Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/3Z-mAn3eQL5_qsZaefN7ixT6t8o.roa
File: 3Z-mAn3eQL5_qsZaefN7ixT6t8o.roa (raw, json)
Hash identifier: oF0fqXO5WGIa6G2p8iagZGxeCEizWWw95vlZe+DMuaE=
Subject key identifier: DD:9F:A6:02:7D:DE:40:BE:7F:AA:C6:5A:79:F3:7B:8B:14:FA:B7:CA
Certificate issuer: /CN=a4ce9640a3ef2fea19374ad8f99f423d7aa7c76b
Certificate serial: 01833871273226403D09EA8015A291236BD2
Authority key identifier: A4:CE:96:40:A3:EF:2F:EA:19:37:4A:D8:F9:9F:42:3D:7A:A7:C7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/3Z-mAn3eQL5_qsZaefN7ixT6t8o.roa
Signing time: Tue 13 Sep 2022 20:01:23 +0000
ROA not before: Tue 13 Sep 2022 20:01:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57428
IP address blocks: 81.19.131.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:38:71:27:32:26:40:3d:09:ea:80:15:a2:91:23:6b:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4ce9640a3ef2fea19374ad8f99f423d7aa7c76b
Validity
Not Before: Sep 13 20:01:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dd9fa6027dde40be7faac65a79f37b8b14fab7ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:0c:30:31:2c:08:38:4c:38:43:22:2d:c0:67:
b6:60:c7:d2:98:a7:41:12:0b:aa:47:53:dc:61:ad:
de:7f:74:21:7f:cd:38:3c:bf:c9:97:7c:35:36:2f:
11:31:98:0f:9b:0b:ac:f4:12:ab:1f:c6:e5:87:04:
bd:c6:9e:16:fc:e2:29:4f:7e:92:dc:e5:54:af:14:
dc:55:23:1a:97:25:c0:53:1e:92:e3:33:33:55:cc:
14:da:0c:11:66:88:7a:06:39:6a:35:f8:bd:51:b4:
6f:d2:c9:50:98:31:3f:71:b0:b0:42:df:4f:e5:ef:
8b:ab:2c:ce:a4:20:73:6f:8e:01:7e:f4:2b:d2:af:
3a:1b:04:14:b7:dc:ad:98:f5:09:10:bf:08:da:61:
f3:c7:26:9b:26:46:31:26:85:57:f2:c7:6e:9d:16:
08:e8:68:68:cc:19:f9:74:06:f2:60:89:c6:b7:dc:
a9:6f:d4:b9:02:c9:aa:07:16:3a:c6:fb:cb:ff:58:
a5:96:d0:48:29:b4:55:35:e6:a6:69:aa:b6:b8:68:
f1:f7:aa:26:b0:eb:f5:1a:97:40:48:6b:a3:a6:7a:
34:09:2e:01:55:8b:b1:f6:5b:7e:50:21:01:0e:32:
62:86:f5:ba:ed:7f:fe:a4:0e:bd:62:60:f9:4b:5c:
a4:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:9F:A6:02:7D:DE:40:BE:7F:AA:C6:5A:79:F3:7B:8B:14:FA:B7:CA
X509v3 Authority Key Identifier:
keyid:A4:CE:96:40:A3:EF:2F:EA:19:37:4A:D8:F9:9F:42:3D:7A:A7:C7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/3Z-mAn3eQL5_qsZaefN7ixT6t8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.131.0/24
Signature Algorithm: sha256WithRSAEncryption
84:1b:86:66:0e:c0:91:ed:a8:df:28:f9:7c:eb:4f:13:eb:43:
2e:9e:ac:b8:ee:bb:16:0b:1c:2b:c7:f0:a8:89:52:fa:f3:3d:
5b:d4:be:2e:81:aa:f2:04:f2:96:29:5b:cc:10:9b:f7:e0:db:
ef:49:a6:d1:e9:09:4c:e4:28:b7:68:47:df:e7:11:62:f5:97:
4b:91:8d:a1:07:65:35:55:fd:55:7b:15:53:bd:a6:61:aa:90:
cf:c5:ab:a3:dd:d0:6c:59:13:31:df:91:ac:42:2d:64:24:91:
34:5c:08:e8:f6:cd:72:b2:64:93:31:7b:36:5e:3b:1c:2a:91:
2b:ef:c4:e6:dc:2b:66:7d:78:c5:e9:72:41:a1:37:99:9b:24:
1c:1f:03:88:c2:34:30:04:9c:19:3f:9f:b0:51:7d:c7:91:a0:
ac:d6:d9:ed:83:a8:f3:c2:fe:22:69:9f:db:4f:71:16:33:fa:
16:be:cb:8d:d3:66:b5:f5:61:04:e2:b6:fc:eb:0e:42:37:ab:
0e:9f:ff:46:eb:09:5c:9e:eb:4f:bf:39:52:51:3a:0e:83:89:
d2:c1:de:f0:f1:80:ea:5d:47:fb:54:4b:7e:4e:6a:b8:57:1b:
b6:c1:d8:fa:73:ef:ba:42:3d:1f:a8:6c:c3:57:fe:28:87:79:
ec:fb:52:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYM4cScyJkA9CeqAFaKRI2vSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0Y2U5NjQwYTNlZjJmZWExOTM3NGFkOGY5OWY0MjNkN2Fh
N2M3NmIwHhcNMjIwOTEzMjAwMTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDlmYTYwMjdkZGU0MGJlN2ZhYWM2NWE3OWYzN2I4YjE0ZmFiN2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQwwMSwIOEw4QyItwGe2YMfSmKdB
EguqR1PcYa3ef3Qhf804PL/Jl3w1Ni8RMZgPmwus9BKrH8blhwS9xp4W/OIpT36S
3OVUrxTcVSMalyXAUx6S4zMzVcwU2gwRZoh6BjlqNfi9UbRv0slQmDE/cbCwQt9P
5e+LqyzOpCBzb44BfvQr0q86GwQUt9ytmPUJEL8I2mHzxyabJkYxJoVX8sdunRYI
6GhozBn5dAbyYInGt9ypb9S5AsmqBxY6xvvL/1illtBIKbRVNeamaaq2uGjx96om
sOv1GpdASGujpno0CS4BVYux9lt+UCEBDjJihvW67X/+pA69YmD5S1ykywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN2fpgJ93kC+f6rGWnnze4sU+rfKMB8GA1UdIwQY
MBaAFKTOlkCj7y/qGTdK2PmfQj16p8drMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE02V1FLUHZMLW9aTjByWS1aOUNQWHFueDJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mOGE1ZDEtMjYwYS00NmE0LWE4ZTQt
MjgzZmU1NGE2ZjJmLzEvM1otbUFuM2VRTDVfcXNaYWVmTjdpeFQ2dDhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mOGE1ZDEtMjYwYS00NmE0LWE4ZTQtMjgzZmU1NGE2ZjJm
LzEvcE02V1FLUHZMLW9aTjByWS1aOUNQWHFueDJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAURODMA0G
CSqGSIb3DQEBCwUAA4IBAQCEG4ZmDsCR7ajfKPl8608T60Munqy47rsWCxwrx/Co
iVL68z1b1L4ugaryBPKWKVvMEJv34NvvSabR6QlM5Ci3aEff5xFi9ZdLkY2hB2U1
Vf1VexVTvaZhqpDPxauj3dBsWRMx35GsQi1kJJE0XAjo9s1ysmSTMXs2XjscKpEr
78Tm3CtmfXjF6XJBoTeZmyQcHwOIwjQwBJwZP5+wUX3HkaCs1tntg6jzwv4iaZ/b
T3EWM/oWvsuN02a19WEE4rb86w5CN6sOn/9G6wlcnutPvzlSUToOg4nSwd7w8YDq
XUf7VEt+Tmq4Vxu2wdj6c++6Qj0fqGzDV/4oh3ns+1IV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:24 2024 by rpki-client on console-fra.rpki-client.org