Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/pdqomijB_66rdHUGXAslrgnhLBM.roa
File: pdqomijB_66rdHUGXAslrgnhLBM.roa (raw, json)
Hash identifier: 331LGgGY1SttoQnLWHzntp81jLKOYnQy0FQsiyOFyJY=
Subject key identifier: A5:DA:A8:9A:28:C1:FF:AE:AB:74:75:06:5C:0B:25:AE:09:E1:2C:13
Certificate issuer: /CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4
Certificate serial: 0D446737
Authority key identifier: F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/pdqomijB_66rdHUGXAslrgnhLBM.roa
Signing time: Sat 01 Jan 2022 01:00:38 +0000
ROA not before: Sat 01 Jan 2022 01:00:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 196957
IP address blocks: 31.133.80.0/20 maxlen: 20
193.107.172.0/22 maxlen: 22
176.103.224.0/20 maxlen: 20
91.234.40.0/22 maxlen: 22
2001:67c:13b8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 222586679 (0xd446737)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4
Validity
Not Before: Jan 1 01:00:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a5daa89a28c1ffaeab7475065c0b25ae09e12c13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:42:74:41:b1:cd:27:be:39:67:6b:fe:d7:e8:
92:fe:eb:46:a9:d4:07:1d:29:77:40:b1:0f:eb:68:
b9:23:c1:82:1b:70:b7:59:f7:01:f6:cd:ca:ec:92:
0d:4f:fe:08:99:61:20:ef:36:29:60:7e:d8:c0:63:
36:80:3b:86:ac:86:ee:c3:ee:6e:9d:c3:1a:18:7d:
2d:10:5d:58:0c:cb:a8:de:8c:c3:70:da:8a:d9:75:
7b:29:de:06:f9:7f:52:83:0c:fb:e2:b9:f6:42:dc:
5d:76:14:4a:11:46:a8:a4:03:93:a0:1a:eb:06:14:
79:47:13:e0:e6:d6:29:85:11:7e:c5:a8:ca:40:76:
a4:4b:06:2d:b5:b5:26:c8:e2:77:9b:37:cc:26:43:
54:24:6b:06:4c:ce:d2:3d:90:3d:c7:22:e3:37:55:
b0:89:6b:4b:e5:8c:04:9b:5c:df:d7:4a:10:24:d0:
7c:e3:4a:5b:ca:81:6e:42:88:5d:b3:51:34:54:c2:
30:e0:39:6a:43:1c:45:59:08:fa:15:3a:ed:d5:ae:
50:51:85:53:d9:1c:46:3a:ef:30:73:43:4b:a6:4c:
5b:cf:cb:42:fe:9c:6f:04:98:79:f7:b1:6f:75:a5:
61:59:94:1d:3f:1b:55:c1:07:0a:b2:34:82:3a:dd:
af:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:DA:A8:9A:28:C1:FF:AE:AB:74:75:06:5C:0B:25:AE:09:E1:2C:13
X509v3 Authority Key Identifier:
keyid:F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/pdqomijB_66rdHUGXAslrgnhLBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/9LnqTZ2DpyjdQQKehq-KEw04ntQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.80.0/20
91.234.40.0/22
176.103.224.0/20
193.107.172.0/22
IPv6:
2001:67c:13b8::/48
Signature Algorithm: sha256WithRSAEncryption
04:69:f6:be:05:b3:25:ed:e2:1e:36:14:49:7c:80:6a:a8:9f:
b8:b9:f9:4e:ea:78:04:05:b4:68:11:30:c1:2f:9e:3c:da:79:
91:5c:1d:f7:8f:7f:49:62:d5:bc:6e:8b:9f:f1:91:bd:99:86:
13:16:1b:a5:ca:8d:17:ae:08:52:17:d9:8c:61:01:da:7f:d0:
40:8f:e6:77:8e:19:0d:e4:1f:97:e7:51:a3:a8:83:5d:8d:e4:
9a:ed:cc:4f:51:6a:5d:12:23:78:a8:70:77:1c:5f:f5:85:28:
cf:4d:1a:15:d6:c6:2e:7c:66:61:fe:c8:80:00:30:6a:50:d0:
8a:c6:79:1f:47:37:8d:14:b4:81:14:7b:0e:2a:a9:86:ca:ed:
d5:9a:77:fe:ce:46:63:78:7f:5c:d0:88:11:a5:79:79:c6:5e:
c3:07:cf:c2:98:26:0d:c9:c5:2d:59:7e:04:ff:66:32:a9:1a:
94:62:3c:97:09:4b:7b:3d:81:f2:93:c5:fb:ba:f4:bd:29:75:
23:e3:f4:f3:8e:2b:7b:ae:3c:bd:40:42:79:dc:e0:47:2a:74:
68:c7:c7:28:c7:2a:8d:50:c4:00:f1:b5:a8:af:0b:7c:55:6e:
73:56:03:84:ac:b5:55:f2:a6:f7:2d:80:63:2b:d2:59:d7:61:
fe:ec:a3:9e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIEDURnNzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NGI5ZWE0ZDlkODNhNzI4ZGQ0MTAyOWU4NmFmOGExMzBkMzg5ZWQ0MB4XDTIyMDEw
MTAxMDAzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTVkYWE4OWEyOGMx
ZmZhZWFiNzQ3NTA2NWMwYjI1YWUwOWUxMmMxMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMtCdEGxzSe+OWdr/tfokv7rRqnUBx0pd0CxD+touSPBghtw
t1n3AfbNyuySDU/+CJlhIO82KWB+2MBjNoA7hqyG7sPubp3DGhh9LRBdWAzLqN6M
w3Daitl1eyneBvl/UoMM++K59kLcXXYUShFGqKQDk6Aa6wYUeUcT4ObWKYURfsWo
ykB2pEsGLbW1Jsjid5s3zCZDVCRrBkzO0j2QPcci4zdVsIlrS+WMBJtc39dKECTQ
fONKW8qBbkKIXbNRNFTCMOA5akMcRVkI+hU67dWuUFGFU9kcRjrvMHNDS6ZMW8/L
Qv6cbwSYefexb3WlYVmUHT8bVcEHCrI0gjrdr8sCAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBSl2qiaKMH/rqt0dQZcCyWuCeEsEzAfBgNVHSMEGDAWgBT0uepNnYOnKN1B
Ap6Gr4oTDTie1DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlMbnFUWjJEcHlqZFFRS2VocS1LRXcwNG50US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjMvMTRmMzA1LTAxM2ItNDUzZS1hYzUzLTA4MWNiMmIxN2FiNS8x
L3BkcW9taWpCXzY2cmRIVUdYQXNscmduaExCTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjMv
MTRmMzA1LTAxM2ItNDUzZS1hYzUzLTA4MWNiMmIxN2FiNS8xLzlMbnFUWjJEcHlq
ZFFRS2VocS1LRXcwNG50US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwHgQCAAEwGAMEBB+FUAMEAlvqKAMEBLBn4AMEAsFr
rDAPBAIAAjAJAwcAIAEGfBO4MA0GCSqGSIb3DQEBCwUAA4IBAQAEafa+BbMl7eIe
NhRJfIBqqJ+4uflO6ngEBbRoETDBL5482nmRXB33j39JYtW8bouf8ZG9mYYTFhul
yo0XrghSF9mMYQHaf9BAj+Z3jhkN5B+X51GjqINdjeSa7cxPUWpdEiN4qHB3HF/1
hSjPTRoV1sYufGZh/siAADBqUNCKxnkfRzeNFLSBFHsOKqmGyu3Vmnf+zkZjeH9c
0IgRpXl5xl7DB8/CmCYNycUtWX4E/2YyqRqUYjyXCUt7PYHyk8X7uvS9KXUj4/Tz
jit7rjy9QEJ53OBHKnRox8coxyqNUMQA8bWorwt8VW5zVgOErLVV8qb3LYBjK9JZ
12H+7KOe
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:03 2023 by rpki-client on console-fra.rpki-client.org