Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/f2b87b-95e9-4cf8-abeb-6dfbba4edd59/1/B59fBzv1mRr95bevllZHo7HT71E.roa
File: B59fBzv1mRr95bevllZHo7HT71E.roa (raw, json)
Hash identifier: vM67brJW2e/Zf/4GmVZ/btFOksQ3x2CzNEAljVpIAR0=
Subject key identifier: 07:9F:5F:07:3B:F5:99:1A:FD:E5:B7:AF:96:56:47:A3:B1:D3:EF:51
Certificate issuer: /CN=678cebf7eec3d5e0121e401170ce01ff3888d4ec
Certificate serial: 0183A80A57ED5FE6F0204A52A5AEFA1C32F2
Authority key identifier: 67:8C:EB:F7:EE:C3:D5:E0:12:1E:40:11:70:CE:01:FF:38:88:D4:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z4zr9-7D1eASHkARcM4B_ziI1Ow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/f2b87b-95e9-4cf8-abeb-6dfbba4edd59/1/B59fBzv1mRr95bevllZHo7HT71E.roa
Signing time: Wed 05 Oct 2022 12:06:33 +0000
ROA not before: Wed 05 Oct 2022 12:06:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43588
IP address blocks: 91.228.111.0/24 maxlen: 24
91.228.108.0/24 maxlen: 24
91.228.108.0/22 maxlen: 22
91.228.110.0/24 maxlen: 24
31.131.0.0/22 maxlen: 22
31.131.1.0/24 maxlen: 24
31.131.2.0/24 maxlen: 24
31.131.3.0/24 maxlen: 24
31.131.4.0/24 maxlen: 24
31.131.4.0/23 maxlen: 23
31.131.6.0/24 maxlen: 24
31.131.7.0/24 maxlen: 24
31.131.5.0/24 maxlen: 24
91.216.47.0/24 maxlen: 24
2a0a:6480::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:a8:0a:57:ed:5f:e6:f0:20:4a:52:a5:ae:fa:1c:32:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=678cebf7eec3d5e0121e401170ce01ff3888d4ec
Validity
Not Before: Oct 5 12:06:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=079f5f073bf5991afde5b7af965647a3b1d3ef51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:04:76:d5:f9:a9:db:de:e4:4c:d5:e6:ba:dc:
1f:50:14:e9:f9:96:4a:30:a2:37:33:33:55:7e:2f:
5e:5d:d4:f7:67:9e:6f:57:55:83:fc:f1:43:d1:fb:
f0:38:a5:14:7c:50:f6:80:17:84:a6:8a:0a:77:94:
36:2c:3f:fc:6b:62:1f:27:31:1f:e8:99:16:fb:28:
05:50:17:7c:54:01:48:0e:73:a8:59:11:ac:6d:15:
96:2c:e8:47:a9:05:55:2b:53:f8:4f:56:14:d0:6d:
43:2e:b5:33:fd:2c:2b:19:ba:36:95:12:ca:b1:8e:
37:8b:bf:d0:b6:1b:60:ee:63:96:77:c9:42:ab:df:
be:59:7b:8c:29:8a:9d:09:ca:6c:3a:bd:f6:b8:5f:
9c:aa:d7:b5:65:06:a2:a1:f2:44:86:90:23:61:9a:
a2:36:fd:cb:97:6a:5d:f7:30:1c:af:68:0f:48:3d:
81:b5:af:7f:2c:dd:1a:5e:3f:f5:66:0c:84:b6:37:
54:ea:5f:63:17:4c:e7:1f:75:0a:f6:c7:44:83:48:
7e:7d:24:e3:6c:b5:87:f1:d9:db:d2:9f:67:19:17:
7e:ac:a8:49:96:68:6a:3e:fb:7b:f1:9d:9c:93:61:
6e:b2:ff:e7:4f:50:08:10:16:ac:56:93:55:15:80:
bf:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:9F:5F:07:3B:F5:99:1A:FD:E5:B7:AF:96:56:47:A3:B1:D3:EF:51
X509v3 Authority Key Identifier:
keyid:67:8C:EB:F7:EE:C3:D5:E0:12:1E:40:11:70:CE:01:FF:38:88:D4:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z4zr9-7D1eASHkARcM4B_ziI1Ow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f2b87b-95e9-4cf8-abeb-6dfbba4edd59/1/B59fBzv1mRr95bevllZHo7HT71E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f2b87b-95e9-4cf8-abeb-6dfbba4edd59/1/Z4zr9-7D1eASHkARcM4B_ziI1Ow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.0.0/21
91.216.47.0/24
91.228.108.0/22
IPv6:
2a0a:6480::/29
Signature Algorithm: sha256WithRSAEncryption
a3:58:4b:42:67:d3:81:4e:c7:02:4d:f4:b2:2a:66:98:00:df:
26:a5:77:70:f2:85:cb:45:ae:ed:10:9e:88:a4:b2:51:9a:62:
2a:e5:9e:11:0d:34:b8:44:20:71:da:1f:a9:05:9a:8b:02:93:
99:33:37:8b:21:c5:10:95:59:0c:1f:45:2e:1c:72:84:cf:80:
4f:b3:a9:b5:cc:8d:7a:5d:7a:fa:cf:8f:da:83:ae:bc:95:3e:
a4:25:b7:cd:54:06:f1:20:90:98:85:74:81:0b:38:f3:92:0f:
77:0a:6e:96:3a:76:99:ed:8f:b2:86:76:8e:b2:2e:59:3f:44:
8e:c6:f9:32:92:9d:cf:e4:12:ac:c8:15:69:1d:21:98:ac:6f:
63:59:b2:ed:dc:72:0b:8b:a9:75:82:96:40:6a:1a:b8:e7:00:
c8:fe:8b:70:e9:87:3d:93:88:ba:d7:f6:c4:82:38:34:7a:90:
f9:1c:3d:44:e8:77:5e:0d:e5:aa:3e:ab:29:7d:7b:b4:7b:eb:
18:b6:e3:fd:88:59:55:ef:bd:a7:9e:c1:42:20:4d:02:a4:0d:
ce:de:2b:09:29:b8:46:41:01:ba:91:da:51:68:49:0c:91:90:
02:47:ad:30:28:08:27:27:e1:ca:13:5f:2e:52:69:55:0a:7c:
83:4e:d5:12
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYOoClftX+bwIEpSpa76HDLyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3OGNlYmY3ZWVjM2Q1ZTAxMjFlNDAxMTcwY2UwMWZmMzg4
OGQ0ZWMwHhcNMjIxMDA1MTIwNjMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzlmNWYwNzNiZjU5OTFhZmRlNWI3YWY5NjU2NDdhM2IxZDNlZjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngR21fmp297kTNXmutwfUBTp+ZZK
MKI3MzNVfi9eXdT3Z55vV1WD/PFD0fvwOKUUfFD2gBeEpooKd5Q2LD/8a2IfJzEf
6JkW+ygFUBd8VAFIDnOoWRGsbRWWLOhHqQVVK1P4T1YU0G1DLrUz/SwrGbo2lRLK
sY43i7/Qthtg7mOWd8lCq9++WXuMKYqdCcpsOr32uF+cqte1ZQaiofJEhpAjYZqi
Nv3Ll2pd9zAcr2gPSD2Bta9/LN0aXj/1ZgyEtjdU6l9jF0znH3UK9sdEg0h+fSTj
bLWH8dnb0p9nGRd+rKhJlmhqPvt78Z2ck2Fusv/nT1AIEBasVpNVFYC/uwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFAefXwc79Zka/eW3r5ZWR6Ox0+9RMB8GA1UdIwQY
MBaAFGeM6/fuw9XgEh5AEXDOAf84iNTsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjR6cjktN0QxZUFTSGtBUmNNNEJfemlJMU93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9mMmI4N2ItOTVlOS00Y2Y4LWFiZWIt
NmRmYmJhNGVkZDU5LzEvQjU5ZkJ6djFtUnI5NWJldmxsWkhvN0hUNzFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9mMmI4N2ItOTVlOS00Y2Y4LWFiZWItNmRmYmJhNGVkZDU5
LzEvWjR6cjktN0QxZUFTSGtBUmNNNEJfemlJMU93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDH4MAAwQA
W9gvAwQCW+RsMA0EAgACMAcDBQMqCmSAMA0GCSqGSIb3DQEBCwUAA4IBAQCjWEtC
Z9OBTscCTfSyKmaYAN8mpXdw8oXLRa7tEJ6IpLJRmmIq5Z4RDTS4RCBx2h+pBZqL
ApOZMzeLIcUQlVkMH0UuHHKEz4BPs6m1zI16XXr6z4/ag668lT6kJbfNVAbxIJCY
hXSBCzjzkg93Cm6WOnaZ7Y+yhnaOsi5ZP0SOxvkykp3P5BKsyBVpHSGYrG9jWbLt
3HILi6l1gpZAahq45wDI/otw6Yc9k4i61/bEgjg0epD5HD1E6HdeDeWqPqspfXu0
e+sYtuP9iFlV772nnsFCIE0CpA3O3isJKbhGQQG6kdpRaEkMkZACR60wKAgnJ+HK
E18uUmlVCnyDTtUS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:30 2024 by rpki-client on console-ams.rpki-client.org