Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/hGBbl8vUuN0IZiad6xT_qEgsbCg.roa
File: hGBbl8vUuN0IZiad6xT_qEgsbCg.roa (raw, json)
Hash identifier: vHt3lJy32wRGmxBpQ5LfURpcbFPH8OGj8yGC3jR3mDI=
Subject key identifier: 84:60:5B:97:CB:D4:B8:DD:08:66:26:9D:EB:14:FF:A8:48:2C:6C:28
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 0183CC401A6BF7F28105DD5117B348D611A3
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/hGBbl8vUuN0IZiad6xT_qEgsbCg.roa
Signing time: Wed 12 Oct 2022 12:51:36 +0000
ROA not before: Wed 12 Oct 2022 12:51:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398343
IP address blocks: 81.29.145.0/24 maxlen: 24
81.29.151.0/24 maxlen: 24
81.29.150.0/24 maxlen: 24
81.29.148.0/24 maxlen: 24
81.29.147.0/24 maxlen: 24
81.29.149.0/24 maxlen: 24
81.29.155.0/24 maxlen: 24
81.29.158.0/24 maxlen: 24
81.29.159.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:cc:40:1a:6b:f7:f2:81:05:dd:51:17:b3:48:d6:11:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Oct 12 12:51:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=84605b97cbd4b8dd0866269deb14ffa8482c6c28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:c1:b9:76:d1:f5:b1:a6:aa:f7:44:3b:cc:5e:
bd:96:b4:0e:a2:a5:b9:aa:2d:36:07:25:a9:84:6f:
0b:2b:89:05:af:79:78:65:1e:8e:1b:af:b2:a6:55:
7a:dc:d1:cb:a1:81:ad:a2:7f:15:52:65:c3:bf:6c:
91:11:55:1b:e2:7f:52:22:cc:fd:f9:51:c8:a2:99:
fa:b6:2f:16:91:9f:72:45:e4:6b:82:d8:20:a0:59:
f8:37:16:31:1a:56:d1:25:17:50:bb:4a:dd:09:ea:
eb:fb:ca:2f:fc:b8:2a:36:a9:27:94:c4:39:ae:e8:
d7:51:31:99:a5:df:5f:5f:c2:70:cc:00:d8:7b:ad:
54:57:cb:d3:ec:ca:3f:73:9a:3d:f8:de:d8:4d:60:
f5:fb:58:76:e6:92:3f:48:6a:d6:7e:9c:51:f6:7c:
43:e4:34:55:5b:4b:ed:61:39:e3:c1:08:2a:0e:25:
19:13:eb:28:09:3f:1a:5a:cf:b5:76:49:db:7f:4d:
0c:70:da:64:e8:f3:3a:c1:06:b3:09:09:f0:5d:f6:
d8:98:c3:e9:5b:da:c8:38:ba:87:66:17:e2:27:9e:
9b:fa:4a:29:2c:54:eb:81:86:28:49:10:a1:6d:ee:
e3:45:77:35:ce:15:56:05:e1:b3:bd:32:8d:26:70:
7c:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:60:5B:97:CB:D4:B8:DD:08:66:26:9D:EB:14:FF:A8:48:2C:6C:28
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/hGBbl8vUuN0IZiad6xT_qEgsbCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.29.145.0/24
81.29.147.0-81.29.151.255
81.29.155.0/24
81.29.158.0/23
Signature Algorithm: sha256WithRSAEncryption
51:69:71:c1:c9:db:e4:66:eb:82:b2:1b:0f:73:3b:1a:80:ac:
13:46:d6:db:d2:71:fc:5d:e4:fd:43:82:f8:eb:87:84:8b:80:
57:f9:dd:9e:30:fb:8e:b0:62:a5:70:ce:d7:eb:2c:5e:e0:77:
db:9a:a7:d6:f6:fa:af:58:ac:41:97:c3:4c:f6:51:6d:6d:d5:
2e:28:30:8c:22:8f:5c:8c:9f:a3:40:e5:7b:8a:f5:68:3f:0c:
f2:d3:75:59:d6:20:9f:c9:c1:64:09:e3:0b:9d:13:68:c1:ba:
3b:0e:90:7f:fc:bd:49:97:c7:07:9b:4c:07:e8:1c:b2:3a:10:
3f:43:cb:7c:97:00:9e:55:fa:20:89:42:23:cf:09:af:b1:f5:
d7:74:4d:f0:aa:57:7f:97:23:c5:f1:15:5b:6b:d5:1a:a4:21:
3a:84:86:f2:96:69:b2:c6:98:ab:37:9e:6c:68:3a:ae:31:4f:
2b:7b:c3:79:83:0f:79:e3:4c:20:cc:47:b8:60:49:b7:9f:69:
c7:f2:a4:68:44:1a:7f:d6:9b:76:93:a1:7d:30:3f:d0:33:04:
e8:a6:cf:24:a9:1e:ec:a9:57:06:b7:7b:2e:55:b9:3e:b1:53:
ec:4c:86:7d:f0:2e:e8:4c:d8:a4:f1:b3:61:25:2b:68:4c:d9:
8d:fb:08:99
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYPMQBpr9/KBBd1RF7NI1hGjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjIxMDEyMTI1MTM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDYwNWI5N2NiZDRiOGRkMDg2NjI2OWRlYjE0ZmZhODQ4MmM2YzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8G5dtH1saaq90Q7zF69lrQOoqW5
qi02ByWphG8LK4kFr3l4ZR6OG6+yplV63NHLoYGton8VUmXDv2yREVUb4n9SIsz9
+VHIopn6ti8WkZ9yReRrgtggoFn4NxYxGlbRJRdQu0rdCerr+8ov/LgqNqknlMQ5
rujXUTGZpd9fX8JwzADYe61UV8vT7Mo/c5o9+N7YTWD1+1h25pI/SGrWfpxR9nxD
5DRVW0vtYTnjwQgqDiUZE+soCT8aWs+1dknbf00McNpk6PM6wQazCQnwXfbYmMPp
W9rIOLqHZhfiJ56b+kopLFTrgYYoSRChbe7jRXc1zhVWBeGzvTKNJnB8TwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFIRgW5fL1LjdCGYmnesU/6hILGwoMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvaEdCYmw4dlV1TjBJWmlhZDZ4VF9xRWdzYkNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAUR2RMAwD
BABRHZMDBANRHZADBABRHZsDBAFRHZ4wDQYJKoZIhvcNAQELBQADggEBAFFpccHJ
2+Rm64KyGw9zOxqArBNG1tvScfxd5P1Dgvjrh4SLgFf53Z4w+46wYqVwztfrLF7g
d9uap9b2+q9YrEGXw0z2UW1t1S4oMIwij1yMn6NA5XuK9Wg/DPLTdVnWIJ/JwWQJ
4wudE2jBujsOkH/8vUmXxwebTAfoHLI6ED9Dy3yXAJ5V+iCJQiPPCa+x9dd0TfCq
V3+XI8XxFVtr1RqkITqEhvKWabLGmKs3nmxoOq4xTyt7w3mDD3njTCDMR7hgSbef
acfypGhEGn/Wm3aToX0wP9AzBOimzySpHuypVwa3ey5VuT6xU+xMhn3wLuhM2KTx
s2ElK2hM2Y37CJk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:56 2023 by rpki-client on console-fra.rpki-client.org