Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/RZtFWwFRpcFfdEpVA8Xj5Gf-xc4.roa
File: RZtFWwFRpcFfdEpVA8Xj5Gf-xc4.roa (raw, json)
Hash identifier: O5wRrCrWz6hkufC7N7UOaVVbxIohMiERlcFimRSH+5A=
Subject key identifier: 45:9B:45:5B:01:51:A5:C1:5F:74:4A:55:03:C5:E3:E4:67:FE:C5:CE
Certificate issuer: /CN=5a376c8008d6abd962341563dd2a4dccaf153cba
Certificate serial: 018460EE590387B76865FCF491145537952A
Authority key identifier: 5A:37:6C:80:08:D6:AB:D9:62:34:15:63:DD:2A:4D:CC:AF:15:3C:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WjdsgAjWq9liNBVj3SpNzK8VPLo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/RZtFWwFRpcFfdEpVA8Xj5Gf-xc4.roa
Signing time: Thu 10 Nov 2022 09:45:43 +0000
ROA not before: Thu 10 Nov 2022 09:45:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30823
IP address blocks: 31.214.246.0/24 maxlen: 24
31.214.245.0/24 maxlen: 24
31.214.247.0/24 maxlen: 24
31.214.141.0/24 maxlen: 24
95.156.227.0/24 maxlen: 24
134.255.220.0/24 maxlen: 32
134.255.225.0/24 maxlen: 24
134.255.227.0/24 maxlen: 24
134.255.252.0/24 maxlen: 24
109.230.238.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:60:ee:59:03:87:b7:68:65:fc:f4:91:14:55:37:95:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a376c8008d6abd962341563dd2a4dccaf153cba
Validity
Not Before: Nov 10 09:45:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=459b455b0151a5c15f744a5503c5e3e467fec5ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:48:73:72:ed:64:eb:b6:06:89:40:5d:15:07:
c8:92:a4:ac:ce:35:23:a5:05:e2:b0:8b:f7:95:52:
9a:a3:77:cc:f6:95:57:fe:9a:68:5d:b5:5b:85:63:
0a:d8:cb:1e:46:08:32:9f:3a:91:3b:a4:9c:1e:a4:
6a:95:20:d2:69:24:5f:8d:36:43:ea:d1:f8:16:fe:
7a:67:b6:09:dc:ed:b2:0b:11:db:d8:40:00:7d:83:
ea:7c:39:e1:9b:d8:1f:68:71:91:54:00:5b:dd:7b:
d2:24:cd:bb:be:89:df:36:35:af:9d:90:2c:ca:ff:
d5:7d:56:28:83:e6:88:38:96:2a:67:bc:ac:d0:d4:
6f:31:b9:3f:04:c8:dc:19:83:b2:c3:73:11:b5:eb:
79:54:ab:e1:cf:68:14:d5:16:db:65:5e:29:b3:47:
61:86:b3:9f:e2:c5:3f:93:8e:a0:e8:68:31:55:44:
42:a8:b0:1d:de:c8:1a:af:67:0d:72:61:7c:af:09:
01:ea:3b:28:70:ac:0b:26:9a:0e:83:55:08:36:82:
52:ba:30:9d:14:44:60:9f:07:17:c6:f7:2e:f6:fb:
8f:65:8c:3c:a1:03:29:c7:5b:b9:97:14:b1:f1:42:
35:94:1d:c1:ad:28:5c:b7:50:d5:ed:ff:c8:e0:8a:
06:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:9B:45:5B:01:51:A5:C1:5F:74:4A:55:03:C5:E3:E4:67:FE:C5:CE
X509v3 Authority Key Identifier:
keyid:5A:37:6C:80:08:D6:AB:D9:62:34:15:63:DD:2A:4D:CC:AF:15:3C:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WjdsgAjWq9liNBVj3SpNzK8VPLo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/RZtFWwFRpcFfdEpVA8Xj5Gf-xc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/WjdsgAjWq9liNBVj3SpNzK8VPLo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.141.0/24
31.214.245.0-31.214.247.255
95.156.227.0/24
109.230.238.0/24
134.255.220.0/24
134.255.225.0/24
134.255.227.0/24
134.255.252.0/24
Signature Algorithm: sha256WithRSAEncryption
86:c5:13:6e:5b:72:b6:1b:0e:32:18:7a:12:2c:b6:19:88:93:
27:63:b4:e0:0b:95:1e:a2:cb:76:80:03:40:60:d5:21:37:9f:
15:b6:7d:92:99:bf:89:25:f5:db:19:55:0e:61:af:49:21:62:
36:62:d3:65:00:1a:ff:cd:0f:3b:17:6c:e3:25:32:73:24:a7:
a9:45:61:de:34:c1:79:ef:29:45:3c:e8:ab:07:03:70:e7:75:
6a:bb:93:bc:32:bf:02:4e:bd:9c:a7:d6:aa:6e:b6:7c:b1:71:
0c:3c:fb:56:cd:e5:10:15:e5:ac:68:d0:cc:d0:c3:0d:7b:73:
19:c3:cf:4a:e6:73:11:df:e8:59:c9:e3:2c:8f:16:ae:6a:34:
e2:28:03:42:f9:8c:df:7a:fd:44:d9:72:ba:1c:0b:84:56:f3:
7e:81:87:e5:aa:41:10:37:a5:7e:8b:78:26:64:53:2a:2e:64:
02:09:29:2f:ad:09:eb:ca:f6:0c:61:4a:83:d6:56:9a:54:91:
50:7f:f4:2d:8c:00:f4:5e:98:c6:4c:da:d4:8d:07:31:72:7f:
b2:c5:30:3d:a4:c0:bb:86:b2:7d:b1:01:be:32:54:65:09:e1:
2f:15:7c:5f:85:ef:d1:30:6f:80:60:0e:5a:6f:c0:b8:a0:ce:
7a:98:83:53
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYRg7lkDh7doZfz0kRRVN5UqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhMzc2YzgwMDhkNmFiZDk2MjM0MTU2M2RkMmE0ZGNjYWYx
NTNjYmEwHhcNMjIxMTEwMDk0NTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTliNDU1YjAxNTFhNWMxNWY3NDRhNTUwM2M1ZTNlNDY3ZmVjNWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzEhzcu1k67YGiUBdFQfIkqSszjUj
pQXisIv3lVKao3fM9pVX/ppoXbVbhWMK2MseRggynzqRO6ScHqRqlSDSaSRfjTZD
6tH4Fv56Z7YJ3O2yCxHb2EAAfYPqfDnhm9gfaHGRVABb3XvSJM27vonfNjWvnZAs
yv/VfVYog+aIOJYqZ7ys0NRvMbk/BMjcGYOyw3MRtet5VKvhz2gU1RbbZV4ps0dh
hrOf4sU/k46g6GgxVURCqLAd3sgar2cNcmF8rwkB6jsocKwLJpoOg1UINoJSujCd
FERgnwcXxvcu9vuPZYw8oQMpx1u5lxSx8UI1lB3BrShct1DV7f/I4IoG9QIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFEWbRVsBUaXBX3RKVQPF4+Rn/sXOMB8GA1UdIwQY
MBaAFFo3bIAI1qvZYjQVY90qTcyvFTy6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2pkc2dBaldxOWxpTkJWajNTcE56SzhWUExvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9jYWE3NDMtMWMxMy00YTI1LTlmNmEt
NjViZTU1MDMxNjVkLzEvUlp0Rld3RlJwY0ZmZEVwVkE4WGo1R2YteGM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9jYWE3NDMtMWMxMy00YTI1LTlmNmEtNjViZTU1MDMxNjVk
LzEvV2pkc2dBaldxOWxpTkJWajNTcE56SzhWUExvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAH9aNMAwD
BAAf1vUDBAMf1vADBABfnOMDBABt5u4DBACG/9wDBACG/+EDBACG/+MDBACG//ww
DQYJKoZIhvcNAQELBQADggEBAIbFE25bcrYbDjIYehIsthmIkydjtOALlR6iy3aA
A0Bg1SE3nxW2fZKZv4kl9dsZVQ5hr0khYjZi02UAGv/NDzsXbOMlMnMkp6lFYd40
wXnvKUU86KsHA3DndWq7k7wyvwJOvZyn1qputnyxcQw8+1bN5RAV5axo0MzQww17
cxnDz0rmcxHf6FnJ4yyPFq5qNOIoA0L5jN96/UTZcrocC4RW836Bh+WqQRA3pX6L
eCZkUyouZAIJKS+tCevK9gxhSoPWVppUkVB/9C2MAPRemMZM2tSNBzFyf7LFMD2k
wLuGsn2xAb4yVGUJ4S8VfF+F79Ewb4BgDlpvwLigznqYg1M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:07 2024 by rpki-client on console-fra.rpki-client.org