Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/xI1p5ynIbUeCP2I7rGOvVnQ7mYo.roa
File: xI1p5ynIbUeCP2I7rGOvVnQ7mYo.roa (raw, json)
Hash identifier: asax1vSOKQ9za0dF4OVMl/d0TDy7lPXukfJ1M8f/J/g=
Subject key identifier: C4:8D:69:E7:29:C8:6D:47:82:3F:62:3B:AC:63:AF:56:74:3B:99:8A
Certificate issuer: /CN=f9856d674f0e9dbf6012d5b5d3d96b43afd76473
Certificate serial: 01824A5382C78728B68E6A70A16FC647B31D
Authority key identifier: F9:85:6D:67:4F:0E:9D:BF:60:12:D5:B5:D3:D9:6B:43:AF:D7:64:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-YVtZ08Onb9gEtW109lrQ6_XZHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/xI1p5ynIbUeCP2I7rGOvVnQ7mYo.roa
Signing time: Fri 29 Jul 2022 14:19:23 +0000
ROA not before: Fri 29 Jul 2022 14:19:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5486
IP address blocks: 81.5.0.0/21 maxlen: 21
81.5.16.0/21 maxlen: 21
2001:40a8:2000::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:4a:53:82:c7:87:28:b6:8e:6a:70:a1:6f:c6:47:b3:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f9856d674f0e9dbf6012d5b5d3d96b43afd76473
Validity
Not Before: Jul 29 14:19:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c48d69e729c86d47823f623bac63af56743b998a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:f4:2a:51:3b:bb:b0:c0:5b:9f:2f:dd:d2:be:
e5:dd:3d:6b:f6:b0:a5:d6:e4:8e:8b:4b:a3:0b:7e:
27:a6:51:42:a0:0c:18:9d:1d:e6:c4:6c:bb:73:ef:
76:d3:f1:4f:cd:ab:db:78:26:2a:3a:87:14:bc:e0:
8b:07:ea:32:17:45:e4:d5:60:b1:4b:5a:f0:aa:fa:
95:e0:d9:ec:97:4f:c6:2c:0d:de:5a:95:19:e5:61:
6a:f3:88:fd:8f:fe:da:9b:25:79:a1:35:5b:53:7c:
cb:89:30:98:36:05:b4:61:7d:c6:af:91:77:49:5e:
f1:21:4c:9c:80:8f:f0:f5:e4:8a:8b:05:d6:77:36:
f5:d3:92:0b:7c:76:9e:8a:60:43:b3:25:8c:12:e2:
1b:f8:6e:e4:e6:b7:b4:1d:93:5f:36:6f:28:7b:f0:
bd:ee:53:36:4c:23:d4:f4:ea:b1:51:c5:5b:cc:c8:
ea:3f:28:7e:ee:97:4c:a8:50:20:f4:81:8f:7f:81:
da:7c:21:e7:b1:c1:39:0d:7a:b0:91:0b:34:d7:6d:
6c:e2:5d:92:6a:d4:6f:55:f3:33:03:1d:56:63:66:
1e:57:80:07:27:59:9e:59:65:ab:25:66:5c:59:85:
6e:56:7f:41:eb:7b:54:0c:36:b0:c7:db:1b:ae:00:
ba:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:8D:69:E7:29:C8:6D:47:82:3F:62:3B:AC:63:AF:56:74:3B:99:8A
X509v3 Authority Key Identifier:
keyid:F9:85:6D:67:4F:0E:9D:BF:60:12:D5:B5:D3:D9:6B:43:AF:D7:64:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-YVtZ08Onb9gEtW109lrQ6_XZHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/xI1p5ynIbUeCP2I7rGOvVnQ7mYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/1-YVtZ08Onb9gEtW109lrQ6_XZHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.0.0/21
81.5.16.0/21
IPv6:
2001:40a8:2000::/40
Signature Algorithm: sha256WithRSAEncryption
3d:af:82:d3:25:8c:cd:d0:b4:78:20:6d:af:de:c4:d8:fc:e2:
55:35:19:aa:37:0b:7d:55:50:47:af:60:f6:15:78:ea:f8:9a:
57:c7:b1:b0:cf:da:29:fe:39:fb:c7:38:42:83:0b:9f:29:d8:
4d:c7:a8:81:ae:21:bc:1e:50:09:fb:3d:2c:d2:1d:47:48:fd:
16:18:7a:2f:7d:e4:b3:74:6e:b9:fc:86:99:81:29:1a:90:60:
ad:8e:bd:a6:a6:84:d6:5e:53:89:2d:57:c1:1c:23:50:1e:b0:
a2:ed:73:4b:8f:70:4a:7e:6e:ad:95:db:d3:df:2e:02:83:2b:
e1:dc:35:fb:21:94:9e:b1:c4:1e:b3:a2:43:89:c5:d5:05:89:
2a:17:b3:2e:f7:91:82:00:76:ae:f7:a8:10:ad:03:6d:50:55:
92:d3:3e:ec:d5:61:7f:75:60:1e:46:03:69:36:c2:6c:35:b9:
6e:ea:ff:48:d6:06:79:19:be:41:d9:1b:85:e6:7f:f6:f9:0e:
fa:00:bd:9d:8e:c6:9d:a8:97:c3:af:3c:f5:b7:e3:3c:f8:4d:
32:59:40:2b:96:fc:53:4a:fc:0c:3f:3c:a0:60:d3:07:d0:4c:
c2:33:e1:14:85:a2:ed:f7:5c:d5:1e:26:62:a2:85:bb:ca:a7:
72:d3:ee:7e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYJKU4LHhyi2jmpwoW/GR7MdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5ODU2ZDY3NGYwZTlkYmY2MDEyZDViNWQzZDk2YjQzYWZk
NzY0NzMwHhcNMjIwNzI5MTQxOTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDhkNjllNzI5Yzg2ZDQ3ODIzZjYyM2JhYzYzYWY1Njc0M2I5OThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPQqUTu7sMBbny/d0r7l3T1r9rCl
1uSOi0ujC34nplFCoAwYnR3mxGy7c+920/FPzavbeCYqOocUvOCLB+oyF0Xk1WCx
S1rwqvqV4Nnsl0/GLA3eWpUZ5WFq84j9j/7amyV5oTVbU3zLiTCYNgW0YX3Gr5F3
SV7xIUycgI/w9eSKiwXWdzb105ILfHaeimBDsyWMEuIb+G7k5re0HZNfNm8oe/C9
7lM2TCPU9OqxUcVbzMjqPyh+7pdMqFAg9IGPf4HafCHnscE5DXqwkQs0121s4l2S
atRvVfMzAx1WY2YeV4AHJ1meWWWrJWZcWYVuVn9B63tUDDawx9sbrgC6ZwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMSNaecpyG1Hgj9iO6xjr1Z0O5mKMB8GA1UdIwQY
MBaAFPmFbWdPDp2/YBLVtdPZa0Ov12RzMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1ZVnRaMDhPbmI5Z0V0VzEwOWxyUTZfWFpITS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGEvOWY5NTkwLTdmMGEtNDFiMy1hYzRm
LWVmZDE0ZGI5NTdmYi8xL3hJMXA1eW5JYlVlQ1AySTdyR092Vm5RN21Zby5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMGEvOWY5NTkwLTdmMGEtNDFiMy1hYzRmLWVmZDE0ZGI5NTdm
Yi8xLzEtWVZ0WjA4T25iOWdFdFcxMDlsclE2X1haSE0uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNQYIKwYBBQUHAQcBAf8EJjAkMBIEAgABMAwDBANRBQAD
BANRBRAwDgQCAAIwCAMGACABQKggMA0GCSqGSIb3DQEBCwUAA4IBAQA9r4LTJYzN
0LR4IG2v3sTY/OJVNRmqNwt9VVBHr2D2FXjq+JpXx7Gwz9op/jn7xzhCgwufKdhN
x6iBriG8HlAJ+z0s0h1HSP0WGHovfeSzdG65/IaZgSkakGCtjr2mpoTWXlOJLVfB
HCNQHrCi7XNLj3BKfm6tldvT3y4Cgyvh3DX7IZSescQes6JDicXVBYkqF7Mu95GC
AHau96gQrQNtUFWS0z7s1WF/dWAeRgNpNsJsNblu6v9I1gZ5Gb5B2RuF5n/2+Q76
AL2djsadqJfDrzz1t+M8+E0yWUArlvxTSvwMPzygYNMH0EzCM+EUhaLt91zVHiZi
ooW7yqdy0+5+
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:28 2023 by rpki-client on console-fra.rpki-client.org