Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/6f85b1-6a3c-408d-a39b-24f7f9436cec/1/Cm46iXWq8pWe5Mz3r7SmRr5eFvU.roa
File: Cm46iXWq8pWe5Mz3r7SmRr5eFvU.roa (raw, json)
Hash identifier: DsCvNo6s8ZXipDdIsHbFn+iy3EWttQK3HfIj9HMF0JM=
Subject key identifier: 0A:6E:3A:89:75:AA:F2:95:9E:E4:CC:F7:AF:B4:A6:46:BE:5E:16:F5
Certificate issuer: /CN=8ea43bb38d6e0be8c289094ba4adf387d0de40a0
Certificate serial: 05047E4E
Authority key identifier: 8E:A4:3B:B3:8D:6E:0B:E8:C2:89:09:4B:A4:AD:F3:87:D0:DE:40:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jqQ7s41uC-jCiQlLpK3zh9DeQKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/6f85b1-6a3c-408d-a39b-24f7f9436cec/1/Cm46iXWq8pWe5Mz3r7SmRr5eFvU.roa
Signing time: Sat 01 Jan 2022 14:06:52 +0000
ROA not before: Sat 01 Jan 2022 14:06:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197746
IP address blocks: 31.22.112.0/24 maxlen: 24
31.22.113.0/24 maxlen: 24
31.22.114.0/24 maxlen: 24
31.22.118.0/24 maxlen: 24
31.22.115.0/24 maxlen: 24
31.22.119.0/24 maxlen: 24
185.23.88.0/24 maxlen: 24
185.23.89.0/24 maxlen: 24
2a00:6620:2000::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84180558 (0x5047e4e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ea43bb38d6e0be8c289094ba4adf387d0de40a0
Validity
Not Before: Jan 1 14:06:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0a6e3a8975aaf2959ee4ccf7afb4a646be5e16f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:77:a3:8b:18:06:a7:a9:20:8e:07:01:5e:23:
5a:5e:36:41:96:8d:94:06:6e:54:c3:e6:b0:83:58:
98:fd:ff:da:91:36:ba:88:71:28:1f:de:bc:69:88:
d4:4f:3d:f5:86:51:60:9d:15:a2:f0:f4:8d:fc:74:
17:80:d4:25:59:34:b1:d6:a8:84:4d:d8:37:f2:5e:
fb:b3:d7:67:d0:9b:c7:93:b8:3c:6f:8c:36:57:c3:
92:b2:4e:01:5c:11:aa:97:d0:9c:c9:95:39:e5:46:
ab:7f:70:e3:6b:e3:18:42:2d:08:c3:7a:a4:3c:30:
0f:85:f8:05:4f:d7:6c:40:8b:64:cc:ea:24:c4:84:
04:c4:9b:48:7e:81:77:54:6f:ba:19:1d:a9:6a:65:
38:d1:36:0b:52:0d:19:2b:8f:63:54:f7:95:ed:73:
6d:9b:87:bc:5e:2c:0d:a2:92:1f:29:a7:20:26:7b:
67:2d:f7:a2:36:35:13:a1:7f:79:a8:8b:14:bd:2c:
91:2e:43:de:46:3f:8d:09:56:d5:5f:27:7f:e8:2a:
90:b7:2a:ca:36:fa:0a:60:95:ed:d3:88:fc:fd:d9:
41:bf:20:3f:95:87:4c:15:a0:cc:44:92:eb:ff:33:
32:2c:50:97:07:09:a0:c5:0e:3c:7a:06:53:e9:aa:
42:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:6E:3A:89:75:AA:F2:95:9E:E4:CC:F7:AF:B4:A6:46:BE:5E:16:F5
X509v3 Authority Key Identifier:
keyid:8E:A4:3B:B3:8D:6E:0B:E8:C2:89:09:4B:A4:AD:F3:87:D0:DE:40:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jqQ7s41uC-jCiQlLpK3zh9DeQKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6f85b1-6a3c-408d-a39b-24f7f9436cec/1/Cm46iXWq8pWe5Mz3r7SmRr5eFvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6f85b1-6a3c-408d-a39b-24f7f9436cec/1/jqQ7s41uC-jCiQlLpK3zh9DeQKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.22.112.0/22
31.22.118.0/23
185.23.88.0/23
IPv6:
2a00:6620:2000::/48
Signature Algorithm: sha256WithRSAEncryption
5b:1d:7b:d7:fd:60:42:cb:50:33:ec:02:43:cb:a6:57:47:1f:
37:49:fa:03:d2:b5:ad:54:8d:1a:99:80:ec:b5:53:67:70:ad:
7d:7c:16:e4:1d:eb:22:9a:fa:2b:63:ef:b5:e1:77:1d:fb:c9:
c8:66:78:33:30:d7:25:b1:63:ca:7d:ea:d8:3b:01:9c:10:1a:
6c:b7:38:81:ad:83:24:bb:27:78:c0:d1:2c:35:71:05:66:71:
21:7b:9e:f3:17:18:8c:c7:1b:9a:57:d9:28:6c:6b:9c:d8:3d:
a5:69:7a:60:93:04:a5:65:d7:c5:35:08:7d:b3:63:33:aa:7c:
14:93:5d:25:a7:96:d6:ce:7f:ce:65:cf:1c:a7:33:64:c6:24:
0a:c6:c0:80:5c:aa:d6:bc:80:ae:4c:2d:e2:6a:0e:b4:77:1e:
c5:c8:57:e2:b9:01:80:6f:c0:86:c1:97:cf:d2:51:fb:ed:fb:
dd:6f:3e:7c:55:52:cb:2a:83:b1:34:c5:70:a3:e0:9b:26:69:
19:fe:4b:ea:a7:39:21:18:11:8f:7f:d9:5b:d8:76:84:9e:f6:
63:ef:03:c5:73:b6:d0:21:f4:2a:d6:03:16:3b:2c:fc:31:0b:
0b:97:e1:e2:87:c0:1b:9e:4d:71:7d:f5:75:56:10:0b:2d:9b:
ee:d1:61:6a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIEBQR+TjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZWE0M2JiMzhkNmUwYmU4YzI4OTA5NGJhNGFkZjM4N2QwZGU0MGEwMB4XDTIyMDEw
MTE0MDY1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGE2ZTNhODk3NWFh
ZjI5NTllZTRjY2Y3YWZiNGE2NDZiZTVlMTZmNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM13o4sYBqepII4HAV4jWl42QZaNlAZuVMPmsINYmP3/2pE2
uohxKB/evGmI1E899YZRYJ0VovD0jfx0F4DUJVk0sdaohE3YN/Je+7PXZ9Cbx5O4
PG+MNlfDkrJOAVwRqpfQnMmVOeVGq39w42vjGEItCMN6pDwwD4X4BU/XbECLZMzq
JMSEBMSbSH6Bd1RvuhkdqWplONE2C1INGSuPY1T3le1zbZuHvF4sDaKSHymnICZ7
Zy33ojY1E6F/eaiLFL0skS5D3kY/jQlW1V8nf+gqkLcqyjb6CmCV7dOI/P3ZQb8g
P5WHTBWgzESS6/8zMixQlwcJoMUOPHoGU+mqQtECAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBQKbjqJdarylZ7kzPevtKZGvl4W9TAfBgNVHSMEGDAWgBSOpDuzjW4L6MKJ
CUukrfOH0N5AoDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pxUTdzNDF1Qy1qQ2lRbExwSzN6aDlEZVFLQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvNmY4NWIxLTZhM2MtNDA4ZC1hMzliLTI0ZjdmOTQzNmNlYy8x
L0NtNDZpWFdxOHBXZTVNejNyN1NtUnI1ZUZ2VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
NmY4NWIxLTZhM2MtNDA4ZC1hMzliLTI0ZjdmOTQzNmNlYy8xL2pxUTdzNDF1Qy1q
Q2lRbExwSzN6aDlEZVFLQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswGAQCAAEwEgMEAh8WcAMEAR8WdgMEAbkXWDAPBAIA
AjAJAwcAKgBmICAAMA0GCSqGSIb3DQEBCwUAA4IBAQBbHXvX/WBCy1Az7AJDy6ZX
Rx83SfoD0rWtVI0amYDstVNncK19fBbkHesimvorY++14Xcd+8nIZngzMNclsWPK
ferYOwGcEBpstziBrYMkuyd4wNEsNXEFZnEhe57zFxiMxxuaV9kobGuc2D2laXpg
kwSlZdfFNQh9s2MzqnwUk10lp5bWzn/OZc8cpzNkxiQKxsCAXKrWvICuTC3iag60
dx7FyFfiuQGAb8CGwZfP0lH77fvdbz58VVLLKoOxNMVwo+CbJmkZ/kvqpzkhGBGP
f9lb2HaEnvZj7wPFc7bQIfQq1gMWOyz8MQsLl+Hih8Abnk1xffV1VhALLZvu0WFq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:10 2024 by rpki-client on console-ams.rpki-client.org