Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/T338t69ARAs7QtThIkOL8bSSPJI.roa
File: T338t69ARAs7QtThIkOL8bSSPJI.roa (raw, json)
Hash identifier: xER/KiYiIYtj33WkxV+ZSE7ojidCWXbvvAoOmA0Pyrg=
Subject key identifier: 4F:7D:FC:B7:AF:40:44:0B:3B:42:D4:E1:22:43:8B:F1:B4:92:3C:92
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 0183AC8FDED09D6F6F9C37F766808102A7B3
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/T338t69ARAs7QtThIkOL8bSSPJI.roa
Signing time: Thu 06 Oct 2022 09:10:53 +0000
ROA not before: Thu 06 Oct 2022 09:10:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 40676
IP address blocks: 80.71.231.0/24 maxlen: 24
80.71.233.0/24 maxlen: 24
80.71.236.0/24 maxlen: 24
80.71.237.0/24 maxlen: 24
80.71.234.0/24 maxlen: 24
81.29.146.0/24 maxlen: 24
81.29.157.0/24 maxlen: 24
81.29.156.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ac:8f:de:d0:9d:6f:6f:9c:37:f7:66:80:81:02:a7:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Oct 6 09:10:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4f7dfcb7af40440b3b42d4e122438bf1b4923c92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:3c:5e:21:0f:bc:0b:e6:09:89:a4:dc:1e:d1:
93:4f:90:86:06:90:0d:a8:c8:10:2a:0b:da:c7:97:
b0:c5:c5:46:51:ed:09:cc:3f:3e:e8:c1:bc:a4:99:
f8:34:84:a9:72:9c:af:00:47:87:4c:6d:a8:82:64:
b8:23:73:d3:ca:6f:ad:f4:bc:bf:3d:ac:b3:87:c1:
94:6e:0e:49:6f:9b:78:ab:d5:1f:41:ae:5b:84:a7:
d4:90:60:74:6b:c0:3b:3d:9b:78:a6:c7:f2:e1:2e:
cd:74:6b:fa:ba:dd:04:6c:42:fa:8f:86:ab:86:d2:
67:65:58:1a:1a:9c:72:de:1b:6d:2f:99:d0:64:cc:
55:c3:87:ab:d6:04:e0:2f:95:ec:69:54:e5:49:87:
e2:92:96:19:77:be:63:0a:45:c3:eb:fa:a6:46:0a:
11:52:91:c0:4e:37:59:de:4f:d0:6c:06:69:9b:f2:
c0:d9:68:32:49:1f:07:f1:19:71:b2:14:c3:e4:c5:
4d:b1:57:1f:1c:61:60:98:fc:05:08:13:d7:7d:87:
e2:b5:a9:96:ad:c6:b8:ed:c2:c7:b1:b2:38:0f:c5:
46:de:e4:ec:3a:b7:0b:17:3e:5f:f5:04:e4:60:d7:
46:71:83:24:81:75:dd:3f:28:f1:c2:46:26:60:e9:
48:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:7D:FC:B7:AF:40:44:0B:3B:42:D4:E1:22:43:8B:F1:B4:92:3C:92
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/T338t69ARAs7QtThIkOL8bSSPJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.71.231.0/24
80.71.233.0-80.71.234.255
80.71.236.0/23
81.29.146.0/24
81.29.156.0/23
Signature Algorithm: sha256WithRSAEncryption
9d:ab:a7:21:bb:ac:0b:b5:15:77:71:79:96:ed:b1:70:0b:65:
04:6c:92:56:58:35:65:20:08:4b:1a:da:49:49:1c:dd:f7:4d:
35:ac:50:c0:9d:05:02:2f:92:a6:5c:02:f0:5a:04:50:3c:62:
bd:6f:f9:80:36:3a:f7:16:0d:35:4e:d8:ba:d6:cd:e2:7f:21:
61:64:52:b6:3d:77:df:88:b1:7c:35:44:51:be:e5:af:7b:cf:
4b:41:89:e0:97:7c:83:70:76:f9:1a:86:c8:5e:1e:c9:21:56:
f4:e7:b0:66:31:ea:33:2a:0b:27:c0:6a:ce:5e:7c:fd:ac:9c:
ec:b2:03:ef:c8:5f:c4:6c:5b:5c:0c:d0:a0:dc:04:fa:40:7c:
65:61:24:97:6e:d8:f8:96:55:17:96:2e:47:74:77:d4:f4:b8:
17:f2:ff:9a:8b:3a:66:cb:bc:70:03:17:26:aa:48:7a:c8:48:
7e:85:a9:22:64:b2:2d:b6:8f:6b:9c:e2:a3:9d:5b:47:c1:2d:
19:6f:3c:46:29:64:76:a2:82:46:99:1c:e6:37:44:c0:0e:0a:
08:1c:27:9c:0a:e2:d6:9b:43:eb:e7:d2:51:c1:46:39:86:47:
83:98:f3:3a:bf:12:da:c9:58:d0:fb:43:ad:c5:87:da:9a:d5:
2c:c9:c6:e9
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYOsj97QnW9vnDf3ZoCBAqezMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjIxMDA2MDkxMDUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjdkZmNiN2FmNDA0NDBiM2I0MmQ0ZTEyMjQzOGJmMWI0OTIzYzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDxeIQ+8C+YJiaTcHtGTT5CGBpAN
qMgQKgvax5ewxcVGUe0JzD8+6MG8pJn4NISpcpyvAEeHTG2ogmS4I3PTym+t9Ly/
Payzh8GUbg5Jb5t4q9UfQa5bhKfUkGB0a8A7PZt4psfy4S7NdGv6ut0EbEL6j4ar
htJnZVgaGpxy3httL5nQZMxVw4er1gTgL5XsaVTlSYfikpYZd75jCkXD6/qmRgoR
UpHATjdZ3k/QbAZpm/LA2WgySR8H8RlxshTD5MVNsVcfHGFgmPwFCBPXfYfitamW
rca47cLHsbI4D8VG3uTsOrcLFz5f9QTkYNdGcYMkgXXdPyjxwkYmYOlISwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFE99/LevQEQLO0LU4SJDi/G0kjySMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvVDMzOHQ2OUFSQXM3UXRUaElrT0w4YlNTUEpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAUEfnMAwD
BABQR+kDBABQR+oDBAFQR+wDBABRHZIDBAFRHZwwDQYJKoZIhvcNAQELBQADggEB
AJ2rpyG7rAu1FXdxeZbtsXALZQRsklZYNWUgCEsa2klJHN33TTWsUMCdBQIvkqZc
AvBaBFA8Yr1v+YA2OvcWDTVO2LrWzeJ/IWFkUrY9d9+IsXw1RFG+5a97z0tBieCX
fINwdvkahsheHskhVvTnsGYx6jMqCyfAas5efP2snOyyA+/IX8RsW1wM0KDcBPpA
fGVhJJdu2PiWVReWLkd0d9T0uBfy/5qLOmbLvHADFyaqSHrISH6FqSJksi22j2uc
4qOdW0fBLRlvPEYpZHaigkaZHOY3RMAOCggcJ5wK4tabQ+vn0lHBRjmGR4OY8zq/
EtrJWND7Q63Fh9qa1SzJxuk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:39 2024 by rpki-client on console-fra.rpki-client.org