Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/85c6bd-6a68-4d11-b9cd-8c2df5a5c6d7/1/URrsHPFY4IcDMjb-C3R_8CBzOdU.roa
File: URrsHPFY4IcDMjb-C3R_8CBzOdU.roa (raw, json)
Hash identifier: A0e7oeydHWDglL+MCmumUBxNr19TRLkhFkdGGNujd3c=
Subject key identifier: 51:1A:EC:1C:F1:58:E0:87:03:32:36:FE:0B:74:7F:F0:20:73:39:D5
Certificate issuer: /CN=9e8cd7d6a4105750bf8975a7d0b96794c1efe622
Certificate serial: 0184E272DB90D6D2D79C3B905D22692C5C95
Authority key identifier: 9E:8C:D7:D6:A4:10:57:50:BF:89:75:A7:D0:B9:67:94:C1:EF:E6:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nozX1qQQV1C_iXWn0LlnlMHv5iI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/85c6bd-6a68-4d11-b9cd-8c2df5a5c6d7/1/URrsHPFY4IcDMjb-C3R_8CBzOdU.roa
Signing time: Mon 05 Dec 2022 13:21:28 +0000
ROA not before: Mon 05 Dec 2022 13:21:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39558
IP address blocks: 195.244.4.0/23 maxlen: 23
91.221.132.0/24 maxlen: 24
91.221.133.0/24 maxlen: 24
31.131.141.0/24 maxlen: 24
31.131.140.0/24 maxlen: 24
31.131.143.0/24 maxlen: 24
31.131.142.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e2:72:db:90:d6:d2:d7:9c:3b:90:5d:22:69:2c:5c:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e8cd7d6a4105750bf8975a7d0b96794c1efe622
Validity
Not Before: Dec 5 13:21:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=511aec1cf158e087033236fe0b747ff0207339d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:62:af:51:30:79:89:f4:19:0c:2f:2f:0e:d8:
0b:52:c1:3c:24:73:e2:7b:8a:d3:23:e3:7a:5a:e3:
cd:56:1d:fa:c5:5a:b3:8f:f6:ca:07:d5:7e:e8:ac:
16:26:a6:58:5e:34:a8:f9:9e:e9:ca:0b:85:40:cc:
e7:65:81:60:dd:99:98:ae:88:5b:32:3e:04:52:20:
a7:57:f8:a4:3c:bd:0f:33:cb:33:83:7d:4b:eb:5c:
fe:ff:b2:d0:67:04:be:8b:e1:d8:6b:16:e4:b1:1e:
4a:b7:2a:5b:11:46:ad:ee:e0:dd:9b:e0:57:5e:be:
80:07:e5:64:bd:83:e2:99:28:4d:08:e3:7d:84:0a:
a0:be:fc:2e:ba:4c:96:aa:53:bb:b4:a3:28:42:5b:
d7:8c:94:32:bc:ce:ef:1d:75:35:47:06:de:7e:8a:
8f:19:fc:14:98:b1:df:30:be:3e:83:df:7c:78:3c:
04:8c:4a:2a:ed:74:14:90:2e:f1:1d:07:b2:26:c0:
0e:f6:12:c5:4c:49:18:75:f9:28:1a:b5:ef:18:28:
43:86:ac:20:ea:9f:38:df:4d:87:07:7b:7c:5f:88:
85:8b:11:69:1c:36:29:5b:df:6b:54:cc:92:1e:ba:
aa:e0:26:30:dd:49:59:45:d8:bc:99:45:49:9f:c1:
6b:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:1A:EC:1C:F1:58:E0:87:03:32:36:FE:0B:74:7F:F0:20:73:39:D5
X509v3 Authority Key Identifier:
keyid:9E:8C:D7:D6:A4:10:57:50:BF:89:75:A7:D0:B9:67:94:C1:EF:E6:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nozX1qQQV1C_iXWn0LlnlMHv5iI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/85c6bd-6a68-4d11-b9cd-8c2df5a5c6d7/1/URrsHPFY4IcDMjb-C3R_8CBzOdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/85c6bd-6a68-4d11-b9cd-8c2df5a5c6d7/1/nozX1qQQV1C_iXWn0LlnlMHv5iI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.140.0/22
91.221.132.0/23
195.244.4.0/23
Signature Algorithm: sha256WithRSAEncryption
41:68:b6:06:81:b2:9f:19:ac:d2:40:ac:25:28:df:eb:85:17:
5a:77:e5:18:88:c2:be:fc:e9:10:96:4f:ae:8c:92:6e:61:c0:
ae:e9:6b:e2:04:2e:80:12:46:44:cc:6c:bd:1a:db:e3:a4:92:
de:dc:a9:15:d3:61:17:8c:4a:fb:97:6a:35:23:71:1c:af:ce:
0d:9a:d4:a1:07:d3:78:70:d5:71:99:a0:9f:83:d4:1c:c6:a8:
ca:e1:0e:62:bf:96:92:f2:7f:f8:06:11:14:3c:03:aa:36:2f:
43:cc:83:81:5b:80:b4:34:bd:65:f7:87:f4:66:5d:89:76:98:
0f:dd:50:89:cf:ad:11:2c:1c:11:f6:bf:0f:db:eb:cf:36:44:
75:6c:38:32:5b:c8:49:fd:60:00:63:79:a2:f9:46:7b:c4:f5:
1f:5e:30:fd:40:84:75:a0:4d:33:8e:94:80:c8:70:bd:50:b3:
4c:d1:c2:f6:d6:39:c1:c9:2a:a1:95:40:7d:42:c7:4b:eb:be:
02:47:4a:17:e1:ed:88:fb:38:c6:85:10:b9:20:70:7d:8a:72:
a4:af:f8:1f:ff:23:85:91:a9:f3:23:79:a5:8f:87:b7:19:6a:
a0:d0:ad:ea:7d:d1:6a:34:fd:8a:dc:f3:ef:30:1f:f0:fb:0a:
b7:50:bb:94
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYTictuQ1tLXnDuQXSJpLFyVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOGNkN2Q2YTQxMDU3NTBiZjg5NzVhN2QwYjk2Nzk0YzFl
ZmU2MjIwHhcNMjIxMjA1MTMyMTI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTFhZWMxY2YxNThlMDg3MDMzMjM2ZmUwYjc0N2ZmMDIwNzMzOWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg2KvUTB5ifQZDC8vDtgLUsE8JHPi
e4rTI+N6WuPNVh36xVqzj/bKB9V+6KwWJqZYXjSo+Z7pyguFQMznZYFg3ZmYrohb
Mj4EUiCnV/ikPL0PM8szg31L61z+/7LQZwS+i+HYaxbksR5KtypbEUat7uDdm+BX
Xr6AB+VkvYPimShNCON9hAqgvvwuukyWqlO7tKMoQlvXjJQyvM7vHXU1RwbefoqP
GfwUmLHfML4+g998eDwEjEoq7XQUkC7xHQeyJsAO9hLFTEkYdfkoGrXvGChDhqwg
6p84302HB3t8X4iFixFpHDYpW99rVMySHrqq4CYw3UlZRdi8mUVJn8Fr9QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFEa7BzxWOCHAzI2/gt0f/AgcznVMB8GA1UdIwQY
MBaAFJ6M19akEFdQv4l1p9C5Z5TB7+YiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbm96WDFxUVFWMUNfaVhXbjBMbG5sTUh2NWlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi84NWM2YmQtNmE2OC00ZDExLWI5Y2Qt
OGMyZGY1YTVjNmQ3LzEvVVJyc0hQRlk0SWNETWpiLUMzUl84Q0J6T2RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi84NWM2YmQtNmE2OC00ZDExLWI5Y2QtOGMyZGY1YTVjNmQ3
LzEvbm96WDFxUVFWMUNfaVhXbjBMbG5sTUh2NWlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCH4OMAwQB
W92EAwQBw/QEMA0GCSqGSIb3DQEBCwUAA4IBAQBBaLYGgbKfGazSQKwlKN/rhRda
d+UYiMK+/OkQlk+ujJJuYcCu6WviBC6AEkZEzGy9GtvjpJLe3KkV02EXjEr7l2o1
I3Ecr84NmtShB9N4cNVxmaCfg9QcxqjK4Q5iv5aS8n/4BhEUPAOqNi9DzIOBW4C0
NL1l94f0Zl2JdpgP3VCJz60RLBwR9r8P2+vPNkR1bDgyW8hJ/WAAY3mi+UZ7xPUf
XjD9QIR1oE0zjpSAyHC9ULNM0cL21jnBySqhlUB9QsdL674CR0oX4e2I+zjGhRC5
IHB9inKkr/gf/yOFkanzI3mlj4e3GWqg0K3qfdFqNP2K3PPvMB/w+wq3ULuU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:46 2024 by rpki-client on console-ams.rpki-client.org