Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/UjDwJrPF7ppBZ-OygUaYoljAUro.roa
File: UjDwJrPF7ppBZ-OygUaYoljAUro.roa (raw, json)
Hash identifier: e86g/5uSODUG6MgJ84oCQGTw2+Jn3NfQMnJhxE+Bq90=
Subject key identifier: 52:30:F0:26:B3:C5:EE:9A:41:67:E3:B2:81:46:98:A2:58:C0:52:BA
Certificate issuer: /CN=1056bcd426fd87cd6f4147e133216d03112b181b
Certificate serial: 3423F8CF
Authority key identifier: 10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/UjDwJrPF7ppBZ-OygUaYoljAUro.roa
Signing time: Sat 01 Jan 2022 09:02:50 +0000
ROA not before: Sat 01 Jan 2022 09:02:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57235
IP address blocks: 81.31.224.0/20 maxlen: 20
81.31.238.0/24 maxlen: 24
81.31.240.0/23 maxlen: 23
81.31.240.0/22 maxlen: 22
81.31.234.0/24 maxlen: 24
81.31.236.0/24 maxlen: 24
81.31.248.0/22 maxlen: 22
81.31.250.0/24 maxlen: 24
81.31.251.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 874772687 (0x3423f8cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1056bcd426fd87cd6f4147e133216d03112b181b
Validity
Not Before: Jan 1 09:02:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5230f026b3c5ee9a4167e3b2814698a258c052ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:14:51:98:15:8b:86:dd:2a:34:d7:87:20:df:
5a:f5:87:52:a4:1d:4d:56:a6:ec:38:88:2c:98:d3:
29:49:60:6a:b6:b7:34:8c:10:fd:17:29:39:97:64:
24:58:fd:45:ca:19:a9:ee:03:44:db:a9:3b:82:20:
78:65:d1:78:e5:f9:d6:4c:65:6c:7e:70:38:52:e0:
a9:4c:51:6d:3b:0e:e9:b8:86:f5:36:20:5c:3e:ca:
ff:a9:10:10:88:ef:4b:5c:61:ca:3c:8e:21:4c:c7:
6f:a0:66:ea:70:b8:f0:e2:1e:f9:c1:8c:9a:a9:da:
4e:7d:3e:f4:a2:65:15:74:4d:94:23:6a:b7:d1:bf:
c6:9a:f7:96:5f:78:dd:58:63:38:6f:1c:e6:2b:3a:
48:87:9e:9c:cb:c6:83:f6:ce:ab:c2:54:bf:3c:e1:
d7:f9:6f:ad:34:6b:f9:58:29:75:68:35:f2:97:a6:
b8:49:e8:a0:6c:8a:53:8b:48:ad:ce:b1:24:6c:ed:
3f:0a:15:4a:21:8f:b7:bb:1f:68:85:5d:d8:49:80:
6f:78:5d:49:b7:ad:81:0a:3e:eb:f9:3a:7a:cd:6a:
20:19:8c:42:ab:7b:a8:68:e0:39:f2:77:d5:07:f6:
c1:8a:1d:47:26:e7:e6:54:13:d8:fd:8b:95:68:f6:
ce:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:30:F0:26:B3:C5:EE:9A:41:67:E3:B2:81:46:98:A2:58:C0:52:BA
X509v3 Authority Key Identifier:
keyid:10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/UjDwJrPF7ppBZ-OygUaYoljAUro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.31.224.0-81.31.243.255
81.31.248.0/22
Signature Algorithm: sha256WithRSAEncryption
b4:98:46:d1:2d:5b:0b:33:97:52:9a:8b:bc:e5:a2:b4:c5:f8:
75:d7:53:9a:2b:90:08:55:87:bb:15:cb:45:16:4d:17:91:a5:
0c:b2:29:5d:a1:6a:7a:72:86:27:1d:ce:d4:1d:91:6e:38:64:
f2:17:7c:1b:39:19:2a:0f:d9:3b:be:20:ae:42:a5:56:13:4d:
33:13:79:8d:0b:e4:44:44:9a:77:2f:b6:95:5a:19:65:67:c3:
ed:0a:07:4d:5e:92:d9:64:4f:90:25:34:9b:d9:fc:1b:ee:56:
d6:a9:43:09:55:32:9d:0f:c3:02:3f:5c:32:7e:9e:da:d7:67:
45:c1:f2:db:5f:07:5b:5a:95:f4:76:65:ae:fd:72:8d:a3:42:
65:2e:97:03:b1:dd:7d:6e:c6:22:61:9a:d4:8c:9c:68:4a:f9:
62:ad:cc:d4:f2:aa:0a:64:7e:3c:1e:a0:00:ab:01:0a:64:b1:
e3:c9:c8:52:6d:f6:18:c1:e9:23:90:a9:47:e4:d2:c2:90:1d:
28:71:8d:a0:b8:2e:c6:3e:bb:c2:70:89:15:23:4e:79:a5:45:
1b:92:3c:eb:9c:80:2e:5b:68:a7:26:eb:be:11:7f:73:bc:ef:
6f:54:e7:ee:ca:1c:c7:91:2b:87:d8:2d:0b:10:26:bc:46:a9:
fe:e8:9f:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIENCP4zzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MDU2YmNkNDI2ZmQ4N2NkNmY0MTQ3ZTEzMzIxNmQwMzExMmIxODFiMB4XDTIyMDEw
MTA5MDI1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTIzMGYwMjZiM2M1
ZWU5YTQxNjdlM2IyODE0Njk4YTI1OGMwNTJiYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJMUUZgVi4bdKjTXhyDfWvWHUqQdTVam7DiILJjTKUlgara3
NIwQ/RcpOZdkJFj9RcoZqe4DRNupO4IgeGXReOX51kxlbH5wOFLgqUxRbTsO6biG
9TYgXD7K/6kQEIjvS1xhyjyOIUzHb6Bm6nC48OIe+cGMmqnaTn0+9KJlFXRNlCNq
t9G/xpr3ll943VhjOG8c5is6SIeenMvGg/bOq8JUvzzh1/lvrTRr+VgpdWg18pem
uEnooGyKU4tIrc6xJGztPwoVSiGPt7sfaIVd2EmAb3hdSbetgQo+6/k6es1qIBmM
Qqt7qGjgOfJ31Qf2wYodRybn5lQT2P2LlWj2zoUCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBRSMPAms8XumkFn47KBRpiiWMBSujAfBgNVHSMEGDAWgBQQVrzUJv2HzW9B
R+EzIW0DESsYGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VGYTgxQ2I5aDgxdlFVZmhNeUZ0QXhFckdCcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDcvZTZmNGU0LTY4YmItNDQ5Ni05MGM3LWFhODU5ZTE5MmIxNi8x
L1VqRHdKclBGN3BwQlotT3lnVWFZb2xqQVVyby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDcv
ZTZmNGU0LTY4YmItNDQ5Ni05MGM3LWFhODU5ZTE5MmIxNi8xL0VGYTgxQ2I5aDgx
dlFVZmhNeUZ0QXhFckdCcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFDAMAwQFUR/gAwQCUR/wAwQCUR/4MA0G
CSqGSIb3DQEBCwUAA4IBAQC0mEbRLVsLM5dSmou85aK0xfh111OaK5AIVYe7FctF
Fk0XkaUMsildoWp6coYnHc7UHZFuOGTyF3wbORkqD9k7viCuQqVWE00zE3mNC+RE
RJp3L7aVWhllZ8PtCgdNXpLZZE+QJTSb2fwb7lbWqUMJVTKdD8MCP1wyfp7a12dF
wfLbXwdbWpX0dmWu/XKNo0JlLpcDsd19bsYiYZrUjJxoSvlirczU8qoKZH48HqAA
qwEKZLHjychSbfYYwekjkKlH5NLCkB0ocY2guC7GPrvCcIkVI055pUUbkjzrnIAu
W2inJuu+EX9zvO9vVOfuyhzHkSuH2C0LECa8Rqn+6J/G
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:09 2023 by rpki-client on console-fra.rpki-client.org