Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/28d600-a869-4ab1-9b2e-446019966a19/1/aetGZvrVNy35oP0Uz2dH7_rmlyQ.roa
File: aetGZvrVNy35oP0Uz2dH7_rmlyQ.roa (raw, json)
Hash identifier: iN9ssswo2qSsXAGGrIWEItIUfo40MwEAeY64AsAiUlM=
Subject key identifier: 69:EB:46:66:FA:D5:37:2D:F9:A0:FD:14:CF:67:47:EF:FA:E6:97:24
Certificate issuer: /CN=e0574c2878d6b536139b895f08c9c6db18e12a9b
Certificate serial: 153C3079
Authority key identifier: E0:57:4C:28:78:D6:B5:36:13:9B:89:5F:08:C9:C6:DB:18:E1:2A:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4FdMKHjWtTYTm4lfCMnG2xjhKps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/28d600-a869-4ab1-9b2e-446019966a19/1/aetGZvrVNy35oP0Uz2dH7_rmlyQ.roa
Signing time: Wed 12 Jan 2022 09:26:38 +0000
ROA not before: Wed 12 Jan 2022 09:26:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21437
IP address blocks: 81.17.128.0/24 maxlen: 24
81.17.132.0/24 maxlen: 24
81.17.131.0/24 maxlen: 24
81.17.135.0/24 maxlen: 24
81.17.134.0/24 maxlen: 24
81.17.139.0/24 maxlen: 32
81.17.133.0/24 maxlen: 24
81.17.138.0/24 maxlen: 24
81.17.136.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 356266105 (0x153c3079)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0574c2878d6b536139b895f08c9c6db18e12a9b
Validity
Not Before: Jan 12 09:26:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=69eb4666fad5372df9a0fd14cf6747effae69724
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:68:eb:ca:78:36:05:aa:64:b6:1b:45:4e:3c:
9f:fe:6c:31:c9:c7:f8:bb:cc:e9:96:ba:93:db:df:
14:2a:45:08:3f:ab:6c:62:78:45:ab:24:34:45:20:
ba:86:3c:8e:b5:ef:5d:f2:4d:bd:e7:fc:e9:63:0c:
ae:a0:c6:ef:40:fe:5f:96:a4:78:1f:7e:0a:f4:f7:
96:8f:9d:39:9f:b3:70:33:1e:89:06:8a:07:6c:26:
89:9f:7a:f0:0d:70:05:28:27:d8:69:ca:4e:b7:57:
a7:2f:a9:7a:7d:7b:f9:4a:48:59:d1:96:5b:e9:e0:
d6:a7:a9:b5:b0:02:10:2b:7f:3b:82:ac:7f:9f:f3:
5e:cf:fb:6c:de:5a:ab:47:04:ac:d2:f0:89:0f:47:
3b:25:a8:88:9c:bc:0d:9a:8b:45:54:1b:50:28:7f:
9b:38:55:53:94:00:25:d3:de:e8:42:95:8c:c8:20:
f9:b1:7c:fa:1e:78:63:17:aa:01:12:62:8f:a1:13:
bb:1a:bf:07:dd:5a:95:2a:02:bb:df:db:ba:e2:b0:
bd:21:06:f0:7a:f4:14:ea:97:98:72:cb:c4:46:fe:
36:5c:cd:2d:3f:21:5a:d5:bb:7b:98:52:ee:55:da:
1c:80:d2:da:fb:8c:ff:45:14:3f:6f:88:67:09:b3:
3c:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:EB:46:66:FA:D5:37:2D:F9:A0:FD:14:CF:67:47:EF:FA:E6:97:24
X509v3 Authority Key Identifier:
keyid:E0:57:4C:28:78:D6:B5:36:13:9B:89:5F:08:C9:C6:DB:18:E1:2A:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4FdMKHjWtTYTm4lfCMnG2xjhKps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/28d600-a869-4ab1-9b2e-446019966a19/1/aetGZvrVNy35oP0Uz2dH7_rmlyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/28d600-a869-4ab1-9b2e-446019966a19/1/4FdMKHjWtTYTm4lfCMnG2xjhKps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.17.128.0/24
81.17.131.0-81.17.136.255
81.17.138.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:04:5c:4d:7a:64:a3:78:98:d2:38:cb:59:2a:03:7c:d6:bf:
3c:1f:3c:d5:b4:5c:8f:dc:81:53:8a:0d:62:8d:fc:b4:a9:70:
8e:aa:71:1d:0f:58:ca:bf:72:ec:9d:36:e7:a9:4a:95:32:13:
ff:4f:a6:a6:89:45:86:01:22:66:6f:27:55:12:3e:fd:de:be:
f1:a3:45:9c:f8:9d:11:96:01:af:ca:b1:41:35:8a:a1:f2:3c:
ff:e7:6b:a7:6e:a5:9b:98:3e:ae:3d:d1:fa:3b:52:de:bb:e5:
2c:9f:30:e8:03:8b:fe:00:40:c6:d3:d0:af:2f:18:29:50:0e:
94:17:65:bc:bc:2d:fd:41:3c:1e:f5:1f:20:06:32:94:06:39:
cf:90:b8:aa:57:69:f7:07:65:5e:8a:76:b8:0e:7b:6a:80:4d:
91:60:11:4c:2a:6f:db:f4:1a:5e:d5:eb:5d:68:9c:b8:39:df:
23:3c:12:d5:62:9d:7a:c8:2c:af:d0:be:45:d7:b8:dc:7b:96:
c3:fa:92:7d:bd:f9:50:cc:10:87:f2:29:c3:9b:46:59:cb:0d:
2c:a5:30:29:f3:69:dd:7a:41:f3:1d:79:86:a2:1d:8e:60:4e:
70:a7:83:d9:9d:31:ac:59:79:44:52:95:39:0d:e4:d9:a9:c7:
6a:3b:65:0c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEFTwweTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MDU3NGMyODc4ZDZiNTM2MTM5Yjg5NWYwOGM5YzZkYjE4ZTEyYTliMB4XDTIyMDEx
MjA5MjYzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjllYjQ2NjZmYWQ1
MzcyZGY5YTBmZDE0Y2Y2NzQ3ZWZmYWU2OTcyNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJdo68p4NgWqZLYbRU48n/5sMcnH+LvM6Za6k9vfFCpFCD+r
bGJ4RaskNEUguoY8jrXvXfJNvef86WMMrqDG70D+X5akeB9+CvT3lo+dOZ+zcDMe
iQaKB2wmiZ968A1wBSgn2GnKTrdXpy+pen17+UpIWdGWW+ng1qeptbACECt/O4Ks
f5/zXs/7bN5aq0cErNLwiQ9HOyWoiJy8DZqLRVQbUCh/mzhVU5QAJdPe6EKVjMgg
+bF8+h54YxeqARJij6ETuxq/B91alSoCu9/buuKwvSEG8Hr0FOqXmHLLxEb+NlzN
LT8hWtW7e5hS7lXaHIDS2vuM/0UUP2+IZwmzPKkCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBRp60Zm+tU3Lfmg/RTPZ0fv+uaXJDAfBgNVHSMEGDAWgBTgV0woeNa1NhOb
iV8IycbbGOEqmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzRGZE1LSGpXdFRZVG00bGZDTW5HMnhqaEtwcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTQvMjhkNjAwLWE4NjktNGFiMS05YjJlLTQ0NjAxOTk2NmExOS8x
L2FldEdadnJWTnkzNW9QMFV6MmRIN19ybWx5US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTQv
MjhkNjAwLWE4NjktNGFiMS05YjJlLTQ0NjAxOTk2NmExOS8xLzRGZE1LSGpXdFRZ
VG00bGZDTW5HMnhqaEtwcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEAFERgDAMAwQAURGDAwQAURGIAwQB
URGKMA0GCSqGSIb3DQEBCwUAA4IBAQBLBFxNemSjeJjSOMtZKgN81r88HzzVtFyP
3IFTig1ijfy0qXCOqnEdD1jKv3LsnTbnqUqVMhP/T6amiUWGASJmbydVEj793r7x
o0Wc+J0RlgGvyrFBNYqh8jz/52unbqWbmD6uPdH6O1Leu+UsnzDoA4v+AEDG09Cv
LxgpUA6UF2W8vC39QTwe9R8gBjKUBjnPkLiqV2n3B2Veina4DntqgE2RYBFMKm/b
9Bpe1etdaJy4Od8jPBLVYp16yCyv0L5F17jce5bD+pJ9vflQzBCH8inDm0ZZyw0s
pTAp82ndekHzHXmGoh2OYE5wp4PZnTGsWXlEUpU5DeTZqcdqO2UM
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:46 2023 by rpki-client on console.sobornost.net