Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/pABG3rWnOx1x7TFa4X-C73nro7c.roa
File: pABG3rWnOx1x7TFa4X-C73nro7c.roa (raw, json)
Hash identifier: SG9elzUGbsKpbf6hU+CeS3UuEy6d1/RVWPjnDK4FoJU=
Subject key identifier: A4:00:46:DE:B5:A7:3B:1D:71:ED:31:5A:E1:7F:82:EF:79:EB:A3:B7
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 0329E6E1
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/pABG3rWnOx1x7TFa4X-C73nro7c.roa
Signing time: Sat 01 Jan 2022 01:54:27 +0000
ROA not before: Sat 01 Jan 2022 01:54:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208972
IP address blocks: 188.132.221.0/24 maxlen: 32
188.132.222.0/24 maxlen: 32
31.210.37.0/24 maxlen: 32
31.210.38.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53077729 (0x329e6e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Jan 1 01:54:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a40046deb5a73b1d71ed315ae17f82ef79eba3b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:88:87:cf:4e:b7:6e:c0:df:51:65:b7:e5:91:
e7:38:63:e4:bd:58:e3:7a:c3:0c:a1:66:42:15:21:
01:4d:4e:e9:61:ac:0f:49:f2:8a:bb:07:80:46:b7:
3f:8d:a8:a3:58:95:51:cd:dd:ac:ad:48:5d:37:c3:
11:f0:91:99:0e:eb:39:9a:ff:1f:b1:9d:a5:9a:51:
56:bc:ca:c1:56:8e:7c:5f:03:09:9f:47:70:24:b5:
c9:66:6b:99:75:7b:a1:1e:48:a2:87:6b:7c:ce:82:
ad:54:7d:e2:73:43:5c:51:97:4e:b8:e1:45:ab:8c:
fa:88:a7:f3:eb:b2:82:8a:32:da:dc:67:6a:78:04:
af:a5:10:db:bb:df:1a:ec:c5:9e:a5:7d:ba:b2:ee:
53:1e:2c:33:fe:9b:95:71:99:5e:74:b6:c6:af:32:
22:13:6c:6f:25:1b:b2:2f:28:79:8c:32:37:56:75:
0f:ac:0a:26:2f:92:4d:21:80:75:0f:d9:d7:d8:73:
32:a1:41:0d:60:ea:8b:86:d7:aa:af:6b:2c:26:6d:
ae:7a:f0:5e:db:92:73:09:28:62:c7:83:9c:e3:ca:
52:6c:2a:ac:2e:bb:e1:fe:e2:3a:19:8f:ff:0e:90:
62:c8:f4:c6:6a:b7:52:4a:83:e8:f0:57:90:73:0d:
d6:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:00:46:DE:B5:A7:3B:1D:71:ED:31:5A:E1:7F:82:EF:79:EB:A3:B7
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/pABG3rWnOx1x7TFa4X-C73nro7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.37.0-31.210.38.255
188.132.221.0-188.132.222.255
Signature Algorithm: sha256WithRSAEncryption
61:fd:df:8b:2d:51:fe:f9:4b:9a:68:1f:f5:70:e1:88:38:99:
a5:e3:ec:ee:82:66:5e:1e:a6:88:b1:87:d4:25:a5:e0:3a:95:
d8:b2:84:83:95:02:9f:4b:3e:ec:1c:7f:2d:c2:77:60:7f:e8:
9e:e8:7a:ab:3e:15:c9:8f:6f:c5:59:3f:0b:d4:ef:c4:d8:a6:
08:ce:5a:52:d3:b1:07:29:d5:74:8b:f5:df:69:05:9c:a6:d2:
4e:71:5b:0f:6a:4f:02:09:11:6b:52:5b:42:6a:32:45:c1:d1:
32:f3:ca:8a:ac:50:23:6d:27:34:f6:da:80:37:9f:b8:91:f0:
46:e7:72:6f:f5:89:6c:b6:42:db:1a:e2:19:2b:8a:8f:fd:0d:
88:1d:15:8c:8d:2d:64:af:fb:de:17:ae:26:3d:fb:2a:b0:94:
e1:ea:ca:1a:2a:d8:56:55:5f:b6:a3:0b:3a:5f:9e:d9:61:4f:
65:2c:d3:b3:d1:c3:db:7d:69:53:ce:e7:a4:f3:1b:4b:0e:84:
8b:af:b8:88:ea:a0:72:d7:8e:7d:63:02:64:17:d2:ec:fc:b4:
cf:4d:ae:8a:5b:9b:f7:38:40:08:0b:a7:ec:82:43:2e:cf:4a:
14:91:a9:35:15:e8:ec:81:fc:93:01:bb:91:c0:71:d6:09:f5:
e5:0f:ed:3f
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIEAynm4TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
OWQ1NzQ0N2UzNDIwYjg1Mzg3NWI2ZmE0MDM3MmFhZGUzMTkyY2EyMB4XDTIyMDEw
MTAxNTQyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTQwMDQ2ZGViNWE3
M2IxZDcxZWQzMTVhZTE3ZjgyZWY3OWViYTNiNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ+Ih89Ot27A31Flt+WR5zhj5L1Y43rDDKFmQhUhAU1O6WGs
D0nyirsHgEa3P42oo1iVUc3drK1IXTfDEfCRmQ7rOZr/H7GdpZpRVrzKwVaOfF8D
CZ9HcCS1yWZrmXV7oR5IoodrfM6CrVR94nNDXFGXTrjhRauM+oin8+uygooy2txn
angEr6UQ27vfGuzFnqV9urLuUx4sM/6blXGZXnS2xq8yIhNsbyUbsi8oeYwyN1Z1
D6wKJi+STSGAdQ/Z19hzMqFBDWDqi4bXqq9rLCZtrnrwXtuScwkoYseDnOPKUmwq
rC674f7iOhmP/w6QYsj0xmq3UkqD6PBXkHMN1gMCAwEAAaOCAh8wggIbMB0GA1Ud
DgQWBBSkAEbetac7HXHtMVrhf4LveeujtzAfBgNVHSMEGDAWgBTJ1XRH40ILhTh1
tvpANyqt4xksojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3lkVjBSLU5DQzRVNGRiYjZRRGNxcmVNWkxLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGQvMTU4NmZkLWZkMmMtNDFmOC04ZmU5LTRlMTk4ZjBhNjAxMy8x
L3BBQkczclduT3gxeDdURmE0WC1DNzNucm83Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGQv
MTU4NmZkLWZkMmMtNDFmOC04ZmU5LTRlMTk4ZjBhNjAxMy8xL3lkVjBSLU5DQzRV
NGRiYjZRRGNxcmVNWkxLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA1
BggrBgEFBQcBBwEB/wQmMCQwIgQCAAEwHDAMAwQAH9IlAwQAH9ImMAwDBAC8hN0D
BAC8hN4wDQYJKoZIhvcNAQELBQADggEBAGH934stUf75S5poH/Vw4Yg4maXj7O6C
Zl4epoixh9QlpeA6ldiyhIOVAp9LPuwcfy3Cd2B/6J7oeqs+FcmPb8VZPwvU78TY
pgjOWlLTsQcp1XSL9d9pBZym0k5xWw9qTwIJEWtSW0JqMkXB0TLzyoqsUCNtJzT2
2oA3n7iR8Ebncm/1iWy2Qtsa4hkrio/9DYgdFYyNLWSv+94XriY9+yqwlOHqyhoq
2FZVX7ajCzpfntlhT2Us07PRw9t9aVPO56TzG0sOhIuvuIjqoHLXjn1jAmQX0uz8
tM9Nropbm/c4QAgLp+yCQy7PShSRqTUV6OyB/JMBu5HAcdYJ9eUP7T8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:44 2024 by rpki-client on console-fra.rpki-client.org