Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/9FKhhAGMFb8QuraAYgMLRaHcgk0.roa
File: 9FKhhAGMFb8QuraAYgMLRaHcgk0.roa (raw, json)
Hash identifier: pJXKLpmBkYmDrKrKeBrfgc89UYzFFriBFe7529fRvW4=
Subject key identifier: F4:52:A1:84:01:8C:15:BF:10:BA:B6:80:62:03:0B:45:A1:DC:82:4D
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 44719569
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/9FKhhAGMFb8QuraAYgMLRaHcgk0.roa
Signing time: Sat 01 Jan 2022 03:58:19 +0000
ROA not before: Sat 01 Jan 2022 03:58:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 10031
IP address blocks: 81.52.240.0/22 maxlen: 24
81.52.244.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1148294505 (0x44719569)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 03:58:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f452a184018c15bf10bab68062030b45a1dc824d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:24:2b:dd:74:97:ec:ef:00:05:b6:fd:a3:09:
c9:cb:17:af:2d:42:08:b6:ae:1c:47:24:e2:09:3b:
3c:35:93:f6:0d:69:aa:c7:b2:37:b2:52:6e:b8:47:
b5:51:63:88:ec:29:e4:85:c3:77:1e:78:9f:9f:8a:
a9:1c:4a:4b:63:be:e1:60:37:bb:2d:ec:97:55:5b:
80:c5:ba:a0:f0:13:81:69:dd:b4:9a:e9:2e:a9:b2:
97:ef:0d:7a:7f:32:48:c1:b2:fb:5f:7a:61:bf:8b:
14:c1:0c:bb:63:00:0d:d9:92:03:68:8d:8f:cf:0b:
1e:12:06:e6:56:d5:b0:67:bf:58:17:b9:13:95:cb:
4c:0b:3f:2c:2a:d9:e7:5f:9e:6e:7a:9b:7d:8a:f0:
52:8c:5f:af:a1:b5:fd:64:2c:51:e3:6c:e1:f7:0c:
8a:61:84:06:72:ab:65:4b:fd:e9:74:b8:98:8e:cb:
c6:8d:ff:59:20:e3:f3:e9:a1:96:3d:6f:04:b4:14:
e3:8f:2e:48:ff:23:3c:c0:db:f8:da:aa:c5:2b:da:
7b:8f:05:cb:08:90:b4:56:eb:13:d6:e9:19:a4:18:
69:b6:df:a3:24:a3:d4:d6:ef:2f:26:67:a3:0c:a8:
bb:d7:6a:07:85:5a:95:f4:13:45:28:f3:17:0f:94:
51:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:52:A1:84:01:8C:15:BF:10:BA:B6:80:62:03:0B:45:A1:DC:82:4D
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/9FKhhAGMFb8QuraAYgMLRaHcgk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.52.240.0/21
Signature Algorithm: sha256WithRSAEncryption
5a:25:53:30:e9:bd:83:60:95:a9:48:eb:64:66:be:de:a5:63:
dd:7d:9a:02:0d:45:6a:3f:92:be:65:9f:3e:5b:d3:29:22:c5:
8b:e3:a2:33:16:51:32:06:d6:0c:87:67:01:0e:05:8c:73:ac:
84:6b:31:f9:cb:19:89:c1:67:31:23:ef:c7:af:ac:f4:13:23:
2d:d3:57:09:a9:98:80:64:18:09:24:dd:2f:2f:d6:8c:ae:29:
87:78:c7:e7:19:6f:91:58:38:02:d5:9d:65:91:0c:66:77:99:
ec:0b:2c:bf:2c:df:e1:b0:d1:19:20:be:80:a2:f3:dc:32:7d:
0c:16:a0:cb:aa:32:85:2a:cf:77:24:86:cd:5e:a4:f3:ae:8c:
a9:2f:84:d4:49:0e:eb:2d:b0:f4:83:4c:a4:a0:e2:d3:6f:ff:
05:7e:63:82:1f:f1:ea:79:ab:f6:41:a9:f8:12:dd:6b:01:c8:
3f:f7:d1:db:f6:78:0e:13:bf:cc:7d:76:03:ae:6c:2a:4f:e5:
a5:8a:71:ff:ce:d9:03:da:a4:b3:9e:54:7d:0a:cb:c8:b4:5f:
70:4f:c6:33:b2:a0:a9:ed:86:fd:9e:38:73:21:24:fa:e8:12:
37:97:cd:c3:10:46:5a:04:a9:fb:e6:83:ee:c9:d8:1a:e5:a1:
b5:c4:eb:fd
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIERHGVaTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YWYwOWJhMzNiNWFlNTgxYjBkMjkzMjMyNDkzMTRmNzZhYTEwNTExMB4XDTIyMDEw
MTAzNTgxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjQ1MmExODQwMThj
MTViZjEwYmFiNjgwNjIwMzBiNDVhMWRjODI0ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKAkK910l+zvAAW2/aMJycsXry1CCLauHEck4gk7PDWT9g1p
qseyN7JSbrhHtVFjiOwp5IXDdx54n5+KqRxKS2O+4WA3uy3sl1VbgMW6oPATgWnd
tJrpLqmyl+8Nen8ySMGy+196Yb+LFMEMu2MADdmSA2iNj88LHhIG5lbVsGe/WBe5
E5XLTAs/LCrZ51+ebnqbfYrwUoxfr6G1/WQsUeNs4fcMimGEBnKrZUv96XS4mI7L
xo3/WSDj8+mhlj1vBLQU448uSP8jPMDb+NqqxSvae48FywiQtFbrE9bpGaQYabbf
oySj1NbvLyZnowyou9dqB4ValfQTRSjzFw+UUU0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT0UqGEAYwVvxC6toBiAwtFodyCTTAfBgNVHSMEGDAWgBQ68JujO1rlgbDS
kyMkkxT3aqEFETAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L092Q2JvenRhNVlHdzBwTWpKSk1VOTJxaEJSRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmIvMzNkNWQxLWM0NTAtNDEzYi1hZmU0LTQ1OTM1ZjUwNmExMi8x
LzlGS2hoQUdNRmI4UXVyYUFZZ01MUmFIY2drMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmIv
MzNkNWQxLWM0NTAtNDEzYi1hZmU0LTQ1OTM1ZjUwNmExMi8xL092Q2JvenRhNVlH
dzBwTWpKSk1VOTJxaEJSRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA1E08DANBgkqhkiG9w0BAQsFAAOC
AQEAWiVTMOm9g2CVqUjrZGa+3qVj3X2aAg1Faj+SvmWfPlvTKSLFi+OiMxZRMgbW
DIdnAQ4FjHOshGsx+csZicFnMSPvx6+s9BMjLdNXCamYgGQYCSTdLy/WjK4ph3jH
5xlvkVg4AtWdZZEMZneZ7Assvyzf4bDRGSC+gKLz3DJ9DBagy6oyhSrPdySGzV6k
866MqS+E1EkO6y2w9INMpKDi02//BX5jgh/x6nmr9kGp+BLdawHIP/fR2/Z4DhO/
zH12A65sKk/lpYpx/87ZA9qks55UfQrLyLRfcE/GM7Kgqe2G/Z44cyEk+ugSN5fN
wxBGWgSp++aD7snYGuWhtcTr/Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:51 2024 by rpki-client on console-fra.rpki-client.org