Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/rMXbkUrcO-gDkSN9IyvjQnZdKyE.roa
File: rMXbkUrcO-gDkSN9IyvjQnZdKyE.roa (raw, json)
Hash identifier: 4Qh5TTqNHUncui1hq52/gtIaY4UoPK0pS3NSIvPoY1s=
Subject key identifier: AC:C5:DB:91:4A:DC:3B:E8:03:91:23:7D:23:2B:E3:42:76:5D:2B:21
Certificate issuer: /CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Certificate serial: 0883EFE4
Authority key identifier: 1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/rMXbkUrcO-gDkSN9IyvjQnZdKyE.roa
Signing time: Sat 01 Jan 2022 14:59:58 +0000
ROA not before: Sat 01 Jan 2022 14:59:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48882
IP address blocks: 31.40.156.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 142864356 (0x883efe4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Validity
Not Before: Jan 1 14:59:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=acc5db914adc3be80391237d232be342765d2b21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:5e:82:4e:50:08:39:80:3b:5d:b0:cf:e0:ed:
a9:ad:8f:34:d4:f9:9d:b4:4b:e6:6a:c4:89:c2:93:
db:64:14:ac:60:7b:e9:2a:c4:19:49:68:9e:61:32:
50:b4:37:08:14:53:fa:85:9c:1b:89:08:37:35:fc:
94:fe:87:07:6a:e1:b2:75:a6:42:22:04:29:da:cf:
94:58:c2:54:56:f4:93:2f:18:9f:b7:9a:a7:dc:a1:
20:07:6b:84:65:a5:40:05:16:c8:e4:53:bf:77:a7:
c8:de:32:8c:da:6d:7a:bc:df:fa:b4:f8:fe:59:f0:
5e:e6:13:c5:28:2d:0f:f7:e7:b9:8f:7e:55:f3:f6:
00:ae:a1:69:39:16:d5:0d:84:50:7c:9f:f6:06:51:
dc:66:73:13:53:75:72:16:54:a4:b8:9a:d5:d7:9e:
70:ed:7b:db:84:2f:6c:a5:f7:3d:cd:9f:44:b8:23:
4d:b3:2b:24:1f:6d:28:7e:74:e3:8b:e0:61:17:c3:
6b:75:0a:56:73:70:63:f5:a1:90:71:69:c2:64:fc:
1f:88:7e:e3:f1:03:25:03:c5:29:85:0e:a3:9b:17:
d7:fd:e0:f0:0b:fa:a3:d5:2f:09:54:6b:ca:d5:95:
7a:ca:72:fe:73:7a:c5:11:ae:eb:24:db:20:90:78:
d1:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:C5:DB:91:4A:DC:3B:E8:03:91:23:7D:23:2B:E3:42:76:5D:2B:21
X509v3 Authority Key Identifier:
keyid:1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/rMXbkUrcO-gDkSN9IyvjQnZdKyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/Hq9cLl7cGXg00H80WWKwdFvuZtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.156.0/24
Signature Algorithm: sha256WithRSAEncryption
77:02:45:e4:af:f7:ef:6a:f5:e3:53:10:f7:2d:70:a2:da:3f:
0d:0a:65:7b:8f:78:97:fc:8a:cd:49:4f:62:80:fa:87:52:e3:
38:76:ac:68:18:b8:a7:9c:9c:61:3f:61:2f:98:3b:99:a6:29:
01:2e:3d:b9:b0:3e:d1:cc:72:f3:0a:08:e9:ff:61:20:fc:a5:
a3:09:ae:d4:6d:df:58:32:b5:27:5b:32:1c:6c:1b:35:72:47:
92:b6:36:2d:28:ba:cf:82:08:0c:53:b8:24:bd:05:42:85:a5:
dd:98:58:78:07:94:77:6e:eb:05:17:9c:2f:f4:7e:0f:ae:c5:
7d:f2:dc:cd:0c:83:2a:94:fb:af:10:6a:11:8b:f2:8b:e8:e6:
f4:e2:d5:46:05:ed:86:23:ce:2d:0f:ec:a8:0d:36:4d:ca:ed:
5f:76:bd:fb:e9:74:ff:8e:37:67:0f:53:c2:ca:90:9c:a6:39:
e3:c9:17:f4:5c:64:90:3e:75:76:ce:35:7e:d9:9b:d1:fe:5b:
64:d8:4d:1d:2b:b8:4d:7e:be:36:54:9e:f0:b8:fb:3e:05:17:
55:12:65:5a:1c:10:ef:f7:0c:2e:4f:c0:c6:55:f2:1c:aa:0d:
f5:ac:38:7d:75:bc:f1:b1:6a:aa:42:1c:bd:b5:91:14:7a:30:
ac:04:86:3e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECIPv5DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZWFmNWMyZTVlZGMxOTc4MzRkMDdmMzQ1OTYyYjA3NDViZWU2NmQ3MB4XDTIyMDEw
MTE0NTk1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWNjNWRiOTE0YWRj
M2JlODAzOTEyMzdkMjMyYmUzNDI3NjVkMmIyMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALBegk5QCDmAO12wz+Dtqa2PNNT5nbRL5mrEicKT22QUrGB7
6SrEGUlonmEyULQ3CBRT+oWcG4kINzX8lP6HB2rhsnWmQiIEKdrPlFjCVFb0ky8Y
n7eap9yhIAdrhGWlQAUWyORTv3enyN4yjNpterzf+rT4/lnwXuYTxSgtD/fnuY9+
VfP2AK6haTkW1Q2EUHyf9gZR3GZzE1N1chZUpLia1deecO1724QvbKX3Pc2fRLgj
TbMrJB9tKH5044vgYRfDa3UKVnNwY/WhkHFpwmT8H4h+4/EDJQPFKYUOo5sX1/3g
8Av6o9UvCVRrytWVespy/nN6xRGu6yTbIJB40fcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSsxduRStw76AORI30jK+NCdl0rITAfBgNVHSMEGDAWgBQer1wuXtwZeDTQ
fzRZYrB0W+5m1zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hxOWNMbDdjR1hnMDBIODBXV0t3ZEZ2dVp0Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzYvMWNmYjkyLTljMzEtNDY0Zi05MzgyLTRhMzRjMWJiYWIyYi8x
L3JNWGJrVXJjTy1nRGtTTjlJeXZqUW5aZEt5RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzYv
MWNmYjkyLTljMzEtNDY0Zi05MzgyLTRhMzRjMWJiYWIyYi8xL0hxOWNMbDdjR1hn
MDBIODBXV0t3ZEZ2dVp0Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAB8onDANBgkqhkiG9w0BAQsFAAOC
AQEAdwJF5K/372r141MQ9y1woto/DQple494l/yKzUlPYoD6h1LjOHasaBi4p5yc
YT9hL5g7maYpAS49ubA+0cxy8woI6f9hIPylowmu1G3fWDK1J1syHGwbNXJHkrY2
LSi6z4IIDFO4JL0FQoWl3ZhYeAeUd27rBRecL/R+D67FffLczQyDKpT7rxBqEYvy
i+jm9OLVRgXthiPOLQ/sqA02TcrtX3a9++l0/443Zw9TwsqQnKY548kX9FxkkD51
ds41ftmb0f5bZNhNHSu4TX6+NlSe8Lj7PgUXVRJlWhwQ7/cMLk/AxlXyHKoN9aw4
fXW88bFqqkIcvbWRFHowrASGPg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:04 2023 by rpki-client on console-fra.rpki-client.org