Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/bfdda9-2742-4b2f-85b6-ef9c95276932/1/hMFxcHu10YIwX1AZXZeln3hHkvE.roa
File: hMFxcHu10YIwX1AZXZeln3hHkvE.roa (raw, json)
Hash identifier: ELmXsb2+q3sKInd248khR4LRP6smRoQ6/LB8tXnwslM=
Subject key identifier: 84:C1:71:70:7B:B5:D1:82:30:5F:50:19:5D:97:A5:9F:78:47:92:F1
Certificate issuer: /CN=991e4b179e0953b9ecc585ad9859a00be3568001
Certificate serial: 1BAB44FB
Authority key identifier: 99:1E:4B:17:9E:09:53:B9:EC:C5:85:AD:98:59:A0:0B:E3:56:80:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mR5LF54JU7nsxYWtmFmgC-NWgAE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/bfdda9-2742-4b2f-85b6-ef9c95276932/1/hMFxcHu10YIwX1AZXZeln3hHkvE.roa
Signing time: Sat 01 Jan 2022 13:55:47 +0000
ROA not before: Sat 01 Jan 2022 13:55:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8726
IP address blocks: 81.21.192.0/21 maxlen: 21
81.21.200.0/22 maxlen: 22
81.21.204.0/23 maxlen: 23
81.21.207.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 464209147 (0x1bab44fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=991e4b179e0953b9ecc585ad9859a00be3568001
Validity
Not Before: Jan 1 13:55:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=84c171707bb5d182305f50195d97a59f784792f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:77:d1:26:4e:8a:5a:8f:cb:34:0d:28:09:f6:
0a:3f:89:e9:f7:23:99:d2:cb:af:c0:51:5a:9d:b7:
19:ca:46:a8:b2:08:79:2d:31:13:3f:e9:20:77:08:
b3:02:b5:b7:fe:5c:8b:8b:07:7c:57:38:18:0c:89:
b0:93:8d:d1:aa:0e:3f:f5:7b:19:e2:74:fc:f5:d9:
7c:2d:15:9b:6c:46:0d:b3:35:01:f9:8d:f5:13:fd:
a3:51:a7:f5:df:fe:27:55:43:d4:0a:a4:34:ed:2e:
9f:08:f7:af:77:14:8f:c9:1f:08:c4:55:df:ae:96:
5a:ec:6e:60:30:72:de:70:5d:e7:e1:03:07:60:05:
60:9a:c9:d1:f3:8d:42:21:8c:0d:ae:d9:7c:4f:01:
0b:f5:05:5e:df:51:a9:8a:14:3e:4e:d7:e4:f5:81:
b5:05:80:15:78:bd:a1:52:29:36:b6:d1:73:13:91:
19:82:94:03:f4:f1:84:8b:d6:5c:2e:6e:9c:7b:c3:
c1:2c:ff:2c:d3:a2:06:ff:4c:5f:91:e9:88:ef:64:
1e:bf:c8:ba:7f:fe:9f:5f:f3:02:e7:e3:57:f1:ca:
46:18:71:f0:90:c8:a7:89:1f:7e:44:12:59:b1:67:
15:d0:90:75:24:31:8a:0c:30:49:c2:f4:8e:3d:ce:
57:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:C1:71:70:7B:B5:D1:82:30:5F:50:19:5D:97:A5:9F:78:47:92:F1
X509v3 Authority Key Identifier:
keyid:99:1E:4B:17:9E:09:53:B9:EC:C5:85:AD:98:59:A0:0B:E3:56:80:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mR5LF54JU7nsxYWtmFmgC-NWgAE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/bfdda9-2742-4b2f-85b6-ef9c95276932/1/hMFxcHu10YIwX1AZXZeln3hHkvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/bfdda9-2742-4b2f-85b6-ef9c95276932/1/mR5LF54JU7nsxYWtmFmgC-NWgAE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.21.192.0-81.21.205.255
81.21.207.0/24
Signature Algorithm: sha256WithRSAEncryption
32:ac:08:77:8e:73:04:32:08:37:8c:20:27:0e:d8:f6:40:16:
0a:de:12:7d:e8:df:51:7f:52:79:e1:75:87:e7:ef:d9:a9:4d:
09:c5:17:f5:7c:cb:55:e6:2e:cb:89:78:7b:9e:3c:ad:d0:5a:
34:28:71:ff:bb:3e:c0:23:43:b5:ae:a0:5f:49:df:57:ea:32:
ae:68:e0:1a:70:9c:a4:41:62:97:78:1e:04:71:34:ce:38:58:
39:05:a0:59:de:39:98:ae:79:71:dc:ea:4c:26:f3:ba:0e:3b:
1f:e0:a0:b9:fd:71:64:fc:84:6d:11:76:c2:e1:9a:58:ec:b7:
7d:36:7d:db:7b:bc:54:23:dc:66:f2:ae:f5:02:4b:6d:76:31:
58:59:38:ea:15:0b:0d:8d:cb:59:16:bf:80:61:48:e0:4e:7c:
0e:ce:c6:ad:f0:f7:8d:ee:0d:93:ee:d0:eb:94:52:41:3d:d6:
78:98:d2:0c:19:89:bf:8d:8b:f8:09:d7:26:8c:04:d7:cf:f7:
38:72:c6:76:b6:c9:36:06:2a:f9:11:7a:c9:48:86:59:07:a8:
8d:8d:a9:88:8f:db:54:48:23:a4:f7:6c:00:60:62:9e:2b:fd:
16:7c:e7:a9:09:c1:22:f5:57:e3:20:5b:38:f9:93:67:8f:86:
92:ce:c9:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEG6tE+zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
OTFlNGIxNzllMDk1M2I5ZWNjNTg1YWQ5ODU5YTAwYmUzNTY4MDAxMB4XDTIyMDEw
MTEzNTU0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODRjMTcxNzA3YmI1
ZDE4MjMwNWY1MDE5NWQ5N2E1OWY3ODQ3OTJmMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJp30SZOilqPyzQNKAn2Cj+J6fcjmdLLr8BRWp23GcpGqLII
eS0xEz/pIHcIswK1t/5ci4sHfFc4GAyJsJON0aoOP/V7GeJ0/PXZfC0Vm2xGDbM1
AfmN9RP9o1Gn9d/+J1VD1AqkNO0unwj3r3cUj8kfCMRV366WWuxuYDBy3nBd5+ED
B2AFYJrJ0fONQiGMDa7ZfE8BC/UFXt9RqYoUPk7X5PWBtQWAFXi9oVIpNrbRcxOR
GYKUA/TxhIvWXC5unHvDwSz/LNOiBv9MX5HpiO9kHr/Iun/+n1/zAufjV/HKRhhx
8JDIp4kffkQSWbFnFdCQdSQxigwwScL0jj3OV8ECAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBSEwXFwe7XRgjBfUBldl6WfeEeS8TAfBgNVHSMEGDAWgBSZHksXnglTuezF
ha2YWaAL41aAATAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21SNUxGNTRKVTduc3hZV3RtRm1nQy1OV2dBRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDUvYmZkZGE5LTI3NDItNGIyZi04NWI2LWVmOWM5NTI3NjkzMi8x
L2hNRnhjSHUxMFlJd1gxQVpYWmVsbjNoSGt2RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDUv
YmZkZGE5LTI3NDItNGIyZi04NWI2LWVmOWM5NTI3NjkzMi8xL21SNUxGNTRKVTdu
c3hZV3RtRm1nQy1OV2dBRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFDAMAwQGURXAAwQBURXMAwQAURXPMA0G
CSqGSIb3DQEBCwUAA4IBAQAyrAh3jnMEMgg3jCAnDtj2QBYK3hJ96N9Rf1J54XWH
5+/ZqU0JxRf1fMtV5i7LiXh7njyt0Fo0KHH/uz7AI0O1rqBfSd9X6jKuaOAacJyk
QWKXeB4EcTTOOFg5BaBZ3jmYrnlx3OpMJvO6Djsf4KC5/XFk/IRtEXbC4ZpY7Ld9
Nn3be7xUI9xm8q71AkttdjFYWTjqFQsNjctZFr+AYUjgTnwOzsat8PeN7g2T7tDr
lFJBPdZ4mNIMGYm/jYv4CdcmjATXz/c4csZ2tsk2Bir5EXrJSIZZB6iNjamIj9tU
SCOk92wAYGKeK/0WfOepCcEi9VfjIFs4+ZNnj4aSzslL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:32 2024 by rpki-client on console-ams.rpki-client.org