Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/nPvd18oqcaRMVOtPHZT0wRSrY6E.roa
File: nPvd18oqcaRMVOtPHZT0wRSrY6E.roa (raw, json)
Hash identifier: 3nw8Cl6uylgXO4r6xOSLl+5qqaQyjoJJTxeTck2TKy4=
Subject key identifier: 9C:FB:DD:D7:CA:2A:71:A4:4C:54:EB:4F:1D:94:F4:C1:14:AB:63:A1
Certificate issuer: /CN=a4ce9640a3ef2fea19374ad8f99f423d7aa7c76b
Certificate serial: 04507441
Authority key identifier: A4:CE:96:40:A3:EF:2F:EA:19:37:4A:D8:F9:9F:42:3D:7A:A7:C7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/nPvd18oqcaRMVOtPHZT0wRSrY6E.roa
Signing time: Thu 24 Mar 2022 07:03:12 +0000
ROA not before: Thu 24 Mar 2022 07:03:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207967
IP address blocks: 81.19.131.0/24 maxlen: 32
81.19.136.0/24 maxlen: 32
81.19.135.0/24 maxlen: 32
81.19.134.0/24 maxlen: 32
81.19.140.0/24 maxlen: 32
81.19.141.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72381505 (0x4507441)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4ce9640a3ef2fea19374ad8f99f423d7aa7c76b
Validity
Not Before: Mar 24 07:03:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9cfbddd7ca2a71a44c54eb4f1d94f4c114ab63a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:f5:b6:ab:bd:f3:e5:48:31:67:72:6c:39:57:
4b:6a:00:2e:3a:d7:70:cf:d8:35:e0:6f:9d:36:54:
db:28:74:85:46:ee:34:29:84:8a:08:48:68:a3:e5:
d1:91:3b:d5:bc:90:fb:cc:3e:4c:a7:17:da:b8:30:
ac:3e:0b:b4:e4:3e:96:44:95:bd:e9:12:b9:ca:32:
85:40:17:c2:07:88:7c:07:49:6a:2b:23:19:31:90:
1a:95:2e:5d:c5:03:b7:a2:db:d8:57:68:e1:57:3a:
45:18:de:00:eb:42:ed:75:c7:de:fb:f0:3e:f2:1b:
33:c3:67:d6:65:93:1a:0c:79:cb:c4:37:32:26:6f:
2d:cc:90:17:26:df:06:c5:81:22:cd:63:3f:32:18:
24:82:36:9d:e5:82:20:69:77:66:d3:d7:0a:2c:29:
be:d8:ca:e9:f1:11:c0:94:d3:10:e4:55:98:a4:2f:
be:c8:e5:3c:b1:f1:51:c6:7e:ad:ba:2d:78:d2:b3:
40:d5:23:97:1e:87:52:ad:85:7b:2c:8a:c6:99:66:
35:a1:a3:98:22:db:b8:03:54:0d:77:1c:7d:80:bc:
b5:6c:13:d9:01:4b:90:1e:e1:21:49:62:44:f0:6f:
39:f8:ae:b5:3d:7b:76:95:74:06:11:c0:a1:d3:df:
60:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:FB:DD:D7:CA:2A:71:A4:4C:54:EB:4F:1D:94:F4:C1:14:AB:63:A1
X509v3 Authority Key Identifier:
keyid:A4:CE:96:40:A3:EF:2F:EA:19:37:4A:D8:F9:9F:42:3D:7A:A7:C7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/nPvd18oqcaRMVOtPHZT0wRSrY6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.131.0/24
81.19.134.0-81.19.136.255
81.19.140.0/23
Signature Algorithm: sha256WithRSAEncryption
ad:e7:bc:5b:23:ea:e2:89:e5:34:bc:d8:ed:69:76:55:27:29:
02:7b:b5:4e:a2:91:12:01:03:d1:56:fb:2d:72:d6:81:39:9f:
53:48:6e:d8:e3:b6:e1:6d:bb:e6:f4:44:5b:cc:7c:16:cb:da:
cc:22:c0:c1:31:5f:db:9f:24:d7:53:2f:19:17:b1:ff:cb:2c:
23:60:80:5e:38:2c:c1:fa:3a:0a:a7:16:42:c8:51:d2:8e:f0:
1b:40:27:3d:c1:1c:2d:8d:4e:2a:28:9a:3a:88:ca:4b:f7:9d:
0e:da:eb:ca:9e:2f:97:9b:69:2a:03:69:43:6c:9d:6c:01:74:
63:bf:1a:ea:5d:09:f3:17:68:5d:34:b6:aa:3c:14:99:1c:61:
bb:e6:08:28:db:b5:24:22:65:65:fb:02:5d:45:f3:9c:2e:9c:
96:fb:8c:67:7b:c3:2f:2f:38:6c:1a:43:2a:65:97:9c:0e:26:
e0:59:b4:c7:30:51:ed:14:9f:b1:2d:a5:18:ea:7d:7d:6b:8f:
d2:fd:5d:96:1e:23:32:c3:c7:59:2d:25:93:54:6a:b9:24:88:
b8:df:08:b4:9d:b5:9e:dd:02:49:53:ee:bf:fb:32:4f:03:6e:
fe:8a:34:fb:ef:19:aa:70:d8:26:03:00:ae:ae:93:76:81:cc:
92:b2:c2:fe
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEBFB0QTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NGNlOTY0MGEzZWYyZmVhMTkzNzRhZDhmOTlmNDIzZDdhYTdjNzZiMB4XDTIyMDMy
NDA3MDMxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWNmYmRkZDdjYTJh
NzFhNDRjNTRlYjRmMWQ5NGY0YzExNGFiNjNhMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANX1tqu98+VIMWdybDlXS2oALjrXcM/YNeBvnTZU2yh0hUbu
NCmEighIaKPl0ZE71byQ+8w+TKcX2rgwrD4LtOQ+lkSVvekSucoyhUAXwgeIfAdJ
aisjGTGQGpUuXcUDt6Lb2Fdo4Vc6RRjeAOtC7XXH3vvwPvIbM8Nn1mWTGgx5y8Q3
MiZvLcyQFybfBsWBIs1jPzIYJII2neWCIGl3ZtPXCiwpvtjK6fERwJTTEORVmKQv
vsjlPLHxUcZ+rboteNKzQNUjlx6HUq2FeyyKxplmNaGjmCLbuANUDXccfYC8tWwT
2QFLkB7hIUliRPBvOfiutT17dpV0BhHAodPfYIUCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBSc+93XyipxpExU608dlPTBFKtjoTAfBgNVHSMEGDAWgBSkzpZAo+8v6hk3
Stj5n0I9eqfHazAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BNNldRS1B2TC1vWk4wclktWjlDUFhxbngycy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGIvZjhhNWQxLTI2MGEtNDZhNC1hOGU0LTI4M2ZlNTRhNmYyZi8x
L25QdmQxOG9xY2FSTVZPdFBIWlQwd1JTclk2RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGIv
ZjhhNWQxLTI2MGEtNDZhNC1hOGU0LTI4M2ZlNTRhNmYyZi8xL3BNNldRS1B2TC1v
Wk4wclktWjlDUFhxbngycy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEAFETgzAMAwQBUROGAwQAUROIAwQB
UROMMA0GCSqGSIb3DQEBCwUAA4IBAQCt57xbI+riieU0vNjtaXZVJykCe7VOopES
AQPRVvstctaBOZ9TSG7Y47bhbbvm9ERbzHwWy9rMIsDBMV/bnyTXUy8ZF7H/yywj
YIBeOCzB+joKpxZCyFHSjvAbQCc9wRwtjU4qKJo6iMpL950O2uvKni+Xm2kqA2lD
bJ1sAXRjvxrqXQnzF2hdNLaqPBSZHGG75ggo27UkImVl+wJdRfOcLpyW+4xne8Mv
LzhsGkMqZZecDibgWbTHMFHtFJ+xLaUY6n19a4/S/V2WHiMyw8dZLSWTVGq5JIi4
3wi0nbWe3QJJU+6/+zJPA27+ijT77xmqcNgmAwCurpN2gcySssL+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:24 2024 by rpki-client on console-fra.rpki-client.org