Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/05e814-cac4-41a8-875e-410c671e7577/1/AFEb1G8d0NZz0ope3SMZVk97UCE.roa
File: AFEb1G8d0NZz0ope3SMZVk97UCE.roa (raw, json)
Hash identifier: rjySfw9lwftCxEKzZ2ZjL/sxgqIAfMGzAhiBvSxS+xg=
Subject key identifier: 00:51:1B:D4:6F:1D:D0:D6:73:D2:8A:5E:DD:23:19:56:4F:7B:50:21
Certificate issuer: /CN=7d92b67475270755136a8a3ca802ca12c8ac7e77
Certificate serial: 01831682F142C5C83BA3C2F7D48A306155AF
Authority key identifier: 7D:92:B6:74:75:27:07:55:13:6A:8A:3C:A8:02:CA:12:C8:AC:7E:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fZK2dHUnB1UTaoo8qALKEsisfnc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/05e814-cac4-41a8-875e-410c671e7577/1/AFEb1G8d0NZz0ope3SMZVk97UCE.roa
Signing time: Wed 07 Sep 2022 05:53:43 +0000
ROA not before: Wed 07 Sep 2022 05:53:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39719
IP address blocks: 81.23.92.0/22 maxlen: 22
81.23.84.0/22 maxlen: 22
81.23.84.0/23 maxlen: 23
81.23.88.0/22 maxlen: 22
2a12:1d40:1::/48 maxlen: 48
2a12:1d40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:16:82:f1:42:c5:c8:3b:a3:c2:f7:d4:8a:30:61:55:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d92b67475270755136a8a3ca802ca12c8ac7e77
Validity
Not Before: Sep 7 05:53:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=00511bd46f1dd0d673d28a5edd2319564f7b5021
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a8:2d:91:7e:5b:9b:3c:73:06:99:7d:8b:ae:
a9:9f:94:a2:7e:9a:87:0e:ff:58:5f:9e:78:0e:77:
51:41:1f:0c:b4:7d:63:b8:26:f0:ea:3c:f8:9d:f0:
14:64:46:3f:05:4f:86:8a:e3:69:46:90:a6:6f:2e:
11:38:99:c6:81:67:83:30:74:73:f8:df:7f:14:dc:
f5:7e:26:7d:46:e3:13:e2:cb:74:a7:89:a9:79:a5:
c6:b2:d9:8f:a4:73:84:5d:25:65:b7:1e:6e:b3:0e:
cb:0a:eb:31:16:52:d2:36:55:7b:7f:48:91:87:6b:
7c:04:62:29:0b:be:85:01:1c:ce:38:c4:b2:51:98:
30:82:03:00:34:23:f4:e7:fd:7a:17:60:97:4d:11:
fa:9b:79:d5:2d:da:14:6d:4e:2c:e5:84:1c:f9:1f:
47:ba:6a:50:db:e1:90:e5:09:7b:5f:73:65:5d:2a:
c4:dc:b9:66:c8:25:37:c3:77:43:6f:c6:92:42:c6:
3c:0b:be:89:9d:c9:65:db:e0:ae:5b:b0:55:9c:82:
96:e8:a4:fb:2b:86:c2:ac:27:22:7b:96:82:b0:5f:
50:19:9b:c5:2a:d4:77:20:e2:00:09:bf:ab:58:bb:
94:17:0a:56:ef:a2:34:69:4e:5a:1d:6e:ac:26:9d:
05:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:51:1B:D4:6F:1D:D0:D6:73:D2:8A:5E:DD:23:19:56:4F:7B:50:21
X509v3 Authority Key Identifier:
keyid:7D:92:B6:74:75:27:07:55:13:6A:8A:3C:A8:02:CA:12:C8:AC:7E:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fZK2dHUnB1UTaoo8qALKEsisfnc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/05e814-cac4-41a8-875e-410c671e7577/1/AFEb1G8d0NZz0ope3SMZVk97UCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/05e814-cac4-41a8-875e-410c671e7577/1/fZK2dHUnB1UTaoo8qALKEsisfnc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.23.84.0-81.23.95.255
IPv6:
2a12:1d40::/29
Signature Algorithm: sha256WithRSAEncryption
9e:69:fc:01:8b:ab:e6:d2:45:bc:6b:cd:b7:72:0c:80:82:d1:
49:74:12:63:89:36:78:dd:4a:c1:cb:43:bc:0d:55:94:0c:34:
18:86:a7:44:31:42:a2:8e:8c:ff:4b:42:d6:04:56:c3:60:71:
a4:66:c8:5c:13:28:81:57:e9:1f:d0:c9:c2:15:ab:83:a2:61:
73:54:7c:50:8f:ff:13:e8:cd:80:1f:fe:8f:b8:e6:ae:21:e0:
50:ed:3a:c2:33:19:96:1b:58:b5:fd:08:24:83:ca:70:be:41:
d0:e2:12:dc:ad:29:b3:47:f7:fa:cc:40:02:36:2e:7c:f1:74:
a0:5e:ff:3a:9d:35:7d:3f:65:e7:6a:6d:08:3f:c4:70:a5:b2:
5b:ff:55:22:6c:b7:0e:d4:d0:9e:7a:91:13:09:49:11:59:38:
d9:f7:c9:e9:42:4d:4e:8c:2a:63:27:29:80:c3:f7:21:f9:fc:
af:3f:cc:82:23:27:d3:0b:2d:14:03:e6:05:67:bf:7c:2a:a8:
e5:d7:40:8d:83:40:45:86:c0:f2:78:7d:71:75:3d:6b:7c:c0:
8e:14:6c:ff:50:75:f8:a2:cc:e5:d1:69:ac:15:9f:80:77:c1:
c5:7c:2b:48:88:2e:51:2f:15:3b:93:db:3e:df:90:e8:16:26:
3b:8c:a1:cf
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYMWgvFCxcg7o8L31IowYVWvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkOTJiNjc0NzUyNzA3NTUxMzZhOGEzY2E4MDJjYTEyYzhh
YzdlNzcwHhcNMjIwOTA3MDU1MzQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDUxMWJkNDZmMWRkMGQ2NzNkMjhhNWVkZDIzMTk1NjRmN2I1MDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqgtkX5bmzxzBpl9i66pn5SifpqH
Dv9YX554DndRQR8MtH1juCbw6jz4nfAUZEY/BU+GiuNpRpCmby4ROJnGgWeDMHRz
+N9/FNz1fiZ9RuMT4st0p4mpeaXGstmPpHOEXSVltx5usw7LCusxFlLSNlV7f0iR
h2t8BGIpC76FARzOOMSyUZgwggMANCP05/16F2CXTRH6m3nVLdoUbU4s5YQc+R9H
umpQ2+GQ5Ql7X3NlXSrE3LlmyCU3w3dDb8aSQsY8C76Jncll2+CuW7BVnIKW6KT7
K4bCrCcie5aCsF9QGZvFKtR3IOIACb+rWLuUFwpW76I0aU5aHW6sJp0F7QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFABRG9RvHdDWc9KKXt0jGVZPe1AhMB8GA1UdIwQY
MBaAFH2StnR1JwdVE2qKPKgCyhLIrH53MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlpLMmRIVW5CMVVUYW9vOHFBTEtFc2lzZm5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy8wNWU4MTQtY2FjNC00MWE4LTg3NWUt
NDEwYzY3MWU3NTc3LzEvQUZFYjFHOGQwTlp6MG9wZTNTTVpWazk3VUNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy8wNWU4MTQtY2FjNC00MWE4LTg3NWUtNDEwYzY3MWU3NTc3
LzEvZlpLMmRIVW5CMVVUYW9vOHFBTEtFc2lzZm5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAJRF1QD
BAVRF0AwDQQCAAIwBwMFAyoSHUAwDQYJKoZIhvcNAQELBQADggEBAJ5p/AGLq+bS
RbxrzbdyDICC0Ul0EmOJNnjdSsHLQ7wNVZQMNBiGp0QxQqKOjP9LQtYEVsNgcaRm
yFwTKIFX6R/QycIVq4OiYXNUfFCP/xPozYAf/o+45q4h4FDtOsIzGZYbWLX9CCSD
ynC+QdDiEtytKbNH9/rMQAI2LnzxdKBe/zqdNX0/ZedqbQg/xHClslv/VSJstw7U
0J56kRMJSRFZONn3yelCTU6MKmMnKYDD9yH5/K8/zIIjJ9MLLRQD5gVnv3wqqOXX
QI2DQEWGwPJ4fXF1PWt8wI4UbP9QdfiizOXRaawVn4B3wcV8K0iILlEvFTuT2z7f
kOgWJjuMoc8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:55 2024 by rpki-client on console-ams.rpki-client.org