Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/X3mKMRiS6UPhIdhoDTVbZY_iM0Y.roa
File: X3mKMRiS6UPhIdhoDTVbZY_iM0Y.roa (raw, json)
Hash identifier: u6R1SaybhSTcATmONlDpu/qlEUW0ldx0bYyOUrY79gM=
Subject key identifier: 5F:79:8A:31:18:92:E9:43:E1:21:D8:68:0D:35:5B:65:8F:E2:33:46
Certificate issuer: /CN=a4ce9640a3ef2fea19374ad8f99f423d7aa7c76b
Certificate serial: 0451A2DA
Authority key identifier: A4:CE:96:40:A3:EF:2F:EA:19:37:4A:D8:F9:9F:42:3D:7A:A7:C7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/X3mKMRiS6UPhIdhoDTVbZY_iM0Y.roa
Signing time: Thu 24 Mar 2022 13:25:26 +0000
ROA not before: Thu 24 Mar 2022 13:25:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51609
IP address blocks: 81.19.136.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72458970 (0x451a2da)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4ce9640a3ef2fea19374ad8f99f423d7aa7c76b
Validity
Not Before: Mar 24 13:25:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5f798a311892e943e121d8680d355b658fe23346
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:49:1e:83:b1:89:87:c0:6b:2f:d8:ea:c0:b7:
fe:fe:f0:ba:b6:64:b6:e9:f6:b2:66:51:e3:d3:07:
51:dd:60:78:ac:ea:5c:a8:ba:a3:e9:1a:ec:2f:c5:
e4:f9:25:9a:2c:9d:a1:3b:c5:82:aa:be:c2:6e:94:
6e:77:95:3f:74:89:df:1b:b9:d0:5c:87:9e:ca:65:
09:58:d9:b0:aa:65:e0:6a:98:ec:3f:b4:df:5a:31:
95:55:9b:1b:59:3d:dc:c5:91:54:25:0e:f4:90:0b:
23:b0:a9:dc:7b:77:e8:2d:8c:0d:66:48:4a:7e:38:
29:9a:3f:57:d7:a5:b9:cc:e3:67:27:f0:21:e9:88:
bb:d0:82:66:4a:d2:a5:28:aa:22:fb:ec:db:6d:ec:
06:17:cc:4e:60:d1:f4:7a:7f:24:fe:64:6d:92:cf:
51:24:a4:32:70:46:95:51:15:e3:eb:55:53:2b:54:
ae:59:c5:1b:1e:03:84:1e:53:c6:ca:78:b7:a7:07:
96:d2:ae:d8:da:61:ef:10:24:bb:88:30:16:63:5c:
79:97:25:1b:60:b6:94:80:8b:fe:3a:94:99:c8:9f:
36:63:47:6a:be:d1:59:96:e4:e9:75:32:1d:19:8f:
d3:55:fd:e9:bb:54:f5:86:8a:a5:52:a2:d6:0e:12:
2b:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:79:8A:31:18:92:E9:43:E1:21:D8:68:0D:35:5B:65:8F:E2:33:46
X509v3 Authority Key Identifier:
keyid:A4:CE:96:40:A3:EF:2F:EA:19:37:4A:D8:F9:9F:42:3D:7A:A7:C7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/X3mKMRiS6UPhIdhoDTVbZY_iM0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.136.0/24
Signature Algorithm: sha256WithRSAEncryption
54:56:ad:31:83:af:59:a6:79:e0:ba:84:81:50:05:69:a3:de:
98:c4:70:6b:84:94:9f:ad:0d:e4:66:bc:19:42:ae:25:d9:ee:
7a:7e:79:6b:9c:32:5f:87:ee:a3:ab:36:03:11:ae:c8:8e:80:
b5:70:1c:f2:6e:2d:3d:05:4c:78:73:55:00:5e:fa:aa:f6:26:
49:90:59:6a:42:03:13:19:a5:4d:3c:f6:aa:95:13:9e:53:79:
3b:94:7f:5e:19:d7:89:ef:72:55:58:50:79:f2:f7:42:28:61:
d9:07:15:35:ea:a1:9c:7a:6e:2b:df:cd:5e:99:d7:69:27:b0:
ba:5a:cd:41:da:7c:ce:31:b3:cb:55:c2:8a:91:8b:d0:14:22:
93:53:eb:76:9c:f1:1a:ae:ef:0e:b0:6e:0d:56:a1:37:b0:fc:
86:34:55:9c:bf:b6:45:e1:c1:d1:43:f6:b0:c4:8f:3b:d3:7d:
fb:27:49:f3:26:54:e1:28:51:43:48:bf:3d:f2:98:2a:4b:d5:
8d:67:dc:33:a4:e6:ab:37:a8:9b:3f:c0:2b:bf:53:75:cd:df:
9f:cc:0a:7f:6e:e3:d8:d9:ee:21:18:4c:13:04:de:71:60:25:
24:f7:db:b1:5d:af:a2:fd:b5:7c:4c:c3:47:07:5d:7d:4b:3e:
44:d7:e1:35
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBFGi2jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NGNlOTY0MGEzZWYyZmVhMTkzNzRhZDhmOTlmNDIzZDdhYTdjNzZiMB4XDTIyMDMy
NDEzMjUyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWY3OThhMzExODky
ZTk0M2UxMjFkODY4MGQzNTViNjU4ZmUyMzM0NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJlJHoOxiYfAay/Y6sC3/v7wurZktun2smZR49MHUd1geKzq
XKi6o+ka7C/F5PklmiydoTvFgqq+wm6UbneVP3SJ3xu50FyHnsplCVjZsKpl4GqY
7D+031oxlVWbG1k93MWRVCUO9JALI7Cp3Ht36C2MDWZISn44KZo/V9eluczjZyfw
IemIu9CCZkrSpSiqIvvs223sBhfMTmDR9Hp/JP5kbZLPUSSkMnBGlVEV4+tVUytU
rlnFGx4DhB5Txsp4t6cHltKu2Nph7xAku4gwFmNceZclG2C2lICL/jqUmcifNmNH
ar7RWZbk6XUyHRmP01X96btU9YaKpVKi1g4SKwMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRfeYoxGJLpQ+Eh2GgNNVtlj+IzRjAfBgNVHSMEGDAWgBSkzpZAo+8v6hk3
Stj5n0I9eqfHazAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BNNldRS1B2TC1vWk4wclktWjlDUFhxbngycy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGIvZjhhNWQxLTI2MGEtNDZhNC1hOGU0LTI4M2ZlNTRhNmYyZi8x
L1gzbUtNUmlTNlVQaElkaG9EVFZiWllfaU0wWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGIv
ZjhhNWQxLTI2MGEtNDZhNC1hOGU0LTI4M2ZlNTRhNmYyZi8xL3BNNldRS1B2TC1v
Wk4wclktWjlDUFhxbngycy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFETiDANBgkqhkiG9w0BAQsFAAOC
AQEAVFatMYOvWaZ54LqEgVAFaaPemMRwa4SUn60N5Ga8GUKuJdnuen55a5wyX4fu
o6s2AxGuyI6AtXAc8m4tPQVMeHNVAF76qvYmSZBZakIDExmlTTz2qpUTnlN5O5R/
XhnXie9yVVhQefL3Qihh2QcVNeqhnHpuK9/NXpnXaSewulrNQdp8zjGzy1XCipGL
0BQik1PrdpzxGq7vDrBuDVahN7D8hjRVnL+2ReHB0UP2sMSPO9N9+ydJ8yZU4ShR
Q0i/PfKYKkvVjWfcM6Tmqzeomz/AK79Tdc3fn8wKf27j2NnuIRhMEwTecWAlJPfb
sV2vov21fEzDRwddfUs+RNfhNQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:24 2024 by rpki-client on console-fra.rpki-client.org