Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/26d917-8c91-45ab-8442-e4e52ac0fefe/1/4MUSgJsoVv8bixLIikOUUIjSmNc.roa
File: 4MUSgJsoVv8bixLIikOUUIjSmNc.roa (raw, json)
Hash identifier: 4IddDNhTtr6Vkc588XQ4gif3GB41BlsnmcART1KNxgg=
Subject key identifier: E0:C5:12:80:9B:28:56:FF:1B:8B:12:C8:8A:43:94:50:88:D2:98:D7
Certificate issuer: /CN=63d92b8256159894d2b9b25f4d85986c172723c3
Certificate serial: 073D95
Authority key identifier: 63:D9:2B:82:56:15:98:94:D2:B9:B2:5F:4D:85:98:6C:17:27:23:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y9krglYVmJTSubJfTYWYbBcnI8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/26d917-8c91-45ab-8442-e4e52ac0fefe/1/4MUSgJsoVv8bixLIikOUUIjSmNc.roa
Signing time: Thu 10 Feb 2022 15:58:19 +0000
ROA not before: Thu 10 Feb 2022 15:58:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29033
IP address blocks: 81.20.41.0/24 maxlen: 24
2a00:1fd0:ecc1::/48 maxlen: 48
2a00:1fd0:ecc2::/48 maxlen: 48
2a00:1fd0:ec00::/48 maxlen: 48
2a00:1fd0:ecc0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 474517 (0x73d95)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63d92b8256159894d2b9b25f4d85986c172723c3
Validity
Not Before: Feb 10 15:58:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e0c512809b2856ff1b8b12c88a43945088d298d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:bd:f1:dc:fc:38:bc:4d:2f:5b:8b:4a:d9:25:
87:67:1c:29:c2:28:ef:9f:ec:5b:95:1e:08:44:4a:
eb:21:d0:ae:10:dc:5b:78:74:1b:4d:19:d1:56:2e:
39:05:41:a2:ea:5f:c5:df:f7:77:da:b2:c2:b0:ee:
b3:1b:85:44:1b:ac:82:b4:91:0f:52:ba:5c:6b:cd:
5a:26:3d:87:fe:81:77:c8:2a:85:ed:70:80:fc:02:
75:00:e7:bf:4d:48:80:a1:73:32:09:21:5c:4d:5a:
51:b0:8b:17:23:cb:ed:b7:26:4f:56:75:d2:eb:cd:
eb:0c:c8:b6:a6:77:67:bc:08:9a:52:b2:29:f6:90:
53:84:b5:29:b6:10:7f:86:09:b4:5d:ec:08:f4:31:
b9:f2:92:78:06:f0:a1:1f:da:e6:e5:63:e7:0e:c4:
f9:39:68:42:4f:ef:ab:52:6c:4a:28:5c:60:8d:b8:
be:2a:1a:8a:a2:62:4e:a5:7b:fc:ae:45:3d:87:dd:
a0:e2:62:ef:6e:e4:a2:b7:f0:87:0e:18:16:16:79:
17:4f:a7:3c:56:4b:35:39:46:db:65:1f:48:1b:ec:
3b:70:3f:2a:58:4d:2e:0d:c9:e5:98:9d:f9:77:27:
91:cd:62:7e:80:ce:44:27:08:da:98:9f:03:b3:96:
b3:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:C5:12:80:9B:28:56:FF:1B:8B:12:C8:8A:43:94:50:88:D2:98:D7
X509v3 Authority Key Identifier:
keyid:63:D9:2B:82:56:15:98:94:D2:B9:B2:5F:4D:85:98:6C:17:27:23:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y9krglYVmJTSubJfTYWYbBcnI8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/26d917-8c91-45ab-8442-e4e52ac0fefe/1/4MUSgJsoVv8bixLIikOUUIjSmNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/26d917-8c91-45ab-8442-e4e52ac0fefe/1/Y9krglYVmJTSubJfTYWYbBcnI8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.20.41.0/24
IPv6:
2a00:1fd0:ec00::/48
2a00:1fd0:ecc0::-2a00:1fd0:ecc2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
61:55:fd:85:ce:94:14:8d:80:c1:d2:12:a1:a3:04:d9:b3:fb:
32:9c:14:63:a0:b0:1a:b0:22:84:0c:23:94:ea:5f:b8:64:fb:
59:49:f6:e4:b8:b6:09:e1:e3:a4:e1:ae:23:40:fc:91:d4:b8:
67:2f:16:4b:5b:89:20:80:9b:22:35:b8:d5:26:38:54:59:e4:
7e:da:01:f6:1c:b1:08:0c:9b:8c:24:4c:f0:31:a5:2f:0c:01:
ee:46:a1:0f:6d:c1:f8:c9:4e:7e:de:11:77:5b:03:b6:0b:b4:
00:4c:38:80:4f:b3:cd:84:34:de:9e:63:ba:69:33:5e:55:5d:
d4:c0:95:50:c8:bc:03:55:73:07:da:65:5e:0c:e9:f9:42:66:
7b:f8:17:af:d0:0f:86:8c:e5:f4:3b:4b:55:f8:93:f3:da:b7:
43:d3:8f:f2:45:02:a6:6a:d7:99:f3:20:43:1d:fb:95:b9:37:
e3:db:ea:41:6e:86:c6:64:37:a7:4e:e8:75:83:59:12:06:45:
5c:e0:10:2d:2c:30:81:32:99:b1:e5:72:3a:77:ca:c4:d5:47:
f4:c8:a2:be:60:c2:7f:84:6a:35:f1:42:e4:41:36:fa:0d:59:
5b:6b:80:32:a0:48:2c:d3:df:ca:c1:ab:b8:b3:c0:00:99:08:
31:4a:91:71
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIDBz2VMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDYz
ZDkyYjgyNTYxNTk4OTRkMmI5YjI1ZjRkODU5ODZjMTcyNzIzYzMwHhcNMjIwMjEw
MTU1ODE5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhlMGM1MTI4MDliMjg1
NmZmMWI4YjEyYzg4YTQzOTQ1MDg4ZDI5OGQ3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAp73x3Pw4vE0vW4tK2SWHZxwpwijvn+xblR4IRErrIdCuENxb
eHQbTRnRVi45BUGi6l/F3/d32rLCsO6zG4VEG6yCtJEPUrpca81aJj2H/oF3yCqF
7XCA/AJ1AOe/TUiAoXMyCSFcTVpRsIsXI8vttyZPVnXS683rDMi2pndnvAiaUrIp
9pBThLUpthB/hgm0XewI9DG58pJ4BvChH9rm5WPnDsT5OWhCT++rUmxKKFxgjbi+
KhqKomJOpXv8rkU9h92g4mLvbuSit/CHDhgWFnkXT6c8Vks1OUbbZR9IG+w7cD8q
WE0uDcnlmJ35dyeRzWJ+gM5EJwjamJ8Ds5azqQIDAQABo4ICLjCCAiowHQYDVR0O
BBYEFODFEoCbKFb/G4sSyIpDlFCI0pjXMB8GA1UdIwQYMBaAFGPZK4JWFZiU0rmy
X02FmGwXJyPDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
WTlrcmdsWVZtSlRTdWJKZlRZV1liQmNuSThNLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8wYi8yNmQ5MTctOGM5MS00NWFiLTg0NDItZTRlNTJhYzBmZWZlLzEv
NE1VU2dKc29WdjhiaXhMSWlrT1VVSWpTbU5jLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8y
NmQ5MTctOGM5MS00NWFiLTg0NDItZTRlNTJhYzBmZWZlLzEvWTlrcmdsWVZtSlRT
dWJKZlRZV1liQmNuSThNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEQG
CCsGAQUFBwEHAQH/BDUwMzAMBAIAATAGAwQAURQpMCMEAgACMB0DBwAqAB/Q7AAw
EgMHBioAH9DswAMHACoAH9DswjANBgkqhkiG9w0BAQsFAAOCAQEAYVX9hc6UFI2A
wdISoaME2bP7MpwUY6CwGrAihAwjlOpfuGT7WUn25Li2CeHjpOGuI0D8kdS4Zy8W
S1uJIICbIjW41SY4VFnkftoB9hyxCAybjCRM8DGlLwwB7kahD23B+MlOft4Rd1sD
tgu0AEw4gE+zzYQ03p5jumkzXlVd1MCVUMi8A1VzB9plXgzp+UJme/gXr9APhozl
9DtLVfiT89q3Q9OP8kUCpmrXmfMgQx37lbk349vqQW6GxmQ3p07odYNZEgZFXOAQ
LSwwgTKZseVyOnfKxNVH9MiivmDCf4RqNfFC5EE2+g1ZW2uAMqBILNPfysGruLPA
AJkIMUqRcQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:26 2024 by rpki-client on console-fra.rpki-client.org