Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/RJ9fdV0QEfJmjawUwgmwZh4W7QU.roa
File: RJ9fdV0QEfJmjawUwgmwZh4W7QU.roa (raw, json)
Hash identifier: dp3ASov4FpoeM01o0H5mtK/ARQsXAarwA1833mNU0ok=
Subject key identifier: 44:9F:5F:75:5D:10:11:F2:66:8D:AC:14:C2:09:B0:66:1E:16:ED:05
Certificate issuer: /CN=3fedd85c1eccb5ff4ba930117a7329099c0ff2eb
Certificate serial: 15FFD852
Authority key identifier: 3F:ED:D8:5C:1E:CC:B5:FF:4B:A9:30:11:7A:73:29:09:9C:0F:F2:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-3YXB7Mtf9LqTARenMpCZwP8us.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/RJ9fdV0QEfJmjawUwgmwZh4W7QU.roa
Signing time: Tue 29 Mar 2022 07:11:38 +0000
ROA not before: Tue 29 Mar 2022 07:11:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6810
IP address blocks: 81.218.102.0/24 maxlen: 24
85.130.128.0/18 maxlen: 24
62.219.92.0/24 maxlen: 24
31.168.36.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 369088594 (0x15ffd852)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fedd85c1eccb5ff4ba930117a7329099c0ff2eb
Validity
Not Before: Mar 29 07:11:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=449f5f755d1011f2668dac14c209b0661e16ed05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:70:84:95:07:d8:07:84:f9:a1:1a:9c:95:ac:
58:fd:18:24:9f:0f:be:44:d1:10:44:ec:7b:ef:af:
55:3c:5e:cc:aa:ac:47:63:3b:4b:ac:9f:f3:9d:30:
97:4f:bf:eb:3c:da:e8:c6:2e:db:6d:2b:24:20:24:
3c:9a:18:76:ae:59:d2:4b:ce:5d:62:ec:f4:4d:c3:
bd:6c:0f:db:1d:a0:9c:4d:b1:5d:a5:bc:04:94:70:
7b:80:3b:27:19:96:d2:1f:af:97:b0:5a:de:41:49:
f8:72:92:66:be:76:45:74:85:04:f6:6d:23:dd:2e:
ca:a0:48:b6:7e:bc:d3:e2:87:7e:6e:0b:a2:d1:69:
10:76:1f:2c:5a:4b:a9:ae:9d:c2:fc:de:e3:7c:22:
bf:e0:e6:c9:64:39:dc:1b:23:05:a1:72:c4:2b:aa:
3d:ae:28:4e:5f:01:6e:37:47:51:26:b9:f8:98:ba:
71:cb:21:58:25:fb:23:34:d3:62:ed:31:26:5f:38:
7d:32:03:8f:14:ab:6f:33:d3:e6:7e:a9:72:f7:51:
b8:dc:72:cf:9d:27:52:6d:ae:ed:ae:27:86:bd:5d:
a5:db:d4:67:be:20:a2:17:a6:f7:6a:ae:05:de:69:
80:0c:fb:62:17:65:80:4d:c5:f2:03:0b:d6:89:a8:
10:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:9F:5F:75:5D:10:11:F2:66:8D:AC:14:C2:09:B0:66:1E:16:ED:05
X509v3 Authority Key Identifier:
keyid:3F:ED:D8:5C:1E:CC:B5:FF:4B:A9:30:11:7A:73:29:09:9C:0F:F2:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-3YXB7Mtf9LqTARenMpCZwP8us.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/RJ9fdV0QEfJmjawUwgmwZh4W7QU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/P-3YXB7Mtf9LqTARenMpCZwP8us.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.168.36.0/23
62.219.92.0/24
81.218.102.0/24
85.130.128.0/18
Signature Algorithm: sha256WithRSAEncryption
7a:b0:ee:bd:26:77:f7:f5:b7:b0:f5:95:ed:5c:64:b2:0c:55:
e5:99:69:cd:34:b9:45:c4:4f:ce:b1:f3:69:f3:1d:86:b2:7d:
0e:c9:b4:a1:5c:c0:25:c4:4a:7e:55:5a:e2:d8:4f:61:0d:f2:
41:d8:2f:dd:fa:6b:18:5a:79:3a:51:a4:d1:7e:c3:5f:0a:a0:
c1:98:88:c3:cd:34:7c:dc:36:48:bb:e5:46:48:3b:46:8e:fd:
47:ba:9a:0d:f5:e3:d2:29:ce:3a:d9:c5:58:e7:a2:76:d8:7c:
46:23:ef:66:30:6b:60:09:de:42:62:ed:0e:86:ab:2b:d8:9a:
dc:de:4e:2e:9e:60:fa:37:93:16:6e:99:bd:dc:7e:77:e4:b8:
60:0d:ae:94:4a:c9:19:14:14:10:b6:0c:e6:b4:29:f8:32:f9:
22:0b:f1:d3:30:f8:6c:f2:86:51:d9:29:03:bd:b6:af:e5:84:
2c:32:78:06:8c:e7:53:29:ce:a4:87:29:ad:ae:ad:9b:4f:8f:
89:46:5e:94:a7:90:3f:f3:da:8b:75:c1:e7:de:4b:1b:bd:12:
5e:c2:6c:bf:bd:84:33:33:eb:ba:b6:b0:17:12:b6:b4:f9:89:
a7:80:6e:6f:4d:16:60:7c:31:cb:94:76:9c:a4:5d:0f:d7:40:
ad:6e:9d:8a
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEFf/YUjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZmVkZDg1YzFlY2NiNWZmNGJhOTMwMTE3YTczMjkwOTljMGZmMmViMB4XDTIyMDMy
OTA3MTEzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDQ5ZjVmNzU1ZDEw
MTFmMjY2OGRhYzE0YzIwOWIwNjYxZTE2ZWQwNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJFwhJUH2AeE+aEanJWsWP0YJJ8PvkTREETse++vVTxezKqs
R2M7S6yf850wl0+/6zza6MYu220rJCAkPJoYdq5Z0kvOXWLs9E3DvWwP2x2gnE2x
XaW8BJRwe4A7JxmW0h+vl7Ba3kFJ+HKSZr52RXSFBPZtI90uyqBItn680+KHfm4L
otFpEHYfLFpLqa6dwvze43wiv+DmyWQ53BsjBaFyxCuqPa4oTl8BbjdHUSa5+Ji6
ccshWCX7IzTTYu0xJl84fTIDjxSrbzPT5n6pcvdRuNxyz50nUm2u7a4nhr1dpdvU
Z74gohem92quBd5pgAz7YhdlgE3F8gML1omoEBECAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBREn191XRAR8maNrBTCCbBmHhbtBTAfBgNVHSMEGDAWgBQ/7dhcHsy1/0up
MBF6cykJnA/y6zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1AtM1lYQjdNdGY5THFUQVJlbk1wQ1p3UDh1cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvNDFjMzIxLTM0N2UtNGMzZS1hZmZkLWUyYjUyNzcyOGU5Ni8x
L1JKOWZkVjBRRWZKbWphd1V3Z213Wmg0VzdRVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
NDFjMzIxLTM0N2UtNGMzZS1hZmZkLWUyYjUyNzcyOGU5Ni8xL1AtM1lYQjdNdGY5
THFUQVJlbk1wQ1p3UDh1cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAR+oJAMEAD7bXAMEAFHaZgMEBlWC
gDANBgkqhkiG9w0BAQsFAAOCAQEAerDuvSZ39/W3sPWV7VxksgxV5ZlpzTS5RcRP
zrHzafMdhrJ9Dsm0oVzAJcRKflVa4thPYQ3yQdgv3fprGFp5OlGk0X7DXwqgwZiI
w800fNw2SLvlRkg7Ro79R7qaDfXj0inOOtnFWOeidth8RiPvZjBrYAneQmLtDoar
K9ia3N5OLp5g+jeTFm6Zvdx+d+S4YA2ulErJGRQUELYM5rQp+DL5Igvx0zD4bPKG
UdkpA722r+WELDJ4BoznUynOpIcpra6tm0+PiUZelKeQP/Pai3XB595LG70SXsJs
v72EMzPrurawFxK2tPmJp4Bub00WYHwxy5R2nKRdD9dArW6dig==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:36 2025 by rpki-client