Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/381b58-7c96-4360-9965-ecf233f8ce82/1/z0YSg3xZ-FMujKMMV1TPSmA7hl4.roa
File: z0YSg3xZ-FMujKMMV1TPSmA7hl4.roa (raw, json)
Hash identifier: Kw3sGMnwy39b457Vj35jFSPNZ27ZjHTnxg/EckWFzBo=
Subject key identifier: CF:46:12:83:7C:59:F8:53:2E:8C:A3:0C:57:54:CF:4A:60:3B:86:5E
Certificate issuer: /CN=fe5d698ecf66ae46ede1fc8230bfbe2096d5245b
Certificate serial: 01829C50D03D528FA86887231BDA6A333F3E
Authority key identifier: FE:5D:69:8E:CF:66:AE:46:ED:E1:FC:82:30:BF:BE:20:96:D5:24:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_l1pjs9mrkbt4fyCML--IJbVJFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/381b58-7c96-4360-9965-ecf233f8ce82/1/z0YSg3xZ-FMujKMMV1TPSmA7hl4.roa
Signing time: Sun 14 Aug 2022 12:25:18 +0000
ROA not before: Sun 14 Aug 2022 12:25:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 52000
IP address blocks: 31.134.0.0/22 maxlen: 22
31.134.4.0/22 maxlen: 22
31.134.8.0/22 maxlen: 22
31.134.12.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:9c:50:d0:3d:52:8f:a8:68:87:23:1b:da:6a:33:3f:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe5d698ecf66ae46ede1fc8230bfbe2096d5245b
Validity
Not Before: Aug 14 12:25:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cf4612837c59f8532e8ca30c5754cf4a603b865e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:0a:79:6e:5b:25:a3:00:72:f8:b8:f2:4f:95:
5a:58:f7:03:83:f3:aa:c9:43:b9:a3:ad:93:dd:6a:
de:31:84:97:a4:8b:6d:28:19:5d:1d:54:90:d8:d3:
79:e1:b5:4a:e9:cf:13:68:17:d2:4e:2c:bd:b0:54:
f0:8c:3c:75:e8:86:1f:d8:b7:a8:5d:91:e6:a6:53:
b8:e9:5b:17:a6:10:43:91:7b:0a:f5:02:97:c1:76:
f6:53:b7:98:14:68:06:14:47:86:9b:84:b7:b0:9a:
67:d8:e9:a5:e0:ab:6a:5f:c6:89:d1:4c:7c:27:18:
cc:7f:c0:24:6b:a7:ff:91:45:5c:c7:5b:84:75:a8:
29:50:55:9d:8d:b2:b6:45:49:0b:c4:26:6c:bc:3a:
da:c9:81:54:b1:8f:d8:59:df:8a:80:a6:57:95:00:
b8:e1:58:23:2a:31:b4:b7:d8:f5:c6:24:d5:de:b7:
b8:d1:ac:26:f0:da:00:ba:aa:47:eb:41:0d:77:4e:
b3:12:2d:a2:d2:ab:a1:d6:c3:a1:b5:6d:c9:f2:db:
e6:fb:33:d3:2f:43:b2:1a:4f:05:10:01:fc:64:89:
23:9a:0f:e7:8b:40:dc:5c:ec:5d:c0:27:e7:e9:6e:
77:4f:c4:e9:06:bd:48:e9:3c:0d:29:f9:2c:c6:ed:
b3:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:46:12:83:7C:59:F8:53:2E:8C:A3:0C:57:54:CF:4A:60:3B:86:5E
X509v3 Authority Key Identifier:
keyid:FE:5D:69:8E:CF:66:AE:46:ED:E1:FC:82:30:BF:BE:20:96:D5:24:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_l1pjs9mrkbt4fyCML--IJbVJFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/381b58-7c96-4360-9965-ecf233f8ce82/1/z0YSg3xZ-FMujKMMV1TPSmA7hl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/381b58-7c96-4360-9965-ecf233f8ce82/1/_l1pjs9mrkbt4fyCML--IJbVJFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.134.0.0/20
Signature Algorithm: sha256WithRSAEncryption
65:54:4c:4c:6b:58:5f:da:c7:8e:ca:e4:e1:ee:8f:44:5e:90:
a1:23:51:6d:13:73:e9:5c:a6:3f:56:40:c2:03:ac:50:ea:67:
91:12:a9:cb:64:a7:ed:99:08:d7:39:b6:9d:8f:80:a3:aa:5f:
2a:76:ff:3f:c2:d6:02:44:c7:0f:7f:e0:48:75:0a:d6:f5:88:
30:25:e7:df:5e:35:b8:65:34:66:a3:e8:05:01:6c:f0:e9:fa:
19:b0:03:2e:0d:83:21:a8:89:7d:95:f3:7f:3a:26:67:f9:04:
43:86:a4:98:62:3f:da:01:84:07:9d:6a:89:4d:f0:80:9c:40:
2a:11:2b:46:b7:a5:e4:cc:51:21:1e:35:dd:50:28:c4:e8:c3:
b4:b2:0d:b7:63:91:2b:a8:8a:a1:2b:b1:f1:06:7d:5f:f3:a6:
fe:eb:66:e1:e8:6a:c1:12:69:53:71:d9:ce:9d:39:d6:15:32:
36:c0:3f:a2:23:46:38:52:36:ab:5e:31:29:05:3f:95:bf:e0:
fe:81:2e:3a:c9:02:9a:67:76:15:d6:2b:25:fd:19:b7:cd:ff:
18:87:4c:90:d1:a2:3e:d8:5e:44:8e:90:cc:c5:9b:21:66:74:
17:d8:ba:fa:2b:8b:ca:ae:4a:6f:36:12:43:8c:3f:94:80:8a:
d5:4d:f5:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYKcUNA9Uo+oaIcjG9pqMz8+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNWQ2OThlY2Y2NmFlNDZlZGUxZmM4MjMwYmZiZTIwOTZk
NTI0NWIwHhcNMjIwODE0MTIyNTE4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjQ2MTI4MzdjNTlmODUzMmU4Y2EzMGM1NzU0Y2Y0YTYwM2I4NjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwp5blslowBy+LjyT5VaWPcDg/Oq
yUO5o62T3WreMYSXpIttKBldHVSQ2NN54bVK6c8TaBfSTiy9sFTwjDx16IYf2Leo
XZHmplO46VsXphBDkXsK9QKXwXb2U7eYFGgGFEeGm4S3sJpn2Oml4KtqX8aJ0Ux8
JxjMf8Aka6f/kUVcx1uEdagpUFWdjbK2RUkLxCZsvDrayYFUsY/YWd+KgKZXlQC4
4VgjKjG0t9j1xiTV3re40awm8NoAuqpH60ENd06zEi2i0quh1sOhtW3J8tvm+zPT
L0OyGk8FEAH8ZIkjmg/ni0DcXOxdwCfn6W53T8TpBr1I6TwNKfksxu2zfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM9GEoN8WfhTLoyjDFdUz0pgO4ZeMB8GA1UdIwQY
MBaAFP5daY7PZq5G7eH8gjC/viCW1SRbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2wxcGpzOW1ya2J0NGZ5Q01MLS1JSmJWSkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8zODFiNTgtN2M5Ni00MzYwLTk5NjUt
ZWNmMjMzZjhjZTgyLzEvejBZU2czeFotRk11aktNTVYxVFBTbUE3aGw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8zODFiNTgtN2M5Ni00MzYwLTk5NjUtZWNmMjMzZjhjZTgy
LzEvX2wxcGpzOW1ya2J0NGZ5Q01MLS1JSmJWSkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEH4YAMA0G
CSqGSIb3DQEBCwUAA4IBAQBlVExMa1hf2seOyuTh7o9EXpChI1FtE3PpXKY/VkDC
A6xQ6meREqnLZKftmQjXObadj4Cjql8qdv8/wtYCRMcPf+BIdQrW9YgwJeffXjW4
ZTRmo+gFAWzw6foZsAMuDYMhqIl9lfN/OiZn+QRDhqSYYj/aAYQHnWqJTfCAnEAq
EStGt6XkzFEhHjXdUCjE6MO0sg23Y5ErqIqhK7HxBn1f86b+62bh6GrBEmlTcdnO
nTnWFTI2wD+iI0Y4UjarXjEpBT+Vv+D+gS46yQKaZ3YV1isl/Rm3zf8Yh0yQ0aI+
2F5EjpDMxZshZnQX2Lr6K4vKrkpvNhJDjD+UgIrVTfVq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:19 2024 by rpki-client on console-fra.rpki-client.org