Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/c9e704-958d-413f-8acc-6ea3cbfd3a84/1/v_01GHcUpvuH-LFzStEth_ke7DI.roa
File: v_01GHcUpvuH-LFzStEth_ke7DI.roa (raw, json)
Hash identifier: e4h4uCwMfvR+hZojVDqXU0FWIpZvETaFt220U8XtTgU=
Subject key identifier: BF:FD:35:18:77:14:A6:FB:87:F8:B1:73:4A:D1:2D:87:F9:1E:EC:32
Certificate issuer: /CN=b8e0f79841c0210d95b4ef56ff68441c2aa9fc0f
Certificate serial: 018570B992284BC5BDEA2AA330117BE233B5
Authority key identifier: B8:E0:F7:98:41:C0:21:0D:95:B4:EF:56:FF:68:44:1C:2A:A9:FC:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uOD3mEHAIQ2VtO9W_2hEHCqp_A8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/c9e704-958d-413f-8acc-6ea3cbfd3a84/1/v_01GHcUpvuH-LFzStEth_ke7DI.roa
Signing time: Mon 02 Jan 2023 04:24:47 +0000
ROA not before: Mon 02 Jan 2023 04:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15589
IP address blocks: 81.200.130.0/23 maxlen: 23
81.200.132.0/22 maxlen: 22
81.200.136.0/22 maxlen: 22
81.200.136.0/23 maxlen: 23
81.200.139.0/24 maxlen: 24
81.200.138.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b9:92:28:4b:c5:bd:ea:2a:a3:30:11:7b:e2:33:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8e0f79841c0210d95b4ef56ff68441c2aa9fc0f
Validity
Not Before: Jan 2 04:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bffd35187714a6fb87f8b1734ad12d87f91eec32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:af:a5:96:35:75:01:ef:07:78:49:71:b8:1b:
2e:42:58:0e:f0:86:87:88:c4:bc:4c:bc:dc:02:19:
31:aa:cb:17:13:2c:59:52:00:15:26:a3:3e:f0:70:
9b:41:27:ae:34:dd:3b:6a:7d:b8:91:74:9f:86:6b:
e2:da:af:28:88:95:c5:87:59:7b:00:0a:19:d6:47:
e2:7b:6a:73:67:50:b1:db:9d:2c:f9:23:8c:0c:f1:
49:28:7a:e9:a3:12:ad:a4:31:e7:e4:3a:9c:58:b4:
ea:c2:07:ad:b0:94:4d:8c:31:44:81:c6:1f:67:78:
b9:ef:6a:0a:5e:6c:3f:39:71:3c:f4:76:bb:d3:75:
1a:2a:d9:af:30:ed:7a:6b:85:94:23:d5:67:eb:48:
55:4e:2e:d6:1d:d2:00:18:71:a7:02:b2:bd:f9:db:
9a:09:59:02:3d:2a:c8:2c:fd:8b:16:06:1f:06:8b:
f4:97:7c:7e:b8:9c:28:8e:d6:0e:56:7f:d0:d2:12:
65:e2:dc:ee:70:c2:a3:7d:bc:83:d8:29:35:5c:24:
8f:0f:66:f2:26:b6:37:ab:0d:39:9f:56:f0:07:0d:
3d:ca:ec:80:33:23:10:ec:f3:03:18:54:81:ff:71:
83:ff:2a:83:19:a2:a7:c4:58:7f:62:1a:1d:16:0e:
5d:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:FD:35:18:77:14:A6:FB:87:F8:B1:73:4A:D1:2D:87:F9:1E:EC:32
X509v3 Authority Key Identifier:
keyid:B8:E0:F7:98:41:C0:21:0D:95:B4:EF:56:FF:68:44:1C:2A:A9:FC:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uOD3mEHAIQ2VtO9W_2hEHCqp_A8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/c9e704-958d-413f-8acc-6ea3cbfd3a84/1/v_01GHcUpvuH-LFzStEth_ke7DI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/c9e704-958d-413f-8acc-6ea3cbfd3a84/1/uOD3mEHAIQ2VtO9W_2hEHCqp_A8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.200.130.0-81.200.139.255
Signature Algorithm: sha256WithRSAEncryption
05:63:34:08:9c:1e:5f:1c:fa:bb:43:5a:4d:64:eb:fc:79:5a:
18:d3:4a:a8:37:03:d4:28:40:8e:6b:b5:89:70:b4:9e:8c:f5:
de:f4:a1:ad:1c:73:6e:5e:f8:ac:3e:f4:78:30:3d:1a:bc:26:
d8:a8:6c:b7:f6:fc:23:d8:2c:30:cd:ca:b6:93:fd:92:66:31:
a4:14:39:4d:eb:95:0f:ce:79:1a:18:19:e9:97:d5:15:17:ab:
db:61:5d:a8:86:1b:3d:8a:2a:01:44:2a:14:d2:2f:63:2a:3f:
6c:29:d5:80:9f:a4:7e:83:cb:35:2f:b6:3a:0d:b1:76:a3:90:
32:5f:e0:b9:08:86:c5:c2:f2:15:77:45:2a:49:e7:cc:4e:af:
19:1b:1b:ed:0e:a4:59:ca:91:61:58:91:32:63:c3:b1:65:2c:
a7:ac:13:2a:85:1d:62:c2:73:42:f4:75:0f:6f:94:dc:39:a3:
73:44:97:de:d7:4b:88:8b:47:5c:7a:da:bb:3a:0e:38:3d:79:
2b:5c:fe:6a:c8:1a:78:6b:7e:e5:bd:49:a3:0e:2f:5e:a2:b3:
19:16:ea:25:5c:0c:cd:d6:a8:5e:ee:92:b9:be:51:97:dd:33:
49:64:a5:39:87:46:ef:af:95:fd:69:5e:ee:9d:02:c7:50:bd:
c7:75:d5:fe
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVwuZIoS8W96iqjMBF74jO1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4ZTBmNzk4NDFjMDIxMGQ5NWI0ZWY1NmZmNjg0NDFjMmFh
OWZjMGYwHhcNMjMwMTAyMDQyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmZkMzUxODc3MTRhNmZiODdmOGIxNzM0YWQxMmQ4N2Y5MWVlYzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6+lljV1Ae8HeElxuBsuQlgO8IaH
iMS8TLzcAhkxqssXEyxZUgAVJqM+8HCbQSeuNN07an24kXSfhmvi2q8oiJXFh1l7
AAoZ1kfie2pzZ1Cx250s+SOMDPFJKHrpoxKtpDHn5DqcWLTqwgetsJRNjDFEgcYf
Z3i572oKXmw/OXE89Ha703UaKtmvMO16a4WUI9Vn60hVTi7WHdIAGHGnArK9+dua
CVkCPSrILP2LFgYfBov0l3x+uJwojtYOVn/Q0hJl4tzucMKjfbyD2Ck1XCSPD2by
JrY3qw05n1bwBw09yuyAMyMQ7PMDGFSB/3GD/yqDGaKnxFh/YhodFg5dMQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFL/9NRh3FKb7h/ixc0rRLYf5HuwyMB8GA1UdIwQY
MBaAFLjg95hBwCENlbTvVv9oRBwqqfwPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdU9EM21FSEFJUTJWdE85V18yaEVIQ3FwX0E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9jOWU3MDQtOTU4ZC00MTNmLThhY2Mt
NmVhM2NiZmQzYTg0LzEvdl8wMUdIY1VwdnVILUxGelN0RXRoX2tlN0RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9jOWU3MDQtOTU4ZC00MTNmLThhY2MtNmVhM2NiZmQzYTg0
LzEvdU9EM21FSEFJUTJWdE85V18yaEVIQ3FwX0E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAFRyIID
BAJRyIgwDQYJKoZIhvcNAQELBQADggEBAAVjNAicHl8c+rtDWk1k6/x5WhjTSqg3
A9QoQI5rtYlwtJ6M9d70oa0cc25e+Kw+9HgwPRq8JtiobLf2/CPYLDDNyraT/ZJm
MaQUOU3rlQ/OeRoYGemX1RUXq9thXaiGGz2KKgFEKhTSL2MqP2wp1YCfpH6DyzUv
tjoNsXajkDJf4LkIhsXC8hV3RSpJ58xOrxkbG+0OpFnKkWFYkTJjw7FlLKesEyqF
HWLCc0L0dQ9vlNw5o3NEl97XS4iLR1x62rs6Djg9eStc/mrIGnhrfuW9SaMOL16i
sxkW6iVcDM3WqF7ukrm+UZfdM0lkpTmHRu+vlf1pXu6dAsdQvcd11f4=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:03 2025 by rpki-client