Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/DmBukmTLU_8ZbapfJwuXXvKjAdk.roa
File: DmBukmTLU_8ZbapfJwuXXvKjAdk.roa (raw, json)
Hash identifier: MTiyYAK51S5HCqwJ7ydhK/sgyaIgyGnM5AgFIyCt5ss=
Subject key identifier: 0E:60:6E:92:64:CB:53:FF:19:6D:AA:5F:27:0B:97:5E:F2:A3:01:D9
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 11657112
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/DmBukmTLU_8ZbapfJwuXXvKjAdk.roa
Signing time: Sat 01 Jan 2022 05:57:07 +0000
ROA not before: Sat 01 Jan 2022 05:57:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41789
IP address blocks: 31.129.17.0/24 maxlen: 24
31.129.16.0/24 maxlen: 24
31.129.18.0/24 maxlen: 24
31.129.22.0/24 maxlen: 24
31.129.21.0/24 maxlen: 24
31.129.20.0/24 maxlen: 24
31.129.19.0/24 maxlen: 24
31.129.24.0/24 maxlen: 24
31.129.23.0/24 maxlen: 24
31.129.29.0/24 maxlen: 24
31.129.28.0/24 maxlen: 24
31.129.27.0/24 maxlen: 24
31.129.26.0/24 maxlen: 24
31.129.31.0/24 maxlen: 24
31.129.25.0/24 maxlen: 24
31.129.0.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 291860754 (0x11657112)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Jan 1 05:57:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0e606e9264cb53ff196daa5f270b975ef2a301d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:1c:07:94:8a:f4:0f:bc:ea:c2:1e:06:18:fa:
f9:9f:39:65:44:29:e2:da:44:8b:7b:e1:0b:bd:b2:
37:0d:02:da:cf:75:25:2e:25:9d:87:8c:28:84:26:
6a:c3:d9:b9:4c:ef:c8:5e:9a:43:ab:59:bf:9f:33:
36:7c:67:9a:40:05:a0:93:f1:07:c1:f0:c7:67:d5:
ea:2c:9b:31:fa:05:27:8f:df:37:c8:8c:62:11:0b:
36:a5:ee:94:2c:79:0a:cd:62:3d:b1:40:9f:5b:88:
9a:5c:81:90:bb:58:34:88:bb:69:75:5c:e5:84:61:
65:67:2c:55:bc:00:6f:90:62:e2:00:36:be:c2:b2:
fb:0a:59:f1:75:26:a0:fc:5d:e1:ab:e7:00:d1:01:
e0:24:55:40:0f:0d:9d:1b:ba:04:15:19:f1:ec:60:
fa:23:90:6a:e8:39:ff:3c:bc:a7:4a:fc:fe:6f:47:
9b:02:60:cb:46:2a:e7:df:30:2b:f9:d0:66:e4:7e:
15:c8:48:2a:83:df:9f:8d:60:3c:fe:81:c1:a2:9d:
a4:44:26:fb:a0:aa:e3:be:3c:90:f0:cc:77:9d:cf:
6b:23:1c:b9:a9:82:dd:fd:e6:a6:88:63:bf:2d:a3:
35:20:da:af:f7:6d:69:e2:37:d1:45:c3:27:a4:85:
e3:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:60:6E:92:64:CB:53:FF:19:6D:AA:5F:27:0B:97:5E:F2:A3:01:D9
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/DmBukmTLU_8ZbapfJwuXXvKjAdk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.0.0-31.129.29.255
31.129.31.0/24
Signature Algorithm: sha256WithRSAEncryption
61:9c:7d:d9:ba:7a:99:83:57:67:10:4d:2f:77:b1:cd:42:a6:
c8:56:c1:4b:3e:f6:1f:e8:61:c9:1b:09:de:b8:bc:6d:2b:b2:
d2:94:8f:a3:87:f2:95:79:da:84:39:5a:a3:be:59:e2:75:20:
86:6f:49:89:6f:77:49:9c:17:ce:73:da:f9:8c:52:c5:8d:03:
d4:0f:73:a5:fd:f4:78:73:1d:30:f7:a1:94:41:fd:c3:b9:0c:
a7:0f:28:75:63:72:1b:d3:43:c2:f7:b9:25:7c:f3:67:d4:a1:
16:7c:c1:01:fa:f6:c0:78:2d:b7:b6:ad:4a:3c:be:b4:58:80:
59:03:b5:a0:2c:6d:c6:ab:91:37:48:19:2b:6a:0b:3d:09:35:
8a:4a:72:ed:f6:21:cd:2d:09:e6:0e:33:09:64:5b:38:42:44:
bc:e8:05:be:e3:96:2f:b4:32:4b:9f:21:cf:b5:04:6d:41:8d:
9c:26:83:9c:63:bf:a4:52:73:1a:3c:12:db:7f:8f:ab:a3:77:
10:87:5c:47:85:21:02:58:20:e4:f6:33:45:18:83:69:33:c0:
8b:ed:b0:4e:6e:e3:ac:2e:0c:91:81:8a:b1:23:f1:0b:10:4d:
83:96:21:ad:10:a8:31:c5:91:f1:a9:ff:62:d2:94:da:18:37:
67:e8:a8:bd
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgIEEWVxEjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NWIxZDEzYzJlMjZlMTI3ODYyNDZhNWVjNGM1YmVhNjk4NjRiMjBmMB4XDTIyMDEw
MTA1NTcwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGU2MDZlOTI2NGNi
NTNmZjE5NmRhYTVmMjcwYjk3NWVmMmEzMDFkOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKUcB5SK9A+86sIeBhj6+Z85ZUQp4tpEi3vhC72yNw0C2s91
JS4lnYeMKIQmasPZuUzvyF6aQ6tZv58zNnxnmkAFoJPxB8Hwx2fV6iybMfoFJ4/f
N8iMYhELNqXulCx5Cs1iPbFAn1uImlyBkLtYNIi7aXVc5YRhZWcsVbwAb5Bi4gA2
vsKy+wpZ8XUmoPxd4avnANEB4CRVQA8NnRu6BBUZ8exg+iOQaug5/zy8p0r8/m9H
mwJgy0Yq598wK/nQZuR+FchIKoPfn41gPP6BwaKdpEQm+6Cq4748kPDMd53PayMc
uamC3f3mpohjvy2jNSDar/dtaeI30UXDJ6SF4+8CAwEAAaOCAhYwggISMB0GA1Ud
DgQWBBQOYG6SZMtT/xltql8nC5de8qMB2TAfBgNVHSMEGDAWgBQFsdE8LibhJ4Yk
al7Exb6mmGSyDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JiSFJQQzRtNFNlR0pHcGV4TVctcHBoa3NnOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTgvYzYxMDkyLTczNGEtNGVlZi05ZDY3LTQ5MDUyNDNiYzgyOC8x
L0RtQnVrbVRMVV84WmJhcGZKd3VYWHZLakFkay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTgv
YzYxMDkyLTczNGEtNGVlZi05ZDY3LTQ5MDUyNDNiYzgyOC8xL0JiSFJQQzRtNFNl
R0pHcGV4TVctcHBoa3NnOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAs
BggrBgEFBQcBBwEB/wQdMBswGQQCAAEwEzALAwMAH4EDBAEfgRwDBAAfgR8wDQYJ
KoZIhvcNAQELBQADggEBAGGcfdm6epmDV2cQTS93sc1CpshWwUs+9h/oYckbCd64
vG0rstKUj6OH8pV52oQ5WqO+WeJ1IIZvSYlvd0mcF85z2vmMUsWNA9QPc6X99Hhz
HTD3oZRB/cO5DKcPKHVjchvTQ8L3uSV882fUoRZ8wQH69sB4Lbe2rUo8vrRYgFkD
taAsbcarkTdIGStqCz0JNYpKcu32Ic0tCeYOMwlkWzhCRLzoBb7jli+0MkufIc+1
BG1BjZwmg5xjv6RScxo8Ett/j6ujdxCHXEeFIQJYIOT2M0UYg2kzwIvtsE5u46wu
DJGBirEj8QsQTYOWIa0QqDHFkfGp/2LSlNoYN2foqL0=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:47 2023 by rpki-client on console-ams.rpki-client.org