Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/OIyqMcG1MEw6zFi7cyx7cE_L7JE.roa
File: OIyqMcG1MEw6zFi7cyx7cE_L7JE.roa (raw, json)
Hash identifier: MvJ+Ir3rk8PQK72rkcOQZaO4A6lqo9o7Z/0FM1CHn/U=
Subject key identifier: 38:8C:AA:31:C1:B5:30:4C:3A:CC:58:BB:73:2C:7B:70:4F:CB:EC:91
Certificate issuer: /CN=1056bcd426fd87cd6f4147e133216d03112b181b
Certificate serial: 018216AA742FC9F3A3159ED5EB1EC2736B41
Authority key identifier: 10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/OIyqMcG1MEw6zFi7cyx7cE_L7JE.roa
Signing time: Tue 19 Jul 2022 13:34:05 +0000
ROA not before: Tue 19 Jul 2022 13:34:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 81.31.231.0/24 maxlen: 24
81.31.232.0/24 maxlen: 24
81.31.244.0/22 maxlen: 24
81.31.242.0/23 maxlen: 24
81.31.252.0/22 maxlen: 24
185.84.162.0/23 maxlen: 24
185.84.160.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:16:aa:74:2f:c9:f3:a3:15:9e:d5:eb:1e:c2:73:6b:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1056bcd426fd87cd6f4147e133216d03112b181b
Validity
Not Before: Jul 19 13:34:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=388caa31c1b5304c3acc58bb732c7b704fcbec91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f3:1a:78:12:09:2d:8b:e8:e0:fd:1c:b6:39:
2a:bc:dc:76:85:6b:ec:a1:1b:e3:29:78:fb:a7:bd:
67:0e:b8:f0:af:f2:a4:53:fa:a7:51:f9:b5:bd:5d:
1a:d5:06:75:ee:6b:b8:04:2a:d5:99:12:94:32:ee:
6e:d9:ec:fd:b8:02:4c:39:9c:79:59:db:ba:9c:78:
6b:db:0c:5f:4a:3d:17:af:61:b8:5e:0f:8c:c5:82:
40:3b:89:06:a9:19:39:8e:cd:f1:3a:15:1f:2e:38:
49:cf:5b:4c:b1:ea:62:15:61:0e:48:f7:d4:c2:b2:
ab:02:40:7d:2b:0a:3c:5d:73:81:97:50:d3:4b:ef:
cc:be:5b:1a:93:e2:57:cc:fa:d2:11:2a:88:f2:71:
7f:8d:90:5b:a5:9b:dd:ac:18:d2:2f:68:89:b9:b0:
ee:fa:b7:10:71:15:d5:62:13:e3:67:e0:ea:c0:e9:
97:a7:9a:e7:14:f4:f9:b1:50:02:79:f4:fc:ee:46:
b4:3d:ee:6b:f0:55:f7:ed:4a:5a:10:a3:8f:53:73:
5c:cf:07:ea:b4:6f:55:dd:58:1c:5e:cf:26:a9:9c:
99:af:2e:54:fa:43:de:a3:84:51:4c:bb:fd:72:c8:
52:42:0f:7b:cb:79:08:28:de:65:47:26:65:d1:1d:
45:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:8C:AA:31:C1:B5:30:4C:3A:CC:58:BB:73:2C:7B:70:4F:CB:EC:91
X509v3 Authority Key Identifier:
keyid:10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/OIyqMcG1MEw6zFi7cyx7cE_L7JE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.31.231.0-81.31.232.255
81.31.242.0-81.31.247.255
81.31.252.0/22
185.84.160.0/22
Signature Algorithm: sha256WithRSAEncryption
49:bd:48:b4:30:99:9c:80:db:9b:ba:ea:59:1e:23:39:1b:d3:
98:4e:85:32:e2:7b:3b:71:71:7f:3b:59:9a:97:b7:0e:a5:dc:
57:51:65:25:36:78:d8:30:6d:32:77:2b:65:78:75:1a:6d:f4:
10:37:f0:f3:2c:6e:f5:04:01:d7:3e:e5:bf:5a:3a:b7:02:71:
63:e8:7e:bf:f3:6c:e4:9e:6c:ab:b2:ae:74:2a:18:87:0e:f1:
aa:68:5e:f4:e4:f3:bf:8b:1a:a6:30:51:6b:a7:d0:01:35:76:
a0:b7:bd:19:44:45:51:88:4a:87:52:70:da:1c:66:03:a4:90:
8f:67:d0:61:20:2b:61:64:61:42:f0:39:9e:92:31:70:c6:1e:
6f:c1:2c:83:3f:a9:83:59:c2:6e:f8:88:2d:34:43:0b:9b:2a:
9c:39:5e:3c:ff:e6:d4:0a:dc:a4:d8:72:2a:9b:c1:56:75:3f:
fb:9b:39:0e:1a:24:56:74:8d:81:ff:fb:58:66:db:ab:37:e4:
43:e9:52:43:45:77:c8:12:4b:d0:c2:19:ea:0b:0c:dc:c4:7c:
05:c3:8b:57:0a:2b:34:07:43:19:20:96:fa:52:d7:8d:f6:af:
88:0b:52:3f:6a:94:f4:c0:70:7d:68:20:95:36:50:55:ed:77:
0c:26:4c:c3
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYIWqnQvyfOjFZ7V6x7Cc2tBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNTZiY2Q0MjZmZDg3Y2Q2ZjQxNDdlMTMzMjE2ZDAzMTEy
YjE4MWIwHhcNMjIwNzE5MTMzNDA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODhjYWEzMWMxYjUzMDRjM2FjYzU4YmI3MzJjN2I3MDRmY2JlYzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPMaeBIJLYvo4P0ctjkqvNx2hWvs
oRvjKXj7p71nDrjwr/KkU/qnUfm1vV0a1QZ17mu4BCrVmRKUMu5u2ez9uAJMOZx5
Wdu6nHhr2wxfSj0Xr2G4Xg+MxYJAO4kGqRk5js3xOhUfLjhJz1tMsepiFWEOSPfU
wrKrAkB9Kwo8XXOBl1DTS+/Mvlsak+JXzPrSESqI8nF/jZBbpZvdrBjSL2iJubDu
+rcQcRXVYhPjZ+DqwOmXp5rnFPT5sVACefT87ka0Pe5r8FX37UpaEKOPU3Nczwfq
tG9V3VgcXs8mqZyZry5U+kPeo4RRTLv9cshSQg97y3kIKN5lRyZl0R1F2QIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFDiMqjHBtTBMOsxYu3Mse3BPy+yRMB8GA1UdIwQY
MBaAFBBWvNQm/YfNb0FH4TMhbQMRKxgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzct
YWE4NTllMTkyYjE2LzEvT0l5cU1jRzFNRXc2ekZpN2N5eDdjRV9MN0pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzctYWE4NTllMTkyYjE2
LzEvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBABRH+cD
BABRH+gwDAMEAVEf8gMEA1Ef8AMEAlEf/AMEArlUoDANBgkqhkiG9w0BAQsFAAOC
AQEASb1ItDCZnIDbm7rqWR4jORvTmE6FMuJ7O3FxfztZmpe3DqXcV1FlJTZ42DBt
MncrZXh1Gm30EDfw8yxu9QQB1z7lv1o6twJxY+h+v/Ns5J5sq7KudCoYhw7xqmhe
9OTzv4sapjBRa6fQATV2oLe9GURFUYhKh1Jw2hxmA6SQj2fQYSArYWRhQvA5npIx
cMYeb8Esgz+pg1nCbviILTRDC5sqnDlePP/m1ArcpNhyKpvBVnU/+5s5DhokVnSN
gf/7WGbbqzfkQ+lSQ0V3yBJL0MIZ6gsM3MR8BcOLVworNAdDGSCW+lLXjfaviAtS
P2qU9MBwfWgglTZQVe13DCZMww==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:33 2024 by rpki-client on console-ams.rpki-client.org