Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/381b58-7c96-4360-9965-ecf233f8ce82/1/SJ88ZXRTKzdCEFvlB4DHJwzwl54.roa
File: SJ88ZXRTKzdCEFvlB4DHJwzwl54.roa (raw, json)
Hash identifier: EEJsky1b2/4fDF/L9tWDeiJ6L5Ml8xps1bU8YjR5bgQ=
Subject key identifier: 48:9F:3C:65:74:53:2B:37:42:10:5B:E5:07:80:C7:27:0C:F0:97:9E
Certificate issuer: /CN=fe5d698ecf66ae46ede1fc8230bfbe2096d5245b
Certificate serial: 04277B0F
Authority key identifier: FE:5D:69:8E:CF:66:AE:46:ED:E1:FC:82:30:BF:BE:20:96:D5:24:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_l1pjs9mrkbt4fyCML--IJbVJFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/381b58-7c96-4360-9965-ecf233f8ce82/1/SJ88ZXRTKzdCEFvlB4DHJwzwl54.roa
Signing time: Sat 12 Feb 2022 12:24:28 +0000
ROA not before: Sat 12 Feb 2022 12:24:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210512
IP address blocks: 31.134.2.0/24 maxlen: 24
31.134.1.0/24 maxlen: 24
31.134.0.0/24 maxlen: 24
31.134.4.0/24 maxlen: 24
31.134.3.0/24 maxlen: 24
31.134.9.0/24 maxlen: 24
31.134.8.0/24 maxlen: 24
31.134.7.0/24 maxlen: 24
31.134.5.0/24 maxlen: 24
31.134.11.0/24 maxlen: 24
31.134.10.0/24 maxlen: 24
31.134.15.0/24 maxlen: 24
31.134.14.0/24 maxlen: 24
31.134.13.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69696271 (0x4277b0f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe5d698ecf66ae46ede1fc8230bfbe2096d5245b
Validity
Not Before: Feb 12 12:24:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=489f3c6574532b3742105be50780c7270cf0979e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f7:60:4b:ff:1f:27:12:be:4a:5e:32:6c:83:
a0:4e:80:eb:c1:93:29:a6:9b:2e:12:20:2d:35:da:
9f:72:18:ea:b9:8e:ef:b8:51:e7:9e:ff:e0:af:eb:
73:17:1a:8c:e6:c5:e9:ea:f6:4d:f1:35:3f:71:bb:
bd:64:37:dd:75:81:fb:6a:24:95:96:27:ae:62:e6:
57:aa:af:5e:d0:ca:00:14:88:72:79:34:ed:1b:e4:
26:d8:a3:fd:29:ba:21:7b:ac:97:07:31:0f:7d:de:
d1:17:b5:15:56:b4:b6:6a:33:44:69:ca:97:c2:48:
56:e3:f5:f1:7a:2b:1f:61:62:dd:00:a9:11:85:86:
fe:dc:bc:7b:48:77:62:fa:f3:e4:d3:65:3e:10:e5:
d5:3f:09:7a:f7:e7:30:67:25:65:c9:4c:11:2c:0c:
07:94:df:4a:1b:42:b5:07:e3:63:59:e4:c8:f9:ed:
e8:09:70:38:7e:6f:80:e5:5e:37:04:f6:64:e0:a2:
1a:70:63:5c:58:ca:c2:ff:7e:32:1b:84:a0:ec:10:
bf:02:c4:a1:17:d0:19:c6:6b:87:27:5a:f6:d8:4f:
06:92:f6:77:cd:6e:1a:54:25:f1:88:b5:86:20:e6:
49:e7:2b:89:f0:e1:31:1b:49:fd:f1:d7:97:c5:34:
cf:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:9F:3C:65:74:53:2B:37:42:10:5B:E5:07:80:C7:27:0C:F0:97:9E
X509v3 Authority Key Identifier:
keyid:FE:5D:69:8E:CF:66:AE:46:ED:E1:FC:82:30:BF:BE:20:96:D5:24:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_l1pjs9mrkbt4fyCML--IJbVJFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/381b58-7c96-4360-9965-ecf233f8ce82/1/SJ88ZXRTKzdCEFvlB4DHJwzwl54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/381b58-7c96-4360-9965-ecf233f8ce82/1/_l1pjs9mrkbt4fyCML--IJbVJFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.134.0.0-31.134.5.255
31.134.7.0-31.134.11.255
31.134.13.0-31.134.15.255
Signature Algorithm: sha256WithRSAEncryption
c0:d6:17:5e:3b:1d:2f:33:96:8a:ae:57:f2:66:75:5a:da:19:
d2:fc:f1:fd:db:84:07:56:d5:93:0c:eb:bd:75:21:3d:27:27:
a5:f2:40:d9:82:47:6a:a9:82:70:72:a5:5d:78:40:24:94:64:
a9:3d:0e:84:c6:cf:7d:13:bd:f4:43:47:ab:92:03:1a:57:9c:
8b:47:62:22:b5:f7:2b:58:e1:c4:20:7d:01:81:18:98:39:18:
1d:38:69:4e:25:9d:44:75:7c:a6:76:c3:26:75:48:e1:21:7b:
fd:eb:a5:b2:57:61:bd:ba:7a:81:d7:72:74:ff:4e:5e:17:73:
bc:83:ab:a7:a3:c6:9e:2c:d0:6a:22:3b:a5:3b:d1:01:97:a8:
e0:13:de:43:6f:b1:d0:ff:74:8b:a0:a9:9e:cc:a1:5a:b1:b1:
2a:2d:6a:b4:bf:e1:93:8b:4d:4d:f5:ef:34:62:f7:10:78:56:
5f:58:ca:06:09:a1:61:63:6c:59:0d:77:09:98:c5:64:d6:27:
eb:64:d2:63:85:d9:ab:e9:58:d2:11:fe:b4:4c:fd:91:d6:fc:
76:9f:72:e2:f9:62:66:05:df:f4:d6:f0:0d:0d:28:68:7a:5b:
ef:3b:ef:f2:79:85:bc:a8:27:de:7e:2b:62:3d:e7:bc:3e:82:
2b:9c:d8:3a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIEBCd7DzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZTVkNjk4ZWNmNjZhZTQ2ZWRlMWZjODIzMGJmYmUyMDk2ZDUyNDViMB4XDTIyMDIx
MjEyMjQyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDg5ZjNjNjU3NDUz
MmIzNzQyMTA1YmU1MDc4MGM3MjcwY2YwOTc5ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMX3YEv/HycSvkpeMmyDoE6A68GTKaabLhIgLTXan3IY6rmO
77hR557/4K/rcxcajObF6er2TfE1P3G7vWQ33XWB+2oklZYnrmLmV6qvXtDKABSI
cnk07RvkJtij/Sm6IXuslwcxD33e0Re1FVa0tmozRGnKl8JIVuP18XorH2Fi3QCp
EYWG/ty8e0h3Yvrz5NNlPhDl1T8JevfnMGclZclMESwMB5TfShtCtQfjY1nkyPnt
6AlwOH5vgOVeNwT2ZOCiGnBjXFjKwv9+MhuEoOwQvwLEoRfQGcZrhyda9thPBpL2
d81uGlQl8Yi1hiDmSecrifDhMRtJ/fHXl8U0zz8CAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBRInzxldFMrN0IQW+UHgMcnDPCXnjAfBgNVHSMEGDAWgBT+XWmOz2auRu3h
/IIwv74gltUkWzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19sMXBqczltcmtidDRmeUNNTC0tSUpiVkpGcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvMzgxYjU4LTdjOTYtNDM2MC05OTY1LWVjZjIzM2Y4Y2U4Mi8x
L1NKODhaWFJUS3pkQ0VGdmxCNERISnd6d2w1NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
MzgxYjU4LTdjOTYtNDM2MC05OTY1LWVjZjIzM2Y4Y2U4Mi8xL19sMXBqczltcmti
dDRmeUNNTC0tSUpiVkpGcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwLwQCAAEwKTALAwMBH4YDBAEfhgQwDAMEAB+GBwME
Ah+GCDAMAwQAH4YNAwQEH4YAMA0GCSqGSIb3DQEBCwUAA4IBAQDA1hdeOx0vM5aK
rlfyZnVa2hnS/PH924QHVtWTDOu9dSE9Jyel8kDZgkdqqYJwcqVdeEAklGSpPQ6E
xs99E730Q0erkgMaV5yLR2IitfcrWOHEIH0BgRiYORgdOGlOJZ1EdXymdsMmdUjh
IXv966WyV2G9unqB13J0/05eF3O8g6uno8aeLNBqIjulO9EBl6jgE95Db7HQ/3SL
oKmezKFasbEqLWq0v+GTi01N9e80YvcQeFZfWMoGCaFhY2xZDXcJmMVk1ifrZNJj
hdmr6VjSEf60TP2R1vx2n3Li+WJmBd/01vANDShoelvvO+/yeYW8qCfefitiPee8
PoIrnNg6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:19 2024 by rpki-client on console-fra.rpki-client.org