Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/erPu4I_-EhuLo1hwota55QbQR3I.roa
File: erPu4I_-EhuLo1hwota55QbQR3I.roa (raw, json)
Hash identifier: rE0U+tfpWOysre0nn3Wc9O9kSwyNmPMP+CAhEVz1J9U=
Subject key identifier: 7A:B3:EE:E0:8F:FE:12:1B:8B:A3:58:70:A2:D6:B9:E5:06:D0:47:72
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 12099D73
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/erPu4I_-EhuLo1hwota55QbQR3I.roa
Signing time: Thu 10 Mar 2022 07:59:16 +0000
ROA not before: Thu 10 Mar 2022 07:59:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41789
IP address blocks: 31.129.17.0/24 maxlen: 24
31.129.16.0/24 maxlen: 24
31.129.18.0/24 maxlen: 24
31.129.22.0/24 maxlen: 24
31.129.21.0/24 maxlen: 24
31.129.20.0/24 maxlen: 24
31.129.19.0/24 maxlen: 24
31.129.24.0/24 maxlen: 24
31.129.23.0/24 maxlen: 24
31.129.29.0/24 maxlen: 24
31.129.28.0/24 maxlen: 24
31.129.27.0/24 maxlen: 24
31.129.26.0/24 maxlen: 24
31.129.31.0/24 maxlen: 24
31.129.25.0/24 maxlen: 24
31.129.0.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 302620019 (0x12099d73)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Mar 10 07:59:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7ab3eee08ffe121b8ba35870a2d6b9e506d04772
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ac:96:1d:2d:1f:3f:99:93:e7:77:de:e4:45:
8e:68:8d:cb:22:67:af:be:d7:2c:53:4d:f7:74:66:
7a:bf:f4:c2:d0:6f:a6:a7:5e:81:7e:b4:7a:32:15:
c0:b9:26:c9:60:b2:46:67:d0:b1:3f:26:17:d1:dd:
50:42:1a:ee:13:e3:7d:67:5f:e1:04:1a:e7:63:d9:
2a:18:0c:74:a6:22:e2:83:b6:95:77:90:52:a3:26:
a7:80:b7:42:a9:15:13:e1:d4:ae:2c:df:b7:a0:d9:
38:cc:c0:37:fe:8c:ef:f2:f5:6a:90:16:d3:fd:8e:
be:f0:d2:c7:fb:51:0b:77:bc:d0:cf:15:11:8c:a0:
e1:4f:36:a0:9f:17:cb:85:dc:3b:79:42:f8:54:1c:
bf:b2:a4:e8:fc:34:20:ed:74:03:0c:1f:d7:16:20:
e4:11:c2:10:c1:30:f4:5e:87:95:40:04:41:7e:97:
8f:0e:66:bf:e6:8e:71:ae:c3:a9:5a:b9:af:92:51:
8c:ec:85:80:6c:a9:30:e5:8d:4c:63:e1:35:ee:4b:
16:74:6f:56:49:f4:bd:97:0f:29:db:43:7c:06:ed:
4b:74:ae:1a:10:68:35:00:bd:2c:17:26:13:bc:2a:
b0:c6:31:1a:45:bd:19:72:f9:aa:a4:37:d5:2b:ee:
91:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:B3:EE:E0:8F:FE:12:1B:8B:A3:58:70:A2:D6:B9:E5:06:D0:47:72
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/erPu4I_-EhuLo1hwota55QbQR3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.0.0-31.129.29.255
31.129.31.0/24
Signature Algorithm: sha256WithRSAEncryption
47:62:7e:a4:9a:84:a9:43:b5:87:e2:7f:e4:e2:c7:3f:d5:0d:
25:ce:0b:ff:bd:91:38:e3:72:9e:cf:4d:57:2e:2b:e5:d6:88:
6d:08:a3:62:0b:0e:fb:2e:a0:ac:23:e7:69:4f:44:b6:8d:75:
8b:1d:7b:45:8e:c4:87:4f:f8:c6:19:44:48:55:ce:c8:48:98:
b2:60:23:15:85:90:3f:61:a1:33:10:94:42:9b:23:3e:b4:94:
ad:dc:68:e9:7a:98:f9:2a:15:a2:61:6f:d3:6a:f5:00:c4:4f:
6a:0c:32:59:a1:5f:7c:72:65:d0:88:8f:d7:43:91:85:88:7c:
16:ae:7e:58:f6:48:c8:36:de:55:ba:1a:b9:c5:f1:ed:f7:15:
9d:9c:af:49:20:a6:98:45:84:1e:01:8b:7d:bd:2e:a3:f7:03:
05:ae:47:06:fa:8a:40:44:f2:28:a5:70:6c:cb:0e:ee:86:1d:
f7:42:5e:b8:6c:6c:c6:15:b0:58:01:4c:de:71:b5:1b:e9:63:
24:ad:ba:a9:e7:a1:a1:67:d9:de:51:af:03:eb:fd:38:d3:bb:
45:5f:d5:88:91:2c:af:de:34:75:02:3a:18:31:d9:cf:cd:cd:
2b:03:bb:90:ad:fd:50:5d:eb:5d:19:6e:a2:5d:1b:ce:f9:ec:
94:53:3f:b8
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgIEEgmdczANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NWIxZDEzYzJlMjZlMTI3ODYyNDZhNWVjNGM1YmVhNjk4NjRiMjBmMB4XDTIyMDMx
MDA3NTkxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2FiM2VlZTA4ZmZl
MTIxYjhiYTM1ODcwYTJkNmI5ZTUwNmQwNDc3MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ+slh0tHz+Zk+d33uRFjmiNyyJnr77XLFNN93Rmer/0wtBv
pqdegX60ejIVwLkmyWCyRmfQsT8mF9HdUEIa7hPjfWdf4QQa52PZKhgMdKYi4oO2
lXeQUqMmp4C3QqkVE+HUrizft6DZOMzAN/6M7/L1apAW0/2OvvDSx/tRC3e80M8V
EYyg4U82oJ8Xy4XcO3lC+FQcv7Kk6Pw0IO10Awwf1xYg5BHCEMEw9F6HlUAEQX6X
jw5mv+aOca7DqVq5r5JRjOyFgGypMOWNTGPhNe5LFnRvVkn0vZcPKdtDfAbtS3Su
GhBoNQC9LBcmE7wqsMYxGkW9GXL5qqQ31SvukTMCAwEAAaOCAhYwggISMB0GA1Ud
DgQWBBR6s+7gj/4SG4ujWHCi1rnlBtBHcjAfBgNVHSMEGDAWgBQFsdE8LibhJ4Yk
al7Exb6mmGSyDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JiSFJQQzRtNFNlR0pHcGV4TVctcHBoa3NnOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTgvYzYxMDkyLTczNGEtNGVlZi05ZDY3LTQ5MDUyNDNiYzgyOC8x
L2VyUHU0SV8tRWh1TG8xaHdvdGE1NVFiUVIzSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTgv
YzYxMDkyLTczNGEtNGVlZi05ZDY3LTQ5MDUyNDNiYzgyOC8xL0JiSFJQQzRtNFNl
R0pHcGV4TVctcHBoa3NnOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAs
BggrBgEFBQcBBwEB/wQdMBswGQQCAAEwEzALAwMAH4EDBAEfgRwDBAAfgR8wDQYJ
KoZIhvcNAQELBQADggEBAEdifqSahKlDtYfif+Tixz/VDSXOC/+9kTjjcp7PTVcu
K+XWiG0Io2ILDvsuoKwj52lPRLaNdYsde0WOxIdP+MYZREhVzshImLJgIxWFkD9h
oTMQlEKbIz60lK3caOl6mPkqFaJhb9Nq9QDET2oMMlmhX3xyZdCIj9dDkYWIfBau
flj2SMg23lW6GrnF8e33FZ2cr0kgpphFhB4Bi329LqP3AwWuRwb6ikBE8iilcGzL
Du6GHfdCXrhsbMYVsFgBTN5xtRvpYyStuqnnoaFn2d5RrwPr/TjTu0Vf1YiRLK/e
NHUCOhgx2c/NzSsDu5Ct/VBd610ZbqJdG8757JRTP7g=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:47 2023 by rpki-client on console-ams.rpki-client.org