Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/kY9d8xuhgPEOHzqU1Y3zw36abb0.roa
File: kY9d8xuhgPEOHzqU1Y3zw36abb0.roa (raw, json)
Hash identifier: AHr3nWO1n4Wv6WgBgepxuSeThs/HoiwHFh2q7euRuo8=
Subject key identifier: 91:8F:5D:F3:1B:A1:80:F1:0E:1F:3A:94:D5:8D:F3:C3:7E:9A:6D:BD
Certificate issuer: /CN=1056bcd426fd87cd6f4147e133216d03112b181b
Certificate serial: 018429034A299160574646DB82CF1248637A
Authority key identifier: 10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/kY9d8xuhgPEOHzqU1Y3zw36abb0.roa
Signing time: Sun 30 Oct 2022 13:09:52 +0000
ROA not before: Sun 30 Oct 2022 13:09:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 81.31.242.0/23 maxlen: 24
81.31.252.0/22 maxlen: 24
185.84.162.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:29:03:4a:29:91:60:57:46:46:db:82:cf:12:48:63:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1056bcd426fd87cd6f4147e133216d03112b181b
Validity
Not Before: Oct 30 13:09:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=918f5df31ba180f10e1f3a94d58df3c37e9a6dbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:80:bb:86:fc:92:a3:34:1f:f2:77:9c:95:e4:
22:02:4d:91:cd:0a:04:8b:71:1c:db:f4:8d:16:28:
b8:2b:3b:2f:ee:17:1a:dd:3d:be:f9:50:45:7f:6d:
fd:94:e1:2f:88:6b:11:d8:0b:50:bc:7b:5a:dc:b3:
f4:67:19:f3:fe:17:29:e0:a0:14:a7:d4:14:7d:88:
59:73:91:72:87:91:85:44:12:0d:08:05:29:4b:c3:
21:39:50:b2:e6:9d:82:6d:99:4b:38:bf:a8:ee:0c:
6b:99:d7:0f:65:52:32:bf:72:6b:be:71:ea:f0:d8:
ea:71:03:b0:24:2b:ab:85:c8:ad:13:b8:7b:be:94:
f4:70:47:d0:b6:55:75:39:26:52:d1:09:9e:77:d6:
a7:9b:e5:40:aa:c8:c3:b0:71:13:e5:ad:c5:6a:d4:
e6:2b:40:1a:bf:b6:c7:b2:8a:42:1b:10:2f:f9:f4:
f9:3f:6b:6a:57:6e:6a:e3:75:f1:ae:a6:e0:fb:ef:
c4:9b:70:ab:3c:83:39:7e:73:84:cd:d7:ab:d7:49:
95:07:e6:7a:27:79:45:e1:f3:18:ad:d9:11:66:e6:
98:37:17:e3:33:04:ea:4d:7f:20:00:02:95:b8:6e:
cc:e6:59:41:9b:5b:ee:15:a8:96:2b:b3:a0:b2:fa:
3e:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:8F:5D:F3:1B:A1:80:F1:0E:1F:3A:94:D5:8D:F3:C3:7E:9A:6D:BD
X509v3 Authority Key Identifier:
keyid:10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/kY9d8xuhgPEOHzqU1Y3zw36abb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.31.242.0/23
81.31.252.0/22
185.84.162.0/23
Signature Algorithm: sha256WithRSAEncryption
f0:eb:d2:75:b5:d0:5a:34:c2:51:78:41:0e:01:94:48:fa:bc:
8f:23:b3:be:23:05:d3:a4:63:c3:ca:3d:58:0e:15:2f:34:79:
58:a5:ba:99:5a:be:5e:14:fb:29:7f:4a:e2:20:3b:5f:1d:4a:
40:25:63:07:a8:60:9e:a9:fa:a9:e7:0f:a3:ce:fc:84:41:45:
c4:f3:bb:9e:6c:c8:c9:e3:8d:f8:b6:f9:ba:4b:ba:8a:a2:09:
94:90:a4:81:07:38:27:51:b4:98:25:c6:53:22:58:f8:aa:35:
60:8f:97:7e:3d:78:49:6f:e4:f6:53:73:80:cd:01:96:e9:16:
7f:29:ff:58:61:db:52:ac:fb:84:68:1b:e2:47:9d:df:1f:8a:
2c:45:13:a4:02:1c:9f:49:f7:8b:ba:44:2a:59:d2:4a:98:1b:
8f:e1:cb:df:33:5b:eb:68:ec:82:92:1a:4e:36:78:b4:e4:cb:
a7:72:4a:17:2a:84:4d:f0:04:aa:4c:0b:2e:10:da:b1:cf:1b:
6d:5a:e0:33:cd:2b:04:33:87:0f:60:b9:70:f3:dc:8b:c0:04:
aa:80:96:f0:cc:44:b2:89:3b:e5:26:c0:13:97:85:2c:10:65:
fd:90:12:f7:83:ca:14:1a:1a:b6:73:5c:7e:1d:69:69:dc:5c:
a8:3d:c7:38
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYQpA0opkWBXRkbbgs8SSGN6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNTZiY2Q0MjZmZDg3Y2Q2ZjQxNDdlMTMzMjE2ZDAzMTEy
YjE4MWIwHhcNMjIxMDMwMTMwOTUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MThmNWRmMzFiYTE4MGYxMGUxZjNhOTRkNThkZjNjMzdlOWE2ZGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjYC7hvySozQf8necleQiAk2RzQoE
i3Ec2/SNFii4Kzsv7hca3T2++VBFf239lOEviGsR2AtQvHta3LP0Zxnz/hcp4KAU
p9QUfYhZc5Fyh5GFRBINCAUpS8MhOVCy5p2CbZlLOL+o7gxrmdcPZVIyv3JrvnHq
8NjqcQOwJCurhcitE7h7vpT0cEfQtlV1OSZS0Qmed9anm+VAqsjDsHET5a3FatTm
K0Aav7bHsopCGxAv+fT5P2tqV25q43Xxrqbg++/Em3CrPIM5fnOEzder10mVB+Z6
J3lF4fMYrdkRZuaYNxfjMwTqTX8gAAKVuG7M5llBm1vuFaiWK7Ogsvo+GQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJGPXfMboYDxDh86lNWN88N+mm29MB8GA1UdIwQY
MBaAFBBWvNQm/YfNb0FH4TMhbQMRKxgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzct
YWE4NTllMTkyYjE2LzEva1k5ZDh4dWhnUEVPSHpxVTFZM3p3MzZhYmIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzctYWE4NTllMTkyYjE2
LzEvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBUR/yAwQC
UR/8AwQBuVSiMA0GCSqGSIb3DQEBCwUAA4IBAQDw69J1tdBaNMJReEEOAZRI+ryP
I7O+IwXTpGPDyj1YDhUvNHlYpbqZWr5eFPspf0riIDtfHUpAJWMHqGCeqfqp5w+j
zvyEQUXE87uebMjJ4434tvm6S7qKogmUkKSBBzgnUbSYJcZTIlj4qjVgj5d+PXhJ
b+T2U3OAzQGW6RZ/Kf9YYdtSrPuEaBviR53fH4osRROkAhyfSfeLukQqWdJKmBuP
4cvfM1vraOyCkhpONni05MunckoXKoRN8ASqTAsuENqxzxttWuAzzSsEM4cPYLlw
89yLwASqgJbwzESyiTvlJsATl4UsEGX9kBL3g8oUGhq2c1x+HWlp3FyoPcc4
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:09 2023 by rpki-client on console-fra.rpki-client.org