Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/oSm9FHq4qzzb-kD1hNROiaHBMpo.roa
File: oSm9FHq4qzzb-kD1hNROiaHBMpo.roa (raw, json)
Hash identifier: lWIgxZ/CHeZEDGWYF82RZCdstXyX+O+FKu/XeBcSx6A=
Subject key identifier: A1:29:BD:14:7A:B8:AB:3C:DB:FA:40:F5:84:D4:4E:89:A1:C1:32:9A
Certificate issuer: /CN=1056bcd426fd87cd6f4147e133216d03112b181b
Certificate serial: 0183F23DFC1B08118E7074E8A42DF3B77789
Authority key identifier: 10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/oSm9FHq4qzzb-kD1hNROiaHBMpo.roa
Signing time: Wed 19 Oct 2022 21:54:51 +0000
ROA not before: Wed 19 Oct 2022 21:54:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 81.31.231.0/24 maxlen: 24
81.31.232.0/24 maxlen: 24
81.31.244.0/22 maxlen: 24
81.31.252.0/22 maxlen: 24
185.84.162.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f2:3d:fc:1b:08:11:8e:70:74:e8:a4:2d:f3:b7:77:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1056bcd426fd87cd6f4147e133216d03112b181b
Validity
Not Before: Oct 19 21:54:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a129bd147ab8ab3cdbfa40f584d44e89a1c1329a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:7b:6c:20:49:87:4c:0f:64:42:b5:0f:ed:7b:
cb:a5:71:c7:cd:1f:1e:3c:5b:aa:01:0c:bf:52:a0:
a3:6d:ca:54:56:b6:86:27:b9:3a:e0:3a:64:e2:4c:
60:04:11:71:cd:af:5c:11:69:38:18:38:3b:91:24:
27:4c:dc:c6:d2:4f:4c:a1:62:6a:45:73:31:f3:4e:
01:57:93:e2:f6:13:cd:62:4b:97:b0:31:a4:ef:1c:
77:76:ba:87:b4:95:2c:cc:92:74:95:80:87:8f:4f:
58:e1:5b:8f:25:09:f1:ef:2c:41:97:23:d5:e4:aa:
f7:a4:06:bb:49:c3:7d:7a:50:cb:ed:15:15:1f:4c:
5e:1a:c1:a1:32:70:9a:66:39:f8:20:0b:f1:b4:80:
33:dc:f3:ab:0b:7f:75:6d:1e:be:e2:fd:c4:70:6d:
66:a8:d7:4d:a7:78:04:d8:c1:35:55:d4:10:81:4c:
f5:3a:f3:ae:26:79:1c:48:53:00:e9:41:e9:f5:a5:
e0:d3:54:a4:b9:60:98:25:f6:9c:49:60:1f:37:44:
9b:ab:af:74:01:5c:37:bc:53:97:32:dd:60:1c:03:
57:06:aa:8a:f4:f7:15:f6:aa:76:f3:3c:03:8a:43:
e5:f3:39:60:9f:6b:66:eb:8f:11:d9:96:dc:8a:4f:
b1:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:29:BD:14:7A:B8:AB:3C:DB:FA:40:F5:84:D4:4E:89:A1:C1:32:9A
X509v3 Authority Key Identifier:
keyid:10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/oSm9FHq4qzzb-kD1hNROiaHBMpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.31.231.0-81.31.232.255
81.31.244.0/22
81.31.252.0/22
185.84.162.0/23
Signature Algorithm: sha256WithRSAEncryption
95:69:56:74:aa:d7:ca:ff:cc:7d:f0:4b:9e:1c:21:ca:81:71:
e4:82:e1:15:9c:f1:95:21:51:0a:cc:5f:d4:b0:bf:34:1d:58:
00:f5:08:bd:94:8d:ea:75:6c:9f:5e:d0:29:59:56:31:bf:52:
fe:6a:f1:f1:18:6a:25:79:51:d7:8b:c3:49:83:d7:05:87:ac:
4f:36:0d:e6:66:01:45:92:a8:1d:87:de:5d:af:b3:ac:27:5a:
19:b2:70:94:42:c9:9e:3e:f2:37:ca:de:b7:95:24:48:6a:7d:
85:72:4a:31:d3:0f:e3:49:bb:46:e1:a8:92:e5:89:16:9b:d1:
8e:13:eb:69:02:ca:37:32:02:36:bc:94:02:56:6a:9b:45:86:
50:0f:2f:9d:e2:fd:a1:c0:f5:5a:4a:54:29:56:5b:bd:fe:6a:
22:c5:ce:06:8b:49:a0:97:12:f2:01:1d:9c:92:65:da:72:45:
7b:a4:93:c0:76:47:d6:2c:21:a3:5c:cc:55:21:e5:3a:51:d0:
00:02:9d:05:9c:e8:ce:e0:bf:ff:ec:04:70:b4:30:3e:47:47:
6f:3a:ce:30:10:19:9b:ba:80:96:41:0f:3b:df:7f:8e:4d:76:
62:a4:91:f2:97:81:f0:3e:1e:3d:64:20:11:04:d4:a9:a0:f5:
6b:13:24:f8
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYPyPfwbCBGOcHTopC3zt3eJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNTZiY2Q0MjZmZDg3Y2Q2ZjQxNDdlMTMzMjE2ZDAzMTEy
YjE4MWIwHhcNMjIxMDE5MjE1NDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTI5YmQxNDdhYjhhYjNjZGJmYTQwZjU4NGQ0NGU4OWExYzEzMjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqntsIEmHTA9kQrUP7XvLpXHHzR8e
PFuqAQy/UqCjbcpUVraGJ7k64Dpk4kxgBBFxza9cEWk4GDg7kSQnTNzG0k9MoWJq
RXMx804BV5Pi9hPNYkuXsDGk7xx3drqHtJUszJJ0lYCHj09Y4VuPJQnx7yxBlyPV
5Kr3pAa7ScN9elDL7RUVH0xeGsGhMnCaZjn4IAvxtIAz3POrC391bR6+4v3EcG1m
qNdNp3gE2ME1VdQQgUz1OvOuJnkcSFMA6UHp9aXg01SkuWCYJfacSWAfN0Sbq690
AVw3vFOXMt1gHANXBqqK9PcV9qp28zwDikPl8zlgn2tm648R2Zbcik+xnQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKEpvRR6uKs82/pA9YTUTomhwTKaMB8GA1UdIwQY
MBaAFBBWvNQm/YfNb0FH4TMhbQMRKxgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzct
YWE4NTllMTkyYjE2LzEvb1NtOUZIcTRxenpiLWtEMWhOUk9pYUhCTXBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzctYWE4NTllMTkyYjE2
LzEvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBABRH+cD
BABRH+gDBAJRH/QDBAJRH/wDBAG5VKIwDQYJKoZIhvcNAQELBQADggEBAJVpVnSq
18r/zH3wS54cIcqBceSC4RWc8ZUhUQrMX9SwvzQdWAD1CL2Ujep1bJ9e0ClZVjG/
Uv5q8fEYaiV5UdeLw0mD1wWHrE82DeZmAUWSqB2H3l2vs6wnWhmycJRCyZ4+8jfK
3reVJEhqfYVySjHTD+NJu0bhqJLliRab0Y4T62kCyjcyAja8lAJWaptFhlAPL53i
/aHA9VpKVClWW73+aiLFzgaLSaCXEvIBHZySZdpyRXukk8B2R9YsIaNczFUh5TpR
0AACnQWc6M7gv//sBHC0MD5HR286zjAQGZu6gJZBDzvff45NdmKkkfKXgfA+Hj1k
IBEE1Kmg9WsTJPg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:01 2023 by rpki-client on console-ams.rpki-client.org