Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/YBkpMEIzHo4mHgu-QTma396s9M8.roa
File: YBkpMEIzHo4mHgu-QTma396s9M8.roa (raw, json)
Hash identifier: tLTEuZZhrT8/sjSoBEFJuZio68WYiPFutVyM2ye8C0o=
Subject key identifier: 60:19:29:30:42:33:1E:8E:26:1E:0B:BE:41:39:9A:DF:DE:AC:F4:CF
Certificate issuer: /CN=a4ce9640a3ef2fea19374ad8f99f423d7aa7c76b
Certificate serial: 049C12AA
Authority key identifier: A4:CE:96:40:A3:EF:2F:EA:19:37:4A:D8:F9:9F:42:3D:7A:A7:C7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/YBkpMEIzHo4mHgu-QTma396s9M8.roa
Signing time: Thu 28 Apr 2022 13:03:59 +0000
ROA not before: Thu 28 Apr 2022 13:03:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207967
IP address blocks: 81.19.131.0/24 maxlen: 32
81.19.136.0/24 maxlen: 32
81.19.139.0/24 maxlen: 32
81.19.134.0/24 maxlen: 32
81.19.140.0/24 maxlen: 32
81.19.141.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77337258 (0x49c12aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4ce9640a3ef2fea19374ad8f99f423d7aa7c76b
Validity
Not Before: Apr 28 13:03:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6019293042331e8e261e0bbe41399adfdeacf4cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:11:2d:ad:f2:14:f2:25:6b:5a:45:35:2a:b4:
1a:61:9f:02:78:80:07:c1:66:1a:13:2f:cf:63:23:
09:12:01:ec:e1:a6:52:91:6c:ce:76:fe:4e:c7:bc:
2b:ae:e5:e9:f1:05:ad:24:04:2c:7a:8b:ec:33:75:
f9:97:0f:02:64:b4:61:9c:0e:8e:5e:ea:38:3a:92:
e2:65:90:52:41:2c:f0:a9:a0:0b:0e:e1:ba:31:23:
53:d3:67:30:90:b8:f6:1c:e8:64:ae:52:b0:3b:7f:
bf:ba:af:e3:5a:d9:d3:61:13:cc:0d:bf:4b:58:65:
1c:f0:81:cd:ed:68:7b:90:3f:37:2f:5f:8b:f5:10:
ff:26:23:aa:7b:c8:ef:1f:6b:7f:63:1c:7e:2b:26:
24:dd:44:e8:b0:8b:15:b2:97:eb:82:18:db:ae:e7:
b3:ae:99:0c:81:91:13:07:5b:62:b6:ac:99:a3:44:
ca:15:18:3f:cc:52:da:e5:53:3b:ef:2a:be:61:47:
a6:7b:63:cb:8e:75:60:26:62:ea:f8:ae:3d:3f:bb:
58:2b:96:84:df:74:1a:bb:54:47:be:2b:5c:52:17:
b0:34:32:2a:94:3d:e1:2d:ee:7a:6e:d3:bd:ce:e8:
1c:11:eb:de:e7:22:1d:75:c0:a2:bf:e5:4a:74:8b:
ac:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:19:29:30:42:33:1E:8E:26:1E:0B:BE:41:39:9A:DF:DE:AC:F4:CF
X509v3 Authority Key Identifier:
keyid:A4:CE:96:40:A3:EF:2F:EA:19:37:4A:D8:F9:9F:42:3D:7A:A7:C7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/YBkpMEIzHo4mHgu-QTma396s9M8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.131.0/24
81.19.134.0/24
81.19.136.0/24
81.19.139.0-81.19.141.255
Signature Algorithm: sha256WithRSAEncryption
3f:ea:44:b5:27:5f:f4:ec:b8:23:35:1c:10:34:00:ad:d4:b6:
21:cd:cc:89:e0:b1:41:2b:72:35:96:a7:0b:66:cf:de:e2:94:
ab:cc:80:73:f0:b3:9a:3e:d7:e9:d8:fd:7b:42:1e:0b:ed:d9:
ce:3a:ff:f7:66:8b:6d:89:29:6b:4a:5f:9d:f1:f8:c4:e5:a8:
ac:d3:38:58:85:3e:23:fd:2e:2a:77:5f:27:4c:23:3a:3f:89:
6e:d6:75:1c:bd:46:a8:19:60:20:e5:4f:ea:ad:5d:f5:f4:b5:
b0:41:9c:78:fc:b1:80:4b:c7:69:ca:97:05:e4:b7:dd:f9:bd:
a0:fc:c6:25:c5:87:89:30:49:7b:0d:2c:9f:20:fb:2a:f4:0e:
09:c3:e6:77:a4:27:f5:12:07:09:c7:a6:fb:3f:90:04:9c:0b:
d2:ca:a9:49:1a:c5:c5:67:fc:3b:ae:53:79:8d:34:25:b6:06:
3c:86:a5:47:5b:ac:6f:73:e4:66:c8:3b:af:24:fa:90:67:95:
3a:47:f6:cd:44:02:a7:c0:20:ed:87:d7:af:fa:de:e8:6c:55:
5a:c9:3a:73:51:14:d1:e3:4f:a8:a9:bd:81:a7:3f:22:c3:29:
38:f0:06:53:49:6c:98:42:23:32:c2:24:3c:d2:2c:17:54:fb:
6d:82:d4:54
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEBJwSqjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NGNlOTY0MGEzZWYyZmVhMTkzNzRhZDhmOTlmNDIzZDdhYTdjNzZiMB4XDTIyMDQy
ODEzMDM1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjAxOTI5MzA0MjMz
MWU4ZTI2MWUwYmJlNDEzOTlhZGZkZWFjZjRjZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKwRLa3yFPIla1pFNSq0GmGfAniAB8FmGhMvz2MjCRIB7OGm
UpFsznb+Tse8K67l6fEFrSQELHqL7DN1+ZcPAmS0YZwOjl7qODqS4mWQUkEs8Kmg
Cw7hujEjU9NnMJC49hzoZK5SsDt/v7qv41rZ02ETzA2/S1hlHPCBze1oe5A/Ny9f
i/UQ/yYjqnvI7x9rf2McfismJN1E6LCLFbKX64IY267ns66ZDIGREwdbYrasmaNE
yhUYP8xS2uVTO+8qvmFHpntjy451YCZi6viuPT+7WCuWhN90GrtUR74rXFIXsDQy
KpQ94S3uem7Tvc7oHBHr3uciHXXAor/lSnSLrFECAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBRgGSkwQjMejiYeC75BOZrf3qz0zzAfBgNVHSMEGDAWgBSkzpZAo+8v6hk3
Stj5n0I9eqfHazAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BNNldRS1B2TC1vWk4wclktWjlDUFhxbngycy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGIvZjhhNWQxLTI2MGEtNDZhNC1hOGU0LTI4M2ZlNTRhNmYyZi8x
L1lCa3BNRUl6SG80bUhndS1RVG1hMzk2czlNOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGIv
ZjhhNWQxLTI2MGEtNDZhNC1hOGU0LTI4M2ZlNTRhNmYyZi8xL3BNNldRS1B2TC1v
Wk4wclktWjlDUFhxbngycy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEAFETgwMEAFEThgMEAFETiDAMAwQA
UROLAwQBUROMMA0GCSqGSIb3DQEBCwUAA4IBAQA/6kS1J1/07LgjNRwQNACt1LYh
zcyJ4LFBK3I1lqcLZs/e4pSrzIBz8LOaPtfp2P17Qh4L7dnOOv/3ZottiSlrSl+d
8fjE5ais0zhYhT4j/S4qd18nTCM6P4lu1nUcvUaoGWAg5U/qrV319LWwQZx4/LGA
S8dpypcF5Lfd+b2g/MYlxYeJMEl7DSyfIPsq9A4Jw+Z3pCf1EgcJx6b7P5AEnAvS
yqlJGsXFZ/w7rlN5jTQltgY8hqVHW6xvc+RmyDuvJPqQZ5U6R/bNRAKnwCDth9ev
+t7obFVayTpzURTR40+oqb2Bpz8iwyk48AZTSWyYQiMywiQ80iwXVPttgtRU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:24 2024 by rpki-client on console-fra.rpki-client.org