Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/fa6cc2-27af-416c-a134-98f7454ba6ce/1/81nKSnhYt-49frLUt4GE9UrpM3A.roa
File: 81nKSnhYt-49frLUt4GE9UrpM3A.roa (raw, json)
Hash identifier: zUX+hw9opWBMEF0IHqOaPg/4MHZskHHi5eo4WQnfn2Q=
Subject key identifier: F3:59:CA:4A:78:58:B7:EE:3D:7E:B2:D4:B7:81:84:F5:4A:E9:33:70
Certificate issuer: /CN=4a8ae7871525be2ea4d0dffdae4f3a8bff372496
Certificate serial: 0411BCC1
Authority key identifier: 4A:8A:E7:87:15:25:BE:2E:A4:D0:DF:FD:AE:4F:3A:8B:FF:37:24:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SornhxUlvi6k0N_9rk86i_83JJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/fa6cc2-27af-416c-a134-98f7454ba6ce/1/81nKSnhYt-49frLUt4GE9UrpM3A.roa
Signing time: Sat 01 Jan 2022 09:53:34 +0000
ROA not before: Sat 01 Jan 2022 09:53:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12693
IP address blocks: 134.101.32.0/19 maxlen: 19
212.110.224.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68271297 (0x411bcc1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a8ae7871525be2ea4d0dffdae4f3a8bff372496
Validity
Not Before: Jan 1 09:53:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f359ca4a7858b7ee3d7eb2d4b78184f54ae93370
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:51:65:b8:c3:88:80:91:b7:fa:47:06:99:c7:
ac:e8:10:0a:95:cc:65:ae:7b:99:01:31:60:49:0e:
29:de:ab:de:d2:90:b5:be:e1:81:a6:aa:d9:7b:89:
b0:3b:16:45:d0:77:60:f2:08:0e:c3:a8:5e:f3:c7:
a8:0a:fd:27:b4:5d:05:ab:b8:cf:63:c9:55:8d:ee:
1f:34:ee:fc:66:04:f2:bd:7e:f2:27:3f:a5:0a:cf:
89:6a:55:be:5b:72:f8:89:a7:08:01:c3:1c:f1:9f:
86:0f:92:e5:88:8c:19:cf:84:11:b2:b6:94:31:14:
27:d0:05:e4:9d:ff:b9:6f:33:a6:00:47:c1:ea:1b:
df:4b:b6:5c:af:62:e7:09:b5:47:4c:ce:d2:9b:c1:
74:17:72:ee:86:75:08:5f:95:7f:97:ec:a2:68:41:
c8:da:25:dd:cb:26:03:c1:95:68:60:aa:01:4f:27:
af:63:7a:56:b2:2b:5c:ab:8a:88:51:25:f5:2f:99:
62:93:7e:37:54:1f:c4:98:e9:08:cf:0a:80:c7:b4:
f2:55:14:18:46:99:75:d2:fa:86:33:4a:c9:0e:cb:
4b:94:de:2f:e5:94:7c:34:f3:3b:25:10:19:0f:06:
a6:c6:3a:1a:44:9d:ba:f7:2a:af:fa:e8:80:e7:90:
91:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:59:CA:4A:78:58:B7:EE:3D:7E:B2:D4:B7:81:84:F5:4A:E9:33:70
X509v3 Authority Key Identifier:
keyid:4A:8A:E7:87:15:25:BE:2E:A4:D0:DF:FD:AE:4F:3A:8B:FF:37:24:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SornhxUlvi6k0N_9rk86i_83JJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/fa6cc2-27af-416c-a134-98f7454ba6ce/1/81nKSnhYt-49frLUt4GE9UrpM3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/fa6cc2-27af-416c-a134-98f7454ba6ce/1/SornhxUlvi6k0N_9rk86i_83JJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.101.32.0/19
212.110.224.0/19
Signature Algorithm: sha256WithRSAEncryption
94:44:b0:e2:80:7a:0c:73:b9:11:9e:51:bd:19:5d:71:1d:ec:
c4:f1:3a:68:ac:fe:6e:ba:d2:4d:19:e9:69:66:7c:ab:63:70:
3b:6f:67:39:e8:f7:34:e5:5a:c3:d7:77:3a:db:84:bf:85:1e:
d4:d3:37:8b:95:cd:80:6e:1f:d4:38:64:13:1a:59:21:c0:8e:
e2:1e:ef:af:74:5c:b7:7a:25:77:e8:7f:f3:41:c5:f2:62:0e:
20:9d:42:40:84:a6:71:d6:95:a5:60:3e:af:a9:8a:43:8c:0a:
4c:37:e1:67:b4:f6:cf:60:09:96:83:16:44:92:8b:f9:0a:e5:
1c:e3:10:7b:15:cd:08:1d:13:ca:c6:a8:bb:00:a5:91:d8:45:
5d:32:fd:c6:2f:f8:40:70:73:ae:aa:68:d4:b8:03:0f:50:e7:
80:4d:91:34:da:f3:a7:06:48:03:02:1d:78:12:a7:86:ba:00:
97:b2:ed:ae:09:03:04:3d:a0:07:9d:b5:37:bc:27:20:8a:0f:
1f:07:70:f7:6a:cd:5e:88:81:19:48:c3:12:5b:c3:cc:c0:29:
17:59:4b:9d:51:16:c3:6a:1a:7c:1b:a8:7a:dc:c3:dc:3f:41:
59:5b:1b:bf:e9:2b:b7:a5:44:5f:6d:a1:a5:7c:6d:e7:f9:02:
3d:37:e9:4e
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBBG8wTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YThhZTc4NzE1MjViZTJlYTRkMGRmZmRhZTRmM2E4YmZmMzcyNDk2MB4XDTIyMDEw
MTA5NTMzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjM1OWNhNGE3ODU4
YjdlZTNkN2ViMmQ0Yjc4MTg0ZjU0YWU5MzM3MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJVRZbjDiICRt/pHBpnHrOgQCpXMZa57mQExYEkOKd6r3tKQ
tb7hgaaq2XuJsDsWRdB3YPIIDsOoXvPHqAr9J7RdBau4z2PJVY3uHzTu/GYE8r1+
8ic/pQrPiWpVvlty+ImnCAHDHPGfhg+S5YiMGc+EEbK2lDEUJ9AF5J3/uW8zpgBH
weob30u2XK9i5wm1R0zO0pvBdBdy7oZ1CF+Vf5fsomhByNol3csmA8GVaGCqAU8n
r2N6VrIrXKuKiFEl9S+ZYpN+N1QfxJjpCM8KgMe08lUUGEaZddL6hjNKyQ7LS5Te
L+WUfDTzOyUQGQ8GpsY6GkSduvcqr/rogOeQkS8CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTzWcpKeFi37j1+stS3gYT1SukzcDAfBgNVHSMEGDAWgBRKiueHFSW+LqTQ
3/2uTzqL/zckljAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Nvcm5oeFVsdmk2azBOXzlyazg2aV84M0pKWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTgvZmE2Y2MyLTI3YWYtNDE2Yy1hMTM0LTk4Zjc0NTRiYTZjZS8x
LzgxbktTbmhZdC00OWZyTFV0NEdFOVVycE0zQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTgv
ZmE2Y2MyLTI3YWYtNDE2Yy1hMTM0LTk4Zjc0NTRiYTZjZS8xL1Nvcm5oeFVsdmk2
azBOXzlyazg2aV84M0pKWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEBYZlIAMEBdRu4DANBgkqhkiG9w0B
AQsFAAOCAQEAlESw4oB6DHO5EZ5RvRldcR3sxPE6aKz+brrSTRnpaWZ8q2NwO29n
Oej3NOVaw9d3OtuEv4Ue1NM3i5XNgG4f1DhkExpZIcCO4h7vr3Rct3old+h/80HF
8mIOIJ1CQISmcdaVpWA+r6mKQ4wKTDfhZ7T2z2AJloMWRJKL+QrlHOMQexXNCB0T
ysaouwClkdhFXTL9xi/4QHBzrqpo1LgDD1DngE2RNNrzpwZIAwIdeBKnhroAl7Lt
rgkDBD2gB521N7wnIIoPHwdw92rNXoiBGUjDElvDzMApF1lLnVEWw2oafBuoetzD
3D9BWVsbv+krt6VEX22hpXxt5/kCPTfpTg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:21 2025 by rpki-client