Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/XwLpZYEjL-LojtsFnZPHCKqJv-0.roa
File: XwLpZYEjL-LojtsFnZPHCKqJv-0.roa (raw, json)
Hash identifier: I5iQ3N6kE8bZOmBTc3vPq78laJ0iU5JGW/xn7evO9VQ=
Subject key identifier: 5F:02:E9:65:81:23:2F:E2:E8:8E:DB:05:9D:93:C7:08:AA:89:BF:ED
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 1D1BECF6
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/XwLpZYEjL-LojtsFnZPHCKqJv-0.roa
Signing time: Sat 14 May 2022 18:48:40 +0000
ROA not before: Sat 14 May 2022 18:48:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1299
IP address blocks: 81.22.136.0/21 maxlen: 21
109.72.124.0/22 maxlen: 22
109.72.120.0/23 maxlen: 23
81.22.128.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 488369398 (0x1d1becf6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: May 14 18:48:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5f02e96581232fe2e88edb059d93c708aa89bfed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:60:f3:04:87:fa:09:6e:86:4f:97:07:d5:34:
dc:5c:0f:19:2b:8a:08:6b:c0:72:16:14:c9:0b:b6:
26:d4:f9:b9:0d:0a:d5:9b:f4:d9:0f:79:65:d6:00:
f0:1f:46:50:7a:0c:1d:69:7a:a5:73:db:62:20:61:
cc:14:a9:bc:41:aa:84:51:4e:a8:60:14:da:f7:43:
99:64:93:18:c3:25:76:9d:1f:c7:5e:7c:8d:17:d7:
a7:a2:bc:5e:9f:1d:b6:8d:c9:8b:ae:2e:38:b5:9f:
f2:2e:32:50:58:f3:9c:d0:2c:d1:d6:69:df:b5:ee:
6b:e9:a2:73:37:cd:82:a9:89:19:2d:2b:41:34:64:
74:3a:5f:80:ba:94:36:a2:62:bb:ce:41:51:e3:1d:
c1:dc:73:08:7b:e6:42:53:ba:2f:58:9c:49:c5:7d:
76:f2:2b:b6:a4:8e:51:1e:85:97:75:30:af:6f:ce:
04:88:b3:e6:06:ca:78:70:1c:b5:45:22:59:83:2c:
f9:28:a7:6d:8f:a3:92:e5:78:e1:0f:1b:6d:80:f1:
8a:af:8c:bb:07:e7:90:37:20:06:c4:1c:e7:0c:79:
07:46:fb:68:88:04:e9:ce:db:82:69:f2:4d:c3:3e:
87:bd:e2:22:02:79:cf:d3:b6:1e:e6:f4:eb:cc:7d:
ec:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:02:E9:65:81:23:2F:E2:E8:8E:DB:05:9D:93:C7:08:AA:89:BF:ED
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/XwLpZYEjL-LojtsFnZPHCKqJv-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.128.0/20
109.72.120.0/23
109.72.124.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:80:4e:35:75:92:d2:5a:2b:78:56:69:46:9e:e2:a8:7e:d5:
fc:fc:07:23:31:ff:52:24:72:2d:93:4c:b0:55:92:24:25:74:
8f:a0:1d:ca:ef:43:c1:c4:f2:94:21:8f:d5:9d:b7:81:61:8e:
f4:ad:c2:d0:35:d7:4c:27:56:c4:35:ae:e4:da:4c:7d:f5:c2:
9e:c9:ea:a0:5f:e6:5f:9e:f2:9a:48:e7:3a:a6:08:99:7b:38:
dc:f1:77:fc:6f:be:d8:60:fc:b1:ca:ee:ee:97:74:5b:d7:99:
6f:8e:6b:cf:fb:57:44:22:be:b6:78:6f:b2:d1:46:88:c7:8b:
b4:b0:ba:f2:57:4f:70:5c:c6:8b:7b:1c:88:43:16:79:b2:53:
82:2b:33:77:2e:6b:da:7d:0a:ed:dc:24:e5:9d:e3:43:4b:4e:
12:e1:50:96:13:5c:91:8d:ac:20:b2:1f:98:60:40:03:53:c6:
32:a0:58:76:ac:b0:db:4d:c8:18:88:9b:93:13:fd:af:be:35:
da:ce:5f:82:6c:72:7f:b0:c4:e1:e0:2a:d4:7b:0b:6e:56:0e:
c9:e5:33:8c:4a:1e:46:1f:da:9c:5a:d6:9d:dc:63:15:16:6a:
73:39:1a:74:41:20:65:55:33:20:48:d0:8a:70:02:0a:dc:bb:
a4:5a:0f:be
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEHRvs9jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ODJjZjgwOWMwZTNlOGU1NTUyZjlkMGRkMmUyN2UwZGQyZDhkYWJlMB4XDTIyMDUx
NDE4NDg0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWYwMmU5NjU4MTIz
MmZlMmU4OGVkYjA1OWQ5M2M3MDhhYTg5YmZlZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKZg8wSH+gluhk+XB9U03FwPGSuKCGvAchYUyQu2JtT5uQ0K
1Zv02Q95ZdYA8B9GUHoMHWl6pXPbYiBhzBSpvEGqhFFOqGAU2vdDmWSTGMMldp0f
x158jRfXp6K8Xp8dto3Ji64uOLWf8i4yUFjznNAs0dZp37Xua+miczfNgqmJGS0r
QTRkdDpfgLqUNqJiu85BUeMdwdxzCHvmQlO6L1icScV9dvIrtqSOUR6Fl3Uwr2/O
BIiz5gbKeHActUUiWYMs+SinbY+jkuV44Q8bbYDxiq+MuwfnkDcgBsQc5wx5B0b7
aIgE6c7bgmnyTcM+h73iIgJ5z9O2Hub068x97FUCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBRfAullgSMv4uiO2wWdk8cIqom/7TAfBgNVHSMEGDAWgBSYLPgJwOPo5VUv
nQ3S4n4N0tjavjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21DejRDY0RqNk9WVkw1ME4wdUotRGRMWTJyNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2QvNjE2OGQ3LTk0NmMtNDU3NC05MWVhLTgyYWQxNDU1NWVhYS8x
L1h3THBaWUVqTC1Mb2p0c0ZuWlBIQ0txSnYtMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Qv
NjE2OGQ3LTk0NmMtNDU3NC05MWVhLTgyYWQxNDU1NWVhYS8xL21DejRDY0RqNk9W
Vkw1ME4wdUotRGRMWTJyNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEBFEWgAMEAW1IeAMEAm1IfDANBgkq
hkiG9w0BAQsFAAOCAQEAboBONXWS0loreFZpRp7iqH7V/PwHIzH/UiRyLZNMsFWS
JCV0j6Adyu9DwcTylCGP1Z23gWGO9K3C0DXXTCdWxDWu5NpMffXCnsnqoF/mX57y
mkjnOqYImXs43PF3/G++2GD8scru7pd0W9eZb45rz/tXRCK+tnhvstFGiMeLtLC6
8ldPcFzGi3sciEMWebJTgiszdy5r2n0K7dwk5Z3jQ0tOEuFQlhNckY2sILIfmGBA
A1PGMqBYdqyw203IGIibkxP9r7412s5fgmxyf7DE4eAq1HsLblYOyeUzjEoeRh/a
nFrWndxjFRZqczkadEEgZVUzIEjQinACCty7pFoPvg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org