Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/QR5rXphyNUpSJ1PDBFRjiK-MLCA.roa
File: QR5rXphyNUpSJ1PDBFRjiK-MLCA.roa (raw, json)
Hash identifier: oxm5yM8t9MeEw5M/HLHuPN6EKpuzaxf2kQ1HY7ivUnw=
Subject key identifier: 41:1E:6B:5E:98:72:35:4A:52:27:53:C3:04:54:63:88:AF:8C:2C:20
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 12E6D4CE
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/QR5rXphyNUpSJ1PDBFRjiK-MLCA.roa
Signing time: Tue 14 Jun 2022 15:08:47 +0000
ROA not before: Tue 14 Jun 2022 15:08:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41789
IP address blocks: 31.129.17.0/24 maxlen: 24
31.129.16.0/24 maxlen: 24
31.129.18.0/24 maxlen: 24
31.129.22.0/24 maxlen: 24
31.129.21.0/24 maxlen: 24
31.129.20.0/24 maxlen: 24
31.129.19.0/24 maxlen: 24
31.129.24.0/24 maxlen: 24
31.129.23.0/24 maxlen: 24
31.129.29.0/24 maxlen: 24
31.129.28.0/24 maxlen: 24
31.129.27.0/24 maxlen: 24
31.129.26.0/24 maxlen: 24
31.129.31.0/24 maxlen: 24
31.129.25.0/24 maxlen: 24
5.44.42.0/24 maxlen: 24
31.129.0.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 317117646 (0x12e6d4ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Jun 14 15:08:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=411e6b5e9872354a522753c304546388af8c2c20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:8d:4a:49:65:ae:47:ff:1f:e7:e7:f2:2a:bf:
1d:d0:1e:22:36:d9:49:4c:7c:f9:ce:78:c2:8e:96:
ee:56:c4:98:f9:24:42:fe:e2:8e:4b:d3:6a:7c:94:
1a:50:8a:c1:c4:44:e7:b5:bb:c9:ba:55:7e:09:9a:
18:fc:cd:c8:d9:81:e5:09:8a:fe:64:24:2e:af:4a:
63:09:58:1f:93:22:6e:65:81:6d:0f:d4:4a:ef:92:
21:62:21:1d:8c:ae:7c:47:f3:37:dc:0a:d7:8d:88:
83:95:88:a4:87:e3:5c:68:1d:49:a0:11:61:84:20:
a0:19:e2:1c:79:ba:d0:53:35:d8:48:8a:13:6f:4c:
b0:6c:0f:af:b8:1f:91:46:85:61:a3:1f:38:ac:90:
29:8b:63:51:99:b7:79:de:b0:07:91:74:f7:52:be:
b7:16:cb:aa:7b:5d:b9:89:11:16:60:70:4d:eb:86:
7c:c4:24:0d:c2:af:d5:54:62:c5:87:39:ab:2b:30:
40:66:59:5b:e6:bf:37:a8:b8:4b:c1:05:d5:2a:96:
bc:5d:aa:98:9b:6a:63:0d:b4:9e:21:9f:c1:1a:1f:
e0:6a:c9:f6:0f:31:81:ce:87:2f:f6:d1:04:91:33:
67:78:45:72:06:0c:43:a6:7e:06:d0:bf:54:d4:98:
7c:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:1E:6B:5E:98:72:35:4A:52:27:53:C3:04:54:63:88:AF:8C:2C:20
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/QR5rXphyNUpSJ1PDBFRjiK-MLCA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.42.0/24
31.129.0.0-31.129.29.255
31.129.31.0/24
Signature Algorithm: sha256WithRSAEncryption
43:64:96:a5:c7:12:6a:99:5f:e4:f5:f5:ea:f0:4f:3a:08:44:
c2:77:b5:07:a2:45:3a:07:c9:01:b4:3f:0c:53:d4:9d:f8:67:
10:8f:94:f8:78:d3:1c:cb:8d:21:cc:d4:48:6f:90:e5:bb:09:
d3:d4:30:a6:4e:7c:70:50:7f:2f:d2:35:38:77:d9:f9:48:37:
57:fc:83:87:6a:5c:f1:8c:5c:e8:c3:fa:4f:82:ac:c9:90:56:
33:7a:79:67:ee:93:34:54:64:50:7c:e7:ba:ce:ec:9d:e4:89:
07:63:08:0a:f3:9b:3c:b8:96:e5:78:90:a8:f1:85:12:8b:68:
6b:04:be:2c:0b:45:89:7b:dc:fa:81:c9:2b:21:d2:a0:7b:f5:
01:60:fc:30:4f:98:05:a8:14:67:d2:cc:e1:10:7d:21:5d:45:
e7:8a:ee:de:3a:a4:d9:2c:d8:48:ba:07:0d:ad:d5:ec:f7:29:
e0:0c:56:ee:d4:fc:45:fc:05:84:1a:a3:53:ad:bc:66:e0:67:
73:a3:82:ae:a4:6f:22:a1:57:e5:e3:ea:dd:26:94:0c:65:d6:
0f:9e:e5:fd:aa:d6:0e:5b:ab:34:3f:5f:ef:2d:d8:28:4c:9b:
3d:95:8c:78:41:06:40:20:c5:20:0d:1f:28:49:6e:80:f3:80:
81:c1:0e:34
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIEEubUzjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NWIxZDEzYzJlMjZlMTI3ODYyNDZhNWVjNGM1YmVhNjk4NjRiMjBmMB4XDTIyMDYx
NDE1MDg0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDExZTZiNWU5ODcy
MzU0YTUyMjc1M2MzMDQ1NDYzODhhZjhjMmMyMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMKNSkllrkf/H+fn8iq/HdAeIjbZSUx8+c54wo6W7lbEmPkk
Qv7ijkvTanyUGlCKwcRE57W7ybpVfgmaGPzNyNmB5QmK/mQkLq9KYwlYH5MibmWB
bQ/USu+SIWIhHYyufEfzN9wK142Ig5WIpIfjXGgdSaARYYQgoBniHHm60FM12EiK
E29MsGwPr7gfkUaFYaMfOKyQKYtjUZm3ed6wB5F091K+txbLqntduYkRFmBwTeuG
fMQkDcKv1VRixYc5qyswQGZZW+a/N6i4S8EF1SqWvF2qmJtqYw20niGfwRof4GrJ
9g8xgc6HL/bRBJEzZ3hFcgYMQ6Z+BtC/VNSYfHkCAwEAAaOCAhwwggIYMB0GA1Ud
DgQWBBRBHmtemHI1SlInU8MEVGOIr4wsIDAfBgNVHSMEGDAWgBQFsdE8LibhJ4Yk
al7Exb6mmGSyDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JiSFJQQzRtNFNlR0pHcGV4TVctcHBoa3NnOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTgvYzYxMDkyLTczNGEtNGVlZi05ZDY3LTQ5MDUyNDNiYzgyOC8x
L1FSNXJYcGh5TlVwU0oxUERCRlJqaUstTUxDQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTgv
YzYxMDkyLTczNGEtNGVlZi05ZDY3LTQ5MDUyNDNiYzgyOC8xL0JiSFJQQzRtNFNl
R0pHcGV4TVctcHBoa3NnOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAy
BggrBgEFBQcBBwEB/wQjMCEwHwQCAAEwGQMEAAUsKjALAwMAH4EDBAEfgRwDBAAf
gR8wDQYJKoZIhvcNAQELBQADggEBAENklqXHEmqZX+T19erwTzoIRMJ3tQeiRToH
yQG0PwxT1J34ZxCPlPh40xzLjSHM1EhvkOW7CdPUMKZOfHBQfy/SNTh32flIN1f8
g4dqXPGMXOjD+k+CrMmQVjN6eWfukzRUZFB857rO7J3kiQdjCArzmzy4luV4kKjx
hRKLaGsEviwLRYl73PqBySsh0qB79QFg/DBPmAWoFGfSzOEQfSFdReeK7t46pNks
2Ei6Bw2t1ez3KeAMVu7U/EX8BYQao1OtvGbgZ3Ojgq6kbyKhV+Xj6t0mlAxl1g+e
5f2q1g5bqzQ/X+8t2ChMmz2VjHhBBkAgxSANHyhJboDzgIHBDjQ=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:54 2023 by rpki-client on console-fra.rpki-client.org