Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/__PliM4Yl09OzSF3bTalQH5ql5g.roa
File: __PliM4Yl09OzSF3bTalQH5ql5g.roa (raw, json)
Hash identifier: YSOwLYnf/3AGWmTgLUiAQWcnXamXUI1j9l+k+bohShY=
Subject key identifier: FF:F3:E5:88:CE:18:97:4F:4E:CD:21:77:6D:36:A5:40:7E:6A:97:98
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 1D066E8F
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/__PliM4Yl09OzSF3bTalQH5ql5g.roa
Signing time: Thu 03 Feb 2022 16:34:00 +0000
ROA not before: Thu 03 Feb 2022 16:34:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22653
IP address blocks: 31.169.124.0/24 maxlen: 24
31.169.125.0/24 maxlen: 24
31.169.126.0/24 maxlen: 24
31.169.127.0/24 maxlen: 24
194.55.226.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
194.55.227.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
178.215.238.0/24 maxlen: 24
178.215.239.0/24 maxlen: 24
178.215.237.0/24 maxlen: 24
85.31.44.0/24 maxlen: 24
85.31.46.0/24 maxlen: 24
85.31.45.0/24 maxlen: 24
85.31.47.0/24 maxlen: 24
94.154.163.0/24 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.160.0/24 maxlen: 24
94.154.162.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 486960783 (0x1d066e8f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 3 16:34:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fff3e588ce18974f4ecd21776d36a5407e6a9798
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:53:8c:05:bc:67:15:d3:6f:98:f6:50:e0:22:
da:6d:cd:e9:64:7d:fa:b0:3c:c3:02:8e:96:21:19:
5a:5a:db:1c:9e:3f:5c:aa:f4:2b:5f:cc:14:2d:51:
4b:e4:79:d7:c6:47:c0:91:16:fb:7e:4b:b0:7a:3b:
ac:b2:21:8b:28:1a:fb:5f:d4:77:d5:32:1a:e4:c9:
5d:b3:c1:78:1a:c9:7f:4e:74:ff:3d:0c:8e:da:80:
db:65:58:77:7c:00:5e:65:4d:41:03:66:3e:64:20:
54:29:da:86:bd:5b:6f:8d:97:56:5c:5c:0d:ac:f1:
7d:80:b7:26:ba:2e:48:95:5f:1b:e0:29:f6:5f:28:
30:f9:7b:ef:1a:38:cb:bc:39:e0:bf:f8:8f:45:6f:
23:aa:89:ce:1b:ed:9b:15:e7:4b:16:1d:1b:f4:69:
f9:2b:11:57:15:6f:73:0a:7f:4d:22:64:71:73:ee:
bd:fc:6d:8b:b2:35:b8:39:0b:d2:83:97:41:b5:7c:
6e:95:56:61:ea:6f:e3:3f:01:70:d2:07:c5:78:c9:
9e:45:8c:c4:6d:e6:d3:49:19:44:41:63:24:a8:99:
6d:69:92:ac:f7:91:0b:fc:31:f1:c0:1b:68:a1:f2:
19:b4:a6:b4:7d:1a:67:09:f5:02:40:cc:ca:c7:19:
f1:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:F3:E5:88:CE:18:97:4F:4E:CD:21:77:6D:36:A5:40:7E:6A:97:98
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/__PliM4Yl09OzSF3bTalQH5ql5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.124.0/22
85.31.44.0/22
94.154.160.0/22
178.215.236.0/22
194.55.224.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:04:b9:b1:b8:f0:6e:8e:43:82:28:c5:f7:25:af:e5:4b:72:
4d:aa:7f:b7:a8:ac:44:c6:83:ba:23:0e:90:c4:e5:b0:f3:bb:
fa:d0:f3:59:db:6b:04:08:c9:ae:17:29:43:a1:59:ea:aa:92:
7a:f4:be:e9:ac:96:41:a7:51:0f:f0:59:b8:c3:d0:96:a3:d3:
f2:80:f6:e8:c5:87:53:f5:2f:26:09:90:26:df:fb:90:85:b3:
d3:1c:0a:86:f2:50:ad:1e:9e:ef:9a:9a:29:af:e8:9e:e3:de:
2a:25:f1:1c:9f:91:66:1b:b3:2d:bc:a8:be:a2:a2:7e:8d:99:
c6:30:77:d5:4e:4a:13:c1:3e:fd:9e:b4:37:45:2e:d0:8d:99:
a3:46:c5:36:ba:44:59:4b:97:d9:b4:46:cb:0e:42:39:d3:c8:
b0:b3:43:7d:87:a5:c3:e4:f3:45:2a:6e:9e:0d:3b:80:f8:63:
6a:74:1e:30:19:e8:19:a4:3a:5a:bd:ad:1c:7f:6c:e7:1e:ca:
5d:11:84:4e:3b:cf:09:1c:5b:58:bc:d8:bb:9e:95:b1:e2:59:
ad:4e:43:5c:b3:af:8f:2f:f6:b2:3a:50:69:da:28:83:9a:9a:
dd:e8:7e:4c:48:b7:66:ea:da:ab:fe:13:98:e5:94:e2:ae:f2:
ec:81:8e:f6
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEHQZujzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDIw
MzE2MzQwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmZmM2U1ODhjZTE4
OTc0ZjRlY2QyMTc3NmQzNmE1NDA3ZTZhOTc5ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMRTjAW8ZxXTb5j2UOAi2m3N6WR9+rA8wwKOliEZWlrbHJ4/
XKr0K1/MFC1RS+R518ZHwJEW+35LsHo7rLIhiyga+1/Ud9UyGuTJXbPBeBrJf050
/z0MjtqA22VYd3wAXmVNQQNmPmQgVCnahr1bb42XVlxcDazxfYC3JrouSJVfG+Ap
9l8oMPl77xo4y7w54L/4j0VvI6qJzhvtmxXnSxYdG/Rp+SsRVxVvcwp/TSJkcXPu
vfxti7I1uDkL0oOXQbV8bpVWYepv4z8BcNIHxXjJnkWMxG3m00kZREFjJKiZbWmS
rPeRC/wx8cAbaKHyGbSmtH0aZwn1AkDMyscZ8VMCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBT/8+WIzhiXT07NIXdtNqVAfmqXmDAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
L19fUGxpTTRZbDA5T3pTRjNiVGFsUUg1cWw1Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAh+pfAMEAlUfLAMEAl6aoAMEArLX
7AMEAsI34DANBgkqhkiG9w0BAQsFAAOCAQEAiwS5sbjwbo5DgijF9yWv5UtyTap/
t6isRMaDuiMOkMTlsPO7+tDzWdtrBAjJrhcpQ6FZ6qqSevS+6ayWQadRD/BZuMPQ
lqPT8oD26MWHU/UvJgmQJt/7kIWz0xwKhvJQrR6e75qaKa/onuPeKiXxHJ+RZhuz
LbyovqKifo2ZxjB31U5KE8E+/Z60N0Uu0I2Zo0bFNrpEWUuX2bRGyw5COdPIsLND
fYelw+TzRSpung07gPhjanQeMBnoGaQ6Wr2tHH9s5x7KXRGETjvPCRxbWLzYu56V
seJZrU5DXLOvjy/2sjpQadoog5qa3eh+TEi3Zuraq/4TmOWU4q7y7IGO9g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:39 2023 by rpki-client on console-ams.rpki-client.org