Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/bV1tFHCg45UWMZADj6KcwVsYbCc.roa
File: bV1tFHCg45UWMZADj6KcwVsYbCc.roa (raw, json)
Hash identifier: Go9MJtHcvMFiVspVC1AN5UrvtJxVv2zXTYDsLIE8Bvc=
Subject key identifier: 6D:5D:6D:14:70:A0:E3:95:16:31:90:03:8F:A2:9C:C1:5B:18:6C:27
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 018529609BD68A430C7D3C66158C818C5A7E
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/bV1tFHCg45UWMZADj6KcwVsYbCc.roa
Signing time: Mon 19 Dec 2022 07:54:35 +0000
ROA not before: Mon 19 Dec 2022 07:54:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398343
IP address blocks: 81.29.150.0/24 maxlen: 24
81.29.147.0/24 maxlen: 24
81.29.149.0/24 maxlen: 24
81.29.155.0/24 maxlen: 24
81.29.159.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:29:60:9b:d6:8a:43:0c:7d:3c:66:15:8c:81:8c:5a:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Dec 19 07:54:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6d5d6d1470a0e395163190038fa29cc15b186c27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e8:ae:59:b7:e5:19:d3:08:90:64:6a:62:75:
14:88:c2:56:b3:0e:10:ab:5d:52:e7:09:26:2e:d7:
eb:71:4b:d3:59:4a:44:ee:5b:33:25:03:e0:2b:b2:
29:aa:74:49:fc:ba:3f:44:ad:ad:95:ca:c8:04:0f:
cc:89:cf:a6:0e:a5:6f:82:f1:11:55:e6:7b:5c:6f:
5b:1e:44:48:3a:b0:3b:a7:4e:3f:27:65:8a:b0:cf:
f9:d7:c0:0c:a1:a1:d0:eb:68:b1:fc:97:3a:e7:73:
92:71:5d:36:1b:e1:e6:aa:42:ee:05:05:5f:c7:3b:
8e:66:b8:ff:01:04:ca:00:91:c6:c1:ec:1b:3a:81:
4a:ee:a4:53:aa:c4:02:8d:a9:45:07:03:98:db:0e:
d5:68:f3:78:f3:0d:ec:8f:f8:a8:84:b8:34:d5:3c:
ba:36:fc:6b:52:11:cb:64:77:53:24:aa:e7:22:66:
5b:17:a6:fd:1d:68:e8:e8:2b:40:e6:1c:3e:16:a5:
b9:a5:b1:74:1c:f7:4e:6b:60:12:ee:36:f9:b2:a5:
8d:c6:d4:e9:30:62:e4:e3:d0:34:2b:dc:98:e7:e2:
6c:ba:78:4e:70:a3:7a:bc:9a:ad:f7:e3:5a:21:92:
a8:79:6a:7d:d2:8a:f3:d8:fa:b9:44:a3:59:d0:41:
22:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:5D:6D:14:70:A0:E3:95:16:31:90:03:8F:A2:9C:C1:5B:18:6C:27
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/bV1tFHCg45UWMZADj6KcwVsYbCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.29.147.0/24
81.29.149.0-81.29.150.255
81.29.155.0/24
81.29.159.0/24
Signature Algorithm: sha256WithRSAEncryption
59:8d:82:ef:56:2f:e0:4f:18:53:b5:56:69:95:c8:5f:7c:99:
86:4b:a7:55:76:98:45:e6:d2:46:09:7f:cd:7d:0a:53:9c:57:
f1:20:64:26:9a:c6:9f:d7:e0:4e:7a:27:f7:1c:46:f7:fb:ee:
1c:cc:40:32:c6:c5:f0:b5:36:68:57:fe:52:3f:6a:80:b8:58:
f0:af:5d:08:01:64:77:c4:98:c6:1d:10:6a:34:02:6f:b5:d5:
76:c6:be:f1:85:e6:50:bd:30:a6:e9:ef:17:9a:90:bd:de:f7:
a6:2d:a7:cd:02:d1:f6:cb:4b:05:25:c9:ce:32:86:20:1a:6e:
5c:c4:34:a8:81:c9:c0:f4:1d:ca:aa:a0:45:41:a2:70:25:8d:
75:3c:b1:2a:81:13:65:8f:aa:c2:f8:41:35:47:06:59:61:06:
7b:b7:ed:60:c8:fa:ed:f7:00:03:7f:30:39:50:10:d8:3a:6b:
4e:bb:85:93:37:b3:7c:fc:3c:bb:4e:8e:1a:89:73:76:fd:5f:
d9:9e:50:c6:05:e4:6f:0b:74:04:03:a1:17:1f:3f:2d:15:d7:
dd:61:59:50:a8:4b:21:d2:8c:2f:71:1c:9e:55:d0:f0:be:f8:
e9:46:17:16:cb:e8:c9:97:84:d5:07:49:d1:64:44:0c:53:3b:
9b:83:72:67
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYUpYJvWikMMfTxmFYyBjFp+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjIxMjE5MDc1NDM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDVkNmQxNDcwYTBlMzk1MTYzMTkwMDM4ZmEyOWNjMTViMTg2YzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+iuWbflGdMIkGRqYnUUiMJWsw4Q
q11S5wkmLtfrcUvTWUpE7lszJQPgK7IpqnRJ/Lo/RK2tlcrIBA/Mic+mDqVvgvER
VeZ7XG9bHkRIOrA7p04/J2WKsM/518AMoaHQ62ix/Jc653OScV02G+HmqkLuBQVf
xzuOZrj/AQTKAJHGwewbOoFK7qRTqsQCjalFBwOY2w7VaPN48w3sj/iohLg01Ty6
NvxrUhHLZHdTJKrnImZbF6b9HWjo6CtA5hw+FqW5pbF0HPdOa2AS7jb5sqWNxtTp
MGLk49A0K9yY5+JsunhOcKN6vJqt9+NaIZKoeWp90orz2Pq5RKNZ0EEi8QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFG1dbRRwoOOVFjGQA4+inMFbGGwnMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvYlYxdEZIQ2c0NVVXTVpBRGo2S2N3VnNZYkNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAUR2TMAwD
BABRHZUDBABRHZYDBABRHZsDBABRHZ8wDQYJKoZIhvcNAQELBQADggEBAFmNgu9W
L+BPGFO1VmmVyF98mYZLp1V2mEXm0kYJf819ClOcV/EgZCaaxp/X4E56J/ccRvf7
7hzMQDLGxfC1NmhX/lI/aoC4WPCvXQgBZHfEmMYdEGo0Am+11XbGvvGF5lC9MKbp
7xeakL3e96Ytp80C0fbLSwUlyc4yhiAablzENKiBycD0HcqqoEVBonAljXU8sSqB
E2WPqsL4QTVHBllhBnu37WDI+u33AAN/MDlQENg6a067hZM3s3z8PLtOjhqJc3b9
X9meUMYF5G8LdAQDoRcfPy0V191hWVCoSyHSjC9xHJ5V0PC++OlGFxbL6MmXhNUH
SdFkRAxTO5uDcmc=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:33 2023 by rpki-client on console-ams.rpki-client.org