Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/6s1mg07rzlqHa1GVNJHiHttD5gk.roa
File: 6s1mg07rzlqHa1GVNJHiHttD5gk.roa (raw, json)
Hash identifier: Om+mtOwkoomDGZtgyu+UTVUwtv2uVJBvn1UsfphpOB0=
Subject key identifier: EA:CD:66:83:4E:EB:CE:5A:87:6B:51:95:34:91:E2:1E:DB:43:E6:09
Certificate issuer: /CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Certificate serial: 3DC2D5B6
Authority key identifier: 1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/6s1mg07rzlqHa1GVNJHiHttD5gk.roa
Signing time: Sat 01 Jan 2022 08:56:52 +0000
ROA not before: Sat 01 Jan 2022 08:56:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1729
IP address blocks: 131.116.0.0/16 maxlen: 24
81.228.8.0/24 maxlen: 24
81.228.9.0/24 maxlen: 24
81.228.10.0/24 maxlen: 24
81.228.11.0/24 maxlen: 24
192.150.84.0/24 maxlen: 24
131.115.0.0/16 maxlen: 24
192.16.152.0/24 maxlen: 24
192.16.154.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1036178870 (0x3dc2d5b6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Validity
Not Before: Jan 1 08:56:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eacd66834eebce5a876b51953491e21edb43e609
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c5:52:73:db:4d:ae:22:f0:c0:b8:40:c3:01:
41:9a:df:e5:61:6c:54:23:f1:f6:a3:18:7e:ce:9a:
36:35:a5:1c:72:f1:70:60:fb:aa:a5:b9:85:03:47:
2a:98:4a:09:4a:8b:8d:63:6e:1d:72:43:b1:70:a5:
a9:ae:ac:98:52:e5:b3:82:6f:ff:8b:a5:e2:8e:af:
8f:ab:9f:12:0d:18:55:02:40:b7:b1:cf:50:c6:94:
13:9d:c8:7d:61:e0:04:15:c3:29:e3:99:4d:bf:d9:
0b:d0:dc:07:38:8e:c1:24:bb:6b:ef:27:4f:56:0d:
37:6a:1c:8f:44:67:a0:1d:b5:60:8c:39:7d:3f:9f:
96:65:a9:47:f1:21:33:d7:3e:21:bd:90:f5:9a:01:
71:6c:1e:ef:bb:1c:72:66:dd:ce:3d:58:49:9c:69:
08:db:9e:db:4e:38:b8:ad:04:e6:67:ff:b0:2a:8d:
53:f7:3e:5d:09:23:b8:a5:dc:c0:db:0c:d0:b5:2b:
aa:10:e9:d7:ca:7e:ad:97:7c:92:9d:e5:0f:fb:e9:
92:36:ff:9d:35:55:7c:da:92:d3:50:6a:e0:26:b3:
51:3d:76:dc:b3:40:a4:c6:2c:18:1e:d3:8b:12:75:
22:16:be:e4:f7:cc:cc:d6:f5:d9:b9:79:88:e7:84:
b0:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:CD:66:83:4E:EB:CE:5A:87:6B:51:95:34:91:E2:1E:DB:43:E6:09
X509v3 Authority Key Identifier:
keyid:1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/6s1mg07rzlqHa1GVNJHiHttD5gk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.228.8.0/22
131.115.0.0-131.116.255.255
192.16.152.0/24
192.16.154.0/24
192.150.84.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:97:9e:3b:93:ec:5a:85:68:49:88:b6:e2:06:a8:78:a5:64:
4f:98:66:7c:57:82:c9:92:0e:30:a5:34:40:4c:34:42:3f:e0:
16:34:42:8d:1a:45:62:02:42:b8:92:3d:f2:53:6f:ff:a4:8f:
25:6d:2e:0b:0d:55:62:79:ee:d0:78:14:d5:b5:3b:5d:c3:b9:
8b:d4:78:b8:f0:93:84:2f:d0:2d:45:37:01:d2:4b:0d:c2:73:
4f:99:2f:e3:12:a9:c7:a1:6b:1b:3f:6d:2b:50:cf:99:9e:7e:
ae:f2:95:2a:6f:af:ba:72:02:31:25:02:3c:8d:00:ba:46:ca:
d5:c9:e3:77:4c:d6:a7:a6:a0:dd:3f:5f:73:04:5e:5a:61:70:
8e:ef:9c:b6:f2:a9:c6:16:bc:25:60:0a:36:ca:34:ba:87:69:
d5:38:45:64:d3:f9:2a:ef:7f:5a:5d:14:fb:04:ea:7e:30:6f:
ce:fe:e1:8d:7e:24:a6:38:a7:1e:bb:8a:61:94:74:b0:c6:30:
aa:e4:97:62:56:73:ba:e1:e7:74:24:58:5a:d4:53:0c:50:f4:
72:d6:f5:07:ba:93:a1:a3:81:73:87:83:40:31:b8:d3:ca:d6:
b5:9b:0d:bc:14:07:26:d8:f7:52:90:1f:9c:46:be:78:b0:17:
16:7d:16:9e
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEPcLVtjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZjY4MTM4ZDRlYzJlYTUxY2FjZWYwOWZmMTA1OGEzNzBhNWJlMTkwMB4XDTIyMDEw
MTA4NTY1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWFjZDY2ODM0ZWVi
Y2U1YTg3NmI1MTk1MzQ5MWUyMWVkYjQzZTYwOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALLFUnPbTa4i8MC4QMMBQZrf5WFsVCPx9qMYfs6aNjWlHHLx
cGD7qqW5hQNHKphKCUqLjWNuHXJDsXClqa6smFLls4Jv/4ul4o6vj6ufEg0YVQJA
t7HPUMaUE53IfWHgBBXDKeOZTb/ZC9DcBziOwSS7a+8nT1YNN2ocj0RnoB21YIw5
fT+flmWpR/EhM9c+Ib2Q9ZoBcWwe77sccmbdzj1YSZxpCNue2044uK0E5mf/sCqN
U/c+XQkjuKXcwNsM0LUrqhDp18p+rZd8kp3lD/vpkjb/nTVVfNqS01Bq4CazUT12
3LNApMYsGB7TixJ1Iha+5PfMzNb12bl5iOeEsMMCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBTqzWaDTuvOWodrUZU0keIe20PmCTAfBgNVHSMEGDAWgBQfaBONTsLqUcrO
8J/xBYo3ClvhkDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0gyZ1RqVTdDNmxIS3p2Q2Y4UVdLTndwYjRaQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTcvYjlhZGY0LWY5MTAtNDM1NS1iZmM4LTYwODU2NDgzOWZkMC8x
LzZzMW1nMDdyemxxSGExR1ZOSkhpSHR0RDVnay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTcv
YjlhZGY0LWY5MTAtNDM1NS1iZmM4LTYwODU2NDgzOWZkMC8xL0gyZ1RqVTdDNmxI
S3p2Q2Y4UVdLTndwYjRaQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAlHkCDAKAwMAg3MDAwCDdAMEAMAQ
mAMEAMAQmgMEAMCWVDANBgkqhkiG9w0BAQsFAAOCAQEAKpeeO5PsWoVoSYi24gao
eKVkT5hmfFeCyZIOMKU0QEw0Qj/gFjRCjRpFYgJCuJI98lNv/6SPJW0uCw1VYnnu
0HgU1bU7XcO5i9R4uPCThC/QLUU3AdJLDcJzT5kv4xKpx6FrGz9tK1DPmZ5+rvKV
Km+vunICMSUCPI0AukbK1cnjd0zWp6ag3T9fcwReWmFwju+ctvKpxha8JWAKNso0
uodp1ThFZNP5Ku9/Wl0U+wTqfjBvzv7hjX4kpjinHruKYZR0sMYwquSXYlZzuuHn
dCRYWtRTDFD0ctb1B7qToaOBc4eDQDG408rWtZsNvBQHJtj3UpAfnEa+eLAXFn0W
ng==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:52 2023 by rpki-client on console-fra.rpki-client.org