Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/f4ea59-1810-4210-98f3-709f03624e7e/1/jufIEvt2WsrEFY7e1ZvDT_01-E8.roa
File: jufIEvt2WsrEFY7e1ZvDT_01-E8.roa (raw, json)
Hash identifier: nTKa6q7rCOUoLYI/WepA+Qm/k7f8786VH92RX78LTx0=
Subject key identifier: 8E:E7:C8:12:FB:76:5A:CA:C4:15:8E:DE:D5:9B:C3:4F:FD:35:F8:4F
Certificate issuer: /CN=34bca94f6b61e10100dc3a7186ffa3f9b00c69dd
Certificate serial: 03678FF9
Authority key identifier: 34:BC:A9:4F:6B:61:E1:01:00:DC:3A:71:86:FF:A3:F9:B0:0C:69:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NLypT2th4QEA3Dpxhv-j-bAMad0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/f4ea59-1810-4210-98f3-709f03624e7e/1/jufIEvt2WsrEFY7e1ZvDT_01-E8.roa
Signing time: Sat 01 Jan 2022 09:56:04 +0000
ROA not before: Sat 01 Jan 2022 09:56:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197686
IP address blocks: 31.31.216.0/21 maxlen: 24
31.31.216.0/24 maxlen: 24
31.31.218.0/24 maxlen: 24
31.31.217.0/24 maxlen: 24
31.31.219.0/24 maxlen: 24
31.31.223.0/24 maxlen: 24
31.31.222.0/24 maxlen: 24
31.31.221.0/24 maxlen: 24
31.31.220.0/24 maxlen: 24
2a07:1e00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57118713 (0x3678ff9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34bca94f6b61e10100dc3a7186ffa3f9b00c69dd
Validity
Not Before: Jan 1 09:56:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8ee7c812fb765acac4158eded59bc34ffd35f84f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:77:1b:8a:86:19:d4:bc:44:9c:19:e9:15:41:
9a:15:27:52:31:a1:f8:58:ee:4c:ce:37:09:3e:44:
dc:96:c2:2f:4c:77:c2:0f:49:8b:47:95:84:a8:32:
85:e5:56:be:c9:31:3f:44:61:f0:c9:ff:28:4e:68:
b1:76:51:32:55:a7:71:1f:9a:29:88:47:4b:9b:56:
26:c6:7c:7f:1f:bd:c8:d0:14:71:37:4c:5c:ee:ed:
35:21:87:ce:63:b3:69:2f:1c:7d:9c:0c:9b:56:e8:
c5:64:8f:98:81:f1:47:e9:73:6c:89:ef:c5:73:74:
42:09:aa:da:6f:4e:b3:b9:96:82:75:ab:36:e6:02:
37:72:84:f1:c2:bc:4e:e2:16:79:4e:85:b7:0c:34:
36:33:ac:e3:dd:15:7b:e2:81:d5:1b:9a:c7:cf:c0:
54:b6:dd:4f:2c:de:3e:84:78:a3:67:45:68:6d:49:
eb:c2:86:30:15:0a:88:bf:ec:af:47:cf:51:73:e0:
10:d3:d3:19:ac:b4:ea:b5:94:f8:e9:98:d6:8d:9b:
71:3a:ac:97:c3:8e:90:bb:49:fe:1f:20:0f:8c:c5:
e4:35:46:90:b5:e0:42:91:07:9b:56:e2:87:40:65:
89:29:2e:4e:4b:cd:24:c0:8c:af:9f:15:8e:41:32:
aa:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:E7:C8:12:FB:76:5A:CA:C4:15:8E:DE:D5:9B:C3:4F:FD:35:F8:4F
X509v3 Authority Key Identifier:
keyid:34:BC:A9:4F:6B:61:E1:01:00:DC:3A:71:86:FF:A3:F9:B0:0C:69:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NLypT2th4QEA3Dpxhv-j-bAMad0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f4ea59-1810-4210-98f3-709f03624e7e/1/jufIEvt2WsrEFY7e1ZvDT_01-E8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f4ea59-1810-4210-98f3-709f03624e7e/1/NLypT2th4QEA3Dpxhv-j-bAMad0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.31.216.0/21
IPv6:
2a07:1e00::/32
Signature Algorithm: sha256WithRSAEncryption
b1:f8:7e:b2:47:fa:52:db:f7:be:64:ee:18:3a:19:f3:49:58:
0c:d0:ec:06:b4:f8:c4:91:4d:2d:23:25:67:76:01:69:69:d2:
9c:67:66:31:15:73:ee:97:b4:1d:46:ec:53:c4:6f:c6:01:9d:
20:0c:29:1a:be:88:87:70:79:8b:aa:63:08:db:12:5b:5e:5e:
22:f9:e3:95:46:49:26:ed:99:5c:fe:c5:cc:ff:0a:60:ba:91:
e9:b5:7c:72:5e:d8:b2:d7:d9:89:0a:2a:c8:36:76:5f:2f:d2:
58:13:81:e0:25:6e:73:db:98:d0:1b:8a:a4:73:b5:75:1a:75:
d6:ac:c9:dd:1c:4a:73:8b:77:bb:4b:6d:00:61:16:e1:46:74:
cd:2a:d8:ee:2c:a0:ad:2c:eb:9a:a0:70:0f:5f:ea:cf:c7:ca:
90:78:de:ae:d0:5c:a7:56:43:71:2b:cf:05:a3:0a:b9:a8:c7:
0d:71:7d:ae:1e:0a:36:6c:af:ee:91:89:e2:66:79:20:b6:60:
43:83:8b:3b:e6:22:7b:97:79:82:bb:39:c6:82:78:f0:aa:78:
9c:e2:0a:b3:fa:56:8a:cf:19:df:1d:cc:aa:45:1e:31:e6:66:
ae:9d:d0:44:db:46:1c:cf:a4:47:45:42:9a:eb:5e:d2:01:79:
0a:cf:82:ad
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEA2eP+TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NGJjYTk0ZjZiNjFlMTAxMDBkYzNhNzE4NmZmYTNmOWIwMGM2OWRkMB4XDTIyMDEw
MTA5NTYwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGVlN2M4MTJmYjc2
NWFjYWM0MTU4ZWRlZDU5YmMzNGZmZDM1Zjg0ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANB3G4qGGdS8RJwZ6RVBmhUnUjGh+FjuTM43CT5E3JbCL0x3
wg9Ji0eVhKgyheVWvskxP0Rh8Mn/KE5osXZRMlWncR+aKYhHS5tWJsZ8fx+9yNAU
cTdMXO7tNSGHzmOzaS8cfZwMm1boxWSPmIHxR+lzbInvxXN0Qgmq2m9Os7mWgnWr
NuYCN3KE8cK8TuIWeU6Ftww0NjOs490Ve+KB1Ruax8/AVLbdTyzePoR4o2dFaG1J
68KGMBUKiL/sr0fPUXPgENPTGay06rWU+OmY1o2bcTqsl8OOkLtJ/h8gD4zF5DVG
kLXgQpEHm1bih0BliSkuTkvNJMCMr58VjkEyqscCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSO58gS+3ZaysQVjt7Vm8NP/TX4TzAfBgNVHSMEGDAWgBQ0vKlPa2HhAQDc
OnGG/6P5sAxp3TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05MeXBUMnRoNFFFQTNEcHhodi1qLWJBTWFkMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvZjRlYTU5LTE4MTAtNDIxMC05OGYzLTcwOWYwMzYyNGU3ZS8x
L2p1ZklFdnQyV3NyRUZZN2UxWnZEVF8wMS1FOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
ZjRlYTU5LTE4MTAtNDIxMC05OGYzLTcwOWYwMzYyNGU3ZS8xL05MeXBUMnRoNFFF
QTNEcHhodi1qLWJBTWFkMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAx8f2DANBAIAAjAHAwUAKgceADAN
BgkqhkiG9w0BAQsFAAOCAQEAsfh+skf6Utv3vmTuGDoZ80lYDNDsBrT4xJFNLSMl
Z3YBaWnSnGdmMRVz7pe0HUbsU8RvxgGdIAwpGr6Ih3B5i6pjCNsSW15eIvnjlUZJ
Ju2ZXP7FzP8KYLqR6bV8cl7YstfZiQoqyDZ2Xy/SWBOB4CVuc9uY0BuKpHO1dRp1
1qzJ3RxKc4t3u0ttAGEW4UZ0zSrY7iygrSzrmqBwD1/qz8fKkHjertBcp1ZDcSvP
BaMKuajHDXF9rh4KNmyv7pGJ4mZ5ILZgQ4OLO+Yie5d5grs5xoJ48Kp4nOIKs/pW
is8Z3x3MqkUeMeZmrp3QRNtGHM+kR0VCmute0gF5Cs+CrQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:53 2024 by rpki-client on console-fra.rpki-client.org