Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/mGDFOgc5yQVCLzqNaoVI8Nzl0jw.roa
File: mGDFOgc5yQVCLzqNaoVI8Nzl0jw.roa (raw, json)
Hash identifier: EkxtZJAhipGxuI2drmYlDcWOT3Zh0/OLKcd5uwiMyk8=
Subject key identifier: 98:60:C5:3A:07:39:C9:05:42:2F:3A:8D:6A:85:48:F0:DC:E5:D2:3C
Certificate issuer: /CN=01f3ef3e0ea95a975537d5c25d93cb76af687234
Certificate serial: 355BA7A3
Authority key identifier: 01:F3:EF:3E:0E:A9:5A:97:55:37:D5:C2:5D:93:CB:76:AF:68:72:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/mGDFOgc5yQVCLzqNaoVI8Nzl0jw.roa
Signing time: Tue 04 Jan 2022 16:23:56 +0000
ROA not before: Tue 04 Jan 2022 16:23:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 4134
IP address blocks: 81.173.16.0/24 maxlen: 24
81.173.17.0/24 maxlen: 24
81.173.20.0/24 maxlen: 24
81.173.19.0/24 maxlen: 24
81.173.22.0/24 maxlen: 24
81.173.21.0/24 maxlen: 24
81.173.18.0/24 maxlen: 24
81.173.23.0/24 maxlen: 24
81.173.24.0/24 maxlen: 24
81.173.28.0/24 maxlen: 24
2a04:f580:8030:100::/56 maxlen: 56
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 895199139 (0x355ba7a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01f3ef3e0ea95a975537d5c25d93cb76af687234
Validity
Not Before: Jan 4 16:23:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9860c53a0739c905422f3a8d6a8548f0dce5d23c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:8b:ff:99:5f:78:c6:3a:6d:98:8d:65:1a:6c:
cc:c9:c9:37:76:61:cf:44:27:1b:49:1d:d8:03:5f:
83:95:26:fc:01:e9:dc:12:66:28:7c:64:49:0b:c7:
aa:63:f9:fa:c5:3b:2e:92:05:6a:19:a2:1e:0a:08:
c6:c3:94:fc:c5:18:e1:b5:56:f1:c4:08:27:76:95:
d2:a0:e1:1c:35:d4:f5:55:eb:7d:d6:95:1f:fc:2f:
e2:e8:9b:dc:b9:c2:59:9a:be:0f:0c:66:50:e1:54:
47:07:3e:db:30:93:5b:e7:1c:0d:bd:f1:b5:4c:4c:
ec:c8:9a:fb:ab:70:2d:12:02:67:c8:77:71:95:46:
ae:d7:ee:b0:82:0d:d1:36:46:6c:b4:69:fb:00:93:
39:02:c6:b2:f9:22:e1:25:e7:9c:39:1c:30:68:b1:
16:ec:34:85:c2:94:90:17:29:3e:47:29:a8:f2:04:
9e:a0:38:b1:70:9d:b1:49:93:ba:b1:2b:cc:d3:72:
8b:94:97:13:ac:9f:6c:c3:c7:7e:1c:00:21:3b:c4:
80:29:f1:95:83:d1:ff:3b:2d:6c:b4:a0:56:41:fa:
7c:fc:aa:04:3e:fc:54:fd:5e:1b:ef:b0:c5:c2:98:
05:78:c4:6f:6a:b9:b2:f6:b5:0d:a6:39:2d:bd:60:
07:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:60:C5:3A:07:39:C9:05:42:2F:3A:8D:6A:85:48:F0:DC:E5:D2:3C
X509v3 Authority Key Identifier:
keyid:01:F3:EF:3E:0E:A9:5A:97:55:37:D5:C2:5D:93:CB:76:AF:68:72:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/mGDFOgc5yQVCLzqNaoVI8Nzl0jw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.173.16.0-81.173.24.255
81.173.28.0/24
IPv6:
2a04:f580:8030:100::/56
Signature Algorithm: sha256WithRSAEncryption
08:1e:fb:00:f3:62:6f:47:c9:7d:2e:7e:fd:46:ab:6e:6a:61:
70:bb:c4:47:6c:7f:7a:99:9f:2e:a9:c6:d6:02:a2:f4:f8:de:
35:04:7e:f7:0b:fd:9f:b2:ec:2d:c8:5d:89:23:a7:04:36:5d:
a7:fc:c3:bd:f8:f1:1c:ba:92:7b:1d:d9:ca:e2:29:95:78:19:
cd:25:77:b2:bd:4d:a1:62:02:22:5d:7f:8e:c6:0d:54:7c:b1:
ce:cb:23:d6:e5:d7:f9:48:fa:6a:e2:13:2f:fc:29:22:e9:62:
c4:9f:96:e1:a3:c4:fc:d6:45:0a:0a:44:04:58:98:56:39:69:
59:11:f2:0b:93:2b:a9:8a:f9:1e:38:10:f9:3b:15:d2:9e:cb:
e8:73:65:c1:4b:e5:c6:b4:ac:36:b3:4c:f1:10:5d:2b:fb:eb:
82:a4:75:9b:e7:42:cc:0e:2d:71:4e:7a:13:72:f4:60:28:2f:
2b:1c:e6:b5:6c:17:f1:91:02:cb:85:d3:2d:f2:80:73:73:53:
c2:fc:4f:a3:95:b3:f3:43:9f:9c:07:5c:b2:0d:1f:40:cb:95:
36:bb:3a:c4:f5:eb:a5:e2:c0:a4:63:a8:48:ee:50:05:fe:9e:
4b:80:65:8e:9f:c9:dd:31:6e:db:de:13:9e:df:8b:bc:bb:4e:
ab:cb:0d:df
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIENVunozANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MWYzZWYzZTBlYTk1YTk3NTUzN2Q1YzI1ZDkzY2I3NmFmNjg3MjM0MB4XDTIyMDEw
NDE2MjM1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTg2MGM1M2EwNzM5
YzkwNTQyMmYzYThkNmE4NTQ4ZjBkY2U1ZDIzYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOOL/5lfeMY6bZiNZRpszMnJN3Zhz0QnG0kd2ANfg5Um/AHp
3BJmKHxkSQvHqmP5+sU7LpIFahmiHgoIxsOU/MUY4bVW8cQIJ3aV0qDhHDXU9VXr
fdaVH/wv4uib3LnCWZq+DwxmUOFURwc+2zCTW+ccDb3xtUxM7Mia+6twLRICZ8h3
cZVGrtfusIIN0TZGbLRp+wCTOQLGsvki4SXnnDkcMGixFuw0hcKUkBcpPkcpqPIE
nqA4sXCdsUmTurErzNNyi5SXE6yfbMPHfhwAITvEgCnxlYPR/zstbLSgVkH6fPyq
BD78VP1eG++wxcKYBXjEb2q5sva1DaY5Lb1gB10CAwEAAaOCAikwggIlMB0GA1Ud
DgQWBBSYYMU6BznJBUIvOo1qhUjw3OXSPDAfBgNVHSMEGDAWgBQB8+8+Dqlal1U3
1cJdk8t2r2hyNDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FmUHZQZzZwV3BkVk45WENYWlBMZHE5b2NqUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDUvODQxN2EwLTA3NzctNDQ2ZS05N2UxLTM1M2IzYTYzM2FkYS8x
L21HREZPZ2M1eVFWQ0x6cU5hb1ZJOE56bDBqdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUv
ODQxN2EwLTA3NzctNDQ2ZS05N2UxLTM1M2IzYTYzM2FkYS8xL0FmUHZQZzZwV3Bk
Vk45WENYWlBMZHE5b2NqUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA/
BggrBgEFBQcBBwEB/wQwMC4wGgQCAAEwFDAMAwQEUa0QAwQAUa0YAwQAUa0cMBAE
AgACMAoDCAAqBPWAgDABMA0GCSqGSIb3DQEBCwUAA4IBAQAIHvsA82JvR8l9Ln79
RqtuamFwu8RHbH96mZ8uqcbWAqL0+N41BH73C/2fsuwtyF2JI6cENl2n/MO9+PEc
upJ7HdnK4imVeBnNJXeyvU2hYgIiXX+Oxg1UfLHOyyPW5df5SPpq4hMv/Cki6WLE
n5bho8T81kUKCkQEWJhWOWlZEfILkyupivkeOBD5OxXSnsvoc2XBS+XGtKw2s0zx
EF0r++uCpHWb50LMDi1xTnoTcvRgKC8rHOa1bBfxkQLLhdMt8oBzc1PC/E+jlbPz
Q5+cB1yyDR9Ay5U2uzrE9eul4sCkY6hI7lAF/p5LgGWOn8ndMW7b3hOe34u8u06r
yw3f
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:58 2023 by rpki-client on console-ams.rpki-client.org