Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/f2b87b-95e9-4cf8-abeb-6dfbba4edd59/1/tVcDeq_A24goJfhlXWpxpZ_WA60.roa
File: tVcDeq_A24goJfhlXWpxpZ_WA60.roa (raw, json)
Hash identifier: mxLMoanpqm1aqauyvHJHAEtCfmTkqhhkeRDOJOX/s5M=
Subject key identifier: B5:57:03:7A:AF:C0:DB:88:28:25:F8:65:5D:6A:71:A5:9F:D6:03:AD
Certificate issuer: /CN=678cebf7eec3d5e0121e401170ce01ff3888d4ec
Certificate serial: 017014
Authority key identifier: 67:8C:EB:F7:EE:C3:D5:E0:12:1E:40:11:70:CE:01:FF:38:88:D4:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z4zr9-7D1eASHkARcM4B_ziI1Ow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/f2b87b-95e9-4cf8-abeb-6dfbba4edd59/1/tVcDeq_A24goJfhlXWpxpZ_WA60.roa
Signing time: Mon 09 May 2022 12:07:37 +0000
ROA not before: Mon 09 May 2022 12:07:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43588
IP address blocks: 91.228.108.0/22 maxlen: 22
31.131.0.0/22 maxlen: 22
31.131.4.0/23 maxlen: 23
31.131.1.0/24 maxlen: 24
31.131.6.0/24 maxlen: 24
31.131.7.0/24 maxlen: 24
91.216.47.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94228 (0x17014)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=678cebf7eec3d5e0121e401170ce01ff3888d4ec
Validity
Not Before: May 9 12:07:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b557037aafc0db882825f8655d6a71a59fd603ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:e2:50:14:62:3b:06:e9:5e:3d:10:f1:df:51:
0d:2c:d7:92:36:30:9a:71:a0:40:e6:1b:98:4d:89:
59:36:09:98:6a:9b:7b:08:9f:cd:c0:4d:98:07:39:
da:d5:28:2f:0d:b0:f7:1c:e3:32:b8:9c:8a:a3:32:
57:4f:50:29:25:df:ba:8f:ae:d1:3f:aa:c8:4b:07:
6e:90:08:7f:0d:41:19:05:fe:40:2b:2f:0b:ee:94:
60:a7:37:9b:39:33:42:7b:5f:36:42:be:4a:37:36:
aa:cb:75:14:46:2f:06:0e:73:fb:39:53:d7:ee:cb:
c2:cb:a7:8d:21:92:6c:ae:89:31:92:a1:0b:9f:d3:
d6:a1:0b:88:97:d2:0a:9f:49:75:e5:99:1b:0a:23:
c2:c0:e1:c7:bd:22:48:18:4b:b6:33:05:06:80:5b:
3c:8b:0e:84:87:7f:a8:b7:88:95:1f:92:00:80:4e:
b8:13:45:a7:e3:b9:c1:6b:dd:42:e2:e1:ff:f1:16:
2e:55:0e:bb:70:d3:bd:65:77:a7:14:27:67:d3:d4:
c2:4f:ef:33:3e:88:47:6f:be:ca:71:1e:ba:1a:2a:
a1:35:e3:16:73:d4:ed:b6:1d:5a:a9:10:9b:b1:6e:
c3:82:27:1e:86:d3:eb:c7:ff:86:d4:22:ce:41:a0:
40:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:57:03:7A:AF:C0:DB:88:28:25:F8:65:5D:6A:71:A5:9F:D6:03:AD
X509v3 Authority Key Identifier:
keyid:67:8C:EB:F7:EE:C3:D5:E0:12:1E:40:11:70:CE:01:FF:38:88:D4:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z4zr9-7D1eASHkARcM4B_ziI1Ow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f2b87b-95e9-4cf8-abeb-6dfbba4edd59/1/tVcDeq_A24goJfhlXWpxpZ_WA60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f2b87b-95e9-4cf8-abeb-6dfbba4edd59/1/Z4zr9-7D1eASHkARcM4B_ziI1Ow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.0.0/21
91.216.47.0/24
91.228.108.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:e6:d5:49:a3:22:61:57:bd:3d:ec:c8:f8:c2:dd:8a:96:2f:
e3:74:2f:f2:96:43:7b:a5:bc:ea:ba:27:ba:08:67:43:96:ed:
30:5d:38:91:0c:50:e0:b4:ce:1a:e0:38:39:8b:b8:16:be:6d:
fb:c0:38:65:49:c3:ca:d6:b6:1d:4d:aa:70:dd:df:ca:3d:20:
81:34:f8:00:4e:37:b5:fb:8f:5f:b2:ab:26:c3:c7:b8:eb:8b:
39:76:33:a5:e8:10:f3:b0:7e:d5:4d:af:59:b3:5a:31:8d:f4:
fd:66:26:1e:78:a0:6d:a4:40:b3:dd:3b:b3:88:00:1b:82:a5:
bf:ea:55:7f:8b:bd:98:b9:46:03:6c:48:8d:f7:58:2f:fb:02:
04:e7:82:0f:cc:0b:83:a8:c0:e5:ae:5f:21:fa:32:30:4d:f0:
af:94:e8:a2:24:1d:aa:f1:eb:25:8e:1e:f7:8e:4f:5d:c6:ec:
b2:e9:9d:64:ce:b1:9d:3c:9d:c1:53:c5:5e:6f:58:2e:3c:be:
f0:53:ff:9e:e2:e6:b7:08:85:bf:c6:c5:fe:65:93:b1:cb:65:
9c:16:fa:65:11:de:35:71:46:ce:2e:9e:4e:63:5a:6e:af:1e:
aa:11:79:22:f7:c5:87:09:44:dc:ed:11:6f:a2:c1:e3:68:77:
75:c2:22:43
-----BEGIN CERTIFICATE-----
MIIE+jCCA+KgAwIBAgIDAXAUMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDY3
OGNlYmY3ZWVjM2Q1ZTAxMjFlNDAxMTcwY2UwMWZmMzg4OGQ0ZWMwHhcNMjIwNTA5
MTIwNzM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhiNTU3MDM3YWFmYzBk
Yjg4MjgyNWY4NjU1ZDZhNzFhNTlmZDYwM2FkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAz+JQFGI7BulePRDx31ENLNeSNjCacaBA5huYTYlZNgmYapt7
CJ/NwE2YBzna1SgvDbD3HOMyuJyKozJXT1ApJd+6j67RP6rISwdukAh/DUEZBf5A
Ky8L7pRgpzebOTNCe182Qr5KNzaqy3UURi8GDnP7OVPX7svCy6eNIZJsrokxkqEL
n9PWoQuIl9IKn0l15ZkbCiPCwOHHvSJIGEu2MwUGgFs8iw6Eh3+ot4iVH5IAgE64
E0Wn47nBa91C4uH/8RYuVQ67cNO9ZXenFCdn09TCT+8zPohHb77KcR66GiqhNeMW
c9Ttth1aqRCbsW7DgicehtPrx/+G1CLOQaBAkQIDAQABo4ICFTCCAhEwHQYDVR0O
BBYEFLVXA3qvwNuIKCX4ZV1qcaWf1gOtMB8GA1UdIwQYMBaAFGeM6/fuw9XgEh5A
EXDOAf84iNTsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
WjR6cjktN0QxZUFTSGtBUmNNNEJfemlJMU93LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC80Mi9mMmI4N2ItOTVlOS00Y2Y4LWFiZWItNmRmYmJhNGVkZDU5LzEv
dFZjRGVxX0EyNGdvSmZobFhXcHhwWl9XQTYwLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9m
MmI4N2ItOTVlOS00Y2Y4LWFiZWItNmRmYmJhNGVkZDU5LzEvWjR6cjktN0QxZUFT
SGtBUmNNNEJfemlJMU93LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsG
CCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDH4MAAwQAW9gvAwQCW+RsMA0GCSqG
SIb3DQEBCwUAA4IBAQCP5tVJoyJhV7097Mj4wt2Kli/jdC/ylkN7pbzquie6CGdD
lu0wXTiRDFDgtM4a4Dg5i7gWvm37wDhlScPK1rYdTapw3d/KPSCBNPgATje1+49f
sqsmw8e464s5djOl6BDzsH7VTa9Zs1oxjfT9ZiYeeKBtpECz3TuziAAbgqW/6lV/
i72YuUYDbEiN91gv+wIE54IPzAuDqMDlrl8h+jIwTfCvlOiiJB2q8esljh73jk9d
xuyy6Z1kzrGdPJ3BU8Veb1guPL7wU/+e4ua3CIW/xsX+ZZOxy2WcFvplEd41cUbO
Lp5OY1purx6qEXki98WHCUTc7RFvosHjaHd1wiJD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:09 2024 by rpki-client on console-fra.rpki-client.org