Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/AhkfYBrxf4H6PcIjo3LqfT5Yl-o.roa
File: AhkfYBrxf4H6PcIjo3LqfT5Yl-o.roa (raw, json)
Hash identifier: RTuiybx2Nokh1hG7RmZjyM9WcLIkfZ4GaiV6yuQxC0U=
Subject key identifier: 02:19:1F:60:1A:F1:7F:81:FA:3D:C2:23:A3:72:EA:7D:3E:58:97:EA
Certificate issuer: /CN=9e4b3281b08e6b5ec1fdeb0d0440528ed934dc3f
Certificate serial: 36AC9B86
Authority key identifier: 9E:4B:32:81:B0:8E:6B:5E:C1:FD:EB:0D:04:40:52:8E:D9:34:DC:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nksygbCOa17B_esNBEBSjtk03D8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/AhkfYBrxf4H6PcIjo3LqfT5Yl-o.roa
Signing time: Wed 30 Mar 2022 14:55:52 +0000
ROA not before: Wed 30 Mar 2022 14:55:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29447
IP address blocks: 81.56.0.0/15 maxlen: 17
2a01:e10::/30 maxlen: 30
2a01:e09::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 917281670 (0x36ac9b86)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e4b3281b08e6b5ec1fdeb0d0440528ed934dc3f
Validity
Not Before: Mar 30 14:55:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=02191f601af17f81fa3dc223a372ea7d3e5897ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:de:10:b3:8b:65:30:1a:85:32:ba:3b:de:f4:
65:fa:5c:89:26:7c:73:35:98:5e:fc:eb:3f:90:fc:
05:57:94:ed:7f:21:81:e7:a6:6e:e9:69:d1:b7:61:
fe:33:00:d4:45:5b:ba:15:83:c9:3a:14:92:53:23:
d1:4c:e2:d6:12:9a:7c:60:2b:2d:5f:66:c7:ea:23:
0a:0d:e1:f8:5a:bf:eb:5a:55:47:5e:96:40:02:5e:
c5:12:57:52:fc:d2:34:23:7e:83:c4:28:c4:5d:30:
71:3e:9f:ab:fe:85:cd:53:f3:bf:b9:fd:ae:12:3e:
10:1d:75:b8:1e:28:0a:5b:9d:ea:ba:64:1a:63:dd:
e6:bb:26:26:9e:8d:70:07:a2:a9:c0:e8:8b:75:cc:
f3:ed:92:cd:dc:19:22:83:b7:6b:e4:46:11:57:0d:
2a:44:00:45:31:09:c0:51:2c:e5:21:e7:88:71:04:
31:20:b5:11:dd:49:bb:76:69:12:ea:ed:0a:d6:70:
c2:77:4c:37:33:29:7c:1f:98:1e:fe:29:56:8b:c2:
da:15:85:1e:49:46:d7:50:a5:47:d6:e4:a8:59:5c:
4e:45:92:4c:b9:d9:a7:93:91:03:09:17:2c:28:fd:
6b:a2:c5:06:0c:d8:80:7c:9a:84:eb:f3:01:cb:f8:
07:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:19:1F:60:1A:F1:7F:81:FA:3D:C2:23:A3:72:EA:7D:3E:58:97:EA
X509v3 Authority Key Identifier:
keyid:9E:4B:32:81:B0:8E:6B:5E:C1:FD:EB:0D:04:40:52:8E:D9:34:DC:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nksygbCOa17B_esNBEBSjtk03D8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/AhkfYBrxf4H6PcIjo3LqfT5Yl-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/nksygbCOa17B_esNBEBSjtk03D8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.56.0.0/15
IPv6:
2a01:e09::/32
2a01:e10::/30
Signature Algorithm: sha256WithRSAEncryption
13:b0:6c:83:e9:a3:ad:be:42:69:76:8f:3d:7d:9c:ad:76:9e:
89:74:dc:ca:04:8e:6a:4a:96:a5:11:e7:94:cf:ee:27:9f:87:
e1:7f:60:99:57:6f:ae:93:64:95:f6:af:04:0b:3f:05:26:b2:
95:57:be:4c:b4:e5:20:32:ba:b5:e2:85:a9:e5:c0:c0:bb:e3:
d4:0b:0c:cc:c8:66:6e:48:3a:c7:43:40:c8:94:ca:1f:20:43:
79:a7:b7:d0:92:8e:31:a2:c5:57:f5:27:cf:de:8a:12:46:cf:
b6:1a:ee:79:ee:40:3d:17:b6:26:89:62:0d:fc:08:7c:82:32:
6f:22:0e:2e:4d:ed:c1:8f:fb:22:fb:16:39:1f:f7:22:25:b5:
76:ce:18:53:9c:05:00:ea:f7:28:2d:8e:91:f2:4e:27:10:d2:
1a:ca:34:ab:66:37:7c:86:b5:1c:3f:7a:9d:d6:27:00:a5:4e:
46:14:b6:c1:8b:71:c3:f2:bf:f2:f9:d2:91:99:c8:53:51:7c:
e7:be:3a:0d:43:64:f0:30:5f:62:4b:8f:b2:92:b6:d1:d2:0d:
97:87:94:d0:c0:45:36:6b:01:0a:a2:f6:20:92:81:77:66:ef:
20:9c:f1:bb:b5:4c:65:a0:0e:96:53:65:13:8f:30:0d:1a:94:
09:23:72:8a
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIENqybhjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZTRiMzI4MWIwOGU2YjVlYzFmZGViMGQwNDQwNTI4ZWQ5MzRkYzNmMB4XDTIyMDMz
MDE0NTU1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDIxOTFmNjAxYWYx
N2Y4MWZhM2RjMjIzYTM3MmVhN2QzZTU4OTdlYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKHeELOLZTAahTK6O970ZfpciSZ8czWYXvzrP5D8BVeU7X8h
geembulp0bdh/jMA1EVbuhWDyToUklMj0Uzi1hKafGArLV9mx+ojCg3h+Fq/61pV
R16WQAJexRJXUvzSNCN+g8QoxF0wcT6fq/6FzVPzv7n9rhI+EB11uB4oClud6rpk
GmPd5rsmJp6NcAeiqcDoi3XM8+2SzdwZIoO3a+RGEVcNKkQARTEJwFEs5SHniHEE
MSC1Ed1Ju3ZpEurtCtZwwndMNzMpfB+YHv4pVovC2hWFHklG11ClR9bkqFlcTkWS
TLnZp5ORAwkXLCj9a6LFBgzYgHyahOvzAcv4B6MCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQCGR9gGvF/gfo9wiOjcup9PliX6jAfBgNVHSMEGDAWgBSeSzKBsI5rXsH9
6w0EQFKO2TTcPzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25rc3lnYkNPYTE3Ql9lc05CRUJTanRrMDNEOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvZmY3ZDMzLWU0ZjctNDNjMC05MjRiLTZiMmQ0NjkyNGM2Zi8x
L0Foa2ZZQnJ4ZjRINlBjSWpvM0xxZlQ1WWwtby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
ZmY3ZDMzLWU0ZjctNDNjMC05MjRiLTZiMmQ0NjkyNGM2Zi8xL25rc3lnYkNPYTE3
Ql9lc05CRUJTanRrMDNEOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwCwQCAAEwBQMDAVE4MBQEAgACMA4DBQAqAQ4JAwUC
KgEOEDANBgkqhkiG9w0BAQsFAAOCAQEAE7Bsg+mjrb5CaXaPPX2crXaeiXTcygSO
akqWpRHnlM/uJ5+H4X9gmVdvrpNklfavBAs/BSaylVe+TLTlIDK6teKFqeXAwLvj
1AsMzMhmbkg6x0NAyJTKHyBDeae30JKOMaLFV/Unz96KEkbPthruee5APRe2Joli
DfwIfIIybyIOLk3twY/7IvsWOR/3IiW1ds4YU5wFAOr3KC2OkfJOJxDSGso0q2Y3
fIa1HD96ndYnAKVORhS2wYtxw/K/8vnSkZnIU1F85746DUNk8DBfYkuPspK20dIN
l4eU0MBFNmsBCqL2IJKBd2bvIJzxu7VMZaAOllNlE48wDRqUCSNyig==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:56 2025 by rpki-client