Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/31Oe6JvAM0NerpG1ycxnQt0JW1g.roa
File: 31Oe6JvAM0NerpG1ycxnQt0JW1g.roa (raw, json)
Hash identifier: P31YmQn9CBqKV2aYuHaxdolYZkspnEt4TDHFSxjX174=
Subject key identifier: DF:53:9E:E8:9B:C0:33:43:5E:AE:91:B5:C9:CC:67:42:DD:09:5B:58
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0184ECB5FD826A2A8B5C61CD3834F8446161
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/31Oe6JvAM0NerpG1ycxnQt0JW1g.roa
Signing time: Wed 07 Dec 2022 13:11:00 +0000
ROA not before: Wed 07 Dec 2022 13:11:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211373
IP address blocks: 193.108.112.0/24 maxlen: 24
212.192.6.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ec:b5:fd:82:6a:2a:8b:5c:61:cd:38:34:f8:44:61:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 7 13:11:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=df539ee89bc033435eae91b5c9cc6742dd095b58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:f7:42:d4:19:42:b6:dd:2f:c2:cd:08:88:3a:
52:81:e4:a8:43:38:89:d7:82:b9:2a:4f:e2:55:15:
83:50:dc:7f:f3:dd:80:70:a7:ae:39:2b:20:1d:fd:
55:52:e5:f1:a3:58:eb:e7:5a:e8:4d:fa:37:d7:79:
c2:0f:00:e4:f7:ec:7f:bb:34:93:aa:31:3a:e4:50:
80:06:be:15:73:17:64:73:09:bc:85:67:dc:59:a8:
62:ce:3b:e5:3c:a3:97:b8:c6:26:04:0f:d9:f0:f6:
73:09:cd:73:65:b4:30:c2:80:55:ef:8b:1d:bb:69:
59:47:c2:bf:07:94:c6:1c:7d:2b:42:a7:97:0e:59:
75:cf:b1:c8:b8:60:f4:db:f5:f3:c2:36:a3:df:53:
78:e4:e0:50:5a:93:41:64:d1:94:78:c4:70:b7:1f:
1d:25:43:9e:1d:33:3f:6e:66:03:f6:46:dd:10:3d:
60:6a:28:25:ed:21:9a:3b:b9:d0:52:81:8f:ff:16:
1a:f7:d5:b5:d4:0c:3d:55:8a:9c:8e:78:bf:4c:98:
a1:2b:e4:47:73:da:5c:c6:f6:cc:85:7f:a6:84:cd:
38:ed:79:ae:88:70:04:b6:aa:72:bb:e4:9d:d7:3e:
23:01:d9:16:d1:62:c0:16:c9:91:41:c7:f9:38:d5:
7d:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:53:9E:E8:9B:C0:33:43:5E:AE:91:B5:C9:CC:67:42:DD:09:5B:58
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/31Oe6JvAM0NerpG1ycxnQt0JW1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.108.112.0/24
212.192.6.0/24
Signature Algorithm: sha256WithRSAEncryption
96:c3:7e:b8:a2:fb:75:7d:e2:26:08:39:c7:43:07:b0:44:c2:
69:67:b9:79:dc:1c:3c:33:42:d4:09:89:e8:e2:08:f6:8a:86:
33:cd:da:2d:e6:93:f7:3b:7b:00:d3:f6:a6:2c:48:53:fc:d1:
6f:f4:bb:8a:7b:ba:41:05:33:1a:53:d6:02:2d:19:67:6f:ab:
30:d1:f3:f1:9a:10:03:37:cf:cc:e3:c1:e0:a0:66:dc:48:e2:
a1:2b:1a:9d:98:4a:ce:8c:ac:df:e2:4d:f6:01:02:39:81:9c:
03:f6:59:cc:38:a4:56:44:f3:cc:b6:9e:70:c9:50:64:e0:03:
f7:11:f6:c7:c5:a2:bc:c7:85:07:dd:37:c5:55:a8:eb:e5:ab:
3c:89:c3:1f:43:3e:41:bf:15:78:f6:d9:59:1e:9f:c2:31:d9:
86:ec:84:19:aa:98:9c:8f:b3:04:0f:cf:cc:65:fe:d6:c7:f0:
ef:36:6a:28:17:d7:e1:07:ff:cf:fb:3e:88:6e:29:23:73:73:
2e:f5:10:fc:f3:b0:b6:95:85:5d:06:66:55:b7:ea:ba:65:c6:
4e:55:10:c7:29:c8:85:d0:bd:1a:da:c3:bf:60:bc:2a:b8:ad:
89:55:f9:1c:0d:2b:f7:ba:78:58:06:86:44:ea:48:d6:0e:27:
e7:12:8a:17
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYTstf2CaiqLXGHNODT4RGFhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjA3MTMxMTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjUzOWVlODliYzAzMzQzNWVhZTkxYjVjOWNjNjc0MmRkMDk1YjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5/dC1BlCtt0vws0IiDpSgeSoQziJ
14K5Kk/iVRWDUNx/892AcKeuOSsgHf1VUuXxo1jr51roTfo313nCDwDk9+x/uzST
qjE65FCABr4Vcxdkcwm8hWfcWahizjvlPKOXuMYmBA/Z8PZzCc1zZbQwwoBV74sd
u2lZR8K/B5TGHH0rQqeXDll1z7HIuGD02/Xzwjaj31N45OBQWpNBZNGUeMRwtx8d
JUOeHTM/bmYD9kbdED1gaigl7SGaO7nQUoGP/xYa99W11Aw9VYqcjni/TJihK+RH
c9pcxvbMhX+mhM047XmuiHAEtqpyu+Sd1z4jAdkW0WLAFsmRQcf5ONV9lQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN9TnuibwDNDXq6RtcnMZ0LdCVtYMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMzFPZTZKdkFNME5lcnBHMXljeG5RdDBKVzFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwWxwAwQA
1MAGMA0GCSqGSIb3DQEBCwUAA4IBAQCWw364ovt1feImCDnHQwewRMJpZ7l53Bw8
M0LUCYno4gj2ioYzzdot5pP3O3sA0/amLEhT/NFv9LuKe7pBBTMaU9YCLRlnb6sw
0fPxmhADN8/M48HgoGbcSOKhKxqdmErOjKzf4k32AQI5gZwD9lnMOKRWRPPMtp5w
yVBk4AP3EfbHxaK8x4UH3TfFVajr5as8icMfQz5BvxV49tlZHp/CMdmG7IQZqpic
j7MED8/MZf7Wx/DvNmooF9fhB//P+z6Ibikjc3Mu9RD887C2lYVdBmZVt+q6ZcZO
VRDHKciF0L0a2sO/YLwquK2JVfkcDSv3unhYBoZE6kjWDifnEooX
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:54 2023 by rpki-client on console-fra.rpki-client.org