Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/SEqW6kTIKnVkA4q8bDAoOvv-ObY.roa
File: SEqW6kTIKnVkA4q8bDAoOvv-ObY.roa (raw, json)
Hash identifier: DIyd2DZKTwKoq7ncODKX5WdzpByLfOsUTyeYxNnejYs=
Subject key identifier: 48:4A:96:EA:44:C8:2A:75:64:03:8A:BC:6C:30:28:3A:FB:FE:39:B6
Certificate issuer: /CN=1056bcd426fd87cd6f4147e133216d03112b181b
Certificate serial: 346E8360
Authority key identifier: 10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/SEqW6kTIKnVkA4q8bDAoOvv-ObY.roa
Signing time: Sat 05 Feb 2022 11:53:16 +0000
ROA not before: Sat 05 Feb 2022 11:53:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57235
IP address blocks: 81.31.224.0/20 maxlen: 24
81.31.238.0/24 maxlen: 24
81.31.240.0/22 maxlen: 24
81.31.240.0/23 maxlen: 24
81.31.234.0/24 maxlen: 24
81.31.235.0/24 maxlen: 24
81.31.236.0/24 maxlen: 24
81.31.248.0/22 maxlen: 24
81.31.250.0/24 maxlen: 24
81.31.251.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 879657824 (0x346e8360)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1056bcd426fd87cd6f4147e133216d03112b181b
Validity
Not Before: Feb 5 11:53:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=484a96ea44c82a7564038abc6c30283afbfe39b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:f4:0b:e6:3b:c8:44:c7:7c:85:93:a9:cc:6a:
30:73:6b:93:f8:80:02:00:88:c0:12:2d:81:4d:d8:
8d:8a:40:bc:68:bb:49:59:c4:f1:e8:ac:3e:52:a4:
69:ca:c3:f5:17:c5:c0:6c:5f:42:c8:e8:0c:57:bb:
79:3e:5a:82:1b:96:0e:0a:8c:5c:3d:f0:50:6d:d2:
6c:56:c9:ca:07:58:d2:2a:e4:78:03:8f:36:2b:e6:
08:a7:84:b2:e3:58:c9:fb:0d:2b:e4:a7:cd:17:a5:
de:ad:06:f1:e5:f5:66:5e:04:a6:bd:db:a2:10:fe:
0e:ab:f7:79:24:53:1e:ae:8e:84:30:20:28:da:1f:
11:55:9c:d6:f7:ed:da:66:3b:0b:d9:b8:d3:e5:36:
75:fb:0e:ac:d1:a1:32:86:3e:81:e8:46:da:13:ab:
49:58:14:10:85:73:e8:f1:e4:80:17:59:1c:4a:57:
32:d9:ca:cc:17:50:21:82:20:42:e6:41:95:ce:d0:
ee:e9:74:bc:e4:a8:6b:ca:be:19:e1:e0:0e:ae:5a:
7d:8c:54:d8:5a:e1:e2:8a:94:16:c0:1f:83:3d:53:
f6:60:d5:bc:88:fa:b5:3b:67:e4:36:8e:a1:e0:d0:
02:0e:7f:0d:cf:99:df:97:bd:ef:60:1b:22:35:46:
22:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:4A:96:EA:44:C8:2A:75:64:03:8A:BC:6C:30:28:3A:FB:FE:39:B6
X509v3 Authority Key Identifier:
keyid:10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/SEqW6kTIKnVkA4q8bDAoOvv-ObY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.31.224.0-81.31.243.255
81.31.248.0/22
Signature Algorithm: sha256WithRSAEncryption
59:b9:e9:b2:6a:fa:7e:2c:a3:02:15:6a:a9:ec:03:ce:c4:4c:
cc:c3:37:5c:2e:0c:bc:40:a3:c9:c9:8f:4c:99:8d:72:84:ac:
5d:e1:d5:d6:d8:1c:50:0b:1f:67:76:4b:3b:4b:cb:68:ae:ce:
0d:5e:cc:68:66:a5:f1:fb:49:a3:94:9d:08:57:b6:ca:e5:da:
72:86:93:42:4e:2d:6b:42:50:0d:cd:c9:6d:cc:7e:3d:56:24:
7f:16:da:c0:ea:83:a6:3a:e2:ef:98:31:95:a0:18:83:d4:b2:
e2:d7:11:6d:a7:72:1a:37:fc:9e:87:84:21:9a:89:99:4b:64:
56:e7:07:71:fc:9f:34:a8:9e:7c:5e:b6:c1:7f:16:09:7f:c3:
88:60:37:47:e5:9b:4a:2a:dc:a7:0c:c6:7b:a7:f3:00:dc:ec:
fc:1e:d7:72:2d:60:b2:ef:cf:b0:6a:07:75:2f:b2:4a:09:47:
f9:72:c8:d6:4c:e2:9b:bc:40:10:9e:bb:d0:c6:59:97:16:ab:
46:61:c7:50:c9:77:11:e0:a8:86:3c:0e:9d:0e:39:fa:0e:60:
5b:a2:74:6d:66:50:ae:34:67:55:70:31:50:78:dc:f5:55:bf:
cc:bf:5d:71:9e:41:f8:ad:5d:45:48:b1:53:44:75:39:77:9a:
02:82:8f:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIENG6DYDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MDU2YmNkNDI2ZmQ4N2NkNmY0MTQ3ZTEzMzIxNmQwMzExMmIxODFiMB4XDTIyMDIw
NTExNTMxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDg0YTk2ZWE0NGM4
MmE3NTY0MDM4YWJjNmMzMDI4M2FmYmZlMzliNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANf0C+Y7yETHfIWTqcxqMHNrk/iAAgCIwBItgU3YjYpAvGi7
SVnE8eisPlKkacrD9RfFwGxfQsjoDFe7eT5aghuWDgqMXD3wUG3SbFbJygdY0irk
eAOPNivmCKeEsuNYyfsNK+SnzRel3q0G8eX1Zl4Epr3bohD+Dqv3eSRTHq6OhDAg
KNofEVWc1vft2mY7C9m40+U2dfsOrNGhMoY+gehG2hOrSVgUEIVz6PHkgBdZHEpX
MtnKzBdQIYIgQuZBlc7Q7ul0vOSoa8q+GeHgDq5afYxU2Frh4oqUFsAfgz1T9mDV
vIj6tTtn5DaOoeDQAg5/Dc+Z35e972AbIjVGIvcCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBRISpbqRMgqdWQDirxsMCg6+/45tjAfBgNVHSMEGDAWgBQQVrzUJv2HzW9B
R+EzIW0DESsYGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VGYTgxQ2I5aDgxdlFVZmhNeUZ0QXhFckdCcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDcvZTZmNGU0LTY4YmItNDQ5Ni05MGM3LWFhODU5ZTE5MmIxNi8x
L1NFcVc2a1RJS25Wa0E0cThiREFvT3Z2LU9iWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDcv
ZTZmNGU0LTY4YmItNDQ5Ni05MGM3LWFhODU5ZTE5MmIxNi8xL0VGYTgxQ2I5aDgx
dlFVZmhNeUZ0QXhFckdCcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFDAMAwQFUR/gAwQCUR/wAwQCUR/4MA0G
CSqGSIb3DQEBCwUAA4IBAQBZuemyavp+LKMCFWqp7APOxEzMwzdcLgy8QKPJyY9M
mY1yhKxd4dXW2BxQCx9ndks7S8tors4NXsxoZqXx+0mjlJ0IV7bK5dpyhpNCTi1r
QlANzcltzH49ViR/FtrA6oOmOuLvmDGVoBiD1LLi1xFtp3IaN/yeh4QhmomZS2RW
5wdx/J80qJ58XrbBfxYJf8OIYDdH5ZtKKtynDMZ7p/MA3Oz8HtdyLWCy78+wagd1
L7JKCUf5csjWTOKbvEAQnrvQxlmXFqtGYcdQyXcR4KiGPA6dDjn6DmBbonRtZlCu
NGdVcDFQeNz1Vb/Mv11xnkH4rV1FSLFTRHU5d5oCgo8I
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:33 2024 by rpki-client on console-ams.rpki-client.org