Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/y6SOeDRL52DEEx9GzjbEiztUCO4.roa
File: y6SOeDRL52DEEx9GzjbEiztUCO4.roa (raw, json)
Hash identifier: GWXQU4Aln7kfPmr/aamjBOoyIb9YZ+DAy5ZQhwdnurI=
Subject key identifier: CB:A4:8E:78:34:4B:E7:60:C4:13:1F:46:CE:36:C4:8B:3B:54:08:EE
Certificate issuer: /CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Certificate serial: 09E29E29
Authority key identifier: 1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/y6SOeDRL52DEEx9GzjbEiztUCO4.roa
Signing time: Tue 31 May 2022 10:28:47 +0000
ROA not before: Tue 31 May 2022 10:28:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201776
IP address blocks: 31.40.165.0/24 maxlen: 24
31.40.162.0/23 maxlen: 23
31.40.167.0/24 maxlen: 24
31.40.172.0/23 maxlen: 23
31.40.178.0/23 maxlen: 23
31.40.132.0/24 maxlen: 24
31.40.138.0/24 maxlen: 24
31.40.137.0/24 maxlen: 24
31.40.135.0/24 maxlen: 24
31.40.134.0/24 maxlen: 24
31.40.143.0/24 maxlen: 24
31.40.142.0/24 maxlen: 24
31.40.140.0/24 maxlen: 24
31.40.151.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 165846569 (0x9e29e29)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Validity
Not Before: May 31 10:28:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cba48e78344be760c4131f46ce36c48b3b5408ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:11:ab:e4:97:1d:3e:ad:75:51:50:37:dd:fe:
2e:ec:80:b2:fc:f6:15:da:37:a6:98:3d:02:0c:8c:
f1:51:58:b1:db:f2:d2:ef:98:ab:59:90:2a:e7:5a:
14:83:73:4a:c7:e3:cf:f2:ec:d1:0b:59:3e:a2:cc:
57:29:c3:2b:b8:32:cc:bc:cb:3d:41:92:9f:bd:24:
ad:7d:8a:fa:8d:99:6c:1b:5f:41:46:04:1c:4b:35:
5f:97:c7:e0:39:84:83:12:54:21:b1:dd:ed:e0:71:
1a:9e:f8:cb:20:1d:34:88:05:8d:d9:5e:c2:34:7c:
82:c8:c7:25:78:14:6c:eb:9c:68:c5:3d:4e:d7:77:
5c:1a:dc:8b:03:5b:a9:71:63:1b:db:27:e3:f6:3d:
e7:5f:82:8c:ec:17:b9:59:a2:8c:03:6d:d8:0e:74:
66:af:85:93:3e:0f:9e:d1:8f:f9:10:d3:00:ed:e3:
3a:11:14:c1:58:4b:a8:7d:35:e8:4b:62:48:60:84:
fa:e5:40:25:85:5a:e6:9c:9b:47:71:f4:fc:0f:88:
4d:e9:c1:65:55:35:54:0c:16:88:b6:ca:51:b1:68:
6d:88:ae:8f:1c:99:7f:bf:fc:7c:3d:c1:60:9f:46:
ed:7b:0b:cf:38:3d:71:9f:b2:ea:05:3b:81:c0:c5:
f7:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:A4:8E:78:34:4B:E7:60:C4:13:1F:46:CE:36:C4:8B:3B:54:08:EE
X509v3 Authority Key Identifier:
keyid:1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/y6SOeDRL52DEEx9GzjbEiztUCO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/Hq9cLl7cGXg00H80WWKwdFvuZtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.132.0/24
31.40.134.0/23
31.40.137.0-31.40.138.255
31.40.140.0/24
31.40.142.0/23
31.40.151.0/24
31.40.162.0/23
31.40.165.0/24
31.40.167.0/24
31.40.172.0/23
31.40.178.0/23
Signature Algorithm: sha256WithRSAEncryption
99:a0:83:5a:5a:3d:a3:18:94:38:ee:6a:12:6c:e9:59:0d:23:
20:81:d8:1d:f9:ca:2d:58:09:4a:85:b2:b9:62:5a:ce:ea:a8:
07:55:35:40:0b:e2:fa:a3:9a:3c:b7:c5:23:28:b3:2a:32:58:
f5:1a:a2:e4:a1:cf:10:4e:52:8a:a5:58:24:8e:f2:68:54:ef:
e1:a9:7c:b2:1f:0f:c1:57:b5:02:d8:97:16:6a:76:9b:31:75:
08:d3:f4:a1:07:2a:d3:61:69:f1:9a:0d:80:2b:9d:1c:cd:9e:
5c:e2:5d:3d:99:a0:c1:df:9e:f9:cb:7c:36:dd:d8:b3:5f:1c:
f6:a5:ba:36:70:95:ba:98:95:28:3c:7a:47:42:38:7b:f6:57:
1b:8d:1e:64:6d:d0:2f:68:75:ca:96:c4:45:e4:83:62:51:46:
63:91:e7:e3:35:a7:16:15:c4:ef:6e:4e:8a:4b:d9:51:83:c2:
b4:02:c3:b0:6a:ab:0c:3a:5a:09:ae:78:ac:69:df:78:fb:a9:
f5:b5:2b:54:f7:72:4e:5d:d0:cc:93:8a:27:bf:7d:27:c3:4d:
d7:b4:23:57:17:3d:c8:93:97:84:e8:ca:51:58:7a:75:89:d7:
39:c4:19:2f:0b:0f:e1:14:1c:bd:db:cf:a9:4e:3e:f7:0f:90:
3c:a3:e4:22
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIECeKeKTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZWFmNWMyZTVlZGMxOTc4MzRkMDdmMzQ1OTYyYjA3NDViZWU2NmQ3MB4XDTIyMDUz
MTEwMjg0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2JhNDhlNzgzNDRi
ZTc2MGM0MTMxZjQ2Y2UzNmM0OGIzYjU0MDhlZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANIRq+SXHT6tdVFQN93+LuyAsvz2Fdo3ppg9AgyM8VFYsdvy
0u+Yq1mQKudaFINzSsfjz/Ls0QtZPqLMVynDK7gyzLzLPUGSn70krX2K+o2ZbBtf
QUYEHEs1X5fH4DmEgxJUIbHd7eBxGp74yyAdNIgFjdlewjR8gsjHJXgUbOucaMU9
Ttd3XBrciwNbqXFjG9sn4/Y951+CjOwXuVmijANt2A50Zq+Fkz4PntGP+RDTAO3j
OhEUwVhLqH016EtiSGCE+uVAJYVa5pybR3H0/A+ITenBZVU1VAwWiLbKUbFobYiu
jxyZf7/8fD3BYJ9G7XsLzzg9cZ+y6gU7gcDF9x8CAwEAAaOCAk0wggJJMB0GA1Ud
DgQWBBTLpI54NEvnYMQTH0bONsSLO1QI7jAfBgNVHSMEGDAWgBQer1wuXtwZeDTQ
fzRZYrB0W+5m1zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hxOWNMbDdjR1hnMDBIODBXV0t3ZEZ2dVp0Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzYvMWNmYjkyLTljMzEtNDY0Zi05MzgyLTRhMzRjMWJiYWIyYi8x
L3k2U09lRFJMNTJERUV4OUd6amJFaXp0VUNPNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzYv
MWNmYjkyLTljMzEtNDY0Zi05MzgyLTRhMzRjMWJiYWIyYi8xL0hxOWNMbDdjR1hn
MDBIODBXV0t3ZEZ2dVp0Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBj
BggrBgEFBQcBBwEB/wRUMFIwUAQCAAEwSgMEAB8ohAMEAR8ohjAMAwQAHyiJAwQA
HyiKAwQAHyiMAwQBHyiOAwQAHyiXAwQBHyiiAwQAHyilAwQAHyinAwQBHyisAwQB
HyiyMA0GCSqGSIb3DQEBCwUAA4IBAQCZoINaWj2jGJQ47moSbOlZDSMggdgd+cot
WAlKhbK5YlrO6qgHVTVAC+L6o5o8t8UjKLMqMlj1GqLkoc8QTlKKpVgkjvJoVO/h
qXyyHw/BV7UC2JcWanabMXUI0/ShByrTYWnxmg2AK50czZ5c4l09maDB3575y3w2
3dizXxz2pbo2cJW6mJUoPHpHQjh79lcbjR5kbdAvaHXKlsRF5INiUUZjkefjNacW
FcTvbk6KS9lRg8K0AsOwaqsMOloJrnisad94+6n1tStU93JOXdDMk4onv30nw03X
tCNXFz3Ik5eE6MpRWHp1idc5xBkvCw/hFBy928+pTj73D5A8o+Qi
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:45 2025 by rpki-client