Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/0nGURNGuPUK2Z_Egqx4IT1OS1Gs.roa
File: 0nGURNGuPUK2Z_Egqx4IT1OS1Gs.roa (raw, json)
Hash identifier: YvwP0pL8KpTBcdUR0jvqlvAfSQIMkmpJD9joh5K1arw=
Subject key identifier: D2:71:94:44:D1:AE:3D:42:B6:67:F1:20:AB:1E:08:4F:53:92:D4:6B
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 01853D5A7202D27263D5C73A422CDE86BAC1
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/0nGURNGuPUK2Z_Egqx4IT1OS1Gs.roa
Signing time: Fri 23 Dec 2022 05:00:15 +0000
ROA not before: Fri 23 Dec 2022 05:00:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 31.129.21.0/24 maxlen: 24
31.129.30.0/24 maxlen: 24
77.83.116.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3d:5a:72:02:d2:72:63:d5:c7:3a:42:2c:de:86:ba:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Dec 23 05:00:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d2719444d1ae3d42b667f120ab1e084f5392d46b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:15:0b:58:64:9b:a3:f8:c6:82:44:02:ce:ca:
b9:db:94:4d:67:ed:44:71:16:d9:c8:46:bb:20:4c:
c4:c0:7f:40:ee:b7:79:4f:6c:d5:79:0f:4e:66:e3:
80:16:91:90:be:4a:2e:4e:bc:49:fd:82:57:f0:1a:
41:26:98:e3:43:d5:16:e6:24:01:0d:21:4a:3a:41:
98:f4:0e:03:c5:c4:37:c0:1c:c7:65:c6:66:3a:c7:
00:4f:49:4f:60:ff:7e:b2:9d:45:97:0b:54:c4:83:
6e:23:ef:56:d9:f8:ed:73:3e:38:e7:d6:52:23:4e:
18:65:92:ac:a3:ac:82:3f:81:79:ee:3c:f2:29:73:
9c:f3:e2:b2:d2:c6:e8:0c:dd:64:5a:1c:ba:6c:de:
ae:a7:4d:da:7c:f8:a1:6e:d6:4b:75:9b:73:89:52:
26:48:0b:6f:30:46:64:cb:a2:e6:85:a5:fb:44:91:
e7:12:2b:f9:6c:1d:cf:c9:a5:30:8b:88:a5:83:e7:
7b:7c:ba:0d:f5:f2:3a:24:2b:f2:1a:2c:e6:56:78:
72:b6:bd:0a:44:a6:f5:3a:c7:c6:75:47:af:b2:71:
bb:3b:e1:5a:a0:df:36:3e:21:2e:b9:bc:56:c7:47:
e9:52:08:da:8d:59:f9:33:c7:63:ec:f9:63:86:d3:
a0:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:71:94:44:D1:AE:3D:42:B6:67:F1:20:AB:1E:08:4F:53:92:D4:6B
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/0nGURNGuPUK2Z_Egqx4IT1OS1Gs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.21.0/24
31.129.30.0/24
77.83.116.0/24
Signature Algorithm: sha256WithRSAEncryption
11:b1:8d:8e:e9:f0:31:97:cd:02:7b:57:79:8f:52:b0:d0:f9:
a9:6b:cb:a7:a7:0c:cd:d8:e8:e3:7c:3c:03:64:99:5a:62:61:
3b:f2:fb:c3:eb:ac:e5:59:c3:14:33:46:2a:8f:af:1a:11:11:
d8:5b:43:0a:61:48:aa:1c:bd:62:b9:90:b2:b0:ee:12:d1:13:
b9:f3:6c:86:4b:a1:01:ad:a1:89:a2:6d:ad:7f:4c:56:67:ff:
bf:05:fe:3e:a6:7e:5e:2d:95:ff:67:19:ad:0b:02:97:cc:37:
7c:44:b8:10:f6:77:6b:8e:24:a8:f4:5e:42:51:65:1a:b9:76:
d1:14:fd:b2:1a:50:ba:20:14:36:e9:e0:e9:64:ea:85:cb:90:
bd:8d:5f:ce:6c:86:03:10:6a:0f:43:92:b5:73:dc:f8:ff:86:
2b:bf:bf:db:b3:94:e1:15:df:99:f4:a7:43:7e:94:54:b6:c7:
a4:74:0c:d3:b8:b1:c8:2c:78:74:53:3f:87:42:26:71:21:90:
b8:a6:3b:53:84:18:ac:f6:3e:97:aa:8d:06:e6:4a:fd:2b:a0:
61:3e:b3:ff:1b:ed:5f:a1:36:f3:7c:72:bc:d3:81:00:5d:79:
3b:3a:6e:f4:bb:85:64:c8:a7:f2:4b:8a:34:f0:87:de:0b:07:
38:18:0a:68
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYU9WnIC0nJj1cc6QizehrrBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjIxMjIzMDUwMDE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjcxOTQ0NGQxYWUzZDQyYjY2N2YxMjBhYjFlMDg0ZjUzOTJkNDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiRULWGSbo/jGgkQCzsq525RNZ+1E
cRbZyEa7IEzEwH9A7rd5T2zVeQ9OZuOAFpGQvkouTrxJ/YJX8BpBJpjjQ9UW5iQB
DSFKOkGY9A4DxcQ3wBzHZcZmOscAT0lPYP9+sp1FlwtUxINuI+9W2fjtcz4459ZS
I04YZZKso6yCP4F57jzyKXOc8+Ky0sboDN1kWhy6bN6up03afPihbtZLdZtziVIm
SAtvMEZky6LmhaX7RJHnEiv5bB3PyaUwi4ilg+d7fLoN9fI6JCvyGizmVnhytr0K
RKb1OsfGdUevsnG7O+FaoN82PiEuubxWx0fpUgjajVn5M8dj7PljhtOgVwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNJxlETRrj1CtmfxIKseCE9TktRrMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvMG5HVVJOR3VQVUsyWl9FZ3F4NElUMU9TMUdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAH4EVAwQA
H4EeAwQATVN0MA0GCSqGSIb3DQEBCwUAA4IBAQARsY2O6fAxl80Ce1d5j1Kw0Pmp
a8unpwzN2OjjfDwDZJlaYmE78vvD66zlWcMUM0Yqj68aERHYW0MKYUiqHL1iuZCy
sO4S0RO582yGS6EBraGJom2tf0xWZ/+/Bf4+pn5eLZX/ZxmtCwKXzDd8RLgQ9ndr
jiSo9F5CUWUauXbRFP2yGlC6IBQ26eDpZOqFy5C9jV/ObIYDEGoPQ5K1c9z4/4Yr
v7/bs5ThFd+Z9KdDfpRUtsekdAzTuLHILHh0Uz+HQiZxIZC4pjtThBis9j6Xqo0G
5kr9K6BhPrP/G+1foTbzfHK804EAXXk7Om70u4VkyKfyS4o08IfeCwc4GApo
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:47 2023 by rpki-client on console-ams.rpki-client.org