Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/6ef09b-802a-45f7-9e7f-06d530cefd8a/1/GBzIx9SrplECvYT35d5VBYB7Izs.roa
File: GBzIx9SrplECvYT35d5VBYB7Izs.roa (raw, json)
Hash identifier: 6/bTQ3wHnQTfq0GrbjsrscCisEns9QfIH4eXF/73wNU=
Subject key identifier: 18:1C:C8:C7:D4:AB:A6:51:02:BD:84:F7:E5:DE:55:05:80:7B:23:3B
Certificate issuer: /CN=efea177bcc2b0ef64cab604e6e6427b1ade0bf69
Certificate serial: 1EE38D
Authority key identifier: EF:EA:17:7B:CC:2B:0E:F6:4C:AB:60:4E:6E:64:27:B1:AD:E0:BF:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7-oXe8wrDvZMq2BObmQnsa3gv2k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/6ef09b-802a-45f7-9e7f-06d530cefd8a/1/GBzIx9SrplECvYT35d5VBYB7Izs.roa
Signing time: Sat 01 Jan 2022 02:55:17 +0000
ROA not before: Sat 01 Jan 2022 02:55:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209041
IP address blocks: 81.21.225.0/24 maxlen: 24
81.21.224.0/24 maxlen: 24
81.21.227.0/24 maxlen: 24
2a0d:26c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2024333 (0x1ee38d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efea177bcc2b0ef64cab604e6e6427b1ade0bf69
Validity
Not Before: Jan 1 02:55:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=181cc8c7d4aba65102bd84f7e5de5505807b233b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:9d:d4:60:dd:b6:49:d4:69:8d:24:91:6d:37:
48:84:5d:94:bb:f8:e0:42:c8:60:db:55:bc:d8:c9:
22:66:92:44:b7:a1:57:18:66:f9:c6:f9:b6:0d:89:
a7:b6:33:00:fa:6d:cb:7a:81:88:10:fc:3a:4a:c8:
7c:48:b3:b6:de:45:ae:0f:b8:d4:c2:7f:a7:be:74:
ce:db:f2:89:3a:8b:38:79:f9:90:00:29:f6:b4:04:
4c:a8:84:c6:27:14:36:7c:20:63:f3:40:9a:40:04:
c4:f8:3f:4b:df:39:36:9a:64:d3:a7:6c:42:c9:51:
f8:f1:00:6f:c5:af:67:7a:95:18:57:57:f0:4f:66:
b5:35:f4:d3:28:0b:71:f4:6a:3b:bd:6a:40:92:fa:
c8:f4:60:0c:27:d6:c9:40:f3:b4:b4:e3:b2:82:13:
14:cd:01:ec:6e:58:da:d6:46:79:cb:da:39:e9:40:
9a:7b:30:92:fe:9e:d5:cc:57:57:f3:91:46:a9:10:
77:72:46:c4:f8:58:a1:0a:5b:fa:7f:55:62:97:39:
3d:06:7c:54:33:f6:f8:24:b2:1a:dc:3e:ef:3e:6b:
fe:e7:eb:7a:74:3b:d7:76:2b:c1:ff:e1:50:99:6e:
78:30:6e:4a:77:ad:9b:40:0d:f8:cc:32:b9:96:05:
ce:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:1C:C8:C7:D4:AB:A6:51:02:BD:84:F7:E5:DE:55:05:80:7B:23:3B
X509v3 Authority Key Identifier:
keyid:EF:EA:17:7B:CC:2B:0E:F6:4C:AB:60:4E:6E:64:27:B1:AD:E0:BF:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7-oXe8wrDvZMq2BObmQnsa3gv2k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/6ef09b-802a-45f7-9e7f-06d530cefd8a/1/GBzIx9SrplECvYT35d5VBYB7Izs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/6ef09b-802a-45f7-9e7f-06d530cefd8a/1/7-oXe8wrDvZMq2BObmQnsa3gv2k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.21.224.0/23
81.21.227.0/24
IPv6:
2a0d:26c0::/32
Signature Algorithm: sha256WithRSAEncryption
9a:8b:8f:01:ad:8a:9f:17:de:8a:a6:70:83:a5:39:62:19:b1:
c5:83:52:f8:e8:34:24:77:f6:4c:f8:5d:64:76:d5:32:13:54:
93:01:95:8e:aa:ec:09:b3:5b:25:84:43:cb:04:3b:ae:de:0e:
0b:76:8a:ef:b9:e7:3f:2f:6a:e9:6f:9a:53:1a:22:fa:a1:ad:
9d:e7:1b:7e:11:88:72:c6:8b:8e:e5:ab:a9:63:30:85:04:5c:
6b:46:aa:e0:93:07:0c:a1:a8:2c:cb:da:3a:b8:e0:c2:2f:c1:
03:14:86:33:49:ed:27:f7:e3:b2:4c:23:ef:72:c1:57:31:bf:
0f:4f:5f:9d:63:c7:9b:2f:a0:35:20:39:53:18:3b:e6:8c:54:
00:b2:a1:07:64:a0:f8:9a:ae:80:c6:a2:50:7d:30:ee:95:33:
cb:c1:7e:23:7c:68:d9:7d:fd:67:35:7d:af:5e:8c:57:73:f9:
ac:3a:24:8a:1d:a8:83:9e:d9:fe:3e:16:55:a2:df:cf:69:b9:
5a:90:6b:56:ca:91:46:4b:e1:18:00:d0:eb:c7:b0:68:f9:fa:
69:ba:81:56:58:ba:34:a0:b5:14:b3:0b:72:ec:22:34:af:38:
7c:9e:ce:25:fa:6c:8c:cb:5f:dd:96:c8:ba:ce:4c:00:52:12:
62:f5:49:83
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIDHuONMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGVm
ZWExNzdiY2MyYjBlZjY0Y2FiNjA0ZTZlNjQyN2IxYWRlMGJmNjkwHhcNMjIwMTAx
MDI1NTE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygxODFjYzhjN2Q0YWJh
NjUxMDJiZDg0ZjdlNWRlNTUwNTgwN2IyMzNiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAxJ3UYN22SdRpjSSRbTdIhF2Uu/jgQshg21W82MkiZpJEt6FX
GGb5xvm2DYmntjMA+m3LeoGIEPw6Ssh8SLO23kWuD7jUwn+nvnTO2/KJOos4efmQ
ACn2tARMqITGJxQ2fCBj80CaQATE+D9L3zk2mmTTp2xCyVH48QBvxa9nepUYV1fw
T2a1NfTTKAtx9Go7vWpAkvrI9GAMJ9bJQPO0tOOyghMUzQHsblja1kZ5y9o56UCa
ezCS/p7VzFdX85FGqRB3ckbE+FihClv6f1Vilzk9BnxUM/b4JLIa3D7vPmv+5+t6
dDvXdivB/+FQmW54MG5Kd62bQA34zDK5lgXORwIDAQABo4ICHjCCAhowHQYDVR0O
BBYEFBgcyMfUq6ZRAr2E9+XeVQWAeyM7MB8GA1UdIwQYMBaAFO/qF3vMKw72TKtg
Tm5kJ7Gt4L9pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
Ny1vWGU4d3JEdlpNcTJCT2JtUW5zYTNndjJrLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9kMy82ZWYwOWItODAyYS00NWY3LTllN2YtMDZkNTMwY2VmZDhhLzEv
R0J6SXg5U3JwbEVDdllUMzVkNVZCWUI3SXpzLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy82
ZWYwOWItODAyYS00NWY3LTllN2YtMDZkNTMwY2VmZDhhLzEvNy1vWGU4d3JEdlpN
cTJCT2JtUW5zYTNndjJrLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQG
CCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBURXgAwQAURXjMA0EAgACMAcDBQAq
DSbAMA0GCSqGSIb3DQEBCwUAA4IBAQCai48BrYqfF96KpnCDpTliGbHFg1L46DQk
d/ZM+F1kdtUyE1STAZWOquwJs1slhEPLBDuu3g4Ldorvuec/L2rpb5pTGiL6oa2d
5xt+EYhyxouO5aupYzCFBFxrRqrgkwcMoagsy9o6uODCL8EDFIYzSe0n9+OyTCPv
csFXMb8PT1+dY8ebL6A1IDlTGDvmjFQAsqEHZKD4mq6AxqJQfTDulTPLwX4jfGjZ
ff1nNX2vXoxXc/msOiSKHaiDntn+PhZVot/PablakGtWypFGS+EYANDrx7Bo+fpp
uoFWWLo0oLUUswty7CI0rzh8ns4l+myMy1/dlsi6zkwAUhJi9UmD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:09 2024 by rpki-client on console-fra.rpki-client.org