Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/9e2351-8dd0-4b70-a5fc-fb774abdfac2/1/3x9hOfPSb0I544rINC82loVHnrQ.roa
File: 3x9hOfPSb0I544rINC82loVHnrQ.roa (raw, json)
Hash identifier: 8cryyTgW8lQTURnYNvO2dnwPiaNTa08W2ll/oofC1Tw=
Subject key identifier: DF:1F:61:39:F3:D2:6F:42:39:E3:8A:C8:34:2F:36:96:85:47:9E:B4
Certificate issuer: /CN=746395c12672ad958921b62b9dc9b2bcd8a68a9f
Certificate serial: 01B748B0
Authority key identifier: 74:63:95:C1:26:72:AD:95:89:21:B6:2B:9D:C9:B2:BC:D8:A6:8A:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dGOVwSZyrZWJIbYrncmyvNimip8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/9e2351-8dd0-4b70-a5fc-fb774abdfac2/1/3x9hOfPSb0I544rINC82loVHnrQ.roa
Signing time: Wed 29 Jun 2022 10:49:02 +0000
ROA not before: Wed 29 Jun 2022 10:49:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211398
IP address blocks: 31.24.249.0/24 maxlen: 32
2001:678:f30::/48 maxlen: 48
2a12:4940::/32 maxlen: 48
2a12:4946:46::/48 maxlen: 48
2a12:4946:3005::/48 maxlen: 48
2a12:4946:1655::/48 maxlen: 48
2a12:4946:1650::/48 maxlen: 48
2a12:4946:1900::/48 maxlen: 48
2a12:4946:1800::/48 maxlen: 48
2a12:4946:1700::/48 maxlen: 48
2a12:4946:1600::/48 maxlen: 48
2a12:4942::/31 maxlen: 48
2a12:4946:6960::/44 maxlen: 48
2a12:4946:1658::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28788912 (0x1b748b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=746395c12672ad958921b62b9dc9b2bcd8a68a9f
Validity
Not Before: Jun 29 10:49:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=df1f6139f3d26f4239e38ac8342f369685479eb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:42:64:e5:fa:4c:7d:1a:9e:85:44:71:33:bd:
e6:76:0d:84:20:91:a6:ea:a1:99:bc:56:bc:e9:bd:
99:26:14:e3:20:d6:77:10:06:c3:89:ab:8e:12:69:
ef:00:a4:f7:f6:22:31:d5:ba:1c:fa:7a:ed:60:1c:
27:11:8a:77:16:7a:9f:e9:92:cd:89:f0:4e:9f:07:
06:d4:54:53:69:20:b1:58:13:f9:2f:5d:e9:ee:76:
d5:f9:4b:32:45:f7:9d:0a:7f:30:79:01:44:4a:1a:
1c:bb:6c:da:d8:c3:b1:5f:c4:5b:40:23:54:2b:b0:
94:82:f7:a3:ec:f6:48:4c:d4:d5:b9:ea:6b:8b:f0:
84:6d:0f:1a:dd:44:fe:d9:b1:ff:54:11:2b:e5:f8:
c8:b0:39:c6:f4:24:ec:b3:96:68:fc:f9:41:bf:99:
d3:0d:29:91:ad:97:f0:e5:93:39:aa:75:07:e5:29:
bf:c8:b1:3a:c1:ef:51:32:d0:92:60:4f:1c:6f:7a:
57:40:97:77:df:67:32:f7:41:7b:92:c9:84:8e:3c:
64:47:de:a5:d7:5e:72:cf:eb:d1:41:ba:f3:56:77:
50:bd:f8:18:65:ea:8d:38:58:e3:cd:9f:b8:df:35:
21:0e:ad:8f:57:8e:c9:90:2d:62:3e:bd:c2:61:3a:
59:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:1F:61:39:F3:D2:6F:42:39:E3:8A:C8:34:2F:36:96:85:47:9E:B4
X509v3 Authority Key Identifier:
keyid:74:63:95:C1:26:72:AD:95:89:21:B6:2B:9D:C9:B2:BC:D8:A6:8A:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGOVwSZyrZWJIbYrncmyvNimip8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/9e2351-8dd0-4b70-a5fc-fb774abdfac2/1/3x9hOfPSb0I544rINC82loVHnrQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/9e2351-8dd0-4b70-a5fc-fb774abdfac2/1/dGOVwSZyrZWJIbYrncmyvNimip8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.249.0/24
IPv6:
2001:678:f30::/48
2a12:4940::/32
2a12:4942::/31
2a12:4946:46::/48
2a12:4946:1600::/48
2a12:4946:1650::/48
2a12:4946:1655::/48
2a12:4946:1658::/48
2a12:4946:1700::/48
2a12:4946:1800::/48
2a12:4946:1900::/48
2a12:4946:3005::/48
2a12:4946:6960::/44
Signature Algorithm: sha256WithRSAEncryption
bc:1c:7d:18:48:40:82:d4:01:d9:f2:b1:b7:09:15:f5:64:44:
aa:49:b5:77:d0:ff:ca:e7:7d:33:e0:0e:c8:64:ab:e7:e2:66:
2c:e3:60:a3:91:99:8c:97:d0:e4:48:47:e2:0d:2d:83:ac:7c:
07:8c:0b:86:69:02:14:c1:17:1d:90:b3:2e:ad:a2:45:32:73:
e1:ef:cf:0e:40:ee:b1:33:34:34:d3:56:b0:4d:3b:31:41:c6:
45:c7:f9:08:f9:f1:7c:aa:5f:fe:72:81:51:31:e9:93:a3:a6:
95:a3:9c:ff:f9:52:6d:e3:e6:d3:d6:71:d2:63:54:41:ee:e7:
e3:d0:35:6b:6f:d1:69:4c:b8:65:30:1d:de:b9:8b:01:e8:62:
f7:73:c3:38:3d:7b:4c:22:9c:24:2e:c5:53:8c:64:f9:0d:57:
54:d6:ac:82:3a:73:4c:11:94:d6:36:91:97:56:5d:b4:80:bd:
04:52:3e:e8:0b:a1:98:31:72:df:af:68:da:3b:d0:ad:b8:47:
88:7c:28:ba:ae:11:71:27:25:b8:ea:79:c3:98:86:9f:a1:5a:
d5:c5:bd:67:a3:e4:27:bc:f4:2a:b2:44:2d:96:c9:2b:64:9c:
9a:7a:6b:9d:7e:e5:ca:61:dc:9a:59:21:72:ca:77:bb:17:16:
c0:68:36:76
-----BEGIN CERTIFICATE-----
MIIFazCCBFOgAwIBAgIEAbdIsDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDYzOTVjMTI2NzJhZDk1ODkyMWI2MmI5ZGM5YjJiY2Q4YTY4YTlmMB4XDTIyMDYy
OTEwNDkwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGYxZjYxMzlmM2Qy
NmY0MjM5ZTM4YWM4MzQyZjM2OTY4NTQ3OWViNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ9CZOX6TH0anoVEcTO95nYNhCCRpuqhmbxWvOm9mSYU4yDW
dxAGw4mrjhJp7wCk9/YiMdW6HPp67WAcJxGKdxZ6n+mSzYnwTp8HBtRUU2kgsVgT
+S9d6e521flLMkX3nQp/MHkBREoaHLts2tjDsV/EW0AjVCuwlIL3o+z2SEzU1bnq
a4vwhG0PGt1E/tmx/1QRK+X4yLA5xvQk7LOWaPz5Qb+Z0w0pka2X8OWTOap1B+Up
v8ixOsHvUTLQkmBPHG96V0CXd99nMvdBe5LJhI48ZEfepddecs/r0UG681Z3UL34
GGXqjThY482fuN81IQ6tj1eOyZAtYj69wmE6WaMCAwEAAaOCAoUwggKBMB0GA1Ud
DgQWBBTfH2E589JvQjnjisg0LzaWhUeetDAfBgNVHSMEGDAWgBR0Y5XBJnKtlYkh
tiudybK82KaKnzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RHT1Z3U1p5clpXSkliWXJuY215dk5pbWlwOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvOWUyMzUxLThkZDAtNGI3MC1hNWZjLWZiNzc0YWJkZmFjMi8x
LzN4OWhPZlBTYjBJNTQ0cklOQzgybG9WSG5yUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
OWUyMzUxLThkZDAtNGI3MC1hNWZjLWZiNzc0YWJkZmFjMi8xL2RHT1Z3U1p5clpX
SkliWXJuY215dk5pbWlwOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
mgYIKwYBBQUHAQcBAf8EgYowgYcwDAQCAAEwBgMEAB8Y+TB3BAIAAjBxAwcAIAEG
eA8wAwUAKhJJQAMFASoSSUIDBwAqEklGAEYDBwAqEklGFgADBwAqEklGFlADBwAq
EklGFlUDBwAqEklGFlgDBwAqEklGFwADBwAqEklGGAADBwAqEklGGQADBwAqEklG
MAUDBwQqEklGaWAwDQYJKoZIhvcNAQELBQADggEBALwcfRhIQILUAdnysbcJFfVk
RKpJtXfQ/8rnfTPgDshkq+fiZizjYKORmYyX0ORIR+INLYOsfAeMC4ZpAhTBFx2Q
sy6tokUyc+Hvzw5A7rEzNDTTVrBNOzFBxkXH+Qj58XyqX/5ygVEx6ZOjppWjnP/5
Um3j5tPWcdJjVEHu5+PQNWtv0WlMuGUwHd65iwHoYvdzwzg9e0winCQuxVOMZPkN
V1TWrII6c0wRlNY2kZdWXbSAvQRSPugLoZgxct+vaNo70K24R4h8KLquEXEnJbjq
ecOYhp+hWtXFvWej5Ce89CqyRC2WyStknJp6a51+5cph3JpZIXLKd7sXFsBoNnY=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:43 2023 by rpki-client on console-ams.rpki-client.org