Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/26d917-8c91-45ab-8442-e4e52ac0fefe/1/ThxN8lQ1fjneWKXFqRpWNiD4qho.roa
File: ThxN8lQ1fjneWKXFqRpWNiD4qho.roa (raw, json)
Hash identifier: eIYRPLjdexDJ4aMLN3Hyyr26s/R/aIWF0dBZ75PLfl8=
Subject key identifier: 4E:1C:4D:F2:54:35:7E:39:DE:58:A5:C5:A9:1A:56:36:20:F8:AA:1A
Certificate issuer: /CN=63d92b8256159894d2b9b25f4d85986c172723c3
Certificate serial: 018570673C75F6365BD8034294A4BCBBEA51
Authority key identifier: 63:D9:2B:82:56:15:98:94:D2:B9:B2:5F:4D:85:98:6C:17:27:23:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y9krglYVmJTSubJfTYWYbBcnI8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/26d917-8c91-45ab-8442-e4e52ac0fefe/1/ThxN8lQ1fjneWKXFqRpWNiD4qho.roa
Signing time: Mon 02 Jan 2023 02:54:51 +0000
ROA not before: Mon 02 Jan 2023 02:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29033
IP address blocks: 81.20.32.0/20 maxlen: 20
81.20.41.0/24 maxlen: 24
185.129.176.0/22 maxlen: 22
2a00:1fd0:ecc1::/48 maxlen: 48
2a00:1fd0:ecc2::/48 maxlen: 48
2a00:1fd0:ecc0::/48 maxlen: 48
2a00:1fd0:ec00::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:3c:75:f6:36:5b:d8:03:42:94:a4:bc:bb:ea:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63d92b8256159894d2b9b25f4d85986c172723c3
Validity
Not Before: Jan 2 02:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e1c4df254357e39de58a5c5a91a563620f8aa1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ec:4e:dd:4c:9e:ac:7d:49:29:71:b0:b0:40:
03:eb:90:45:1b:b0:aa:b2:59:a0:79:b3:bd:8a:ed:
5e:33:d9:68:b2:6a:e4:c9:e1:81:8e:d3:6b:67:10:
ae:ea:a7:d8:6a:9c:99:32:a1:24:72:19:ae:50:9b:
c2:c1:42:7b:47:56:3e:48:04:5d:2c:83:a6:da:2e:
2a:34:e0:d4:64:63:98:b1:8d:66:75:31:e4:e3:a8:
ab:08:50:fd:6e:79:b1:61:d0:da:f9:be:40:58:f0:
08:68:40:8f:c4:69:68:fb:ba:18:02:f0:e9:68:f2:
6e:f4:7b:79:63:16:33:8b:d8:e0:93:cc:33:91:fd:
1f:1f:d5:21:2f:da:e7:8b:b3:02:25:8d:05:26:30:
ca:88:f8:69:62:cb:35:69:f5:59:d3:9c:33:dd:11:
06:5d:3a:b6:bc:1d:d9:50:24:47:a1:a0:c0:70:5f:
29:28:69:a6:a2:2e:fb:12:b0:e4:ba:df:40:30:6b:
08:a6:7e:67:49:d2:ec:2d:23:6a:37:e2:b7:06:01:
af:aa:1e:d9:f4:9d:7e:f1:dc:b3:22:93:52:c8:b8:
c4:f7:84:78:d8:6c:bd:ed:d3:c7:d2:57:9f:d3:5b:
36:4e:72:73:bc:77:e8:00:cc:12:5a:0d:83:50:e5:
57:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:1C:4D:F2:54:35:7E:39:DE:58:A5:C5:A9:1A:56:36:20:F8:AA:1A
X509v3 Authority Key Identifier:
keyid:63:D9:2B:82:56:15:98:94:D2:B9:B2:5F:4D:85:98:6C:17:27:23:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y9krglYVmJTSubJfTYWYbBcnI8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/26d917-8c91-45ab-8442-e4e52ac0fefe/1/ThxN8lQ1fjneWKXFqRpWNiD4qho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/26d917-8c91-45ab-8442-e4e52ac0fefe/1/Y9krglYVmJTSubJfTYWYbBcnI8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.20.32.0/20
185.129.176.0/22
IPv6:
2a00:1fd0:ec00::/48
2a00:1fd0:ecc0::-2a00:1fd0:ecc2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
5b:10:a6:39:ad:71:43:76:60:e0:89:5f:14:40:60:48:ca:81:
f9:db:fd:92:c0:4d:20:70:7a:96:73:0b:58:99:e5:16:95:a8:
ad:e7:77:a9:cc:ad:f7:c8:f4:59:f2:25:db:d0:6f:69:e4:cb:
63:8b:d7:f3:0d:84:78:4e:91:ea:bb:5d:88:65:c3:11:0e:ce:
91:72:72:7d:d4:ae:1d:2d:e2:f3:35:08:9b:47:21:4f:f9:22:
ad:3a:0a:55:e3:6b:b6:f8:48:e6:a7:11:0e:d5:75:fe:77:e1:
40:a4:e3:5e:55:6e:f6:39:74:16:54:89:3c:19:3e:5d:bf:4c:
cf:13:00:08:cc:e2:cc:f0:be:57:89:29:1a:fd:52:86:1f:a8:
9c:2e:04:1f:81:0f:b6:f2:a2:75:6e:4b:8f:f1:ce:42:8c:2d:
04:30:00:48:16:62:2c:39:2d:e6:3d:d0:44:d5:62:d0:c9:b9:
15:74:f9:09:89:91:f3:58:20:83:ee:24:d7:e8:41:06:10:fc:
26:08:3e:4d:2a:8d:5f:92:f2:ac:b6:69:bb:89:60:9e:3c:ac:
d6:3f:b6:7e:06:60:84:f4:8a:b7:ff:0b:89:9a:b1:c2:dd:3b:
80:c9:79:fe:42:15:29:f1:c0:e5:a1:5f:ad:e9:93:1c:4b:f8:
1c:04:03:2d
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYVwZzx19jZb2ANClKS8u+pRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZDkyYjgyNTYxNTk4OTRkMmI5YjI1ZjRkODU5ODZjMTcy
NzIzYzMwHhcNMjMwMTAyMDI1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTFjNGRmMjU0MzU3ZTM5ZGU1OGE1YzVhOTFhNTYzNjIwZjhhYTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuxO3UyerH1JKXGwsEAD65BFG7Cq
slmgebO9iu1eM9losmrkyeGBjtNrZxCu6qfYapyZMqEkchmuUJvCwUJ7R1Y+SARd
LIOm2i4qNODUZGOYsY1mdTHk46irCFD9bnmxYdDa+b5AWPAIaECPxGlo+7oYAvDp
aPJu9Ht5YxYzi9jgk8wzkf0fH9UhL9rni7MCJY0FJjDKiPhpYss1afVZ05wz3REG
XTq2vB3ZUCRHoaDAcF8pKGmmoi77ErDkut9AMGsIpn5nSdLsLSNqN+K3BgGvqh7Z
9J1+8dyzIpNSyLjE94R42Gy97dPH0lef01s2TnJzvHfoAMwSWg2DUOVXiwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFE4cTfJUNX453lilxakaVjYg+KoaMB8GA1UdIwQY
MBaAFGPZK4JWFZiU0rmyX02FmGwXJyPDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTlrcmdsWVZtSlRTdWJKZlRZV1liQmNuSThNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8yNmQ5MTctOGM5MS00NWFiLTg0NDIt
ZTRlNTJhYzBmZWZlLzEvVGh4TjhsUTFmam5lV0tYRnFScFdOaUQ0cWhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8yNmQ5MTctOGM5MS00NWFiLTg0NDItZTRlNTJhYzBmZWZl
LzEvWTlrcmdsWVZtSlRTdWJKZlRZV1liQmNuSThNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTASBAIAATAMAwQEURQgAwQC
uYGwMCMEAgACMB0DBwAqAB/Q7AAwEgMHBioAH9DswAMHACoAH9DswjANBgkqhkiG
9w0BAQsFAAOCAQEAWxCmOa1xQ3Zg4IlfFEBgSMqB+dv9ksBNIHB6lnMLWJnlFpWo
red3qcyt98j0WfIl29BvaeTLY4vX8w2EeE6R6rtdiGXDEQ7OkXJyfdSuHS3i8zUI
m0chT/kirToKVeNrtvhI5qcRDtV1/nfhQKTjXlVu9jl0FlSJPBk+Xb9MzxMACMzi
zPC+V4kpGv1Shh+onC4EH4EPtvKidW5Lj/HOQowtBDAASBZiLDkt5j3QRNVi0Mm5
FXT5CYmR81ggg+4k1+hBBhD8Jgg+TSqNX5LyrLZpu4lgnjys1j+2fgZghPSKt/8L
iZqxwt07gMl5/kIVKfHA5aFfremTHEv4HAQDLQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:43 2025 by rpki-client