Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/v9mEdl7BbGGI18YAPmxvRMn4Zsk.roa
File: v9mEdl7BbGGI18YAPmxvRMn4Zsk.roa (raw, json)
Hash identifier: hUC97Pzx983MsnX7/gtqUFusL/KG0XCnWH5l8wwjdhY=
Subject key identifier: BF:D9:84:76:5E:C1:6C:61:88:D7:C6:00:3E:6C:6F:44:C9:F8:66:C9
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 1D012C1A
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/v9mEdl7BbGGI18YAPmxvRMn4Zsk.roa
Signing time: Thu 05 May 2022 10:36:26 +0000
ROA not before: Thu 05 May 2022 10:36:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207152
IP address blocks: 81.22.136.0/21 maxlen: 21
109.72.124.0/22 maxlen: 22
109.72.120.0/23 maxlen: 23
81.22.128.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 486616090 (0x1d012c1a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: May 5 10:36:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bfd984765ec16c6188d7c6003e6c6f44c9f866c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:b6:d7:fc:83:15:fa:dd:be:e2:63:9d:c8:cb:
4c:71:72:bf:6e:fb:90:5b:ec:b7:4a:8c:fc:82:3a:
ed:34:15:21:d1:23:f1:b6:ea:c1:df:6f:a1:9c:53:
32:26:05:7b:3f:cd:36:13:ef:b4:11:1c:dc:65:7f:
76:d6:0d:cc:be:84:6c:b3:66:88:89:30:ae:02:45:
63:89:82:14:78:b2:fe:2c:cc:3f:f8:ca:08:d5:a6:
08:af:51:0a:e8:02:22:02:74:90:80:2d:6d:45:30:
8c:4a:90:96:f0:a7:ae:b4:7f:76:a8:2c:fd:f3:50:
a6:16:d3:ef:f8:15:42:e8:7b:cb:bb:ce:de:10:b0:
e3:2d:4c:8b:29:9b:c7:47:81:d4:e2:b1:bd:40:80:
01:2b:c0:a6:1f:7d:39:ec:da:78:ef:d7:b2:16:6f:
c1:26:6a:5b:ed:27:54:4d:ac:fc:a1:88:bf:1e:f3:
21:71:45:92:28:7e:08:ca:aa:5e:11:42:79:8a:cc:
92:1d:23:2d:86:09:67:da:27:44:87:5a:0c:56:7a:
8a:ea:a0:72:4f:84:bc:62:8c:53:0b:f7:cd:7c:60:
83:71:d3:bf:57:32:40:43:2b:23:0b:72:49:2d:d5:
06:92:6b:3c:ac:5d:7d:b6:32:41:1b:c3:3c:3e:f8:
14:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:D9:84:76:5E:C1:6C:61:88:D7:C6:00:3E:6C:6F:44:C9:F8:66:C9
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/v9mEdl7BbGGI18YAPmxvRMn4Zsk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.128.0/20
109.72.120.0/23
109.72.124.0/22
Signature Algorithm: sha256WithRSAEncryption
16:f5:3d:35:f0:e3:e4:fe:08:b2:98:49:48:61:d1:ac:ad:6e:
de:a5:fb:df:f3:02:c8:00:8c:c0:5d:c4:83:d3:bd:cc:6e:ab:
0b:f5:42:c9:d5:61:f7:e6:4a:17:ae:ec:0b:58:98:c8:84:17:
08:4b:f0:90:d7:8d:a1:94:ec:ed:e2:32:ff:d4:c8:58:ef:9f:
92:12:60:92:e2:da:80:60:3d:41:13:8f:a0:1a:c4:ab:81:f5:
5b:12:2e:45:37:c7:9a:cb:1a:a2:da:a0:d5:b8:42:20:83:aa:
2c:e6:41:3f:10:b6:df:69:86:93:79:81:df:a5:06:04:b9:f6:
05:61:80:b2:f0:45:97:ed:2e:5b:c5:b0:a2:9f:bc:68:c1:55:
57:1f:0d:75:82:9c:d3:38:f4:b7:78:49:dd:f7:58:f0:fe:9b:
a0:d5:bb:f4:df:e5:61:5f:4b:1f:7b:8d:de:e3:c8:a2:f6:ff:
38:df:23:5d:8a:68:f5:9d:cb:0a:e1:bd:af:3c:46:b6:27:44:
4a:b1:79:75:4d:6b:1a:70:18:52:41:9a:88:e0:4c:0b:a3:28:
bf:51:f8:d7:20:19:3c:fd:ea:3b:37:fd:2b:20:f4:e8:69:64:
79:18:7a:69:dd:4e:d1:a9:d0:9f:50:25:3a:6d:1b:6b:2c:1e:
c7:03:78:29
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEHQEsGjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ODJjZjgwOWMwZTNlOGU1NTUyZjlkMGRkMmUyN2UwZGQyZDhkYWJlMB4XDTIyMDUw
NTEwMzYyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmZkOTg0NzY1ZWMx
NmM2MTg4ZDdjNjAwM2U2YzZmNDRjOWY4NjZjOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJy21/yDFfrdvuJjncjLTHFyv277kFvst0qM/II67TQVIdEj
8bbqwd9voZxTMiYFez/NNhPvtBEc3GV/dtYNzL6EbLNmiIkwrgJFY4mCFHiy/izM
P/jKCNWmCK9RCugCIgJ0kIAtbUUwjEqQlvCnrrR/dqgs/fNQphbT7/gVQuh7y7vO
3hCw4y1Miymbx0eB1OKxvUCAASvAph99OezaeO/XshZvwSZqW+0nVE2s/KGIvx7z
IXFFkih+CMqqXhFCeYrMkh0jLYYJZ9onRIdaDFZ6iuqgck+EvGKMUwv3zXxgg3HT
v1cyQEMrIwtySS3VBpJrPKxdfbYyQRvDPD74FAsCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBS/2YR2XsFsYYjXxgA+bG9EyfhmyTAfBgNVHSMEGDAWgBSYLPgJwOPo5VUv
nQ3S4n4N0tjavjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21DejRDY0RqNk9WVkw1ME4wdUotRGRMWTJyNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2QvNjE2OGQ3LTk0NmMtNDU3NC05MWVhLTgyYWQxNDU1NWVhYS8x
L3Y5bUVkbDdCYkdHSTE4WUFQbXh2Uk1uNFpzay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Qv
NjE2OGQ3LTk0NmMtNDU3NC05MWVhLTgyYWQxNDU1NWVhYS8xL21DejRDY0RqNk9W
Vkw1ME4wdUotRGRMWTJyNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEBFEWgAMEAW1IeAMEAm1IfDANBgkq
hkiG9w0BAQsFAAOCAQEAFvU9NfDj5P4IsphJSGHRrK1u3qX73/MCyACMwF3Eg9O9
zG6rC/VCydVh9+ZKF67sC1iYyIQXCEvwkNeNoZTs7eIy/9TIWO+fkhJgkuLagGA9
QROPoBrEq4H1WxIuRTfHmssaotqg1bhCIIOqLOZBPxC232mGk3mB36UGBLn2BWGA
svBFl+0uW8Wwop+8aMFVVx8NdYKc0zj0t3hJ3fdY8P6boNW79N/lYV9LH3uN3uPI
ovb/ON8jXYpo9Z3LCuG9rzxGtidESrF5dU1rGnAYUkGaiOBMC6Mov1H41yAZPP3q
Ozf9KyD06GlkeRh6ad1O0anQn1AlOm0baywexwN4KQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org