Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/xhcrEoQMZ1K92LJdyaouw9ZtcwY.roa
File: xhcrEoQMZ1K92LJdyaouw9ZtcwY.roa (raw, json)
Hash identifier: hZq0q/2/uQHGSIcKGNRckDnadbHoY8ADefbHhYcpYKc=
Subject key identifier: C6:17:2B:12:84:0C:67:52:BD:D8:B2:5D:C9:AA:2E:C3:D6:6D:73:06
Certificate issuer: /CN=1056bcd426fd87cd6f4147e133216d03112b181b
Certificate serial: 01846FCAA9A013E48F22819CDDDD0F1EAAA7
Authority key identifier: 10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/xhcrEoQMZ1K92LJdyaouw9ZtcwY.roa
Signing time: Sun 13 Nov 2022 07:01:03 +0000
ROA not before: Sun 13 Nov 2022 07:01:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57235
IP address blocks: 81.31.224.0/22 maxlen: 24
81.31.233.0/24 maxlen: 24
81.31.228.0/23 maxlen: 24
81.31.230.0/24 maxlen: 24
81.31.234.0/23 maxlen: 24
81.31.234.0/24 maxlen: 24
81.31.235.0/24 maxlen: 24
81.31.236.0/24 maxlen: 24
81.31.236.0/22 maxlen: 24
81.31.238.0/24 maxlen: 24
81.31.240.0/23 maxlen: 24
81.31.248.0/22 maxlen: 24
81.31.250.0/24 maxlen: 24
81.31.251.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:6f:ca:a9:a0:13:e4:8f:22:81:9c:dd:dd:0f:1e:aa:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1056bcd426fd87cd6f4147e133216d03112b181b
Validity
Not Before: Nov 13 07:01:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c6172b12840c6752bdd8b25dc9aa2ec3d66d7306
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:90:40:22:38:16:d3:98:7e:49:14:4e:55:bf:
c9:e6:7e:5c:a6:48:06:ec:c0:f6:eb:13:fd:64:47:
f7:76:a2:fe:2b:0f:59:1b:45:0c:38:ab:d4:9c:d2:
9c:52:9d:d3:d4:28:bb:33:d9:0e:c6:76:75:35:a9:
c3:87:06:07:24:04:45:d6:ba:3b:cd:a4:46:55:79:
3c:2e:b6:33:bb:71:cf:df:db:64:2e:b9:52:d3:db:
5e:66:24:17:1d:9a:50:d5:70:9d:fa:c5:1f:16:6e:
75:27:88:a1:77:b2:ec:6c:6d:00:84:ef:12:0c:89:
b4:ad:7d:90:9d:bc:42:ab:74:86:7e:78:59:8f:89:
9a:c0:60:9d:37:5f:8d:f9:02:e8:61:98:fb:b4:d8:
5e:9b:b3:17:d9:b7:be:c0:39:dc:96:30:c1:ff:bd:
3c:44:25:46:a6:7f:66:51:24:b0:e2:05:94:ff:7f:
c9:4c:b4:c1:f9:32:79:a0:3d:94:53:2a:32:1b:1c:
fd:de:32:e0:b6:62:7b:ac:2f:70:f9:cc:02:df:11:
d7:28:66:ea:9a:d2:a5:68:bb:6f:8d:00:cd:5a:38:
9b:01:87:c2:4e:cf:e9:17:3f:e6:1f:19:46:68:63:
d4:63:2a:2e:dd:ce:bd:46:db:a9:42:16:c9:ed:ef:
5b:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:17:2B:12:84:0C:67:52:BD:D8:B2:5D:C9:AA:2E:C3:D6:6D:73:06
X509v3 Authority Key Identifier:
keyid:10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/xhcrEoQMZ1K92LJdyaouw9ZtcwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.31.224.0-81.31.230.255
81.31.233.0-81.31.241.255
81.31.248.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:06:f7:5e:11:4d:3b:1b:1e:26:24:89:a8:2f:29:58:ef:d3:
b7:45:dd:c6:61:85:23:49:d2:e7:1d:a1:49:91:a7:04:8c:48:
46:dd:c9:6c:7e:ef:2f:9d:eb:5a:dd:bc:00:a3:fd:ef:94:34:
cf:5d:7a:f4:7b:f8:09:c7:2c:49:ad:af:67:08:5c:00:05:ca:
0b:13:c3:f4:0c:4f:13:f1:01:8e:83:27:64:aa:20:15:59:fa:
26:93:a4:8c:6a:db:0f:3a:2a:f9:8f:90:3e:fb:9b:d9:ae:29:
dd:34:c8:8c:fb:9a:7a:67:ee:d6:fd:e1:f8:2c:19:df:f4:48:
ee:a4:e4:f8:a8:36:ca:6a:29:0c:e6:58:71:79:bd:e3:1c:7c:
8c:fd:4d:6d:9c:c3:db:42:66:07:78:78:4b:0e:60:07:ce:26:
07:3c:d7:43:cc:be:59:af:e6:9e:da:69:d1:13:27:31:89:b1:
52:c8:7c:f3:fd:17:32:a6:df:22:34:5c:94:3c:60:63:ec:91:
9c:dc:f2:9a:29:11:f0:9a:e8:d0:06:77:c3:4a:78:dc:73:30:
7a:5b:06:db:1d:7b:ee:db:77:0c:b6:fa:7b:03:7e:c7:5f:f0:
32:c2:bb:a6:0b:8d:42:c2:dd:85:1b:f3:5d:93:6c:3a:0c:cb:
95:c8:95:e1
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYRvyqmgE+SPIoGc3d0PHqqnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNTZiY2Q0MjZmZDg3Y2Q2ZjQxNDdlMTMzMjE2ZDAzMTEy
YjE4MWIwHhcNMjIxMTEzMDcwMTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjE3MmIxMjg0MGM2NzUyYmRkOGIyNWRjOWFhMmVjM2Q2NmQ3MzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspBAIjgW05h+SRROVb/J5n5cpkgG
7MD26xP9ZEf3dqL+Kw9ZG0UMOKvUnNKcUp3T1Ci7M9kOxnZ1NanDhwYHJARF1ro7
zaRGVXk8LrYzu3HP39tkLrlS09teZiQXHZpQ1XCd+sUfFm51J4ihd7LsbG0AhO8S
DIm0rX2QnbxCq3SGfnhZj4mawGCdN1+N+QLoYZj7tNhem7MX2be+wDncljDB/708
RCVGpn9mUSSw4gWU/3/JTLTB+TJ5oD2UUyoyGxz93jLgtmJ7rC9w+cwC3xHXKGbq
mtKlaLtvjQDNWjibAYfCTs/pFz/mHxlGaGPUYyou3c69RtupQhbJ7e9bxQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFMYXKxKEDGdSvdiyXcmqLsPWbXMGMB8GA1UdIwQY
MBaAFBBWvNQm/YfNb0FH4TMhbQMRKxgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzct
YWE4NTllMTkyYjE2LzEveGhjckVvUU1aMUs5MkxKZHlhb3V3OVp0Y3dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzctYWE4NTllMTkyYjE2
LzEvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAVRH+AD
BABRH+YwDAMEAFEf6QMEAVEf8AMEAlEf+DANBgkqhkiG9w0BAQsFAAOCAQEAigb3
XhFNOxseJiSJqC8pWO/Tt0XdxmGFI0nS5x2hSZGnBIxIRt3JbH7vL53rWt28AKP9
75Q0z1169Hv4CccsSa2vZwhcAAXKCxPD9AxPE/EBjoMnZKogFVn6JpOkjGrbDzoq
+Y+QPvub2a4p3TTIjPuaemfu1v3h+CwZ3/RI7qTk+Kg2ymopDOZYcXm94xx8jP1N
bZzD20JmB3h4Sw5gB84mBzzXQ8y+Wa/mntpp0RMnMYmxUsh88/0XMqbfIjRclDxg
Y+yRnNzymikR8Jro0AZ3w0p43HMwelsG2x177tt3DLb6ewN+x1/wMsK7pguNQsLd
hRvzXZNsOgzLlciV4Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:34 2024 by rpki-client on console-ams.rpki-client.org