Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/381b58-7c96-4360-9965-ecf233f8ce82/1/YC3HBrF0nc_QgEqzJtQLLKa66zA.roa
File: YC3HBrF0nc_QgEqzJtQLLKa66zA.roa (raw, json)
Hash identifier: 8P0YTns+DGNbU7koRsCzTzwcCWIhrbFQ7L3f6QvxfhQ=
Subject key identifier: 60:2D:C7:06:B1:74:9D:CF:D0:80:4A:B3:26:D4:0B:2C:A6:BA:EB:30
Certificate issuer: /CN=fe5d698ecf66ae46ede1fc8230bfbe2096d5245b
Certificate serial: 0182663A7C249DFBC729DDD84525DDAB7FAD
Authority key identifier: FE:5D:69:8E:CF:66:AE:46:ED:E1:FC:82:30:BF:BE:20:96:D5:24:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_l1pjs9mrkbt4fyCML--IJbVJFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/381b58-7c96-4360-9965-ecf233f8ce82/1/YC3HBrF0nc_QgEqzJtQLLKa66zA.roa
Signing time: Thu 04 Aug 2022 00:21:24 +0000
ROA not before: Thu 04 Aug 2022 00:21:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 52000
IP address blocks: 31.134.0.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:66:3a:7c:24:9d:fb:c7:29:dd:d8:45:25:dd:ab:7f:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe5d698ecf66ae46ede1fc8230bfbe2096d5245b
Validity
Not Before: Aug 4 00:21:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=602dc706b1749dcfd0804ab326d40b2ca6baeb30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:d7:e6:e5:1e:5d:bd:ff:a1:bc:76:b8:b1:bc:
dc:76:34:75:68:5c:50:71:f3:20:d0:1b:6f:4b:79:
5b:72:a3:40:37:90:2f:17:2a:6e:8f:90:1e:91:6b:
35:b7:99:c2:72:d0:53:89:ca:0c:7e:e4:1d:28:51:
ab:19:32:c6:82:69:da:05:17:05:ad:0f:f0:8f:e3:
7b:16:9d:9b:94:18:c4:fc:61:8b:4b:25:95:a0:97:
86:45:23:2b:0a:6e:2d:77:3b:82:90:c7:52:4c:fb:
86:55:e3:57:9d:0a:75:f6:9d:39:3e:45:c4:af:c3:
b9:fd:5d:da:f4:e0:d1:aa:2c:64:d6:c9:05:6a:74:
b8:c1:b7:07:14:af:51:40:2a:0f:38:6b:46:87:09:
68:c2:36:f9:8b:29:b5:33:17:50:16:33:9b:c1:88:
99:aa:a1:6f:cd:a2:84:b9:d9:ac:75:0d:e8:69:e7:
8b:5d:5b:9e:71:cf:cd:61:bb:12:58:2d:58:cd:31:
a3:d2:e6:f3:67:d8:de:33:90:7b:26:5c:f7:1f:b4:
83:35:2f:40:51:78:28:85:8f:b5:c9:c4:52:fd:01:
70:e2:26:11:22:4f:39:72:bc:f6:f2:55:da:76:5e:
ea:66:23:a3:a9:d6:91:62:2a:1f:e5:cf:cd:7a:2d:
35:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:2D:C7:06:B1:74:9D:CF:D0:80:4A:B3:26:D4:0B:2C:A6:BA:EB:30
X509v3 Authority Key Identifier:
keyid:FE:5D:69:8E:CF:66:AE:46:ED:E1:FC:82:30:BF:BE:20:96:D5:24:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_l1pjs9mrkbt4fyCML--IJbVJFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/381b58-7c96-4360-9965-ecf233f8ce82/1/YC3HBrF0nc_QgEqzJtQLLKa66zA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/381b58-7c96-4360-9965-ecf233f8ce82/1/_l1pjs9mrkbt4fyCML--IJbVJFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.134.0.0/20
Signature Algorithm: sha256WithRSAEncryption
3f:2e:23:bc:bc:b9:b8:33:9b:3a:e0:71:e1:e3:18:22:02:8e:
64:c8:fe:0d:12:c1:6b:b3:94:b6:ca:ac:97:6d:23:d7:aa:df:
98:16:3f:84:fd:29:41:c3:ec:8f:cc:bd:b2:2d:08:34:af:0f:
76:33:3b:c5:d6:da:22:df:95:a4:aa:97:f8:48:60:b7:af:1b:
b1:f6:8b:91:58:58:e1:ac:46:a0:08:0a:03:6b:b1:60:71:99:
fe:70:99:b3:9a:01:2d:dd:44:7c:e3:35:d7:2f:f3:70:de:f0:
b0:80:ad:da:9b:a8:53:72:b8:41:4b:32:50:ee:92:cf:8b:da:
94:10:0e:78:cb:1e:88:7f:b4:c3:94:d6:b7:fa:01:b4:ec:66:
44:84:8e:96:a8:96:9c:bd:a4:a2:a9:7e:dd:66:7e:7b:3a:2c:
d9:5b:a4:d0:b2:bf:dd:af:b3:65:7e:63:bd:91:ce:35:28:9e:
98:28:0e:be:aa:01:91:7d:55:42:85:05:50:06:18:7b:f6:15:
a4:b5:1f:66:46:0e:d0:43:a0:1d:f6:8b:6c:3b:98:f1:f5:af:
4b:d0:a5:a3:2a:c5:47:23:4f:cf:1c:cf:8c:58:08:47:20:8e:
95:56:46:5c:ea:6a:66:d6:e7:e3:ae:1c:d0:3e:e7:99:62:ab:
5b:c0:c6:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJmOnwknfvHKd3YRSXdq3+tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNWQ2OThlY2Y2NmFlNDZlZGUxZmM4MjMwYmZiZTIwOTZk
NTI0NWIwHhcNMjIwODA0MDAyMTI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDJkYzcwNmIxNzQ5ZGNmZDA4MDRhYjMyNmQ0MGIyY2E2YmFlYjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgtfm5R5dvf+hvHa4sbzcdjR1aFxQ
cfMg0BtvS3lbcqNAN5AvFypuj5AekWs1t5nCctBTicoMfuQdKFGrGTLGgmnaBRcF
rQ/wj+N7Fp2blBjE/GGLSyWVoJeGRSMrCm4tdzuCkMdSTPuGVeNXnQp19p05PkXE
r8O5/V3a9ODRqixk1skFanS4wbcHFK9RQCoPOGtGhwlowjb5iym1MxdQFjObwYiZ
qqFvzaKEudmsdQ3oaeeLXVuecc/NYbsSWC1YzTGj0ubzZ9jeM5B7Jlz3H7SDNS9A
UXgohY+1ycRS/QFw4iYRIk85crz28lXadl7qZiOjqdaRYiof5c/Nei01JwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGAtxwaxdJ3P0IBKsybUCyymuuswMB8GA1UdIwQY
MBaAFP5daY7PZq5G7eH8gjC/viCW1SRbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2wxcGpzOW1ya2J0NGZ5Q01MLS1JSmJWSkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8zODFiNTgtN2M5Ni00MzYwLTk5NjUt
ZWNmMjMzZjhjZTgyLzEvWUMzSEJyRjBuY19RZ0Vxekp0UUxMS2E2NnpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8zODFiNTgtN2M5Ni00MzYwLTk5NjUtZWNmMjMzZjhjZTgy
LzEvX2wxcGpzOW1ya2J0NGZ5Q01MLS1JSmJWSkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEH4YAMA0G
CSqGSIb3DQEBCwUAA4IBAQA/LiO8vLm4M5s64HHh4xgiAo5kyP4NEsFrs5S2yqyX
bSPXqt+YFj+E/SlBw+yPzL2yLQg0rw92MzvF1toi35Wkqpf4SGC3rxux9ouRWFjh
rEagCAoDa7FgcZn+cJmzmgEt3UR84zXXL/Nw3vCwgK3am6hTcrhBSzJQ7pLPi9qU
EA54yx6If7TDlNa3+gG07GZEhI6WqJacvaSiqX7dZn57OizZW6TQsr/dr7NlfmO9
kc41KJ6YKA6+qgGRfVVChQVQBhh79hWktR9mRg7QQ6Ad9otsO5jx9a9L0KWjKsVH
I0/PHM+MWAhHII6VVkZc6mpm1ufjrhzQPueZYqtbwMby
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:16 2023 by rpki-client on console-ams.rpki-client.org