Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/fb7e67-5425-4c4f-b46a-8243aef6fe5a/1/MA9bDLKT4eiFaIsqkztkJAlwn9c.roa
File: MA9bDLKT4eiFaIsqkztkJAlwn9c.roa (raw, json)
Hash identifier: lI86jDo/DiNCVyfdDwDPO2V3nzi+Q8hzgZj9+RPh25M=
Subject key identifier: 30:0F:5B:0C:B2:93:E1:E8:85:68:8B:2A:93:3B:64:24:09:70:9F:D7
Certificate issuer: /CN=aa70110d30d52e8a6969588b3f621416bcdf644b
Certificate serial: 018712EC93069B456C83D80BC5A236C62FBC
Authority key identifier: AA:70:11:0D:30:D5:2E:8A:69:69:58:8B:3F:62:14:16:BC:DF:64:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qnARDTDVLoppaViLP2IUFrzfZEs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/fb7e67-5425-4c4f-b46a-8243aef6fe5a/1/MA9bDLKT4eiFaIsqkztkJAlwn9c.roa
Signing time: Fri 24 Mar 2023 09:21:46 +0000
ROA not before: Fri 24 Mar 2023 09:21:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39434
IP address blocks: 81.24.83.0/24 maxlen: 24
81.24.81.0/24 maxlen: 24
81.24.82.0/24 maxlen: 24
81.24.80.0/24 maxlen: 24
81.24.80.0/21 maxlen: 21
81.24.84.0/24 maxlen: 24
81.24.86.0/24 maxlen: 24
81.24.87.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:12:ec:93:06:9b:45:6c:83:d8:0b:c5:a2:36:c6:2f:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa70110d30d52e8a6969588b3f621416bcdf644b
Validity
Not Before: Mar 24 09:21:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=300f5b0cb293e1e885688b2a933b642409709fd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d7:c1:6d:22:61:15:75:00:c4:b3:e6:65:b1:
97:ae:4a:96:1a:bb:eb:c9:33:cf:73:96:2f:67:64:
63:37:5c:18:c8:eb:09:74:af:1e:31:ea:44:be:14:
dc:5a:5b:6e:ff:c4:fc:44:c9:ff:da:5c:53:f7:a9:
50:2d:4c:5c:a3:0d:5e:3e:45:b1:fc:15:56:c0:f7:
25:b2:27:3f:70:03:c7:eb:4b:92:e9:96:5e:cf:b0:
de:2c:46:c6:61:fc:97:bf:6b:32:c7:c3:6d:b6:0d:
1e:22:06:f5:10:58:93:0b:d8:0f:86:21:e9:77:c1:
2a:65:f0:48:2d:fc:4f:9e:86:28:d3:4c:26:33:bf:
3d:d3:98:ac:25:5a:ab:c5:52:3c:a4:24:bb:cd:18:
26:9b:df:89:49:46:ea:37:6e:a3:af:7b:32:72:19:
c9:5f:0d:a3:a6:74:e5:44:4d:88:b8:8e:dd:48:b3:
83:ca:2a:64:fb:12:e9:58:36:ad:29:7a:4f:bd:7d:
fb:1b:46:49:c5:5e:4e:f8:c5:38:e8:e4:19:53:dd:
51:51:98:ec:70:b9:7d:b2:78:00:81:7d:2e:7d:18:
0f:f4:d5:0a:58:07:4e:2d:07:44:0d:49:d7:21:71:
96:76:c7:9b:a3:43:80:06:7d:8f:f6:0c:a8:fe:9f:
37:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:0F:5B:0C:B2:93:E1:E8:85:68:8B:2A:93:3B:64:24:09:70:9F:D7
X509v3 Authority Key Identifier:
keyid:AA:70:11:0D:30:D5:2E:8A:69:69:58:8B:3F:62:14:16:BC:DF:64:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qnARDTDVLoppaViLP2IUFrzfZEs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/fb7e67-5425-4c4f-b46a-8243aef6fe5a/1/MA9bDLKT4eiFaIsqkztkJAlwn9c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/fb7e67-5425-4c4f-b46a-8243aef6fe5a/1/qnARDTDVLoppaViLP2IUFrzfZEs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.24.80.0/21
Signature Algorithm: sha256WithRSAEncryption
5e:44:73:2f:3f:a0:8a:11:c9:96:a9:65:ec:55:10:c5:50:57:
b9:41:3c:17:20:a1:46:05:9c:bd:d4:ab:d0:fa:e7:de:d5:b0:
0d:b7:b7:3d:dd:23:e3:0b:49:53:40:8b:2d:7c:11:6a:3b:ca:
e6:6f:3a:bd:e3:4a:1d:b5:23:1f:07:99:ec:42:5b:29:13:30:
6c:44:66:fb:ff:c4:39:b1:7d:99:ef:09:67:d1:cf:04:94:72:
12:0d:27:bf:da:3c:3d:fb:5b:37:8c:bd:e0:2a:62:a3:97:c3:
01:df:b0:ab:d9:36:a9:f2:70:df:64:70:52:cb:b9:30:59:2e:
e0:fe:0e:fe:1d:f5:24:3d:e7:57:5c:ec:da:19:68:c3:a1:0a:
2f:f4:17:0c:28:1c:b9:12:ba:66:b4:e8:cd:7b:4a:ee:ee:f4:
9a:67:5b:2a:5a:a2:46:9d:60:42:c4:32:70:99:22:dc:1d:98:
ce:a4:b6:ec:7b:5d:bc:9c:81:98:af:5b:8d:f2:11:e7:51:f9:
fb:50:8b:43:bf:8d:c4:37:b4:00:d2:25:9c:59:bb:94:fb:28:
0e:dd:60:e3:65:39:3d:22:05:06:9d:2d:80:fb:e3:4d:e9:e0:
79:b6:10:01:c9:61:a5:e3:8f:f0:13:40:99:e8:6d:2f:7e:ad:
55:2c:ff:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcS7JMGm0Vsg9gLxaI2xi+8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNzAxMTBkMzBkNTJlOGE2OTY5NTg4YjNmNjIxNDE2YmNk
ZjY0NGIwHhcNMjMwMzI0MDkyMTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDBmNWIwY2IyOTNlMWU4ODU2ODhiMmE5MzNiNjQyNDA5NzA5ZmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttfBbSJhFXUAxLPmZbGXrkqWGrvr
yTPPc5YvZ2RjN1wYyOsJdK8eMepEvhTcWltu/8T8RMn/2lxT96lQLUxcow1ePkWx
/BVWwPclsic/cAPH60uS6ZZez7DeLEbGYfyXv2syx8Nttg0eIgb1EFiTC9gPhiHp
d8EqZfBILfxPnoYo00wmM78905isJVqrxVI8pCS7zRgmm9+JSUbqN26jr3sychnJ
Xw2jpnTlRE2IuI7dSLODyipk+xLpWDatKXpPvX37G0ZJxV5O+MU46OQZU91RUZjs
cLl9sngAgX0ufRgP9NUKWAdOLQdEDUnXIXGWdsebo0OABn2P9gyo/p83cwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDAPWwyyk+HohWiLKpM7ZCQJcJ/XMB8GA1UdIwQY
MBaAFKpwEQ0w1S6KaWlYiz9iFBa832RLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW5BUkRURFZMb3BwYVZpTFAySVVGcnpmWkVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9mYjdlNjctNTQyNS00YzRmLWI0NmEt
ODI0M2FlZjZmZTVhLzEvTUE5YkRMS1Q0ZWlGYUlzcWt6dGtKQWx3bjljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9mYjdlNjctNTQyNS00YzRmLWI0NmEtODI0M2FlZjZmZTVh
LzEvcW5BUkRURFZMb3BwYVZpTFAySVVGcnpmWkVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDURhQMA0G
CSqGSIb3DQEBCwUAA4IBAQBeRHMvP6CKEcmWqWXsVRDFUFe5QTwXIKFGBZy91KvQ
+ufe1bANt7c93SPjC0lTQIstfBFqO8rmbzq940odtSMfB5nsQlspEzBsRGb7/8Q5
sX2Z7wln0c8ElHISDSe/2jw9+1s3jL3gKmKjl8MB37Cr2Tap8nDfZHBSy7kwWS7g
/g7+HfUkPedXXOzaGWjDoQov9BcMKBy5ErpmtOjNe0ru7vSaZ1sqWqJGnWBCxDJw
mSLcHZjOpLbse128nIGYr1uN8hHnUfn7UItDv43EN7QA0iWcWbuU+ygO3WDjZTk9
IgUGnS2A++NN6eB5thAByWGl44/wE0CZ6G0vfq1VLP+a
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:15 2025 by rpki-client