Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/26d917-8c91-45ab-8442-e4e52ac0fefe/1/jT0UwFdQuGG_WGhRFcen4ziqarA.roa
File: jT0UwFdQuGG_WGhRFcen4ziqarA.roa (raw, json)
Hash identifier: cP+rZew/UXjDXxTTH+IVy7Yjgcoxsutjs2tSUGbylc0=
Subject key identifier: 8D:3D:14:C0:57:50:B8:61:BF:58:68:51:15:C7:A7:E3:38:AA:6A:B0
Certificate issuer: /CN=63d92b8256159894d2b9b25f4d85986c172723c3
Certificate serial: 018B9044493105B0BD96E0C96990656B51F0
Authority key identifier: 63:D9:2B:82:56:15:98:94:D2:B9:B2:5F:4D:85:98:6C:17:27:23:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y9krglYVmJTSubJfTYWYbBcnI8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/26d917-8c91-45ab-8442-e4e52ac0fefe/1/jT0UwFdQuGG_WGhRFcen4ziqarA.roa
Signing time: Thu 02 Nov 2023 13:41:16 +0000
ROA not before: Thu 02 Nov 2023 13:41:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 81.20.41.0/24 maxlen: 24
81.20.40.0/24 maxlen: 24
2a00:1fd0:ae00::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:90:44:49:31:05:b0:bd:96:e0:c9:69:90:65:6b:51:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63d92b8256159894d2b9b25f4d85986c172723c3
Validity
Not Before: Nov 2 13:41:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d3d14c05750b861bf58685115c7a7e338aa6ab0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f5:46:47:5a:0e:b0:33:1b:5c:a2:c7:51:15:
55:e6:64:e2:39:82:eb:1b:d3:f8:08:2b:53:87:35:
70:19:8a:26:b7:9a:b9:e9:a3:8c:e1:55:38:a6:e8:
21:76:a6:c9:5d:b3:57:36:88:97:20:82:c9:eb:e6:
db:ae:d9:36:da:a5:bd:a2:6f:e7:a0:3e:99:b9:41:
5c:c3:f8:c9:41:fa:8d:d8:36:5b:00:55:2e:07:34:
c2:5e:61:36:0e:24:ec:8b:76:09:1e:e4:99:0b:8b:
b8:67:8f:9f:5e:54:69:72:77:97:cc:54:52:23:6b:
af:94:82:20:a8:61:a8:6b:67:aa:af:bc:ce:ea:f2:
a0:29:a3:0d:7e:28:6b:2a:26:89:59:c1:3b:3b:48:
cc:a1:c4:92:1f:17:5e:82:2d:bd:21:4e:23:52:a3:
95:76:b3:77:c3:36:14:e0:77:b4:c6:16:e4:84:a1:
27:23:2e:d2:15:ea:8d:1f:21:2f:7c:f8:9c:cb:e4:
e6:cc:8f:06:db:37:b0:25:fa:81:07:9e:26:d9:6e:
38:51:a5:db:ba:30:88:70:6a:ee:be:9c:da:5b:be:
95:05:73:f2:78:2e:40:71:e8:be:29:b7:1d:4a:c0:
67:61:30:cd:d6:df:47:9c:cc:5f:56:95:af:8b:c3:
a3:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:3D:14:C0:57:50:B8:61:BF:58:68:51:15:C7:A7:E3:38:AA:6A:B0
X509v3 Authority Key Identifier:
keyid:63:D9:2B:82:56:15:98:94:D2:B9:B2:5F:4D:85:98:6C:17:27:23:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y9krglYVmJTSubJfTYWYbBcnI8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/26d917-8c91-45ab-8442-e4e52ac0fefe/1/jT0UwFdQuGG_WGhRFcen4ziqarA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/26d917-8c91-45ab-8442-e4e52ac0fefe/1/Y9krglYVmJTSubJfTYWYbBcnI8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.20.40.0/23
IPv6:
2a00:1fd0:ae00::/40
Signature Algorithm: sha256WithRSAEncryption
43:b5:38:9b:da:ba:05:5a:5d:d5:e6:3e:83:af:10:86:fa:0e:
b6:9c:64:7c:1a:8c:69:bd:ae:65:d9:fe:bf:ab:3a:10:3a:ed:
8c:01:76:50:2d:19:27:cb:b1:3c:20:70:e2:ec:9a:23:fc:79:
67:f5:28:21:15:98:66:fa:30:34:09:ba:52:74:48:09:85:dd:
11:be:05:1e:73:ef:65:34:b9:3d:a1:36:0d:a7:74:f7:48:db:
fa:d8:bb:be:d2:a3:a8:55:f6:00:78:9a:26:1f:59:9b:38:a4:
76:bd:83:0e:f7:66:aa:a8:c9:2a:e4:4c:ca:c1:0d:21:b3:92:
06:40:93:15:94:09:de:1c:2a:14:9e:9d:d8:17:2b:e6:2d:68:
1c:85:a0:2e:cc:6f:95:eb:ff:59:26:b6:39:84:33:f9:65:f7:
4d:c9:90:12:c0:52:7c:36:58:fc:b0:7c:c6:6a:ce:14:58:c5:
f6:27:ef:71:f9:00:73:e2:d1:9c:42:e6:c6:45:19:a5:bf:7e:
00:06:7b:7e:11:35:b8:b9:e4:9e:34:73:18:49:7f:1e:a3:75:
9f:d0:62:98:a9:f1:b4:9b:22:5e:ed:f5:04:56:37:42:2d:c9:
65:d3:08:ed:b4:4e:91:b0:99:6f:9b:51:61:3f:bd:69:d0:e1:
25:8b:77:49
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYuQREkxBbC9luDJaZBla1HwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZDkyYjgyNTYxNTk4OTRkMmI5YjI1ZjRkODU5ODZjMTcy
NzIzYzMwHhcNMjMxMTAyMTM0MTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDNkMTRjMDU3NTBiODYxYmY1ODY4NTExNWM3YTdlMzM4YWE2YWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfVGR1oOsDMbXKLHURVV5mTiOYLr
G9P4CCtThzVwGYomt5q56aOM4VU4pughdqbJXbNXNoiXIILJ6+bbrtk22qW9om/n
oD6ZuUFcw/jJQfqN2DZbAFUuBzTCXmE2DiTsi3YJHuSZC4u4Z4+fXlRpcneXzFRS
I2uvlIIgqGGoa2eqr7zO6vKgKaMNfihrKiaJWcE7O0jMocSSHxdegi29IU4jUqOV
drN3wzYU4He0xhbkhKEnIy7SFeqNHyEvfPicy+TmzI8G2zewJfqBB54m2W44UaXb
ujCIcGruvpzaW76VBXPyeC5Acei+KbcdSsBnYTDN1t9HnMxfVpWvi8Oj0wIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFI09FMBXULhhv1hoURXHp+M4qmqwMB8GA1UdIwQY
MBaAFGPZK4JWFZiU0rmyX02FmGwXJyPDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTlrcmdsWVZtSlRTdWJKZlRZV1liQmNuSThNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8yNmQ5MTctOGM5MS00NWFiLTg0NDIt
ZTRlNTJhYzBmZWZlLzEvalQwVXdGZFF1R0dfV0doUkZjZW40emlxYXJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8yNmQ5MTctOGM5MS00NWFiLTg0NDItZTRlNTJhYzBmZWZl
LzEvWTlrcmdsWVZtSlRTdWJKZlRZV1liQmNuSThNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBURQoMA4E
AgACMAgDBgAqAB/QrjANBgkqhkiG9w0BAQsFAAOCAQEAQ7U4m9q6BVpd1eY+g68Q
hvoOtpxkfBqMab2uZdn+v6s6EDrtjAF2UC0ZJ8uxPCBw4uyaI/x5Z/UoIRWYZvow
NAm6UnRICYXdEb4FHnPvZTS5PaE2Dad090jb+ti7vtKjqFX2AHiaJh9Zmzikdr2D
DvdmqqjJKuRMysENIbOSBkCTFZQJ3hwqFJ6d2Bcr5i1oHIWgLsxvlev/WSa2OYQz
+WX3TcmQEsBSfDZY/LB8xmrOFFjF9ifvcfkAc+LRnELmxkUZpb9+AAZ7fhE1uLnk
njRzGEl/HqN1n9BimKnxtJsiXu31BFY3Qi3JZdMI7bROkbCZb5tRYT+9adDhJYt3
SQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:46 2025 by rpki-client