Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/mNaf0G3__BPu6JPZJg0F7bxgBKI.roa
File: mNaf0G3__BPu6JPZJg0F7bxgBKI.roa (raw, json)
Hash identifier: jak8SOeW+foVa9Kxc05AKRBaQybQUUHfpbWZBQeyUSc=
Subject key identifier: 98:D6:9F:D0:6D:FF:FC:13:EE:E8:93:D9:26:0D:05:ED:BC:60:04:A2
Certificate issuer: /CN=a4ce9640a3ef2fea19374ad8f99f423d7aa7c76b
Certificate serial: 01833D1F2BC4C8A8191583667CEB3431B4AC
Authority key identifier: A4:CE:96:40:A3:EF:2F:EA:19:37:4A:D8:F9:9F:42:3D:7A:A7:C7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/mNaf0G3__BPu6JPZJg0F7bxgBKI.roa
Signing time: Wed 14 Sep 2022 17:49:56 +0000
ROA not before: Wed 14 Sep 2022 17:49:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207967
IP address blocks: 81.19.134.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:3d:1f:2b:c4:c8:a8:19:15:83:66:7c:eb:34:31:b4:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4ce9640a3ef2fea19374ad8f99f423d7aa7c76b
Validity
Not Before: Sep 14 17:49:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=98d69fd06dfffc13eee893d9260d05edbc6004a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:73:3a:dd:b3:7c:00:42:7c:1a:8f:20:7a:a1:
1d:e5:9d:01:88:c1:ca:a9:cd:5b:96:44:83:61:a3:
c5:e0:51:a5:6a:03:72:ab:76:e4:18:fb:e1:d2:56:
e7:ff:20:11:4a:d6:ae:29:e5:97:79:e7:d4:27:9f:
ec:9c:02:c3:5a:9f:e9:d3:7a:22:a2:89:0c:5e:76:
1f:7d:b9:cb:ef:86:9a:77:0a:65:a9:62:cc:4d:7c:
70:3f:30:03:00:8a:4a:7d:3e:34:58:66:5e:53:96:
25:8e:2d:68:1a:69:35:be:57:25:f9:fc:56:8e:ee:
61:5a:65:3c:ff:4f:00:8b:25:c9:ff:53:03:06:66:
50:65:f9:39:f3:dc:8f:e0:03:83:a7:8f:11:d5:7f:
be:64:df:8b:96:06:7a:82:c6:2f:e6:ed:26:13:cf:
8e:f5:ec:63:5c:1f:93:c9:48:69:84:91:ed:58:b6:
be:92:d0:03:0f:e9:43:46:78:6a:8a:f0:46:32:ff:
ac:74:0e:92:d2:28:83:9e:36:ef:0b:76:f4:99:25:
c0:e6:da:a8:fb:68:77:b8:80:99:5f:1c:b0:c7:b2:
ce:fa:0b:f4:35:53:b9:a2:57:cb:2e:7a:8b:bf:5f:
d4:9d:6f:fd:fa:7a:00:5b:a8:90:f2:ec:d3:71:98:
25:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:D6:9F:D0:6D:FF:FC:13:EE:E8:93:D9:26:0D:05:ED:BC:60:04:A2
X509v3 Authority Key Identifier:
keyid:A4:CE:96:40:A3:EF:2F:EA:19:37:4A:D8:F9:9F:42:3D:7A:A7:C7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/mNaf0G3__BPu6JPZJg0F7bxgBKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.134.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:9f:32:ce:34:1f:9f:1c:a5:9c:17:d2:c2:01:7f:26:ee:53:
56:fd:e8:2d:2e:ca:45:2a:bf:c3:bd:76:2f:0e:98:2d:35:ce:
43:ee:ba:be:b5:ef:ce:cd:7e:3c:98:56:37:ef:2d:d2:61:46:
0c:c4:c8:b0:0c:2d:b5:a1:ac:e9:65:fc:63:56:52:e5:73:8b:
49:9b:56:ab:f3:3e:91:e2:23:af:1d:a6:84:12:17:ae:23:99:
10:a1:38:11:b0:a1:b6:b4:c5:53:84:b2:9f:90:0f:3c:ad:f0:
38:45:b5:f7:78:20:21:77:6c:ef:0c:a1:c8:ad:1f:d8:15:87:
df:aa:d9:48:38:ef:93:60:c7:03:0f:bc:f0:5a:eb:78:6b:de:
0b:d8:b5:ac:bf:d3:a1:ab:55:93:c7:ac:a2:66:45:ef:d9:33:
18:6c:32:ae:15:bd:d0:21:2e:03:b8:98:bd:e2:26:16:bd:d9:
b0:60:1d:e2:8a:b2:b1:9b:59:e3:96:e6:91:48:da:3f:15:02:
f3:70:5f:a0:3f:5f:a4:3f:90:c2:93:5a:e1:b1:6f:44:e6:09:
db:bf:1f:eb:ca:db:9e:c2:18:26:54:87:c9:94:8a:e2:36:2e:
67:04:4d:89:41:3a:01:11:c9:ff:65:c2:cc:95:3d:1f:7f:66:
ee:9c:08:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYM9HyvEyKgZFYNmfOs0MbSsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0Y2U5NjQwYTNlZjJmZWExOTM3NGFkOGY5OWY0MjNkN2Fh
N2M3NmIwHhcNMjIwOTE0MTc0OTU2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGQ2OWZkMDZkZmZmYzEzZWVlODkzZDkyNjBkMDVlZGJjNjAwNGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhnM63bN8AEJ8Go8geqEd5Z0BiMHK
qc1blkSDYaPF4FGlagNyq3bkGPvh0lbn/yARStauKeWXeefUJ5/snALDWp/p03oi
ookMXnYffbnL74aadwplqWLMTXxwPzADAIpKfT40WGZeU5Ylji1oGmk1vlcl+fxW
ju5hWmU8/08AiyXJ/1MDBmZQZfk589yP4AODp48R1X++ZN+LlgZ6gsYv5u0mE8+O
9exjXB+TyUhphJHtWLa+ktADD+lDRnhqivBGMv+sdA6S0iiDnjbvC3b0mSXA5tqo
+2h3uICZXxywx7LO+gv0NVO5olfLLnqLv1/UnW/9+noAW6iQ8uzTcZglswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJjWn9Bt//wT7uiT2SYNBe28YASiMB8GA1UdIwQY
MBaAFKTOlkCj7y/qGTdK2PmfQj16p8drMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE02V1FLUHZMLW9aTjByWS1aOUNQWHFueDJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mOGE1ZDEtMjYwYS00NmE0LWE4ZTQt
MjgzZmU1NGE2ZjJmLzEvbU5hZjBHM19fQlB1NkpQWkpnMEY3YnhnQktJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mOGE1ZDEtMjYwYS00NmE0LWE4ZTQtMjgzZmU1NGE2ZjJm
LzEvcE02V1FLUHZMLW9aTjByWS1aOUNQWHFueDJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUROGMA0G
CSqGSIb3DQEBCwUAA4IBAQANnzLONB+fHKWcF9LCAX8m7lNW/egtLspFKr/DvXYv
DpgtNc5D7rq+te/OzX48mFY37y3SYUYMxMiwDC21oazpZfxjVlLlc4tJm1ar8z6R
4iOvHaaEEheuI5kQoTgRsKG2tMVThLKfkA88rfA4RbX3eCAhd2zvDKHIrR/YFYff
qtlIOO+TYMcDD7zwWut4a94L2LWsv9Ohq1WTx6yiZkXv2TMYbDKuFb3QIS4DuJi9
4iYWvdmwYB3iirKxm1njluaRSNo/FQLzcF+gP1+kP5DCk1rhsW9E5gnbvx/rytue
whgmVIfJlIriNi5nBE2JQToBEcn/ZcLMlT0ff2bunAi0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:19 2024 by rpki-client on console-ams.rpki-client.org