Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/ba3b69-65e5-498e-ba08-dab9b483c123/1/Ekt2LvjXj18GJ-YU1Hv5s0DRhxM.roa
File: Ekt2LvjXj18GJ-YU1Hv5s0DRhxM.roa (raw, json)
Hash identifier: wDQ9zdrPcDoZkMmpjTHvN5J/r4czNai5IgrWePCUXYI=
Subject key identifier: 12:4B:76:2E:F8:D7:8F:5F:06:27:E6:14:D4:7B:F9:B3:40:D1:87:13
Certificate issuer: /CN=190ec7aab20fc4c801c67963e59e4f93600e401d
Certificate serial: C794D9
Authority key identifier: 19:0E:C7:AA:B2:0F:C4:C8:01:C6:79:63:E5:9E:4F:93:60:0E:40:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GQ7HqrIPxMgBxnlj5Z5Pk2AOQB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/ba3b69-65e5-498e-ba08-dab9b483c123/1/Ekt2LvjXj18GJ-YU1Hv5s0DRhxM.roa
Signing time: Sat 01 Jan 2022 07:52:36 +0000
ROA not before: Sat 01 Jan 2022 07:52:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20847
IP address blocks: 31.7.4.0/22 maxlen: 24
31.7.0.0/22 maxlen: 24
185.144.224.0/23 maxlen: 24
2a03:9700:8000::/33 maxlen: 33
2a03:9700::/33 maxlen: 33
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13079769 (0xc794d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=190ec7aab20fc4c801c67963e59e4f93600e401d
Validity
Not Before: Jan 1 07:52:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=124b762ef8d78f5f0627e614d47bf9b340d18713
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ad:79:6c:ad:66:74:23:cc:9f:3c:49:44:cb:
37:9d:de:50:1f:d2:e7:a9:71:f9:6f:4f:d1:fb:54:
c8:93:22:fb:ba:48:74:bf:9b:58:be:4f:ad:be:88:
f9:76:4f:3b:92:7d:90:8c:86:8b:41:fd:9a:5e:11:
31:1a:e1:2f:3f:d1:9f:ed:25:1b:a5:31:57:d3:42:
cf:9a:98:77:09:42:70:96:c6:bf:e2:86:e0:45:6d:
2b:86:8c:cc:ec:92:74:cd:f0:ce:3b:cd:c1:a4:3f:
3f:15:29:28:00:bf:17:c4:af:d7:cd:3c:90:be:21:
67:a0:13:ce:ea:28:4a:de:2d:ef:7e:fd:38:81:a0:
f8:46:db:8f:cc:db:60:89:d2:a1:81:16:5f:ac:f4:
9c:0e:7b:c4:cd:0e:3e:1b:ec:a2:52:0a:29:ca:82:
69:cb:7d:63:a6:ba:5c:27:4f:91:72:19:1d:2c:72:
40:ab:af:45:67:ed:95:17:17:1f:29:d2:df:ee:3c:
d3:4c:d8:7a:f0:80:87:a1:2a:2b:e8:db:4b:81:f4:
07:81:4f:65:15:83:d6:1c:7d:10:eb:32:15:a9:1f:
99:80:90:6a:73:58:c9:f6:5a:c1:12:4c:49:db:28:
45:7d:ec:a4:89:d2:12:92:02:7c:85:79:0a:38:a5:
59:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:4B:76:2E:F8:D7:8F:5F:06:27:E6:14:D4:7B:F9:B3:40:D1:87:13
X509v3 Authority Key Identifier:
keyid:19:0E:C7:AA:B2:0F:C4:C8:01:C6:79:63:E5:9E:4F:93:60:0E:40:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GQ7HqrIPxMgBxnlj5Z5Pk2AOQB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/ba3b69-65e5-498e-ba08-dab9b483c123/1/Ekt2LvjXj18GJ-YU1Hv5s0DRhxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/ba3b69-65e5-498e-ba08-dab9b483c123/1/GQ7HqrIPxMgBxnlj5Z5Pk2AOQB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.7.0.0/21
185.144.224.0/23
IPv6:
2a03:9700::/32
Signature Algorithm: sha256WithRSAEncryption
5d:a9:7f:53:41:b8:e5:09:48:e2:ad:89:73:ac:db:33:35:8b:
7c:06:65:37:bf:91:88:21:56:20:ff:d7:12:8e:06:3c:27:10:
ef:22:e8:55:cf:53:e3:74:42:d1:38:c8:88:c3:9f:0d:65:ac:
51:41:34:75:0e:3b:69:55:59:05:2d:ce:a8:18:11:60:cd:4f:
4a:b4:a4:21:01:59:7f:5d:fc:85:52:8d:ee:05:7e:77:4f:90:
ad:28:7a:10:46:ff:1d:04:e0:63:34:09:41:d3:8b:9f:36:fe:
28:57:79:41:62:92:7a:61:e9:99:35:5e:75:3e:78:df:e4:d4:
1e:32:64:31:bd:8c:7f:86:5c:e2:73:49:b2:71:ad:72:d1:ed:
60:07:ff:e8:65:51:35:ea:0e:4d:a4:bf:80:b8:46:6f:98:3c:
f1:3f:4d:1d:e7:2c:54:82:6c:b0:99:11:cd:60:b3:a1:0d:85:
c9:01:8b:2f:c8:4c:3d:fd:f9:68:be:17:16:39:36:6a:92:ca:
98:b5:3d:7b:85:20:d7:fe:e8:5e:50:17:cb:5d:ea:01:52:39:
da:d2:7a:13:1c:35:c9:e5:9b:4a:08:4c:03:37:c3:7a:33:44:
e1:5c:e3:a8:ed:51:47:74:b1:89:87:03:93:4a:89:c8:b2:18:
71:30:23:60
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEAMeU2TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
OTBlYzdhYWIyMGZjNGM4MDFjNjc5NjNlNTllNGY5MzYwMGU0MDFkMB4XDTIyMDEw
MTA3NTIzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTI0Yjc2MmVmOGQ3
OGY1ZjA2MjdlNjE0ZDQ3YmY5YjM0MGQxODcxMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMGteWytZnQjzJ88SUTLN53eUB/S56lx+W9P0ftUyJMi+7pI
dL+bWL5Prb6I+XZPO5J9kIyGi0H9ml4RMRrhLz/Rn+0lG6UxV9NCz5qYdwlCcJbG
v+KG4EVtK4aMzOySdM3wzjvNwaQ/PxUpKAC/F8Sv1808kL4hZ6ATzuooSt4t7379
OIGg+Ebbj8zbYInSoYEWX6z0nA57xM0OPhvsolIKKcqCact9Y6a6XCdPkXIZHSxy
QKuvRWftlRcXHynS3+4800zYevCAh6EqK+jbS4H0B4FPZRWD1hx9EOsyFakfmYCQ
anNYyfZawRJMSdsoRX3spInSEpICfIV5CjilWUsCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQSS3Yu+NePXwYn5hTUe/mzQNGHEzAfBgNVHSMEGDAWgBQZDseqsg/EyAHG
eWPlnk+TYA5AHTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dRN0hxcklQeE1nQnhubGo1WjVQazJBT1FCMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWIvYmEzYjY5LTY1ZTUtNDk4ZS1iYTA4LWRhYjliNDgzYzEyMy8x
L0VrdDJMdmpYajE4R0otWVUxSHY1czBEUmh4TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWIv
YmEzYjY5LTY1ZTUtNDk4ZS1iYTA4LWRhYjliNDgzYzEyMy8xL0dRN0hxcklQeE1n
QnhubGo1WjVQazJBT1FCMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAx8HAAMEAbmQ4DANBAIAAjAHAwUA
KgOXADANBgkqhkiG9w0BAQsFAAOCAQEAXal/U0G45QlI4q2Jc6zbMzWLfAZlN7+R
iCFWIP/XEo4GPCcQ7yLoVc9T43RC0TjIiMOfDWWsUUE0dQ47aVVZBS3OqBgRYM1P
SrSkIQFZf138hVKN7gV+d0+QrSh6EEb/HQTgYzQJQdOLnzb+KFd5QWKSemHpmTVe
dT543+TUHjJkMb2Mf4Zc4nNJsnGtctHtYAf/6GVRNeoOTaS/gLhGb5g88T9NHecs
VIJssJkRzWCzoQ2FyQGLL8hMPf35aL4XFjk2apLKmLU9e4Ug1/7oXlAXy13qAVI5
2tJ6Exw1yeWbSghMAzfDejNE4VzjqO1RR3SxiYcDk0qJyLIYcTAjYA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:22 2024 by rpki-client on console-fra.rpki-client.org