Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/381b58-7c96-4360-9965-ecf233f8ce82/1/9zxCQBLL1jFEsk5eakYqfPGYhW4.roa
File: 9zxCQBLL1jFEsk5eakYqfPGYhW4.roa (raw, json)
Hash identifier: LbptahyyWvo1QeeefUWKyn0n5rxiKQnYO6zv262vkOU=
Subject key identifier: F7:3C:42:40:12:CB:D6:31:44:B2:4E:5E:6A:46:2A:7C:F1:98:85:6E
Certificate issuer: /CN=fe5d698ecf66ae46ede1fc8230bfbe2096d5245b
Certificate serial: 0181E3AE0C736716460E9EAAC71D929A12B3
Authority key identifier: FE:5D:69:8E:CF:66:AE:46:ED:E1:FC:82:30:BF:BE:20:96:D5:24:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_l1pjs9mrkbt4fyCML--IJbVJFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/381b58-7c96-4360-9965-ecf233f8ce82/1/9zxCQBLL1jFEsk5eakYqfPGYhW4.roa
Signing time: Sat 09 Jul 2022 15:57:23 +0000
ROA not before: Sat 09 Jul 2022 15:57:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 31.134.1.0/24 maxlen: 24
31.134.0.0/24 maxlen: 24
31.134.4.0/24 maxlen: 24
31.134.3.0/24 maxlen: 24
31.134.2.0/24 maxlen: 24
31.134.8.0/24 maxlen: 24
31.134.7.0/24 maxlen: 24
31.134.6.0/24 maxlen: 24
31.134.5.0/24 maxlen: 24
31.134.11.0/24 maxlen: 24
31.134.10.0/24 maxlen: 24
31.134.9.0/24 maxlen: 24
31.134.15.0/24 maxlen: 24
31.134.14.0/24 maxlen: 24
31.134.13.0/24 maxlen: 24
31.134.12.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:e3:ae:0c:73:67:16:46:0e:9e:aa:c7:1d:92:9a:12:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe5d698ecf66ae46ede1fc8230bfbe2096d5245b
Validity
Not Before: Jul 9 15:57:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f73c424012cbd63144b24e5e6a462a7cf198856e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:3c:e3:c9:d0:48:cd:c5:df:d2:c1:22:f5:8c:
24:ed:96:72:25:c8:5a:5a:a0:00:3d:cc:51:ab:c3:
f8:99:c9:6c:c8:16:81:ed:34:13:e5:a8:a7:30:b5:
e1:44:69:8d:ee:77:79:ba:f9:60:0c:d4:82:ec:c5:
11:fe:3e:3a:fa:43:1f:6b:d3:b3:dc:fb:63:b2:0a:
d0:be:7f:1b:a6:95:ac:8b:40:50:9c:38:38:2f:e0:
e7:a0:17:65:45:e6:7c:7f:bf:00:5e:c6:86:54:99:
74:92:d3:d1:dc:17:54:94:40:2f:82:f0:f3:65:5f:
d4:34:12:74:f4:e1:c1:80:e8:e3:87:39:ec:c5:a5:
9d:e2:c0:37:02:9b:0a:de:6d:11:2f:c0:16:09:39:
87:d6:e7:74:a9:dc:39:4e:ce:2d:ec:a3:40:2a:89:
c9:69:07:a6:bd:5d:da:30:a2:b4:4c:bb:4e:bd:4d:
55:ff:bf:ec:e8:36:8c:b2:7e:ba:4b:81:e2:15:b7:
50:a5:be:f6:84:08:d7:5c:ca:8c:4c:7d:75:e3:35:
96:e0:06:2e:bf:0b:56:ed:88:77:97:98:df:79:c9:
00:51:1f:2b:b6:6a:13:a8:2d:22:19:49:24:68:a7:
66:d1:ca:4b:a9:d8:93:14:7b:f8:08:d2:1a:06:39:
22:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:3C:42:40:12:CB:D6:31:44:B2:4E:5E:6A:46:2A:7C:F1:98:85:6E
X509v3 Authority Key Identifier:
keyid:FE:5D:69:8E:CF:66:AE:46:ED:E1:FC:82:30:BF:BE:20:96:D5:24:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_l1pjs9mrkbt4fyCML--IJbVJFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/381b58-7c96-4360-9965-ecf233f8ce82/1/9zxCQBLL1jFEsk5eakYqfPGYhW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/381b58-7c96-4360-9965-ecf233f8ce82/1/_l1pjs9mrkbt4fyCML--IJbVJFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.134.0.0/20
Signature Algorithm: sha256WithRSAEncryption
80:fa:d0:ec:b9:e4:4c:1d:a1:72:81:40:2d:b4:fb:a3:9b:83:
d7:3d:0b:ce:37:d6:e6:eb:7f:a1:fc:a6:05:94:0d:83:b4:86:
9f:0d:5b:0f:52:41:ff:61:38:33:89:42:45:20:9e:e9:7e:26:
0f:ac:91:46:2a:d6:21:f0:04:a8:f7:33:e2:43:50:e5:f9:cb:
22:3b:6e:72:3c:7b:a4:4b:7e:3d:08:67:0d:f0:49:7b:32:09:
ef:e6:ca:59:45:76:35:c2:01:ef:04:63:02:19:84:7a:7f:e1:
41:de:15:35:a1:18:ed:e9:bf:5c:28:81:e6:d6:ab:fc:56:7b:
11:c0:62:8e:2d:89:30:54:2e:8b:7d:a7:ac:37:41:1c:07:29:
e6:33:c6:5f:3e:ad:68:e4:4c:33:c3:95:28:86:ff:c2:a5:4e:
9a:99:b2:17:62:87:e7:fe:f4:e0:4a:f4:bd:ca:a3:90:2d:8b:
4c:ea:35:94:0a:92:85:0d:53:ab:cd:29:35:9a:57:eb:b8:6c:
49:0b:6d:a7:4a:86:cf:8e:45:1c:05:e2:5b:48:52:2b:e9:e0:
24:d3:9d:5e:7b:cf:73:05:2c:fb:11:3d:89:1a:a6:da:ef:b4:
40:b3:33:92:53:83:e5:84:7a:e7:7b:fd:86:b5:3c:53:0c:ae:
2c:a4:3c:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYHjrgxzZxZGDp6qxx2SmhKzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNWQ2OThlY2Y2NmFlNDZlZGUxZmM4MjMwYmZiZTIwOTZk
NTI0NWIwHhcNMjIwNzA5MTU1NzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzNjNDI0MDEyY2JkNjMxNDRiMjRlNWU2YTQ2MmE3Y2YxOTg4NTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDzjydBIzcXf0sEi9Ywk7ZZyJcha
WqAAPcxRq8P4mclsyBaB7TQT5ainMLXhRGmN7nd5uvlgDNSC7MUR/j46+kMfa9Oz
3PtjsgrQvn8bppWsi0BQnDg4L+DnoBdlReZ8f78AXsaGVJl0ktPR3BdUlEAvgvDz
ZV/UNBJ09OHBgOjjhznsxaWd4sA3ApsK3m0RL8AWCTmH1ud0qdw5Ts4t7KNAKonJ
aQemvV3aMKK0TLtOvU1V/7/s6DaMsn66S4HiFbdQpb72hAjXXMqMTH114zWW4AYu
vwtW7Yh3l5jfeckAUR8rtmoTqC0iGUkkaKdm0cpLqdiTFHv4CNIaBjkiDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPc8QkASy9YxRLJOXmpGKnzxmIVuMB8GA1UdIwQY
MBaAFP5daY7PZq5G7eH8gjC/viCW1SRbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2wxcGpzOW1ya2J0NGZ5Q01MLS1JSmJWSkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8zODFiNTgtN2M5Ni00MzYwLTk5NjUt
ZWNmMjMzZjhjZTgyLzEvOXp4Q1FCTEwxakZFc2s1ZWFrWXFmUEdZaFc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8zODFiNTgtN2M5Ni00MzYwLTk5NjUtZWNmMjMzZjhjZTgy
LzEvX2wxcGpzOW1ya2J0NGZ5Q01MLS1JSmJWSkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEH4YAMA0G
CSqGSIb3DQEBCwUAA4IBAQCA+tDsueRMHaFygUAttPujm4PXPQvON9bm63+h/KYF
lA2DtIafDVsPUkH/YTgziUJFIJ7pfiYPrJFGKtYh8ASo9zPiQ1Dl+csiO25yPHuk
S349CGcN8El7Mgnv5spZRXY1wgHvBGMCGYR6f+FB3hU1oRjt6b9cKIHm1qv8VnsR
wGKOLYkwVC6LfaesN0EcBynmM8ZfPq1o5Ewzw5Uohv/CpU6ambIXYofn/vTgSvS9
yqOQLYtM6jWUCpKFDVOrzSk1mlfruGxJC22nSobPjkUcBeJbSFIr6eAk051ee89z
BSz7ET2JGqba77RAszOSU4PlhHrne/2GtTxTDK4spDwr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:19 2024 by rpki-client on console-fra.rpki-client.org