Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/aq9rbRiOr01dbzbSUwscw_Rdm2g.roa
File: aq9rbRiOr01dbzbSUwscw_Rdm2g.roa (raw, json)
Hash identifier: mPPKsWFlVcUBGN5S9Si/fgIl3Gq8LJ60AY4jledNt/Q=
Subject key identifier: 6A:AF:6B:6D:18:8E:AF:4D:5D:6F:36:D2:53:0B:1C:C3:F4:5D:9B:68
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 0182F4BB781ACE0167B7BBBD54C8056717A6
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/aq9rbRiOr01dbzbSUwscw_Rdm2g.roa
Signing time: Wed 31 Aug 2022 16:28:22 +0000
ROA not before: Wed 31 Aug 2022 16:28:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 52000
IP address blocks: 193.93.192.0/22 maxlen: 24
91.243.88.0/22 maxlen: 22
91.243.92.0/22 maxlen: 22
31.184.242.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:f4:bb:78:1a:ce:01:67:b7:bb:bd:54:c8:05:67:17:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Aug 31 16:28:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6aaf6b6d188eaf4d5d6f36d2530b1cc3f45d9b68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ef:7f:10:a9:96:f8:cf:0b:f2:aa:cc:1b:47:
90:be:88:f4:b1:5e:81:92:dd:56:fb:78:96:2e:7a:
21:8e:26:b4:5f:ba:a1:ab:0e:54:83:ed:d6:e9:86:
e5:cf:02:32:97:e6:a6:be:51:9e:00:e2:da:d2:23:
c8:13:3f:95:16:21:51:e0:8e:33:8f:7c:2e:0a:ac:
fe:bf:4c:46:1e:cf:28:e6:65:ae:3f:50:d2:82:ab:
91:c7:ad:0e:02:40:b7:7c:1d:33:b7:1c:c9:a4:81:
8a:19:bc:6e:76:95:c6:ca:4b:42:20:17:1b:40:47:
0c:f6:77:37:9d:48:24:82:8c:74:3c:1b:5b:24:2f:
db:fe:9f:f1:3f:de:2e:e3:6b:17:fd:a2:f7:bb:80:
1b:86:c8:b7:fd:95:91:53:a7:9e:70:9f:e0:84:9f:
05:fb:d6:3c:7c:23:bc:5f:9d:9f:b4:00:3a:99:0c:
6c:d4:c0:f9:cf:87:2c:3e:71:5a:42:15:22:32:fb:
34:56:cd:05:5a:d7:d5:c5:e0:f5:8b:51:f7:1d:9a:
bf:d5:51:d4:02:47:85:cc:ff:23:27:9b:4b:b5:b0:
b4:58:c2:1b:12:ca:0c:8d:99:2c:19:b1:df:ba:37:
46:54:76:80:92:be:5b:99:41:67:13:06:ea:63:f3:
02:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:AF:6B:6D:18:8E:AF:4D:5D:6F:36:D2:53:0B:1C:C3:F4:5D:9B:68
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/aq9rbRiOr01dbzbSUwscw_Rdm2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.184.242.0/24
91.243.88.0/21
193.93.192.0/22
Signature Algorithm: sha256WithRSAEncryption
bc:bd:bc:51:c0:f1:67:b7:5e:a8:29:4f:76:e6:68:80:09:df:
68:02:92:58:f3:fa:64:c0:40:51:cc:96:b1:f3:d1:bc:7b:87:
84:1d:12:0a:0c:dc:31:a3:2a:45:4c:49:02:0b:7b:34:24:bb:
dd:35:93:5f:63:a8:1e:f5:a9:b7:b7:55:fa:30:22:38:75:23:
bc:e3:44:7e:bf:94:0b:7f:6f:79:9f:9f:a1:90:9f:23:e9:04:
bc:0f:68:d6:60:77:1e:6b:d4:38:ba:22:c6:a5:93:fe:eb:4d:
04:9a:66:a1:37:ff:36:c4:55:39:52:5d:8c:9b:06:62:2e:b0:
44:2e:aa:00:39:40:03:76:e6:3b:42:dc:f9:7c:cb:64:51:a2:
c5:72:96:d5:bc:73:05:58:37:05:a6:80:97:f9:11:aa:50:87:
14:bd:e5:1e:ee:c2:b1:4f:1a:af:8e:3b:77:74:5a:08:e5:10:
d6:ec:e6:48:1d:f4:93:f9:88:bd:2b:31:51:69:dd:9d:cd:28:
b0:98:ea:7a:f4:5a:6d:f3:d4:0f:21:3a:3f:b7:81:b0:02:8d:
f2:09:4c:92:97:6c:43:94:ba:f2:8b:af:4c:0b:d3:27:18:4b:
81:38:64:04:08:42:0c:f5:09:ae:af:84:41:62:14:3e:2a:09:
26:da:10:a9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYL0u3gazgFnt7u9VMgFZxemMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjIwODMxMTYyODIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWFmNmI2ZDE4OGVhZjRkNWQ2ZjM2ZDI1MzBiMWNjM2Y0NWQ5YjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+9/EKmW+M8L8qrMG0eQvoj0sV6B
kt1W+3iWLnohjia0X7qhqw5Ug+3W6YblzwIyl+amvlGeAOLa0iPIEz+VFiFR4I4z
j3wuCqz+v0xGHs8o5mWuP1DSgquRx60OAkC3fB0ztxzJpIGKGbxudpXGyktCIBcb
QEcM9nc3nUgkgox0PBtbJC/b/p/xP94u42sX/aL3u4Abhsi3/ZWRU6eecJ/ghJ8F
+9Y8fCO8X52ftAA6mQxs1MD5z4csPnFaQhUiMvs0Vs0FWtfVxeD1i1H3HZq/1VHU
AkeFzP8jJ5tLtbC0WMIbEsoMjZksGbHfujdGVHaAkr5bmUFnEwbqY/MCdwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGqva20Yjq9NXW820lMLHMP0XZtoMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvYXE5cmJSaU9yMDFkYnpiU1V3c2N3X1JkbTJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAH7jyAwQD
W/NYAwQCwV3AMA0GCSqGSIb3DQEBCwUAA4IBAQC8vbxRwPFnt16oKU925miACd9o
ApJY8/pkwEBRzJax89G8e4eEHRIKDNwxoypFTEkCC3s0JLvdNZNfY6ge9am3t1X6
MCI4dSO840R+v5QLf295n5+hkJ8j6QS8D2jWYHcea9Q4uiLGpZP+600EmmahN/82
xFU5Ul2MmwZiLrBELqoAOUADduY7Qtz5fMtkUaLFcpbVvHMFWDcFpoCX+RGqUIcU
veUe7sKxTxqvjjt3dFoI5RDW7OZIHfST+Yi9KzFRad2dzSiwmOp69Fpt89QPITo/
t4GwAo3yCUySl2xDlLryi69MC9MnGEuBOGQECEIM9Qmur4RBYhQ+Kgkm2hCp
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:56 2023 by rpki-client on console-fra.rpki-client.org