Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/40c548-5cc6-47c3-9e8f-bddb29f85fb8/1/7rTDig70hsVrrn4_z7p9-cj-_8E.roa
File: 7rTDig70hsVrrn4_z7p9-cj-_8E.roa (raw, json)
Hash identifier: Kq7oMbFu7wZUr+rHTMDx+TxiTidBvebTFg9ZFCSy8KM=
Subject key identifier: EE:B4:C3:8A:0E:F4:86:C5:6B:AE:7E:3F:CF:BA:7D:F9:C8:FE:FF:C1
Certificate issuer: /CN=903ec4c502a42c5bbfdb70ea9f440ca1500acc50
Certificate serial: 14B4CFDD
Authority key identifier: 90:3E:C4:C5:02:A4:2C:5B:BF:DB:70:EA:9F:44:0C:A1:50:0A:CC:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kD7ExQKkLFu_23Dqn0QMoVAKzFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/40c548-5cc6-47c3-9e8f-bddb29f85fb8/1/7rTDig70hsVrrn4_z7p9-cj-_8E.roa
Signing time: Sat 01 Jan 2022 16:02:20 +0000
ROA not before: Sat 01 Jan 2022 16:02:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15595
IP address blocks: 81.25.229.0/24 maxlen: 24
81.25.230.0/24 maxlen: 24
81.25.228.0/24 maxlen: 24
81.25.233.0/24 maxlen: 24
81.25.227.0/24 maxlen: 24
81.25.231.0/24 maxlen: 24
81.25.232.0/24 maxlen: 24
81.25.236.0/24 maxlen: 24
81.25.237.0/24 maxlen: 24
81.25.235.0/24 maxlen: 24
81.25.234.0/24 maxlen: 24
81.25.238.0/24 maxlen: 24
81.25.239.0/24 maxlen: 24
81.25.226.0/24 maxlen: 24
81.25.224.0/20 maxlen: 20
81.25.224.0/24 maxlen: 24
81.25.225.0/24 maxlen: 24
2a02:d300::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 347394013 (0x14b4cfdd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=903ec4c502a42c5bbfdb70ea9f440ca1500acc50
Validity
Not Before: Jan 1 16:02:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eeb4c38a0ef486c56bae7e3fcfba7df9c8feffc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:13:51:14:84:63:f9:f5:8b:49:d0:2d:ab:71:
eb:c7:bf:35:7a:d7:a4:06:b2:d1:ed:34:33:e7:34:
ed:f8:10:cf:55:c5:42:39:65:17:7c:b0:59:75:d7:
71:d5:b5:3d:c2:75:66:92:6a:ce:72:38:17:2e:4f:
59:5e:5a:08:38:e2:22:07:e4:ff:4d:34:3a:26:72:
74:0b:7a:03:1e:33:a7:98:b0:5b:9c:74:c0:d9:fe:
50:3f:cd:86:e7:20:f2:1d:2b:f8:dc:1b:a2:ed:92:
b6:4d:9a:eb:fb:f6:19:ef:35:08:fb:61:f0:ed:89:
62:8e:44:41:50:87:7a:13:cd:99:6f:6b:ee:29:27:
df:0b:4b:63:7c:a6:ee:37:c0:19:1c:28:d3:56:19:
d9:39:e5:c1:b4:d2:40:e6:39:cf:80:c3:82:c7:6a:
c1:51:c1:d7:ed:e4:c5:94:93:1e:e1:0f:27:f5:14:
23:64:74:26:87:dc:e4:f1:33:d4:3b:12:c4:b9:bf:
dd:c8:77:b9:89:80:bb:c1:57:8a:ec:d9:df:e7:a6:
51:fc:28:b2:49:3a:58:80:2a:f0:3b:0a:0b:6c:bf:
70:26:b8:03:75:d5:f7:34:b7:43:fd:c7:17:e6:92:
fe:8c:68:ac:48:08:9b:6c:52:f2:85:0c:11:ad:87:
28:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:B4:C3:8A:0E:F4:86:C5:6B:AE:7E:3F:CF:BA:7D:F9:C8:FE:FF:C1
X509v3 Authority Key Identifier:
keyid:90:3E:C4:C5:02:A4:2C:5B:BF:DB:70:EA:9F:44:0C:A1:50:0A:CC:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kD7ExQKkLFu_23Dqn0QMoVAKzFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/40c548-5cc6-47c3-9e8f-bddb29f85fb8/1/7rTDig70hsVrrn4_z7p9-cj-_8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/40c548-5cc6-47c3-9e8f-bddb29f85fb8/1/kD7ExQKkLFu_23Dqn0QMoVAKzFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.25.224.0/20
IPv6:
2a02:d300::/29
Signature Algorithm: sha256WithRSAEncryption
5e:bb:ab:1c:eb:07:86:28:37:5e:81:a9:95:c6:2f:ac:7a:a8:
64:7d:ee:f5:85:58:93:db:e0:6b:2a:82:3a:b7:aa:2d:2a:c6:
9e:b7:82:a8:b6:26:c2:53:45:67:20:59:c3:67:09:25:12:55:
12:22:d4:7e:19:4c:49:18:3a:56:5f:ee:8b:2f:af:7c:e4:ec:
0b:9e:4e:77:5d:e7:ad:d6:e4:0a:32:18:9d:fc:95:7b:38:e0:
dd:d7:db:b5:31:b3:6d:f8:84:e3:d9:90:49:05:75:a1:32:1a:
90:d9:b0:45:fe:7c:8f:88:8d:0e:5c:b7:43:3f:30:95:aa:e8:
fe:7b:52:62:c2:92:b3:46:4b:f9:cd:ce:9d:a8:03:72:44:12:
9b:f0:00:4a:ed:47:43:65:2a:47:b2:bf:39:2f:ee:d1:73:18:
ca:ad:06:3f:bc:48:e0:ed:1a:79:81:5a:e5:08:6c:3f:e8:5f:
b6:f0:11:35:7a:bd:75:a3:95:5b:68:22:fb:ec:23:19:bb:d1:
40:cc:5c:2b:ea:af:ab:0c:57:1f:a8:25:4d:9d:07:87:00:a0:
d5:41:42:24:96:5c:34:2c:a4:9c:de:14:6c:e8:48:14:04:bf:
ec:5c:e3:81:13:92:51:eb:82:6d:49:71:74:a1:7e:d5:77:1d:
ff:2b:17:4b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEFLTP3TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MDNlYzRjNTAyYTQyYzViYmZkYjcwZWE5ZjQ0MGNhMTUwMGFjYzUwMB4XDTIyMDEw
MTE2MDIyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWViNGMzOGEwZWY0
ODZjNTZiYWU3ZTNmY2ZiYTdkZjljOGZlZmZjMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJcTURSEY/n1i0nQLatx68e/NXrXpAay0e00M+c07fgQz1XF
QjllF3ywWXXXcdW1PcJ1ZpJqznI4Fy5PWV5aCDjiIgfk/000OiZydAt6Ax4zp5iw
W5x0wNn+UD/Nhucg8h0r+Nwbou2Stk2a6/v2Ge81CPth8O2JYo5EQVCHehPNmW9r
7ikn3wtLY3ym7jfAGRwo01YZ2TnlwbTSQOY5z4DDgsdqwVHB1+3kxZSTHuEPJ/UU
I2R0Jofc5PEz1DsSxLm/3ch3uYmAu8FXiuzZ3+emUfwoskk6WIAq8DsKC2y/cCa4
A3XV9zS3Q/3HF+aS/oxorEgIm2xS8oUMEa2HKNMCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTutMOKDvSGxWuufj/Pun35yP7/wTAfBgNVHSMEGDAWgBSQPsTFAqQsW7/b
cOqfRAyhUArMUDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tEN0V4UUtrTEZ1XzIzRHFuMFFNb1ZBS3pGQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvNDBjNTQ4LTVjYzYtNDdjMy05ZThmLWJkZGIyOWY4NWZiOC8x
LzdyVERpZzcwaHNWcnJuNF96N3A5LWNqLV84RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
NDBjNTQ4LTVjYzYtNDdjMy05ZThmLWJkZGIyOWY4NWZiOC8xL2tEN0V4UUtrTEZ1
XzIzRHFuMFFNb1ZBS3pGQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEBFEZ4DANBAIAAjAHAwUDKgLTADAN
BgkqhkiG9w0BAQsFAAOCAQEAXrurHOsHhig3XoGplcYvrHqoZH3u9YVYk9vgayqC
OreqLSrGnreCqLYmwlNFZyBZw2cJJRJVEiLUfhlMSRg6Vl/uiy+vfOTsC55Od13n
rdbkCjIYnfyVezjg3dfbtTGzbfiE49mQSQV1oTIakNmwRf58j4iNDly3Qz8wlaro
/ntSYsKSs0ZL+c3OnagDckQSm/AASu1HQ2UqR7K/OS/u0XMYyq0GP7xI4O0aeYFa
5QhsP+hftvARNXq9daOVW2gi++wjGbvRQMxcK+qvqwxXH6glTZ0HhwCg1UFCJJZc
NCyknN4UbOhIFAS/7FzjgROSUeuCbUlxdKF+1Xcd/ysXSw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:05 2023 by rpki-client on console-ams.rpki-client.org