Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/a5xfG13odgiVZoXrKGfNlv2uXh0.roa
File: a5xfG13odgiVZoXrKGfNlv2uXh0.roa (raw, json)
Hash identifier: znIwL6DXLdnVSftwvCs9v0N9Gtnw3O7txpjjZ13jkLo=
Subject key identifier: 6B:9C:5F:1B:5D:E8:76:08:95:66:85:EB:28:67:CD:96:FD:AE:5E:1D
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 1D0115A4
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/a5xfG13odgiVZoXrKGfNlv2uXh0.roa
Signing time: Thu 05 May 2022 10:36:26 +0000
ROA not before: Thu 05 May 2022 10:36:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1299
IP address blocks: 81.22.136.0/21 maxlen: 21
81.22.128.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 486610340 (0x1d0115a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: May 5 10:36:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6b9c5f1b5de87608956685eb2867cd96fdae5e1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:85:95:a3:bc:4b:6a:f8:7b:7e:63:32:11:c5:
af:62:cf:fb:74:b2:26:d5:73:f1:a3:b4:46:6a:25:
03:f7:71:06:11:38:59:99:7d:74:4d:2c:65:1a:0e:
a2:73:cf:7f:21:7e:ed:a6:6e:72:66:e5:33:01:05:
f9:09:b6:25:d3:9e:fb:f2:b0:5d:33:aa:1b:d5:a7:
cc:b2:61:65:f8:17:49:41:0b:57:ee:5c:d9:48:5b:
48:2a:40:c6:58:aa:13:69:35:01:3c:c6:17:12:84:
6b:e5:b2:01:fc:ce:47:98:2f:37:da:5d:da:29:eb:
05:28:9a:0d:52:d5:86:9a:fb:24:07:5b:09:3b:cc:
95:36:bc:7c:c8:66:83:1c:3e:39:d3:2f:34:94:3b:
12:2e:88:3b:4a:ec:8b:b0:e3:0d:49:1a:5c:29:b5:
51:3e:1e:04:85:0d:31:ad:79:12:42:2e:aa:54:75:
ca:02:09:bf:7f:3a:61:28:ab:d7:5e:2e:3e:8e:4e:
b9:5d:8c:5c:01:b8:0d:af:b2:00:d7:3f:0e:fb:35:
85:35:ab:02:a8:62:e2:cb:06:b9:6c:d3:08:d6:05:
49:b9:cf:8c:a8:c0:78:66:8f:cf:fd:65:01:ea:71:
24:e8:7a:da:14:df:94:6f:ff:d3:f3:8d:65:8b:33:
f3:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:9C:5F:1B:5D:E8:76:08:95:66:85:EB:28:67:CD:96:FD:AE:5E:1D
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/a5xfG13odgiVZoXrKGfNlv2uXh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.128.0/20
Signature Algorithm: sha256WithRSAEncryption
50:a4:a2:61:c7:54:fc:a5:34:17:fe:bb:05:38:cd:7c:74:73:
bb:06:a0:80:08:45:f2:e3:84:75:04:a0:b2:1e:5a:71:c0:85:
ef:e2:d4:40:3d:df:c4:2d:99:75:1f:1a:c2:4b:4c:61:b5:03:
54:8f:63:32:46:c8:18:93:c8:7c:42:97:d8:2e:f0:67:f7:f5:
e0:8c:a1:b7:32:93:e3:43:ea:03:6c:1f:61:b1:4f:37:3f:02:
4c:3c:d0:1e:32:16:80:1d:25:3c:ed:7b:0d:c6:37:ac:b0:f3:
8d:5f:ef:73:bc:38:75:1f:07:1f:a7:c0:29:a7:f6:41:7d:3f:
47:73:17:4b:53:31:1c:00:18:6a:33:56:ce:de:d5:54:3e:b1:
31:b5:bc:c0:54:cc:a1:2b:0c:41:8c:b0:62:f6:9b:71:50:c7:
fe:76:66:a6:32:f0:59:69:57:c3:ff:c6:41:9e:d9:e9:67:b0:
92:50:c7:37:a9:64:aa:f6:6e:d2:9d:0b:0e:70:c1:8a:24:43:
cf:5e:5c:08:ff:25:b5:bb:b0:d5:12:db:7e:07:1b:b2:10:9c:
45:31:c0:a2:0c:60:cb:1a:81:0f:87:75:25:18:2b:40:8d:0b:
92:a3:e8:be:d0:7c:4b:c8:00:b2:c6:e8:72:1c:a8:7d:de:31:
7e:67:10:38
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEHQEVpDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ODJjZjgwOWMwZTNlOGU1NTUyZjlkMGRkMmUyN2UwZGQyZDhkYWJlMB4XDTIyMDUw
NTEwMzYyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmI5YzVmMWI1ZGU4
NzYwODk1NjY4NWViMjg2N2NkOTZmZGFlNWUxZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALWFlaO8S2r4e35jMhHFr2LP+3SyJtVz8aO0RmolA/dxBhE4
WZl9dE0sZRoOonPPfyF+7aZucmblMwEF+Qm2JdOe+/KwXTOqG9WnzLJhZfgXSUEL
V+5c2UhbSCpAxliqE2k1ATzGFxKEa+WyAfzOR5gvN9pd2inrBSiaDVLVhpr7JAdb
CTvMlTa8fMhmgxw+OdMvNJQ7Ei6IO0rsi7DjDUkaXCm1UT4eBIUNMa15EkIuqlR1
ygIJv386YSir114uPo5OuV2MXAG4Da+yANc/Dvs1hTWrAqhi4ssGuWzTCNYFSbnP
jKjAeGaPz/1lAepxJOh62hTflG//0/ONZYsz8zECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRrnF8bXeh2CJVmhesoZ82W/a5eHTAfBgNVHSMEGDAWgBSYLPgJwOPo5VUv
nQ3S4n4N0tjavjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21DejRDY0RqNk9WVkw1ME4wdUotRGRMWTJyNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2QvNjE2OGQ3LTk0NmMtNDU3NC05MWVhLTgyYWQxNDU1NWVhYS8x
L2E1eGZHMTNvZGdpVlpvWHJLR2ZObHYydVhoMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Qv
NjE2OGQ3LTk0NmMtNDU3NC05MWVhLTgyYWQxNDU1NWVhYS8xL21DejRDY0RqNk9W
Vkw1ME4wdUotRGRMWTJyNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBFEWgDANBgkqhkiG9w0BAQsFAAOC
AQEAUKSiYcdU/KU0F/67BTjNfHRzuwaggAhF8uOEdQSgsh5accCF7+LUQD3fxC2Z
dR8awktMYbUDVI9jMkbIGJPIfEKX2C7wZ/f14IyhtzKT40PqA2wfYbFPNz8CTDzQ
HjIWgB0lPO17DcY3rLDzjV/vc7w4dR8HH6fAKaf2QX0/R3MXS1MxHAAYajNWzt7V
VD6xMbW8wFTMoSsMQYywYvabcVDH/nZmpjLwWWlXw//GQZ7Z6WewklDHN6lkqvZu
0p0LDnDBiiRDz15cCP8ltbuw1RLbfgcbshCcRTHAogxgyxqBD4d1JRgrQI0LkqPo
vtB8S8gAssbochyofd4xfmcQOA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org