Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/1KGcf8uIcj02xXgl8ZF_BBjvixQ.roa
File: 1KGcf8uIcj02xXgl8ZF_BBjvixQ.roa (raw, json)
Hash identifier: Con1C1jm0oBs7nIdQUqfXt9nrN1uRmp2afDcrse5GpQ=
Subject key identifier: D4:A1:9C:7F:CB:88:72:3D:36:C5:78:25:F1:91:7F:04:18:EF:8B:14
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 12AC2CAB
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/1KGcf8uIcj02xXgl8ZF_BBjvixQ.roa
Signing time: Mon 23 May 2022 05:22:30 +0000
ROA not before: Mon 23 May 2022 05:22:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41789
IP address blocks: 31.129.17.0/24 maxlen: 24
31.129.16.0/24 maxlen: 24
31.129.18.0/24 maxlen: 24
31.129.22.0/24 maxlen: 24
31.129.21.0/24 maxlen: 24
31.129.20.0/24 maxlen: 24
31.129.19.0/24 maxlen: 24
31.129.24.0/24 maxlen: 24
31.129.23.0/24 maxlen: 24
31.129.29.0/24 maxlen: 24
31.129.28.0/24 maxlen: 24
31.129.27.0/24 maxlen: 24
31.129.26.0/24 maxlen: 24
31.129.31.0/24 maxlen: 24
31.129.25.0/24 maxlen: 24
5.44.42.0/24 maxlen: 24
31.129.0.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 313273515 (0x12ac2cab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: May 23 05:22:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d4a19c7fcb88723d36c57825f1917f0418ef8b14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:29:ec:83:2f:6b:5b:bc:92:44:36:cf:ad:65:
6a:ca:43:ce:95:49:ef:99:35:f6:a6:72:ce:d6:5c:
38:22:ab:34:f8:77:8b:37:d3:58:f0:54:50:01:aa:
3d:d5:d1:af:5d:5a:59:fe:ca:4f:6e:c3:12:03:04:
a2:bc:2e:ca:fe:7b:84:6c:0f:fa:dd:b2:f6:90:20:
f3:34:f4:9f:8e:16:61:1b:03:70:b6:ac:f4:fd:8c:
e0:6d:76:0a:4a:9b:b6:a8:fd:c1:ef:b8:d2:36:b6:
12:bc:f9:59:23:ac:09:27:55:57:66:97:7d:62:f9:
93:c4:2c:72:76:dd:dc:ee:bd:69:08:4a:3f:aa:7f:
16:e2:18:a9:90:ea:26:80:a4:9f:a5:8a:39:fe:34:
a0:b7:06:28:6f:67:4a:26:93:73:86:a8:4a:70:97:
96:04:ae:f7:a5:86:75:e7:e6:b8:c6:eb:e4:9e:ec:
af:80:db:33:d7:1b:8f:9a:0c:c7:95:8f:57:61:00:
a5:20:ae:dd:47:bf:12:be:26:55:7f:5b:dd:42:70:
6b:8d:1a:5c:18:c6:25:26:8c:65:78:ec:0c:c3:63:
08:09:e5:ba:e2:b2:76:dc:03:46:fa:1b:9f:ea:e0:
13:8b:11:85:54:3d:7f:b9:4f:bd:b1:24:ce:a9:84:
41:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:A1:9C:7F:CB:88:72:3D:36:C5:78:25:F1:91:7F:04:18:EF:8B:14
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/1KGcf8uIcj02xXgl8ZF_BBjvixQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.42.0/24
31.129.0.0-31.129.29.255
31.129.31.0/24
Signature Algorithm: sha256WithRSAEncryption
64:c8:67:1f:8e:fb:6c:77:6c:b4:b3:fb:72:56:99:ca:49:88:
ec:fa:0c:07:63:fd:60:5a:65:c9:92:ba:fb:c3:df:13:d9:08:
a8:12:68:b1:0c:a9:0a:1b:01:62:d1:d1:7f:aa:90:bb:1d:db:
b3:6a:ec:8c:81:69:65:2b:8e:ab:2c:69:00:5b:0b:9a:cb:75:
98:38:38:df:69:8b:48:63:7d:b2:d5:69:d3:be:94:3a:0c:b0:
fc:68:ac:de:26:06:d9:52:9d:78:6a:fc:ee:9a:dd:41:dc:3a:
9d:09:48:2a:53:64:1b:60:ac:93:ad:d9:b7:88:50:1d:6f:ef:
85:75:c3:13:7f:59:c1:f7:02:de:52:fa:f6:5c:29:d2:5a:53:
ab:f6:d1:62:c6:ed:91:9e:1f:3e:4b:c9:6a:ec:d2:b8:dd:96:
4c:c1:5e:dc:66:b7:ef:f1:38:48:6b:60:3e:94:cf:00:10:59:
29:06:fb:41:f9:16:6b:ca:43:30:5b:61:d2:00:9f:8b:c1:57:
66:ff:b7:41:04:be:ad:1e:01:59:59:38:bc:98:21:35:81:7e:
31:e3:8d:5a:3b:83:b0:6e:fb:af:97:45:fd:3a:44:63:b3:69:
cf:be:35:7b:68:f2:44:96:d5:94:8c:48:13:98:7b:cd:3e:f1:
b1:08:88:d6
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIEEqwsqzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NWIxZDEzYzJlMjZlMTI3ODYyNDZhNWVjNGM1YmVhNjk4NjRiMjBmMB4XDTIyMDUy
MzA1MjIzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDRhMTljN2ZjYjg4
NzIzZDM2YzU3ODI1ZjE5MTdmMDQxOGVmOGIxNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKwp7IMva1u8kkQ2z61laspDzpVJ75k19qZyztZcOCKrNPh3
izfTWPBUUAGqPdXRr11aWf7KT27DEgMEorwuyv57hGwP+t2y9pAg8zT0n44WYRsD
cLas9P2M4G12Ckqbtqj9we+40ja2Erz5WSOsCSdVV2aXfWL5k8Qscnbd3O69aQhK
P6p/FuIYqZDqJoCkn6WKOf40oLcGKG9nSiaTc4aoSnCXlgSu96WGdefmuMbr5J7s
r4DbM9cbj5oMx5WPV2EApSCu3Ue/Er4mVX9b3UJwa40aXBjGJSaMZXjsDMNjCAnl
uuKydtwDRvobn+rgE4sRhVQ9f7lPvbEkzqmEQXECAwEAAaOCAhwwggIYMB0GA1Ud
DgQWBBTUoZx/y4hyPTbFeCXxkX8EGO+LFDAfBgNVHSMEGDAWgBQFsdE8LibhJ4Yk
al7Exb6mmGSyDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JiSFJQQzRtNFNlR0pHcGV4TVctcHBoa3NnOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTgvYzYxMDkyLTczNGEtNGVlZi05ZDY3LTQ5MDUyNDNiYzgyOC8x
LzFLR2NmOHVJY2owMnhYZ2w4WkZfQkJqdml4US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTgv
YzYxMDkyLTczNGEtNGVlZi05ZDY3LTQ5MDUyNDNiYzgyOC8xL0JiSFJQQzRtNFNl
R0pHcGV4TVctcHBoa3NnOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAy
BggrBgEFBQcBBwEB/wQjMCEwHwQCAAEwGQMEAAUsKjALAwMAH4EDBAEfgRwDBAAf
gR8wDQYJKoZIhvcNAQELBQADggEBAGTIZx+O+2x3bLSz+3JWmcpJiOz6DAdj/WBa
ZcmSuvvD3xPZCKgSaLEMqQobAWLR0X+qkLsd27Nq7IyBaWUrjqssaQBbC5rLdZg4
ON9pi0hjfbLVadO+lDoMsPxorN4mBtlSnXhq/O6a3UHcOp0JSCpTZBtgrJOt2beI
UB1v74V1wxN/WcH3At5S+vZcKdJaU6v20WLG7ZGeHz5LyWrs0rjdlkzBXtxmt+/x
OEhrYD6UzwAQWSkG+0H5FmvKQzBbYdIAn4vBV2b/t0EEvq0eAVlZOLyYITWBfjHj
jVo7g7Bu+6+XRf06RGOzac++NXto8kSW1ZSMSBOYe80+8bEIiNY=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:54 2023 by rpki-client on console-fra.rpki-client.org