Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/b5090a-ec58-46db-9dd9-5485682a05f5/1/itmVtKIGuUETfmP29Vd5-GCtBKE.roa
File: itmVtKIGuUETfmP29Vd5-GCtBKE.roa (raw, json)
Hash identifier: MNhYUOzek9YYb+2IeuzlaFEcVa507/4rHvwCx0ZeF7Q=
Subject key identifier: 8A:D9:95:B4:A2:06:B9:41:13:7E:63:F6:F5:57:79:F8:60:AD:04:A1
Certificate issuer: /CN=149d1f67a41ca2e405017cbe48bafff1733e3869
Certificate serial: 018312A540A0B1193E7104E0E8F47AC5E0E2
Authority key identifier: 14:9D:1F:67:A4:1C:A2:E4:05:01:7C:BE:48:BA:FF:F1:73:3E:38:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FJ0fZ6QcouQFAXy-SLr_8XM-OGk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/b5090a-ec58-46db-9dd9-5485682a05f5/1/itmVtKIGuUETfmP29Vd5-GCtBKE.roa
Signing time: Tue 06 Sep 2022 11:52:43 +0000
ROA not before: Tue 06 Sep 2022 11:52:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207728
IP address blocks: 93.88.74.0/24 maxlen: 24
185.162.11.0/24 maxlen: 24
185.162.9.0/24 maxlen: 24
31.10.5.0/24 maxlen: 24
87.236.177.0/24 maxlen: 24
31.210.170.0/23 maxlen: 24
31.210.173.0/24 maxlen: 24
2a12:9cc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:12:a5:40:a0:b1:19:3e:71:04:e0:e8:f4:7a:c5:e0:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=149d1f67a41ca2e405017cbe48bafff1733e3869
Validity
Not Before: Sep 6 11:52:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8ad995b4a206b941137e63f6f55779f860ad04a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:60:23:c1:19:92:c0:a4:8a:25:b0:3a:ff:60:
27:c6:a1:46:a4:12:41:5b:55:ab:74:75:f0:8b:d6:
6d:de:18:f6:fe:b3:60:b8:99:40:14:f5:0b:e8:ec:
db:ab:04:9e:72:66:36:0f:de:78:5c:11:65:e3:98:
a1:1a:63:c7:b5:b2:ba:cf:6a:fe:48:4e:08:a4:13:
ef:a9:64:8d:b1:2f:9c:b2:a5:e2:5a:08:db:b9:09:
74:79:55:4d:76:2c:4b:ab:52:0b:b3:58:3f:b1:0e:
fe:aa:26:bd:56:1b:f1:8a:d4:bc:8f:14:96:25:04:
e9:b4:11:8a:a5:78:eb:2b:8c:83:42:ae:11:40:ec:
21:d3:0f:0e:57:3d:aa:0d:c5:1d:f3:4f:16:54:9a:
6c:2d:28:cc:93:1c:55:de:ba:76:67:41:ba:4d:07:
f4:23:73:ad:58:d2:55:b5:fc:44:10:90:b9:47:4a:
0b:83:62:f1:43:e5:4b:cc:05:98:9f:ff:0f:d3:0e:
ae:66:43:f0:99:25:74:d1:bd:d3:f2:e4:1d:09:96:
6a:84:60:16:f8:c6:85:dc:88:32:0e:fd:38:ac:4b:
1e:71:f8:1f:d6:3e:98:bd:1b:5a:f5:e4:08:85:bd:
19:da:df:45:c1:c0:aa:74:b6:7a:85:e4:b2:a6:25:
5b:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:D9:95:B4:A2:06:B9:41:13:7E:63:F6:F5:57:79:F8:60:AD:04:A1
X509v3 Authority Key Identifier:
keyid:14:9D:1F:67:A4:1C:A2:E4:05:01:7C:BE:48:BA:FF:F1:73:3E:38:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FJ0fZ6QcouQFAXy-SLr_8XM-OGk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/b5090a-ec58-46db-9dd9-5485682a05f5/1/itmVtKIGuUETfmP29Vd5-GCtBKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/b5090a-ec58-46db-9dd9-5485682a05f5/1/FJ0fZ6QcouQFAXy-SLr_8XM-OGk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.10.5.0/24
31.210.170.0/23
31.210.173.0/24
87.236.177.0/24
93.88.74.0/24
185.162.9.0/24
185.162.11.0/24
IPv6:
2a12:9cc0::/29
Signature Algorithm: sha256WithRSAEncryption
bc:0f:9a:25:49:75:df:90:88:b0:01:7c:74:a1:fb:f3:b1:43:
7e:3c:db:3b:17:7b:4c:10:07:1d:31:36:a8:67:4a:5c:1e:53:
0a:55:f2:14:3d:a9:ca:10:65:8f:12:f6:dc:98:a0:3d:14:54:
37:e6:7a:7b:49:ce:54:7f:3e:f0:f6:c6:07:cc:13:73:5e:e5:
67:fc:bd:3e:30:6a:be:5d:c5:18:83:14:bc:c6:33:d6:3c:fd:
81:12:ee:43:46:e4:ce:f7:22:22:ba:f4:c6:56:6c:6e:7e:0b:
78:86:4f:09:ab:22:53:24:e4:d8:24:a3:ad:dc:97:ae:f8:88:
95:2f:7d:de:24:6b:73:5a:ec:c2:a4:4a:1f:78:26:86:92:1d:
ff:c2:70:41:55:e0:19:61:c1:9f:3e:27:ae:1b:51:0e:e2:de:
47:ec:4d:78:8b:18:03:33:1b:67:10:67:4f:a1:3b:04:07:85:
1c:06:55:01:bd:38:30:f2:60:54:7a:29:0b:3e:05:24:64:48:
9c:8e:7a:1b:17:bc:79:c9:24:cf:fc:9f:96:29:45:31:6d:79:
9f:05:9c:57:04:e5:c7:6e:27:df:75:2c:b9:34:fa:85:0c:20:
a3:3c:70:a6:2a:c2:ad:07:45:32:c5:c9:24:71:22:b1:d2:58:
cf:ce:d3:db
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYMSpUCgsRk+cQTg6PR6xeDiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0OWQxZjY3YTQxY2EyZTQwNTAxN2NiZTQ4YmFmZmYxNzMz
ZTM4NjkwHhcNMjIwOTA2MTE1MjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWQ5OTViNGEyMDZiOTQxMTM3ZTYzZjZmNTU3NzlmODYwYWQwNGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9mAjwRmSwKSKJbA6/2AnxqFGpBJB
W1WrdHXwi9Zt3hj2/rNguJlAFPUL6OzbqwSecmY2D954XBFl45ihGmPHtbK6z2r+
SE4IpBPvqWSNsS+csqXiWgjbuQl0eVVNdixLq1ILs1g/sQ7+qia9VhvxitS8jxSW
JQTptBGKpXjrK4yDQq4RQOwh0w8OVz2qDcUd808WVJpsLSjMkxxV3rp2Z0G6TQf0
I3OtWNJVtfxEEJC5R0oLg2LxQ+VLzAWYn/8P0w6uZkPwmSV00b3T8uQdCZZqhGAW
+MaF3IgyDv04rEsecfgf1j6YvRta9eQIhb0Z2t9FwcCqdLZ6heSypiVbCwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFIrZlbSiBrlBE35j9vVXefhgrQShMB8GA1UdIwQY
MBaAFBSdH2ekHKLkBQF8vki6//FzPjhpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkowZlo2UWNvdVFGQVh5LVNMcl84WE0tT0drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9iNTA5MGEtZWM1OC00NmRiLTlkZDkt
NTQ4NTY4MmEwNWY1LzEvaXRtVnRLSUd1VUVUZm1QMjlWZDUtR0N0QktFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9iNTA5MGEtZWM1OC00NmRiLTlkZDktNTQ4NTY4MmEwNWY1
LzEvRkowZlo2UWNvdVFGQVh5LVNMcl84WE0tT0drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQAHwoFAwQB
H9KqAwQAH9KtAwQAV+yxAwQAXVhKAwQAuaIJAwQAuaILMA0EAgACMAcDBQMqEpzA
MA0GCSqGSIb3DQEBCwUAA4IBAQC8D5olSXXfkIiwAXx0ofvzsUN+PNs7F3tMEAcd
MTaoZ0pcHlMKVfIUPanKEGWPEvbcmKA9FFQ35np7Sc5Ufz7w9sYHzBNzXuVn/L0+
MGq+XcUYgxS8xjPWPP2BEu5DRuTO9yIiuvTGVmxufgt4hk8JqyJTJOTYJKOt3Jeu
+IiVL33eJGtzWuzCpEofeCaGkh3/wnBBVeAZYcGfPieuG1EO4t5H7E14ixgDMxtn
EGdPoTsEB4UcBlUBvTgw8mBUeikLPgUkZEicjnobF7x5ySTP/J+WKUUxbXmfBZxX
BOXHbiffdSy5NPqFDCCjPHCmKsKtB0UyxckkcSKx0ljPztPb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:03 2024 by rpki-client on console-fra.rpki-client.org