Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/yGFSEzRF2bZC83Y6b4IvX8BVeOk.roa
File: yGFSEzRF2bZC83Y6b4IvX8BVeOk.roa (raw, json)
Hash identifier: qLlH2OiTYalbyphGuCx031NanS1NiT8++HiPv/NNkag=
Subject key identifier: C8:61:52:13:34:45:D9:B6:42:F3:76:3A:6F:82:2F:5F:C0:55:78:E9
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 0184BE7E531784F525F7B3F65A514B19055F
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/yGFSEzRF2bZC83Y6b4IvX8BVeOk.roa
Signing time: Mon 28 Nov 2022 13:47:40 +0000
ROA not before: Mon 28 Nov 2022 13:47:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 81.29.145.0/24 maxlen: 24
81.29.151.0/24 maxlen: 24
81.29.148.0/24 maxlen: 24
81.29.158.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:be:7e:53:17:84:f5:25:f7:b3:f6:5a:51:4b:19:05:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Nov 28 13:47:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c86152133445d9b642f3763a6f822f5fc05578e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f1:c4:07:a3:75:41:53:2d:c6:02:4b:ed:7a:
d5:61:cd:1f:10:f9:9a:f8:5c:76:6e:95:6f:81:00:
66:9b:ef:cd:64:fe:67:e8:91:c0:31:81:94:01:1c:
b7:fb:28:31:84:b7:1f:06:71:9a:2f:69:49:ac:76:
0c:61:1a:7e:24:b2:d7:c7:ef:40:3a:0d:73:e2:e4:
f6:3e:04:81:69:05:b5:2c:67:1a:ad:05:c6:26:22:
6a:87:85:78:96:c4:cb:6e:db:af:f7:61:38:1b:ef:
03:a2:be:77:9e:17:2a:91:3e:5e:57:53:a3:34:d4:
55:98:af:8c:8e:84:c9:d5:d0:22:6c:fc:1e:c2:a9:
ad:75:5d:75:25:45:ce:f5:af:86:9c:26:b3:15:da:
16:28:09:88:68:93:33:7f:d9:d5:47:67:31:59:7a:
4b:2e:50:6f:bb:7c:55:24:fa:3d:d9:3e:52:46:cc:
5a:7d:8d:da:30:99:7b:19:57:15:7d:72:10:6b:73:
40:a6:9e:0a:30:88:78:a9:47:ce:05:a9:63:97:6c:
21:a5:c7:2b:a8:62:8d:76:3d:fb:5e:4f:7a:09:e3:
ed:98:fc:74:d0:d5:55:f8:7e:97:a6:b2:f5:cb:98:
cd:43:e6:44:fa:0b:4c:a6:09:62:28:12:ef:72:f6:
5c:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:61:52:13:34:45:D9:B6:42:F3:76:3A:6F:82:2F:5F:C0:55:78:E9
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/yGFSEzRF2bZC83Y6b4IvX8BVeOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.29.145.0/24
81.29.148.0/24
81.29.151.0/24
81.29.158.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:ed:3a:77:17:f6:74:ee:6d:04:f5:2e:34:36:4d:a9:12:0c:
eb:87:06:be:0a:ef:63:48:e3:72:d0:1d:21:bb:45:55:92:8b:
1f:7b:aa:df:11:09:40:d4:ac:e5:36:0f:4f:62:c6:27:0d:c4:
fb:89:a4:c2:56:a3:20:ac:df:cf:00:30:ac:d2:b2:3d:14:23:
73:25:ee:16:3b:dc:34:01:1c:17:7b:9a:95:68:b9:20:d1:31:
1f:29:8d:d8:87:39:9b:8f:26:35:6c:63:f1:60:3c:cf:6e:1f:
36:1d:ae:cf:5b:3a:19:e2:6f:0e:37:46:f7:28:fb:ac:a4:66:
70:03:ae:e0:85:cc:65:04:65:bd:2f:82:a4:94:de:5d:58:41:
99:af:2d:8f:7e:18:68:0b:8b:6b:2f:1e:56:a1:c4:7b:df:d5:
46:b0:73:04:05:9a:ad:a1:ea:0d:0b:7e:cf:f9:62:c3:85:d3:
ef:b0:37:da:b9:3b:a2:3e:1b:ce:fa:b2:3b:bc:58:1d:31:90:
fe:c2:0f:12:e3:bb:f6:64:07:b0:e0:bf:29:95:a4:70:2e:69:
9f:ba:79:70:5d:25:54:6c:97:ed:08:93:ae:98:cb:e1:8e:a6:
15:d7:7e:9e:5a:c0:c7:a0:49:ed:01:5c:96:c4:37:67:16:c7:
e9:1d:76:13
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYS+flMXhPUl97P2WlFLGQVfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjIxMTI4MTM0NzQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODYxNTIxMzM0NDVkOWI2NDJmMzc2M2E2ZjgyMmY1ZmMwNTU3OGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPHEB6N1QVMtxgJL7XrVYc0fEPma
+Fx2bpVvgQBmm+/NZP5n6JHAMYGUARy3+ygxhLcfBnGaL2lJrHYMYRp+JLLXx+9A
Og1z4uT2PgSBaQW1LGcarQXGJiJqh4V4lsTLbtuv92E4G+8Dor53nhcqkT5eV1Oj
NNRVmK+MjoTJ1dAibPwewqmtdV11JUXO9a+GnCazFdoWKAmIaJMzf9nVR2cxWXpL
LlBvu3xVJPo92T5SRsxafY3aMJl7GVcVfXIQa3NApp4KMIh4qUfOBaljl2whpccr
qGKNdj37Xk96CePtmPx00NVV+H6XprL1y5jNQ+ZE+gtMpgliKBLvcvZc4QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMhhUhM0Rdm2QvN2Om+CL1/AVXjpMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEveUdGU0V6UkYyYlpDODNZNmI0SXZYOEJWZU9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUR2RAwQA
UR2UAwQAUR2XAwQAUR2eMA0GCSqGSIb3DQEBCwUAA4IBAQAd7Tp3F/Z07m0E9S40
Nk2pEgzrhwa+Cu9jSONy0B0hu0VVkosfe6rfEQlA1KzlNg9PYsYnDcT7iaTCVqMg
rN/PADCs0rI9FCNzJe4WO9w0ARwXe5qVaLkg0TEfKY3YhzmbjyY1bGPxYDzPbh82
Ha7PWzoZ4m8ON0b3KPuspGZwA67ghcxlBGW9L4KklN5dWEGZry2PfhhoC4trLx5W
ocR739VGsHMEBZqtoeoNC37P+WLDhdPvsDfauTuiPhvO+rI7vFgdMZD+wg8S47v2
ZAew4L8plaRwLmmfunlwXSVUbJftCJOumMvhjqYV136eWsDHoEntAVyWxDdnFsfp
HXYT
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:56 2023 by rpki-client on console-fra.rpki-client.org