Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/153d53-6e69-4301-abd3-f311bac2a37f/1/NTIbHLDHpIwTt-Wl-suPZUOmOmM.roa
File: NTIbHLDHpIwTt-Wl-suPZUOmOmM.roa (raw, json)
Hash identifier: CI9XtXEkwr6feNWB5nf2gRKLsJJRuRU9+Xj9kikj+Bo=
Subject key identifier: 35:32:1B:1C:B0:C7:A4:8C:13:B7:E5:A5:FA:CB:8F:65:43:A6:3A:63
Certificate issuer: /CN=c1bf34b190a51ce5300257911af30404f4951fb6
Certificate serial: 06A00D49
Authority key identifier: C1:BF:34:B1:90:A5:1C:E5:30:02:57:91:1A:F3:04:04:F4:95:1F:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wb80sZClHOUwAleRGvMEBPSVH7Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/153d53-6e69-4301-abd3-f311bac2a37f/1/NTIbHLDHpIwTt-Wl-suPZUOmOmM.roa
Signing time: Sat 01 Jan 2022 05:57:52 +0000
ROA not before: Sat 01 Jan 2022 05:57:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42433
IP address blocks: 81.23.242.0/23 maxlen: 23
81.23.242.0/24 maxlen: 24
81.23.243.0/24 maxlen: 24
92.118.110.0/24 maxlen: 24
2a0f:ec40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 111152457 (0x6a00d49)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1bf34b190a51ce5300257911af30404f4951fb6
Validity
Not Before: Jan 1 05:57:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=35321b1cb0c7a48c13b7e5a5facb8f6543a63a63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:d1:cf:f0:41:54:45:90:d2:43:50:1f:a8:54:
43:94:c5:ce:b6:23:93:a2:41:c4:3a:b7:bd:00:6b:
03:fc:d0:83:af:e8:b1:67:4f:8b:a5:e1:60:f7:09:
29:dd:4b:df:68:fe:a1:db:dc:08:3e:d2:ec:41:f0:
05:76:a6:e7:33:f4:61:52:31:ff:cb:a2:e7:79:b8:
96:ce:fd:e6:0b:e4:0b:44:95:de:a3:64:f2:cd:03:
c5:d1:57:56:73:20:9b:26:d3:ab:ab:f9:76:a4:a4:
76:e3:67:17:3b:c6:e5:c3:e4:2e:47:c5:ed:4e:d4:
49:70:db:ca:49:4d:d1:33:ab:96:94:7f:79:25:38:
82:aa:e7:07:14:1b:c3:4a:06:b4:f7:04:ac:1d:e7:
8e:36:80:dd:61:83:d2:4f:be:d5:7a:ca:a6:53:b7:
be:e9:b5:88:a6:b8:85:40:30:82:75:ff:18:2f:75:
e4:97:dc:09:f0:ed:cb:9b:08:e4:7a:d3:70:c9:ca:
35:a7:29:e4:e2:da:01:f2:50:54:d3:ef:b1:32:2b:
09:4d:8b:d7:99:8e:04:20:21:71:42:de:00:a3:c5:
39:00:32:c5:06:85:47:35:de:04:72:7a:d9:e7:84:
66:17:4b:8c:d4:3e:be:10:f4:4b:ac:c7:0e:de:b1:
5e:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:32:1B:1C:B0:C7:A4:8C:13:B7:E5:A5:FA:CB:8F:65:43:A6:3A:63
X509v3 Authority Key Identifier:
keyid:C1:BF:34:B1:90:A5:1C:E5:30:02:57:91:1A:F3:04:04:F4:95:1F:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wb80sZClHOUwAleRGvMEBPSVH7Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/153d53-6e69-4301-abd3-f311bac2a37f/1/NTIbHLDHpIwTt-Wl-suPZUOmOmM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/153d53-6e69-4301-abd3-f311bac2a37f/1/wb80sZClHOUwAleRGvMEBPSVH7Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.23.242.0/23
92.118.110.0/24
IPv6:
2a0f:ec40::/32
Signature Algorithm: sha256WithRSAEncryption
51:d0:4a:7b:52:87:51:cc:c3:83:23:b4:1d:26:24:a0:76:c0:
f9:fb:7b:44:46:8e:4f:fd:b1:74:d2:a8:fc:c6:66:20:73:47:
68:fe:91:d7:e6:25:a8:cf:08:18:7c:2c:76:57:dc:d8:98:36:
61:b9:89:8f:45:9b:04:73:21:e5:05:0c:02:e7:fe:e3:2c:39:
57:38:4a:38:71:d1:c8:d5:14:f7:66:bd:94:d0:d3:7f:ba:f1:
3f:d5:01:f8:d2:4f:fe:ae:8d:b2:c1:44:4e:97:95:ca:ae:06:
13:30:70:3e:3e:5f:ea:ad:f7:9b:2f:e8:2c:3f:c9:77:e0:0e:
4d:60:dc:44:c9:c5:49:9f:95:a4:2a:b6:a3:8c:9f:69:e2:2a:
0d:38:4f:68:34:cd:1a:37:89:3e:25:5c:24:04:d8:c7:31:44:
ef:7a:2e:9f:de:db:74:c7:1b:78:a8:ac:cd:20:67:99:3b:74:
21:be:78:24:e4:a4:84:bd:d0:25:05:41:29:f3:b0:c6:e0:7d:
46:51:99:bd:c0:1a:70:ef:0b:b1:05:9c:68:d6:5e:76:af:53:
e2:6d:26:42:e1:04:94:02:a7:c5:e5:60:e7:31:1f:89:e3:80:
d1:0a:5b:fa:c9:65:db:b1:2b:e3:64:63:0b:0b:64:78:5d:42:
ed:75:79:0c
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEBqANSTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MWJmMzRiMTkwYTUxY2U1MzAwMjU3OTExYWYzMDQwNGY0OTUxZmI2MB4XDTIyMDEw
MTA1NTc1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzUzMjFiMWNiMGM3
YTQ4YzEzYjdlNWE1ZmFjYjhmNjU0M2E2M2E2MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI3Rz/BBVEWQ0kNQH6hUQ5TFzrYjk6JBxDq3vQBrA/zQg6/o
sWdPi6XhYPcJKd1L32j+odvcCD7S7EHwBXam5zP0YVIx/8ui53m4ls795gvkC0SV
3qNk8s0DxdFXVnMgmybTq6v5dqSkduNnFzvG5cPkLkfF7U7USXDbyklN0TOrlpR/
eSU4gqrnBxQbw0oGtPcErB3njjaA3WGD0k++1XrKplO3vum1iKa4hUAwgnX/GC91
5JfcCfDty5sI5HrTcMnKNacp5OLaAfJQVNPvsTIrCU2L15mOBCAhcULeAKPFOQAy
xQaFRzXeBHJ62eeEZhdLjNQ+vhD0S6zHDt6xXmUCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQ1MhscsMekjBO35aX6y49lQ6Y6YzAfBgNVHSMEGDAWgBTBvzSxkKUc5TAC
V5Ea8wQE9JUftjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3diODBzWkNsSE9Vd0FsZVJHdk1FQlBTVkg3WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWEvMTUzZDUzLTZlNjktNDMwMS1hYmQzLWYzMTFiYWMyYTM3Zi8x
L05USWJITERIcEl3VHQtV2wtc3VQWlVPbU9tTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWEv
MTUzZDUzLTZlNjktNDMwMS1hYmQzLWYzMTFiYWMyYTM3Zi8xL3diODBzWkNsSE9V
d0FsZVJHdk1FQlBTVkg3WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAVEX8gMEAFx2bjANBAIAAjAHAwUA
Kg/sQDANBgkqhkiG9w0BAQsFAAOCAQEAUdBKe1KHUczDgyO0HSYkoHbA+ft7REaO
T/2xdNKo/MZmIHNHaP6R1+YlqM8IGHwsdlfc2Jg2YbmJj0WbBHMh5QUMAuf+4yw5
VzhKOHHRyNUU92a9lNDTf7rxP9UB+NJP/q6NssFETpeVyq4GEzBwPj5f6q33my/o
LD/Jd+AOTWDcRMnFSZ+VpCq2o4yfaeIqDThPaDTNGjeJPiVcJATYxzFE73oun97b
dMcbeKiszSBnmTt0Ib54JOSkhL3QJQVBKfOwxuB9RlGZvcAacO8LsQWcaNZedq9T
4m0mQuEElAKnxeVg5zEfieOA0Qpb+sll27Er42RjCwtkeF1C7XV5DA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:10 2024 by rpki-client on console-fra.rpki-client.org