Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/032d8b-4881-46fa-b674-7733bd888e28/1/kUu5FFxP3AH5xMA0VfwvW-21pK0.roa
File: kUu5FFxP3AH5xMA0VfwvW-21pK0.roa (raw, json)
Hash identifier: tzyi0JESHiCnhANkT4yz+plL8aXfNxDH8MyY0PZ7ZEg=
Subject key identifier: 91:4B:B9:14:5C:4F:DC:01:F9:C4:C0:34:55:FC:2F:5B:ED:B5:A4:AD
Certificate issuer: /CN=da0b33cddb799b7bcf5d3dce004fdba8c3e864ff
Certificate serial: 010779
Authority key identifier: DA:0B:33:CD:DB:79:9B:7B:CF:5D:3D:CE:00:4F:DB:A8:C3:E8:64:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gszzdt5m3vPXT3OAE_bqMPoZP8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/032d8b-4881-46fa-b674-7733bd888e28/1/kUu5FFxP3AH5xMA0VfwvW-21pK0.roa
Signing time: Thu 09 Jun 2022 07:36:02 +0000
ROA not before: Thu 09 Jun 2022 07:36:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25176
IP address blocks: 81.8.204.0/24 maxlen: 24
80.88.96.0/19 maxlen: 19
85.194.128.0/18 maxlen: 18
81.8.226.0/24 maxlen: 24
81.8.128.0/17 maxlen: 17
2a01:4040::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67449 (0x10779)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da0b33cddb799b7bcf5d3dce004fdba8c3e864ff
Validity
Not Before: Jun 9 07:36:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=914bb9145c4fdc01f9c4c03455fc2f5bedb5a4ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:3a:03:4f:e3:e8:18:9e:9b:af:60:e9:c1:f3:
8c:03:f8:86:71:7d:29:cf:f8:56:56:8e:3a:2f:c0:
92:fc:58:00:e9:fb:3a:b0:62:7f:2d:a9:79:01:15:
f0:4b:d4:ad:96:da:fe:22:7c:a7:3f:0c:fc:e0:ed:
7a:4a:33:d1:2d:6c:5a:b8:c5:fe:06:e1:66:5a:44:
57:4c:06:4d:5f:54:eb:c2:99:b3:51:4d:d3:7c:92:
3a:a1:ec:99:a9:de:c1:c2:2b:40:9b:fd:52:3f:de:
bd:46:a5:74:60:d2:1c:55:7b:ac:02:7c:f7:b1:f3:
6d:a5:8d:1a:42:56:53:ad:aa:7f:c2:77:c5:b8:77:
79:d4:0e:c0:a6:20:76:f5:64:79:1a:f8:a2:3a:00:
19:b8:ef:4b:13:a3:fe:22:b0:26:b0:58:ac:e2:e5:
21:24:1a:37:9e:58:b7:de:27:00:f6:1d:47:6c:eb:
67:c2:35:db:57:8b:06:ad:ea:2b:d1:c4:b6:72:dd:
7d:b0:0e:70:eb:22:92:5d:ac:bf:38:4c:02:7e:1b:
51:ad:ca:b2:2d:a8:c9:fe:ed:51:a9:60:ad:45:52:
c5:be:c1:12:dc:a8:55:0f:eb:9f:8f:92:c7:e9:2f:
21:7d:d1:cc:29:c3:a1:a6:f7:4c:89:e9:02:68:3f:
2e:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:4B:B9:14:5C:4F:DC:01:F9:C4:C0:34:55:FC:2F:5B:ED:B5:A4:AD
X509v3 Authority Key Identifier:
keyid:DA:0B:33:CD:DB:79:9B:7B:CF:5D:3D:CE:00:4F:DB:A8:C3:E8:64:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gszzdt5m3vPXT3OAE_bqMPoZP8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/032d8b-4881-46fa-b674-7733bd888e28/1/kUu5FFxP3AH5xMA0VfwvW-21pK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/032d8b-4881-46fa-b674-7733bd888e28/1/2gszzdt5m3vPXT3OAE_bqMPoZP8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.88.96.0/19
81.8.128.0/17
85.194.128.0/18
IPv6:
2a01:4040::/32
Signature Algorithm: sha256WithRSAEncryption
8e:47:a9:19:c7:27:82:64:35:72:11:2f:a9:eb:09:d5:90:fa:
53:cb:e6:84:98:52:0d:63:02:1c:2c:62:eb:e5:76:89:9e:07:
4c:a7:89:8b:fe:d8:cc:1a:1c:27:b1:59:e3:dc:cd:8a:e6:fb:
f3:c4:33:88:5f:00:59:da:58:e2:46:83:86:c0:ee:d3:8e:d7:
a3:34:7e:14:ce:80:7b:19:93:02:55:dc:84:bb:4e:96:fc:e7:
f0:6c:68:a4:21:ba:5e:28:05:38:e3:af:0d:36:ef:3f:37:48:
9f:15:f0:55:de:70:f1:ef:34:9d:ac:f9:ce:ca:8b:11:d7:5d:
4b:da:1b:d7:24:09:ed:62:2f:e1:3b:c1:cb:1f:23:d8:65:ae:
6d:29:c7:9f:65:6d:96:33:c7:80:ea:e0:9a:66:8c:a2:a4:b0:
74:74:c4:5b:bb:98:2a:68:79:ad:e8:22:42:7a:7d:b4:5e:46:
9c:48:1c:50:c3:a9:7d:2b:ff:0a:ea:80:04:09:69:3c:a1:5b:
e1:09:b5:c3:d5:1f:8b:5d:7a:0c:2f:e1:1a:6b:e1:00:73:41:
61:ee:38:88:9b:a4:ca:20:5f:54:40:a6:e6:89:bf:a3:1e:41:
8d:75:c8:1d:6f:3c:bd:d8:0a:b4:d2:ad:c4:20:02:e2:cc:91:
7b:7a:06:e2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIDAQd5MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGRh
MGIzM2NkZGI3OTliN2JjZjVkM2RjZTAwNGZkYmE4YzNlODY0ZmYwHhcNMjIwNjA5
MDczNjAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5MTRiYjkxNDVjNGZk
YzAxZjljNGMwMzQ1NWZjMmY1YmVkYjVhNGFkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAljoDT+PoGJ6br2DpwfOMA/iGcX0pz/hWVo46L8CS/FgA6fs6
sGJ/Lal5ARXwS9Stltr+InynPwz84O16SjPRLWxauMX+BuFmWkRXTAZNX1Trwpmz
UU3TfJI6oeyZqd7BwitAm/1SP969RqV0YNIcVXusAnz3sfNtpY0aQlZTrap/wnfF
uHd51A7ApiB29WR5GviiOgAZuO9LE6P+IrAmsFis4uUhJBo3nli33icA9h1HbOtn
wjXbV4sGreor0cS2ct19sA5w6yKSXay/OEwCfhtRrcqyLajJ/u1RqWCtRVLFvsES
3KhVD+ufj5LH6S8hfdHMKcOhpvdMiekCaD8uIQIDAQABo4ICJDCCAiAwHQYDVR0O
BBYEFJFLuRRcT9wB+cTANFX8L1vttaStMB8GA1UdIwQYMBaAFNoLM83beZt7z109
zgBP26jD6GT/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
MmdzenpkdDVtM3ZQWFQzT0FFX2JxTVBvWlA4LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9mZS8wMzJkOGItNDg4MS00NmZhLWI2NzQtNzczM2JkODg4ZTI4LzEv
a1V1NUZGeFAzQUg1eE1BMFZmd3ZXLTIxcEswLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8w
MzJkOGItNDg4MS00NmZhLWI2NzQtNzczM2JkODg4ZTI4LzEvMmdzenpkdDVtM3ZQ
WFQzT0FFX2JxTVBvWlA4LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDoG
CCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFUFhgAwQHUQiAAwQGVcKAMA0EAgAC
MAcDBQAqAUBAMA0GCSqGSIb3DQEBCwUAA4IBAQCOR6kZxyeCZDVyES+p6wnVkPpT
y+aEmFINYwIcLGLr5XaJngdMp4mL/tjMGhwnsVnj3M2K5vvzxDOIXwBZ2ljiRoOG
wO7TjtejNH4UzoB7GZMCVdyEu06W/OfwbGikIbpeKAU4468NNu8/N0ifFfBV3nDx
7zSdrPnOyosR111L2hvXJAntYi/hO8HLHyPYZa5tKcefZW2WM8eA6uCaZoyipLB0
dMRbu5gqaHmt6CJCen20XkacSBxQw6l9K/8K6oAECWk8oVvhCbXD1R+LXXoML+Ea
a+EAc0Fh7jiIm6TKIF9UQKbmib+jHkGNdcgdbzy92Aq00q3EIALizJF7egbi
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:00 2024 by rpki-client on console-fra.rpki-client.org