Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/92d33c-8a69-4db3-b628-b62db772bbfa/1/yv6g5hxgQda9qjcyS4obRAqp8m0.roa
File: yv6g5hxgQda9qjcyS4obRAqp8m0.roa (raw, json)
Hash identifier: 6bIE0Zuy+qziqfwY6kVpgwN7WqYtZdevro7w0ITGbGg=
Subject key identifier: CA:FE:A0:E6:1C:60:41:D6:BD:AA:37:32:4B:8A:1B:44:0A:A9:F2:6D
Certificate issuer: /CN=078ed1a0153762a922e55e0f948cd1a5411c7a89
Certificate serial: 0282DC42
Authority key identifier: 07:8E:D1:A0:15:37:62:A9:22:E5:5E:0F:94:8C:D1:A5:41:1C:7A:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B47RoBU3Yqki5V4PlIzRpUEceok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/92d33c-8a69-4db3-b628-b62db772bbfa/1/yv6g5hxgQda9qjcyS4obRAqp8m0.roa
Signing time: Sat 01 Jan 2022 05:05:31 +0000
ROA not before: Sat 01 Jan 2022 05:05:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211741
IP address blocks: 31.43.188.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42130498 (0x282dc42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=078ed1a0153762a922e55e0f948cd1a5411c7a89
Validity
Not Before: Jan 1 05:05:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cafea0e61c6041d6bdaa37324b8a1b440aa9f26d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:fd:ce:30:05:cd:7a:6a:ba:fc:93:5f:e5:1a:
19:d6:5c:35:9d:90:47:40:45:83:1a:b9:6e:6e:30:
e4:ff:3f:9d:53:c8:c4:69:d0:9a:20:7f:1c:43:ad:
b2:63:1e:29:44:47:16:53:1f:d7:64:e4:25:50:cd:
9f:40:d3:85:a7:67:ec:39:55:36:62:03:a2:5c:8e:
af:af:a4:2d:50:8f:6e:1e:56:05:1a:de:fa:34:e9:
2b:0f:b1:41:5d:63:6f:65:db:af:50:36:34:1d:af:
50:a7:2d:21:75:98:c3:b6:34:20:58:76:4a:09:99:
50:2d:5c:c5:95:77:1a:00:df:cf:d2:18:79:c0:06:
a2:c4:97:f1:80:c7:cb:27:f6:16:0c:75:e0:be:6b:
4a:83:a2:b2:a7:54:6e:f3:6e:30:3c:d1:86:f9:88:
e8:de:7a:56:b3:39:be:d9:56:40:76:da:9a:f9:4e:
08:4f:30:57:86:ac:3d:14:11:09:ce:2f:a1:87:7f:
9d:3c:e4:27:99:50:18:30:cc:e2:9e:88:ba:de:c8:
44:69:5e:99:c7:48:7c:8a:2e:1d:80:08:45:53:50:
13:f8:f0:5a:89:12:4a:bf:49:85:7f:dd:5f:46:b8:
c3:a3:a7:50:3c:ff:93:4d:0e:07:df:19:21:bd:39:
e1:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:FE:A0:E6:1C:60:41:D6:BD:AA:37:32:4B:8A:1B:44:0A:A9:F2:6D
X509v3 Authority Key Identifier:
keyid:07:8E:D1:A0:15:37:62:A9:22:E5:5E:0F:94:8C:D1:A5:41:1C:7A:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B47RoBU3Yqki5V4PlIzRpUEceok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/92d33c-8a69-4db3-b628-b62db772bbfa/1/yv6g5hxgQda9qjcyS4obRAqp8m0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/92d33c-8a69-4db3-b628-b62db772bbfa/1/B47RoBU3Yqki5V4PlIzRpUEceok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.43.188.0/23
Signature Algorithm: sha256WithRSAEncryption
63:b2:ad:96:b2:37:f9:00:18:bb:69:70:3c:fe:55:9f:1d:5d:
72:64:28:8e:0f:5c:d9:b7:ca:ed:de:69:04:83:31:49:9e:31:
64:ae:a3:5a:ae:c2:59:52:3a:d4:f7:fa:00:70:fd:ac:e7:d6:
25:1e:18:cd:d5:07:ba:7c:44:f0:73:ff:a5:34:da:10:12:03:
d2:9a:75:73:54:8a:51:e3:75:7d:68:28:52:bb:dd:14:f6:63:
cb:3c:70:76:96:40:d2:5b:c0:c9:10:33:ff:28:59:b9:2c:05:
83:55:cf:b8:71:06:ff:19:2f:09:34:85:e7:67:f2:71:2d:0a:
46:a3:4e:47:2d:2b:bd:6a:98:dc:75:fb:67:29:b9:2d:70:32:
97:1e:5f:93:8a:61:3e:1d:d3:30:2f:cb:2a:93:7c:4a:1e:23:
1f:1d:53:c0:bb:4b:ec:3f:14:d6:2c:eb:55:7d:d1:58:65:8d:
08:c8:7f:32:d2:e5:1c:e6:aa:a7:c4:2d:ad:cf:a8:c3:86:18:
57:f0:46:5f:89:b6:ed:b1:9e:5b:cc:81:56:8d:9d:94:76:12:
e0:01:16:e5:55:ac:b9:6b:67:0c:09:9f:9a:ec:57:7e:29:05:
12:95:fb:79:97:d5:0d:db:5c:06:59:a4:30:0b:ed:a0:00:ff:
c7:3b:f6:23
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAoLcQjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NzhlZDFhMDE1Mzc2MmE5MjJlNTVlMGY5NDhjZDFhNTQxMWM3YTg5MB4XDTIyMDEw
MTA1MDUzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2FmZWEwZTYxYzYw
NDFkNmJkYWEzNzMyNGI4YTFiNDQwYWE5ZjI2ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKP9zjAFzXpquvyTX+UaGdZcNZ2QR0BFgxq5bm4w5P8/nVPI
xGnQmiB/HEOtsmMeKURHFlMf12TkJVDNn0DThadn7DlVNmIDolyOr6+kLVCPbh5W
BRre+jTpKw+xQV1jb2Xbr1A2NB2vUKctIXWYw7Y0IFh2SgmZUC1cxZV3GgDfz9IY
ecAGosSX8YDHyyf2Fgx14L5rSoOisqdUbvNuMDzRhvmI6N56VrM5vtlWQHbamvlO
CE8wV4asPRQRCc4voYd/nTzkJ5lQGDDM4p6Iut7IRGlemcdIfIouHYAIRVNQE/jw
WokSSr9JhX/dX0a4w6OnUDz/k00OB98ZIb054VsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTK/qDmHGBB1r2qNzJLihtECqnybTAfBgNVHSMEGDAWgBQHjtGgFTdiqSLl
Xg+UjNGlQRx6iTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0I0N1JvQlUzWXFraTVWNFBsSXpScFVFY2Vvay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvOTJkMzNjLThhNjktNGRiMy1iNjI4LWI2MmRiNzcyYmJmYS8x
L3l2Nmc1aHhnUWRhOXFqY3lTNG9iUkFxcDhtMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
OTJkMzNjLThhNjktNGRiMy1iNjI4LWI2MmRiNzcyYmJmYS8xL0I0N1JvQlUzWXFr
aTVWNFBsSXpScFVFY2Vvay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAR8rvDANBgkqhkiG9w0BAQsFAAOC
AQEAY7KtlrI3+QAYu2lwPP5Vnx1dcmQojg9c2bfK7d5pBIMxSZ4xZK6jWq7CWVI6
1Pf6AHD9rOfWJR4YzdUHunxE8HP/pTTaEBID0pp1c1SKUeN1fWgoUrvdFPZjyzxw
dpZA0lvAyRAz/yhZuSwFg1XPuHEG/xkvCTSF52fycS0KRqNORy0rvWqY3HX7Zym5
LXAylx5fk4phPh3TMC/LKpN8Sh4jHx1TwLtL7D8U1izrVX3RWGWNCMh/MtLlHOaq
p8Qtrc+ow4YYV/BGX4m27bGeW8yBVo2dlHYS4AEW5VWsuWtnDAmfmuxXfikFEpX7
eZfVDdtcBlmkMAvtoAD/xzv2Iw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:45 2023 by rpki-client on console-ams.rpki-client.org