Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/jS5_yiGP1ef8jYD9ygkL0U_r7mk.roa
File: jS5_yiGP1ef8jYD9ygkL0U_r7mk.roa (raw, json)
Hash identifier: kfv/+AzRfUqkErR39cjEHvTNlC/2oEILfNFVck0q23c=
Subject key identifier: 8D:2E:7F:CA:21:8F:D5:E7:FC:8D:80:FD:CA:09:0B:D1:4F:EB:EE:69
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 0187C7AEE899300DCCB7BB07FAEAE1C9EAD9
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/jS5_yiGP1ef8jYD9ygkL0U_r7mk.roa
Signing time: Fri 28 Apr 2023 11:45:41 +0000
ROA not before: Fri 28 Apr 2023 11:45:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57043
IP address blocks: 81.21.12.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c7:ae:e8:99:30:0d:cc:b7:bb:07:fa:ea:e1:c9:ea:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Apr 28 11:45:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d2e7fca218fd5e7fc8d80fdca090bd14febee69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:35:97:80:63:67:74:9e:ba:57:df:1a:71:c5:
49:74:ec:b5:0a:f3:20:91:d4:de:27:11:f6:28:7d:
a2:a3:91:4c:bc:cb:93:b4:bd:1d:1f:f1:98:f7:8c:
65:68:fa:6d:fe:c2:a9:90:ae:d8:85:74:06:85:c0:
ff:1b:12:c4:7c:a9:6f:3f:d5:17:52:e5:af:40:9d:
04:8f:14:4a:11:7d:0c:fa:c4:e6:c3:eb:e6:99:ca:
d6:c2:f5:29:ac:1b:c3:7e:a9:25:cb:b7:dc:bd:c5:
5e:6d:f7:f1:37:9f:50:42:47:15:30:af:9c:91:0a:
5c:45:b5:a1:8c:cc:d4:e0:35:98:08:99:65:27:58:
18:d1:29:45:88:cf:52:a3:c8:46:6d:4a:10:1b:09:
09:0b:b7:bb:fc:ae:0f:17:bf:af:f0:8d:28:0b:91:
ea:38:f6:df:b8:4d:f9:68:d1:a5:4d:01:a9:a8:60:
64:73:b4:99:c1:ed:58:3e:ec:df:3f:11:ed:7e:37:
d1:f3:17:e6:b3:51:a6:58:ec:99:f0:59:04:9f:89:
eb:d6:ac:fb:5d:c5:13:62:83:3b:c3:fb:5a:f1:a5:
ef:40:80:99:74:3a:61:31:5e:4b:88:4d:09:75:4b:
92:cf:e1:e3:e0:d3:cb:80:78:76:b5:58:4b:a2:fb:
be:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:2E:7F:CA:21:8F:D5:E7:FC:8D:80:FD:CA:09:0B:D1:4F:EB:EE:69
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/jS5_yiGP1ef8jYD9ygkL0U_r7mk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.21.12.0/22
Signature Algorithm: sha256WithRSAEncryption
98:8b:01:c4:ca:69:d5:c2:52:8c:27:78:82:d2:05:e0:6b:0f:
e5:24:f3:f1:9c:9d:fb:d0:67:5f:17:6d:ac:5b:0a:08:d5:ff:
6d:0d:04:dc:28:c4:ef:77:19:3c:89:4d:06:c6:f7:6e:58:8e:
18:a0:67:a2:bd:24:3f:c5:c6:b7:6c:7c:87:8c:9c:67:32:18:
2a:27:dd:e0:49:1e:c3:64:0b:41:6c:00:31:1a:7e:cb:e4:85:
8d:97:9a:a6:3d:c7:da:20:1d:a1:47:3e:6f:3d:6c:a1:bb:ad:
2a:ce:97:b7:76:fe:1e:28:21:8a:9e:c3:ce:36:40:6a:6f:01:
c0:f1:96:27:f5:68:78:66:0a:96:15:15:a6:68:27:0c:42:4f:
e0:fb:23:4d:30:8a:a6:85:a2:2b:7d:08:2f:09:74:ee:c2:60:
ec:c2:9d:90:2b:75:e2:49:87:28:ba:df:76:fd:e1:55:4c:11:
0d:8d:83:d1:be:8c:ef:1c:e0:7d:2c:09:74:f8:71:5f:74:e2:
b7:e1:b8:07:77:13:b5:8d:17:31:f6:e4:4c:60:3d:b7:bb:a8:
bf:f7:8c:61:64:71:28:61:a1:30:86:1a:a1:67:fc:b3:56:59:
ca:b9:41:7d:6c:dd:16:bc:e7:fe:8b:60:cf:7e:a8:c3:2a:7f:
a4:7e:34:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfHruiZMA3Mt7sH+urhyerZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjMwNDI4MTE0NTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDJlN2ZjYTIxOGZkNWU3ZmM4ZDgwZmRjYTA5MGJkMTRmZWJlZTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzWXgGNndJ66V98accVJdOy1CvMg
kdTeJxH2KH2io5FMvMuTtL0dH/GY94xlaPpt/sKpkK7YhXQGhcD/GxLEfKlvP9UX
UuWvQJ0EjxRKEX0M+sTmw+vmmcrWwvUprBvDfqkly7fcvcVebffxN59QQkcVMK+c
kQpcRbWhjMzU4DWYCJllJ1gY0SlFiM9So8hGbUoQGwkJC7e7/K4PF7+v8I0oC5Hq
OPbfuE35aNGlTQGpqGBkc7SZwe1YPuzfPxHtfjfR8xfms1GmWOyZ8FkEn4nr1qz7
XcUTYoM7w/ta8aXvQICZdDphMV5LiE0JdUuSz+Hj4NPLgHh2tVhLovu+RwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI0uf8ohj9Xn/I2A/coJC9FP6+5pMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvalM1X3lpR1AxZWY4allEOXlna0wwVV9yN21rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCURUMMA0G
CSqGSIb3DQEBCwUAA4IBAQCYiwHEymnVwlKMJ3iC0gXgaw/lJPPxnJ370GdfF22s
WwoI1f9tDQTcKMTvdxk8iU0GxvduWI4YoGeivSQ/xca3bHyHjJxnMhgqJ93gSR7D
ZAtBbAAxGn7L5IWNl5qmPcfaIB2hRz5vPWyhu60qzpe3dv4eKCGKnsPONkBqbwHA
8ZYn9Wh4ZgqWFRWmaCcMQk/g+yNNMIqmhaIrfQgvCXTuwmDswp2QK3XiSYcout92
/eFVTBENjYPRvozvHOB9LAl0+HFfdOK34bgHdxO1jRcx9uRMYD23u6i/94xhZHEo
YaEwhhqhZ/yzVlnKuUF9bN0WvOf+i2DPfqjDKn+kfjTC
-----END CERTIFICATE-----
Generated at Tue Apr 29 11:26:22 2025 by rpki-client