Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/PAkA4jsYXQ_1LZVjBHMK5Y6ygqk.roa
File: PAkA4jsYXQ_1LZVjBHMK5Y6ygqk.roa (raw, json)
Hash identifier: Zgb5K5Ar3tBHGT6dG0RKC/nzAlLpS4uOqOuU6NHg1Fo=
Subject key identifier: 3C:09:00:E2:3B:18:5D:0F:F5:2D:95:63:04:73:0A:E5:8E:B2:82:A9
Certificate issuer: /CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4
Certificate serial: 0183EAC570C98EDFA905BE872338371268DD
Authority key identifier: F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/PAkA4jsYXQ_1LZVjBHMK5Y6ygqk.roa
Signing time: Tue 18 Oct 2022 11:05:51 +0000
ROA not before: Tue 18 Oct 2022 11:05:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34549
IP address blocks: 31.133.84.0/22 maxlen: 22
176.103.228.0/22 maxlen: 22
31.133.92.0/22 maxlen: 22
176.103.236.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ea:c5:70:c9:8e:df:a9:05:be:87:23:38:37:12:68:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4
Validity
Not Before: Oct 18 11:05:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3c0900e23b185d0ff52d956304730ae58eb282a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:b7:f1:ce:75:7d:f7:de:2b:4e:8e:cf:b6:a0:
90:d8:19:75:9e:b3:89:cb:de:1c:48:9e:fc:a8:13:
e7:ed:c8:f1:85:03:b4:00:52:e6:ba:0c:0f:19:4b:
0f:58:24:64:f0:53:1b:bf:2c:63:87:68:d7:f6:ce:
ab:79:a8:1b:62:7b:47:27:e2:81:ed:9e:99:b0:a6:
eb:d1:2f:d4:08:a6:ea:13:67:aa:33:d1:75:b7:8c:
bc:71:e1:4b:ce:27:11:0e:1c:59:ea:59:9b:34:a7:
3e:6f:e5:de:46:2d:b6:8c:92:3e:7a:a8:4c:b9:a1:
2a:e0:75:63:5e:7b:a3:88:28:ba:82:bb:3b:71:3b:
2d:90:ff:67:c5:00:9a:d5:af:6a:bd:6a:15:db:56:
f2:7b:9a:7e:0a:2d:3a:15:ce:e0:3f:01:d3:48:21:
e5:87:00:6f:4d:72:40:25:1b:ed:cf:17:f9:b1:2c:
a4:89:04:fb:4b:52:53:09:55:4c:a7:26:da:12:c3:
d0:21:45:0b:f0:16:7d:00:4d:25:a4:f4:77:a0:dc:
6f:ea:16:e0:b1:af:3a:65:35:19:9f:c7:3f:f4:d8:
88:9e:18:76:f0:ea:9f:9e:f3:30:e2:1c:4b:ff:53:
fd:ab:56:f1:62:2f:79:63:e5:87:ac:cc:65:28:08:
29:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:09:00:E2:3B:18:5D:0F:F5:2D:95:63:04:73:0A:E5:8E:B2:82:A9
X509v3 Authority Key Identifier:
keyid:F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/PAkA4jsYXQ_1LZVjBHMK5Y6ygqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/9LnqTZ2DpyjdQQKehq-KEw04ntQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.84.0/22
31.133.92.0/22
176.103.228.0/22
176.103.236.0/22
Signature Algorithm: sha256WithRSAEncryption
98:ea:1a:95:7d:93:46:ca:74:1b:74:77:dc:2d:4c:7f:b2:97:
21:17:72:26:9c:db:98:66:1b:52:30:a4:03:39:e5:57:77:42:
3b:8f:9a:59:73:19:59:3e:b8:e9:1a:b8:24:e9:0f:80:2e:9e:
8c:8e:23:c5:13:fb:9c:4f:4c:0b:39:fb:aa:0a:37:40:ea:50:
63:f8:4c:fd:2c:cd:f2:cc:66:9e:a0:49:bf:ae:07:4a:a8:65:
6e:93:54:3e:7f:38:52:21:47:2b:3c:77:43:c6:c5:bf:24:0a:
81:0e:fa:b1:8b:0b:9e:a1:aa:4a:88:2b:7d:fb:8a:42:99:05:
e9:16:a8:aa:f8:de:1f:5b:c5:53:1e:40:1e:10:52:de:9e:a7:
73:0e:b0:0b:05:08:a3:d9:e1:a3:21:bb:a7:8f:ae:c1:ba:1c:
84:20:b1:cd:c4:54:98:e3:72:c3:6d:15:65:92:3f:21:c5:6f:
28:09:33:13:6a:76:de:85:f2:ab:79:8b:f8:8d:53:ca:95:db:
59:fd:6c:34:37:74:21:ab:cf:8e:1f:96:2c:f7:0b:40:d8:4c:
88:7c:8d:91:24:e4:c9:6c:23:09:96:71:93:3b:97:49:56:ee:
5f:5c:61:21:30:fd:29:fb:92:87:18:9a:84:7a:ad:74:6a:b2:
fb:e2:94:e0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYPqxXDJjt+pBb6HIzg3EmjdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YjllYTRkOWQ4M2E3MjhkZDQxMDI5ZTg2YWY4YTEzMGQz
ODllZDQwHhcNMjIxMDE4MTEwNTUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzA5MDBlMjNiMTg1ZDBmZjUyZDk1NjMwNDczMGFlNThlYjI4MmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbfxznV9994rTo7PtqCQ2Bl1nrOJ
y94cSJ78qBPn7cjxhQO0AFLmugwPGUsPWCRk8FMbvyxjh2jX9s6reagbYntHJ+KB
7Z6ZsKbr0S/UCKbqE2eqM9F1t4y8ceFLzicRDhxZ6lmbNKc+b+XeRi22jJI+eqhM
uaEq4HVjXnujiCi6grs7cTstkP9nxQCa1a9qvWoV21bye5p+Ci06Fc7gPwHTSCHl
hwBvTXJAJRvtzxf5sSykiQT7S1JTCVVMpybaEsPQIUUL8BZ9AE0lpPR3oNxv6hbg
sa86ZTUZn8c/9NiInhh28OqfnvMw4hxL/1P9q1bxYi95Y+WHrMxlKAgprwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDwJAOI7GF0P9S2VYwRzCuWOsoKpMB8GA1UdIwQY
MBaAFPS56k2dg6co3UECnoavihMNOJ7UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxucVRaMkRweWpkUVFLZWhxLUtFdzA0bnRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8xNGYzMDUtMDEzYi00NTNlLWFjNTMt
MDgxY2IyYjE3YWI1LzEvUEFrQTRqc1lYUV8xTFpWakJITUs1WTZ5Z3FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8xNGYzMDUtMDEzYi00NTNlLWFjNTMtMDgxY2IyYjE3YWI1
LzEvOUxucVRaMkRweWpkUVFLZWhxLUtFdzA0bnRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCH4VUAwQC
H4VcAwQCsGfkAwQCsGfsMA0GCSqGSIb3DQEBCwUAA4IBAQCY6hqVfZNGynQbdHfc
LUx/spchF3ImnNuYZhtSMKQDOeVXd0I7j5pZcxlZPrjpGrgk6Q+ALp6MjiPFE/uc
T0wLOfuqCjdA6lBj+Ez9LM3yzGaeoEm/rgdKqGVuk1Q+fzhSIUcrPHdDxsW/JAqB
DvqxiwueoapKiCt9+4pCmQXpFqiq+N4fW8VTHkAeEFLenqdzDrALBQij2eGjIbun
j67BuhyEILHNxFSY43LDbRVlkj8hxW8oCTMTanbehfKreYv4jVPKldtZ/Ww0N3Qh
q8+OH5Ys9wtA2EyIfI2RJOTJbCMJlnGTO5dJVu5fXGEhMP0p+5KHGJqEeq10arL7
4pTg
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:45 2023 by rpki-client on console-ams.rpki-client.org