVKud9apEVl80XJ4M4+b6g6TEj/dgNzx9H8nz+3LB8qEX+qrgYUKgfE
9O4d1xF6ypr6VzpcHjiRof+jOOG91IAkEtwMjAY9vOgHPeymUPfS6zRjqR5eFXBX
BSHI70ECOX3ve2FEasOgBVF+D51ue0ZOaW5vjJC8MqxjDn0E1eH4ZTdBkrLM0673
5w4shc1aNAzHUHic9vARexq2QChZijBH07TWT8Kwmqz+3Xz1vTcFZDv/HwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDyI9S5KC7teFn+Ipx3hSQLA4kHwMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvUElqMUxrb0x1MTRXZjRpbkhlRkpBc0RpUWZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAURaFAwQC
WbkYMA0GCSqGSIb3DQEBCwUAA4IBAQAkwjTptLZBR6NQdDwmlZIWUs+a44TqKNKV
zbidmqAv3tOEm6UxFbPJc55cvSrabfpTnx6b/ke+jVYChY19zRSbOjglEyshFoaX
K0huXqhKlfXQ7Aa+3qgNXfU8vkr9c7pTT9hNY5xLOGABnI2nXDQuUc8byzwgwoHN
s7PYefbaYuj8TjCRORX/h5Mu0LjsWeFtAkU0ljhNcK13DBgLMge2l05Wnlovh+dI
QrU8feSyGFjXPIb9f0ketrdhX1Kfp7X1pxGiLnnBzMCWU9HkYs6z8ypuSpg2GgTL
JvVAlKQAGL895ZByzCSU+1j4GncE2MLpSySTTj4+mxh4CQTZciYK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org