Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/381b58-7c96-4360-9965-ecf233f8ce82/1/O5JkWO_hYc98doZWZQfbbqc0Fak.roa
File: O5JkWO_hYc98doZWZQfbbqc0Fak.roa (raw, json)
Hash identifier: Ycx/TgusRs0Mq7274tr9fqDVOnYTFz3eZCJ8w+Pvquk=
Subject key identifier: 3B:92:64:58:EF:E1:61:CF:7C:76:86:56:65:07:DB:6E:A7:34:15:A9
Certificate issuer: /CN=fe5d698ecf66ae46ede1fc8230bfbe2096d5245b
Certificate serial: 01825D442570E8CD3FE6E5A7B866774B6118
Authority key identifier: FE:5D:69:8E:CF:66:AE:46:ED:E1:FC:82:30:BF:BE:20:96:D5:24:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_l1pjs9mrkbt4fyCML--IJbVJFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/381b58-7c96-4360-9965-ecf233f8ce82/1/O5JkWO_hYc98doZWZQfbbqc0Fak.roa
Signing time: Tue 02 Aug 2022 06:35:23 +0000
ROA not before: Tue 02 Aug 2022 06:35:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 52000
IP address blocks: 31.134.0.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:5d:44:25:70:e8:cd:3f:e6:e5:a7:b8:66:77:4b:61:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe5d698ecf66ae46ede1fc8230bfbe2096d5245b
Validity
Not Before: Aug 2 06:35:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3b926458efe161cf7c7686566507db6ea73415a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:be:cf:07:10:fb:9d:ca:27:4e:6b:93:c1:39:
93:16:6a:99:70:4d:d3:8f:24:07:d8:f4:1c:bc:38:
28:4e:b5:a7:d6:05:ce:83:8f:da:42:2c:f1:20:54:
52:75:1b:d9:4d:72:2e:91:a8:ad:34:09:78:3b:ff:
97:07:a1:59:9d:48:d2:7c:bd:0c:46:7b:0b:73:85:
81:82:8c:14:7d:23:d1:21:f4:84:c9:24:06:04:47:
49:fd:3e:13:42:29:e6:6a:7b:38:98:7c:07:cd:d7:
0e:fc:9f:78:7a:36:27:a0:73:b5:ec:1a:79:c0:8d:
9c:63:06:2f:8f:73:12:11:ba:cd:22:f2:c6:1b:96:
0a:c8:ea:6f:91:de:9c:88:7c:c5:e2:64:67:49:72:
4a:cc:25:3f:b2:64:b1:f5:57:94:20:35:97:15:56:
53:ed:14:76:10:15:32:bb:8f:b2:d9:f5:a4:78:b4:
8d:a6:79:a3:61:7f:d7:95:a0:8b:fd:fb:69:89:e1:
27:92:59:46:ec:6c:d0:fa:8b:e8:7a:16:5f:ac:12:
41:67:f8:68:bd:da:71:f0:b6:92:18:3a:65:c5:01:
1d:16:9c:58:6e:10:fa:d9:8a:16:ce:11:08:38:e8:
2b:a0:ea:a1:8f:6c:73:0e:00:4b:c2:e5:0b:a0:ae:
b4:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:92:64:58:EF:E1:61:CF:7C:76:86:56:65:07:DB:6E:A7:34:15:A9
X509v3 Authority Key Identifier:
keyid:FE:5D:69:8E:CF:66:AE:46:ED:E1:FC:82:30:BF:BE:20:96:D5:24:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_l1pjs9mrkbt4fyCML--IJbVJFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/381b58-7c96-4360-9965-ecf233f8ce82/1/O5JkWO_hYc98doZWZQfbbqc0Fak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/381b58-7c96-4360-9965-ecf233f8ce82/1/_l1pjs9mrkbt4fyCML--IJbVJFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.134.0.0/20
Signature Algorithm: sha256WithRSAEncryption
a4:c8:7e:61:bc:cd:f4:69:8a:a8:fd:0b:6c:24:7d:4c:9b:ba:
79:98:e2:d6:27:26:f7:12:c0:02:99:2e:51:a1:a4:9e:6a:cc:
3f:ae:ae:a3:42:64:a3:7b:07:6a:51:60:5c:6f:97:fe:af:8a:
64:4a:32:f0:b2:58:6e:6a:0c:ae:fa:9c:01:a3:97:11:26:4f:
f0:1c:f5:4f:ba:06:2f:e4:48:2b:e9:d9:c0:90:53:f7:0f:0b:
e7:5a:41:2a:c0:b0:9c:cf:eb:03:32:c0:ba:83:03:55:98:1d:
07:6d:0f:01:70:47:7c:09:7e:95:01:19:ee:33:5a:76:5f:83:
a4:d6:79:96:d2:2e:36:e0:0e:95:f4:67:a3:18:92:02:d3:17:
10:13:6e:41:1a:13:08:85:0a:03:6a:8a:42:4c:37:37:49:8d:
99:b8:bf:7d:bc:f1:6f:e4:ed:2e:69:ac:e1:00:03:8f:df:2b:
5e:d4:96:88:fe:bf:c5:3c:66:02:45:ce:c9:40:bd:84:0f:2f:
3a:39:de:67:9e:31:b6:58:e5:52:11:c3:5b:57:e6:04:89:bc:
69:b1:ff:5c:1b:02:ec:9f:a3:f8:d1:33:ef:4a:7c:83:53:12:
9e:37:08:7d:3b:be:62:e5:a8:40:9b:04:43:0b:86:f3:2a:ac:
3b:3f:a8:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJdRCVw6M0/5uWnuGZ3S2EYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNWQ2OThlY2Y2NmFlNDZlZGUxZmM4MjMwYmZiZTIwOTZk
NTI0NWIwHhcNMjIwODAyMDYzNTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjkyNjQ1OGVmZTE2MWNmN2M3Njg2NTY2NTA3ZGI2ZWE3MzQxNWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAir7PBxD7nconTmuTwTmTFmqZcE3T
jyQH2PQcvDgoTrWn1gXOg4/aQizxIFRSdRvZTXIukaitNAl4O/+XB6FZnUjSfL0M
RnsLc4WBgowUfSPRIfSEySQGBEdJ/T4TQinmans4mHwHzdcO/J94ejYnoHO17Bp5
wI2cYwYvj3MSEbrNIvLGG5YKyOpvkd6ciHzF4mRnSXJKzCU/smSx9VeUIDWXFVZT
7RR2EBUyu4+y2fWkeLSNpnmjYX/XlaCL/ftpieEnkllG7GzQ+ovoehZfrBJBZ/ho
vdpx8LaSGDplxQEdFpxYbhD62YoWzhEIOOgroOqhj2xzDgBLwuULoK60PQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDuSZFjv4WHPfHaGVmUH226nNBWpMB8GA1UdIwQY
MBaAFP5daY7PZq5G7eH8gjC/viCW1SRbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2wxcGpzOW1ya2J0NGZ5Q01MLS1JSmJWSkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8zODFiNTgtN2M5Ni00MzYwLTk5NjUt
ZWNmMjMzZjhjZTgyLzEvTzVKa1dPX2hZYzk4ZG9aV1pRZmJicWMwRmFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8zODFiNTgtN2M5Ni00MzYwLTk5NjUtZWNmMjMzZjhjZTgy
LzEvX2wxcGpzOW1ya2J0NGZ5Q01MLS1JSmJWSkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEH4YAMA0G
CSqGSIb3DQEBCwUAA4IBAQCkyH5hvM30aYqo/QtsJH1Mm7p5mOLWJyb3EsACmS5R
oaSeasw/rq6jQmSjewdqUWBcb5f+r4pkSjLwslhuagyu+pwBo5cRJk/wHPVPugYv
5Egr6dnAkFP3DwvnWkEqwLCcz+sDMsC6gwNVmB0HbQ8BcEd8CX6VARnuM1p2X4Ok
1nmW0i424A6V9GejGJIC0xcQE25BGhMIhQoDaopCTDc3SY2ZuL99vPFv5O0uaazh
AAOP3yte1JaI/r/FPGYCRc7JQL2EDy86Od5nnjG2WOVSEcNbV+YEibxpsf9cGwLs
n6P40TPvSnyDUxKeNwh9O75i5ahAmwRDC4bzKqw7P6iY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:43 2024 by rpki-client on console-ams.rpki-client.org