Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/1-k9IxJ_c2_kxNZjuYDpECQVhfBM.roa
File: 1-k9IxJ_c2_kxNZjuYDpECQVhfBM.roa (raw, json)
Hash identifier: 4BkApPmpGgwAC8q9bezrSLgI9J+OcW8ggrMbQ96Qhow=
Subject key identifier: FA:4F:48:C4:9F:DC:DB:F9:31:35:98:EE:60:3A:44:09:05:61:7C:13
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 01854D984147258DCB0B8AFD8E5F0EDFA9B4
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/1-k9IxJ_c2_kxNZjuYDpECQVhfBM.roa
Signing time: Mon 26 Dec 2022 08:41:41 +0000
ROA not before: Mon 26 Dec 2022 08:41:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41789
IP address blocks: 31.129.17.0/24 maxlen: 24
31.129.16.0/24 maxlen: 24
31.129.18.0/24 maxlen: 24
31.129.21.0/24 maxlen: 24
31.129.20.0/24 maxlen: 24
31.129.19.0/24 maxlen: 24
31.129.24.0/24 maxlen: 24
31.129.23.0/24 maxlen: 24
31.129.29.0/24 maxlen: 24
31.129.28.0/24 maxlen: 24
31.129.27.0/24 maxlen: 24
31.129.26.0/24 maxlen: 24
31.129.31.0/24 maxlen: 24
31.129.25.0/24 maxlen: 24
46.16.12.0/24 maxlen: 24
46.16.15.0/24 maxlen: 24
46.16.14.0/24 maxlen: 24
31.129.0.0/20 maxlen: 24
85.92.108.0/24 maxlen: 24
85.92.111.0/24 maxlen: 24
45.95.235.0/24 maxlen: 24
45.8.99.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:4d:98:41:47:25:8d:cb:0b:8a:fd:8e:5f:0e:df:a9:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Dec 26 08:41:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fa4f48c49fdcdbf9313598ee603a440905617c13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:bd:ef:60:c2:59:2b:2d:74:5d:72:5c:91:09:
66:47:c5:82:fd:bc:23:2d:d3:cf:32:a2:39:56:e2:
ce:49:3d:c9:47:c9:09:22:a8:b3:b1:16:69:c4:4e:
4d:53:6d:1c:24:d2:9d:d5:13:8f:41:74:21:68:f5:
12:8f:21:12:d8:fe:07:83:77:fc:04:11:57:a6:82:
54:10:e4:8a:28:e8:b7:d7:dc:02:93:56:c7:91:fa:
56:6d:3c:a2:6c:a0:55:5a:c8:49:79:78:d5:05:5c:
62:f6:87:d2:98:f9:ba:0e:8b:11:ef:94:ac:ff:86:
48:a2:06:ea:bd:9e:34:0e:68:82:e8:79:76:80:b2:
ba:17:c6:6a:25:59:49:e1:ef:7d:da:5d:44:13:ff:
54:e3:01:d9:90:8b:2e:dd:69:43:58:8e:c3:81:d6:
50:c4:8c:ec:85:26:b2:eb:cd:af:92:47:7c:c7:23:
08:5d:1b:13:30:4d:8c:6e:04:dd:e4:77:dc:af:2f:
70:5b:9d:ab:91:67:e7:b6:fe:f6:1e:94:52:ac:00:
a3:4d:c2:4e:f9:d0:fe:f2:e2:cc:42:c2:92:ea:b1:
51:39:d4:3e:79:16:0f:5d:72:dc:86:3e:d7:93:78:
10:8c:12:f5:b3:8d:d9:84:64:7e:06:f2:5b:c5:6c:
8a:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:4F:48:C4:9F:DC:DB:F9:31:35:98:EE:60:3A:44:09:05:61:7C:13
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/1-k9IxJ_c2_kxNZjuYDpECQVhfBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.0.0-31.129.21.255
31.129.23.0-31.129.29.255
31.129.31.0/24
45.8.99.0/24
45.95.235.0/24
46.16.12.0/24
46.16.14.0/23
85.92.108.0/24
85.92.111.0/24
Signature Algorithm: sha256WithRSAEncryption
66:9c:ee:fb:cd:2c:c8:53:07:c0:f7:20:88:7e:7c:65:75:47:
ab:5f:e2:f2:6a:99:2e:79:05:87:7c:63:3a:53:24:03:55:c0:
45:43:e0:5d:c6:ab:e8:0c:ac:17:ac:c2:53:53:ca:d0:1a:1d:
c4:48:68:05:15:d5:ff:d0:9e:b2:bc:82:86:ee:06:bb:3c:1e:
26:27:67:36:e1:51:f9:f4:2c:58:0d:93:69:97:f9:23:67:aa:
69:35:1c:57:73:4f:d7:e4:30:75:ef:a4:8a:08:cc:39:39:fe:
6d:af:c4:29:e9:9f:88:a8:2e:b0:4b:d2:51:b9:72:c0:8f:2b:
77:79:dd:a1:f8:7c:ce:40:bc:94:e3:e7:e5:8d:07:ba:22:4a:
a8:21:42:f2:3e:99:5c:c6:21:63:d5:be:b6:25:6f:85:5f:67:
a9:c4:e0:c9:f4:fd:44:10:6c:3d:f9:aa:01:da:57:e5:ab:9a:
ca:8b:4d:81:c6:84:0a:50:ca:6a:d8:7c:5f:61:db:4b:6a:22:
a2:d7:3a:34:2a:9c:f9:4d:69:30:e9:f6:df:b5:01:dc:4e:3d:
cc:86:15:f7:31:af:2f:1f:5f:cc:7d:6c:67:d7:3c:27:c2:c2:
a0:68:57:bc:73:b0:ac:60:91:62:39:91:15:dd:b9:5a:3d:17:
76:80:7c:4b
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYVNmEFHJY3LC4r9jl8O36m0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjIxMjI2MDg0MTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTRmNDhjNDlmZGNkYmY5MzEzNTk4ZWU2MDNhNDQwOTA1NjE3YzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi73vYMJZKy10XXJckQlmR8WC/bwj
LdPPMqI5VuLOST3JR8kJIqizsRZpxE5NU20cJNKd1ROPQXQhaPUSjyES2P4Hg3f8
BBFXpoJUEOSKKOi319wCk1bHkfpWbTyibKBVWshJeXjVBVxi9ofSmPm6DosR75Ss
/4ZIogbqvZ40DmiC6Hl2gLK6F8ZqJVlJ4e992l1EE/9U4wHZkIsu3WlDWI7DgdZQ
xIzshSay682vkkd8xyMIXRsTME2MbgTd5Hfcry9wW52rkWfntv72HpRSrACjTcJO
+dD+8uLMQsKS6rFROdQ+eRYPXXLchj7Xk3gQjBL1s43ZhGR+BvJbxWyKxwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFPpPSMSf3Nv5MTWY7mA6RAkFYXwTMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvMS1rOUl4Sl9jMl9reE5aanVZRHBFQ1FWaGZCTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTgvYzYxMDkyLTczNGEtNGVlZi05ZDY3LTQ5MDUyNDNiYzgy
OC8xL0JiSFJQQzRtNFNlR0pHcGV4TVctcHBoa3NnOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBeBggrBgEFBQcBBwEB/wRPME0wSwQCAAEwRTALAwMAH4ED
BAEfgRQwDAMEAB+BFwMEAR+BHAMEAB+BHwMEAC0IYwMEAC1f6wMEAC4QDAMEAS4Q
DgMEAFVcbAMEAFVcbzANBgkqhkiG9w0BAQsFAAOCAQEAZpzu+80syFMHwPcgiH58
ZXVHq1/i8mqZLnkFh3xjOlMkA1XARUPgXcar6AysF6zCU1PK0BodxEhoBRXV/9Ce
sryChu4GuzweJidnNuFR+fQsWA2TaZf5I2eqaTUcV3NP1+Qwde+kigjMOTn+ba/E
KemfiKgusEvSUblywI8rd3ndofh8zkC8lOPn5Y0HuiJKqCFC8j6ZXMYhY9W+tiVv
hV9nqcTgyfT9RBBsPfmqAdpX5auayotNgcaEClDKath8X2HbS2oiotc6NCqc+U1p
MOn237UB3E49zIYV9zGvLx9fzH1sZ9c8J8LCoGhXvHOwrGCRYjmRFd25Wj0XdoB8
Sw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:54 2023 by rpki-client on console-fra.rpki-client.org