Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/40079b-fcaa-46d9-8161-66a6c80d26a5/1/KxzCrfvVAxuk8XLzyXgZc2CSFP4.roa
File: KxzCrfvVAxuk8XLzyXgZc2CSFP4.roa (raw, json)
Hash identifier: HnX5I2SHlv5/6/yksmOc4FKI5I1rr4/GH7gs8bkoYVg=
Subject key identifier: 2B:1C:C2:AD:FB:D5:03:1B:A4:F1:72:F3:C9:78:19:73:60:92:14:FE
Certificate issuer: /CN=9f24064f95331cf1f315dc50de4db05ff95aa410
Certificate serial: AE980C
Authority key identifier: 9F:24:06:4F:95:33:1C:F1:F3:15:DC:50:DE:4D:B0:5F:F9:5A:A4:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nyQGT5UzHPHzFdxQ3k2wX_lapBA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/40079b-fcaa-46d9-8161-66a6c80d26a5/1/KxzCrfvVAxuk8XLzyXgZc2CSFP4.roa
Signing time: Sat 01 Jan 2022 04:00:47 +0000
ROA not before: Sat 01 Jan 2022 04:00:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44462
IP address blocks: 81.21.112.0/20 maxlen: 20
2a0a:4d80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11442188 (0xae980c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f24064f95331cf1f315dc50de4db05ff95aa410
Validity
Not Before: Jan 1 04:00:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2b1cc2adfbd5031ba4f172f3c9781973609214fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:c1:62:2f:55:ea:63:79:ca:7c:b6:ca:3a:90:
5b:78:49:46:ca:94:1e:52:12:31:a9:d3:e0:2a:e1:
f6:f9:cf:b6:18:16:3b:62:c3:b9:8f:92:4c:99:b8:
cb:7c:a3:ab:0e:88:fb:e9:2e:70:c1:6a:d1:ed:f3:
3f:95:31:7f:f4:c9:74:b8:05:22:bb:6f:3f:14:99:
29:57:d6:88:74:95:e4:28:de:6d:1d:50:21:0c:40:
2c:12:7e:91:9c:dd:44:61:8c:c7:ea:0a:ff:20:a9:
82:bf:bb:ff:e9:5e:79:2f:ad:09:0b:9f:cc:9f:84:
d7:a1:fd:3f:c8:a8:2c:e2:ab:7d:51:30:c6:6f:35:
0f:87:3f:3b:79:1d:6f:d9:71:98:72:42:f7:06:a6:
f1:f5:ee:50:18:ed:34:5e:8e:70:58:17:ad:75:f0:
1f:46:3c:de:8c:d6:bd:89:58:91:53:1a:aa:2d:12:
d8:a6:af:6c:d8:6f:b3:2c:b2:ec:54:7d:91:99:98:
4e:3a:e8:7e:2f:ce:2d:5c:b4:a0:ec:44:d3:86:d1:
07:c8:b2:41:0b:93:42:9e:b9:81:fd:22:fa:22:9e:
9c:d2:b2:57:df:80:80:93:04:68:2c:93:a9:e7:98:
74:3b:6e:89:e3:cb:72:56:44:93:8f:38:1c:ab:2a:
58:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:1C:C2:AD:FB:D5:03:1B:A4:F1:72:F3:C9:78:19:73:60:92:14:FE
X509v3 Authority Key Identifier:
keyid:9F:24:06:4F:95:33:1C:F1:F3:15:DC:50:DE:4D:B0:5F:F9:5A:A4:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nyQGT5UzHPHzFdxQ3k2wX_lapBA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/40079b-fcaa-46d9-8161-66a6c80d26a5/1/KxzCrfvVAxuk8XLzyXgZc2CSFP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/40079b-fcaa-46d9-8161-66a6c80d26a5/1/nyQGT5UzHPHzFdxQ3k2wX_lapBA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.21.112.0/20
IPv6:
2a0a:4d80::/29
Signature Algorithm: sha256WithRSAEncryption
2e:a6:86:ec:71:87:7a:a6:ba:a7:b4:07:23:33:f3:b2:98:07:
3f:93:c4:0d:e4:b3:08:4f:39:55:1e:d1:10:e2:49:b1:e6:e7:
ca:3f:bd:52:59:e6:0d:a9:66:e2:de:94:62:e8:01:a9:99:a8:
48:48:9c:9a:f3:c4:32:d8:0f:69:a0:41:f1:65:01:7d:71:54:
8e:83:72:3b:cb:93:9d:39:4f:33:05:2f:40:79:9b:f3:a2:9d:
3e:bf:74:e9:c3:e8:ed:c2:38:3e:52:18:02:7f:d0:d4:06:12:
a9:9d:e6:5f:18:d0:65:b7:45:4c:5b:10:60:40:56:b7:a4:35:
f8:6a:f4:03:aa:ab:73:a2:db:fe:a3:55:a2:a4:7c:1d:6c:9f:
77:6b:ef:a4:ee:c6:8d:b9:01:e4:9b:97:a8:36:3b:bc:aa:fa:
d0:26:38:1f:74:6d:88:0d:64:dd:4a:5e:09:f4:c1:a8:66:c7:
5d:2d:53:e0:1c:f9:f9:aa:d1:44:4b:73:4b:dd:6d:68:d7:6f:
03:96:9f:08:89:8c:05:79:ef:c0:90:17:2f:80:62:6d:90:13:
3c:19:03:04:25:c6:44:38:2e:c4:0a:8c:09:b0:35:ce:7e:d6:
30:f5:af:7b:45:36:84:94:5e:bb:7b:a1:91:5f:17:26:68:a5:
50:7c:89:90
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAK6YDDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZjI0MDY0Zjk1MzMxY2YxZjMxNWRjNTBkZTRkYjA1ZmY5NWFhNDEwMB4XDTIyMDEw
MTA0MDA0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmIxY2MyYWRmYmQ1
MDMxYmE0ZjE3MmYzYzk3ODE5NzM2MDkyMTRmZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJPBYi9V6mN5yny2yjqQW3hJRsqUHlISManT4Crh9vnPthgW
O2LDuY+STJm4y3yjqw6I++kucMFq0e3zP5Uxf/TJdLgFIrtvPxSZKVfWiHSV5Cje
bR1QIQxALBJ+kZzdRGGMx+oK/yCpgr+7/+leeS+tCQufzJ+E16H9P8ioLOKrfVEw
xm81D4c/O3kdb9lxmHJC9wam8fXuUBjtNF6OcFgXrXXwH0Y83ozWvYlYkVMaqi0S
2KavbNhvsyyy7FR9kZmYTjrofi/OLVy0oOxE04bRB8iyQQuTQp65gf0i+iKenNKy
V9+AgJMEaCyTqeeYdDtuiePLclZEk484HKsqWEkCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQrHMKt+9UDG6TxcvPJeBlzYJIU/jAfBgNVHSMEGDAWgBSfJAZPlTMc8fMV
3FDeTbBf+VqkEDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L255UUdUNVV6SFBIekZkeFEzazJ3WF9sYXBCQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjIvNDAwNzliLWZjYWEtNDZkOS04MTYxLTY2YTZjODBkMjZhNS8x
L0t4ekNyZnZWQXh1azhYTHp5WGdaYzJDU0ZQNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjIv
NDAwNzliLWZjYWEtNDZkOS04MTYxLTY2YTZjODBkMjZhNS8xL255UUdUNVV6SFBI
ekZkeFEzazJ3WF9sYXBCQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEBFEVcDANBAIAAjAHAwUDKgpNgDAN
BgkqhkiG9w0BAQsFAAOCAQEALqaG7HGHeqa6p7QHIzPzspgHP5PEDeSzCE85VR7R
EOJJsebnyj+9UlnmDalm4t6UYugBqZmoSEicmvPEMtgPaaBB8WUBfXFUjoNyO8uT
nTlPMwUvQHmb86KdPr906cPo7cI4PlIYAn/Q1AYSqZ3mXxjQZbdFTFsQYEBWt6Q1
+Gr0A6qrc6Lb/qNVoqR8HWyfd2vvpO7GjbkB5JuXqDY7vKr60CY4H3RtiA1k3Upe
CfTBqGbHXS1T4Bz5+arRREtzS91taNdvA5afCImMBXnvwJAXL4BibZATPBkDBCXG
RDguxAqMCbA1zn7WMPWve0U2hJReu3uhkV8XJmilUHyJkA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:10 2025 by rpki-client