Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/lZSFw9uzRDIsWd67lRY3eWHDkaU.roa
File: lZSFw9uzRDIsWd67lRY3eWHDkaU.roa (raw, json)
Hash identifier: q70EwdgxxewmB66s/jlOUgE6rzOy2iimKJO3tHVFeQg=
Subject key identifier: 95:94:85:C3:DB:B3:44:32:2C:59:DE:BB:95:16:37:79:61:C3:91:A5
Certificate issuer: /CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4
Certificate serial: 0181F233CD5BA14E654B3882C8F9B8CBAC2F
Authority key identifier: F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/lZSFw9uzRDIsWd67lRY3eWHDkaU.roa
Signing time: Tue 12 Jul 2022 11:38:09 +0000
ROA not before: Tue 12 Jul 2022 11:38:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 31.133.82.0/24 maxlen: 24
31.133.83.0/24 maxlen: 24
31.133.80.0/24 maxlen: 24
31.133.81.0/24 maxlen: 24
31.133.89.0/24 maxlen: 24
31.133.90.0/24 maxlen: 24
31.133.91.0/24 maxlen: 24
31.133.88.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:f2:33:cd:5b:a1:4e:65:4b:38:82:c8:f9:b8:cb:ac:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4
Validity
Not Before: Jul 12 11:38:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=959485c3dbb344322c59debb9516377961c391a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:51:d7:7b:07:49:ec:b2:b5:b7:70:34:c6:b7:
d6:72:a8:3c:82:a1:f0:dc:87:84:7a:fa:96:cc:05:
68:4d:fa:26:f0:a4:56:d1:74:6f:4c:45:10:99:59:
1a:c1:ee:fc:0b:ef:00:b4:c6:52:de:c6:41:f9:60:
b4:55:fc:59:55:a8:f6:98:ed:9a:c1:9f:10:27:f6:
56:9c:a6:be:98:44:97:4b:cd:b7:74:ce:98:74:b5:
0a:19:53:81:66:ba:4b:07:84:58:6f:fc:a9:e3:57:
86:ee:21:bc:67:23:87:0a:9f:58:dd:85:df:53:33:
98:ec:2c:9b:91:f9:ec:69:d4:33:2e:87:40:df:de:
01:46:ff:34:db:49:80:df:eb:30:04:0a:09:17:8f:
70:de:ae:fe:b3:cf:17:3f:51:ef:3e:c9:65:61:82:
6e:be:5c:78:3c:68:72:2e:5f:e5:20:98:d0:1f:eb:
22:5e:e1:b4:42:04:a9:f8:40:82:5b:9c:fb:c7:3b:
a3:38:52:7e:45:35:8c:db:c1:ef:6e:7b:66:88:97:
46:81:3f:bc:57:c6:71:39:a4:df:0b:a1:22:25:e5:
e8:55:fb:67:fc:19:4d:60:75:d7:54:65:a7:94:27:
43:71:fe:f5:b2:bf:9a:e2:31:64:57:d2:65:22:02:
cb:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:94:85:C3:DB:B3:44:32:2C:59:DE:BB:95:16:37:79:61:C3:91:A5
X509v3 Authority Key Identifier:
keyid:F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/lZSFw9uzRDIsWd67lRY3eWHDkaU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/9LnqTZ2DpyjdQQKehq-KEw04ntQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.80.0/22
31.133.88.0/22
Signature Algorithm: sha256WithRSAEncryption
64:9a:36:70:4a:66:75:fc:7e:09:27:8a:0c:0e:37:1a:1c:84:
36:6e:c4:68:52:6e:c5:ad:6f:d3:27:a5:53:3a:63:30:e4:53:
5c:41:7b:ca:6f:80:ec:8c:87:c4:58:87:94:53:44:e4:36:25:
55:81:86:f5:fc:07:f1:32:6d:2f:79:9a:c3:94:4a:91:4c:4b:
5d:5f:8e:c5:72:77:e9:9b:9a:67:8f:b2:df:b5:7d:8c:f2:8c:
9b:f1:fe:17:0f:e1:e6:19:e9:ac:5b:5c:10:c0:d5:70:65:fd:
63:8a:db:65:4d:ec:dc:54:0e:10:8c:33:48:66:95:d0:30:d7:
40:3f:4f:45:5a:4c:22:2b:d4:b8:e6:35:a4:df:59:fb:c2:b1:
a6:de:b3:87:ba:b0:34:a4:af:61:e5:84:0f:00:b8:ce:2c:4e:
20:7e:51:9d:af:e9:52:be:23:5b:98:bf:6d:b6:50:30:16:d5:
56:bf:bb:27:52:be:3b:1c:98:10:ff:ba:2d:09:19:57:1e:10:
1a:e2:fb:1d:30:44:b2:9a:de:09:e4:d4:6d:29:46:a4:85:f4:
db:18:1b:18:3c:57:5d:c6:d4:e8:1e:d5:e7:fb:c7:ea:d8:4e:
c1:07:35:29:c4:86:42:c0:1a:79:79:ed:1e:6b:59:c4:10:6d:
61:c3:62:9b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYHyM81boU5lSziCyPm4y6wvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YjllYTRkOWQ4M2E3MjhkZDQxMDI5ZTg2YWY4YTEzMGQz
ODllZDQwHhcNMjIwNzEyMTEzODA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTk0ODVjM2RiYjM0NDMyMmM1OWRlYmI5NTE2Mzc3OTYxYzM5MWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzlHXewdJ7LK1t3A0xrfWcqg8gqHw
3IeEevqWzAVoTfom8KRW0XRvTEUQmVkawe78C+8AtMZS3sZB+WC0VfxZVaj2mO2a
wZ8QJ/ZWnKa+mESXS823dM6YdLUKGVOBZrpLB4RYb/yp41eG7iG8ZyOHCp9Y3YXf
UzOY7CybkfnsadQzLodA394BRv8020mA3+swBAoJF49w3q7+s88XP1HvPsllYYJu
vlx4PGhyLl/lIJjQH+siXuG0QgSp+ECCW5z7xzujOFJ+RTWM28HvbntmiJdGgT+8
V8ZxOaTfC6EiJeXoVftn/BlNYHXXVGWnlCdDcf71sr+a4jFkV9JlIgLLuQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJWUhcPbs0QyLFneu5UWN3lhw5GlMB8GA1UdIwQY
MBaAFPS56k2dg6co3UECnoavihMNOJ7UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxucVRaMkRweWpkUVFLZWhxLUtFdzA0bnRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8xNGYzMDUtMDEzYi00NTNlLWFjNTMt
MDgxY2IyYjE3YWI1LzEvbFpTRnc5dXpSRElzV2Q2N2xSWTNlV0hEa2FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8xNGYzMDUtMDEzYi00NTNlLWFjNTMtMDgxY2IyYjE3YWI1
LzEvOUxucVRaMkRweWpkUVFLZWhxLUtFdzA0bnRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCH4VQAwQC
H4VYMA0GCSqGSIb3DQEBCwUAA4IBAQBkmjZwSmZ1/H4JJ4oMDjcaHIQ2bsRoUm7F
rW/TJ6VTOmMw5FNcQXvKb4DsjIfEWIeUU0TkNiVVgYb1/AfxMm0veZrDlEqRTEtd
X47Fcnfpm5pnj7LftX2M8oyb8f4XD+HmGemsW1wQwNVwZf1jittlTezcVA4QjDNI
ZpXQMNdAP09FWkwiK9S45jWk31n7wrGm3rOHurA0pK9h5YQPALjOLE4gflGdr+lS
viNbmL9ttlAwFtVWv7snUr47HJgQ/7otCRlXHhAa4vsdMESymt4J5NRtKUakhfTb
GBsYPFddxtToHtXn+8fq2E7BBzUpxIZCwBp5ee0ea1nEEG1hw2Kb
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:45 2023 by rpki-client on console-ams.rpki-client.org