Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/yjvx2z2uhT4j7NfEnAM4b4CnY40.roa
File: yjvx2z2uhT4j7NfEnAM4b4CnY40.roa (raw, json)
Hash identifier: kRG7sLKp1X4EMTZrC2iJrx4lJVMwKdd6CRHJG9+MeKs=
Subject key identifier: CA:3B:F1:DB:3D:AE:85:3E:23:EC:D7:C4:9C:03:38:6F:80:A7:63:8D
Certificate issuer: /CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Certificate serial: 0887F90C
Authority key identifier: 1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/yjvx2z2uhT4j7NfEnAM4b4CnY40.roa
Signing time: Sat 01 Jan 2022 14:59:59 +0000
ROA not before: Sat 01 Jan 2022 14:59:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201776
IP address blocks: 31.40.162.0/23 maxlen: 23
31.40.172.0/23 maxlen: 23
31.40.178.0/23 maxlen: 23
31.40.132.0/24 maxlen: 24
31.40.138.0/24 maxlen: 24
31.40.137.0/24 maxlen: 24
31.40.135.0/24 maxlen: 24
31.40.134.0/24 maxlen: 24
31.40.143.0/24 maxlen: 24
31.40.142.0/24 maxlen: 24
31.40.140.0/24 maxlen: 24
31.40.151.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 143128844 (0x887f90c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Validity
Not Before: Jan 1 14:59:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ca3bf1db3dae853e23ecd7c49c03386f80a7638d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:8f:3c:02:bf:7e:e0:51:d0:45:d0:8d:bf:6e:
76:19:b8:5d:ab:23:d7:09:57:00:4e:58:b9:2f:8d:
6b:8f:fe:8f:29:f5:01:1e:bd:5f:c1:7d:9a:52:e5:
00:83:e6:01:32:71:d4:ca:ba:76:3c:4b:50:59:91:
95:97:0a:30:6f:c8:d7:17:ce:d6:42:94:bc:af:b6:
db:4b:7b:65:6d:29:e7:6c:96:0e:b6:63:a1:a2:c2:
22:7a:4c:2c:97:4a:2c:fe:12:a0:a8:c0:04:9f:6f:
c0:e4:63:e0:aa:0c:02:18:b1:6e:52:25:9e:38:84:
90:7e:58:0e:b9:70:fa:56:3c:24:7c:2d:53:2b:de:
b9:13:43:d2:2f:79:16:88:d2:60:b5:26:2a:5a:bd:
33:55:fc:ab:7b:1b:99:d1:7d:e7:12:b4:77:7e:af:
d4:37:93:83:e8:f4:2d:25:b4:c1:73:59:09:ad:bc:
a1:dd:30:6e:48:03:83:3e:64:e7:fc:37:11:91:4f:
a9:b5:01:59:4b:ea:2e:ed:ae:65:c8:8f:99:de:75:
c4:f3:72:cd:f7:32:12:3d:1b:1d:7e:cb:b0:6f:2b:
88:0c:cd:32:bf:8b:d0:9c:a6:cd:7b:aa:4f:c2:3c:
ff:94:41:7c:1c:1a:84:64:f5:46:b2:ec:ff:5e:c3:
02:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:3B:F1:DB:3D:AE:85:3E:23:EC:D7:C4:9C:03:38:6F:80:A7:63:8D
X509v3 Authority Key Identifier:
keyid:1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/yjvx2z2uhT4j7NfEnAM4b4CnY40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/Hq9cLl7cGXg00H80WWKwdFvuZtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.132.0/24
31.40.134.0/23
31.40.137.0-31.40.138.255
31.40.140.0/24
31.40.142.0/23
31.40.151.0/24
31.40.162.0/23
31.40.172.0/23
31.40.178.0/23
Signature Algorithm: sha256WithRSAEncryption
0a:fd:95:0b:ec:3f:98:ca:18:8e:55:83:b9:61:95:1a:16:68:
31:e7:ab:38:c0:bd:3a:8b:32:e7:60:17:ed:0f:26:35:0b:92:
10:c4:69:9d:f5:34:9a:42:02:fd:40:29:b9:92:c6:ac:a0:73:
36:e8:de:84:26:41:ea:4b:f5:cd:ff:29:10:cc:3a:8a:f3:ad:
d1:a3:8e:e0:8f:3c:c6:fe:fd:4c:71:0c:7a:ba:89:da:b9:4f:
1a:b8:60:f5:fd:4e:5f:d1:82:dd:57:d0:b7:a8:87:15:d3:b0:
3a:1d:ea:3b:78:9e:d1:f9:84:c2:17:6b:e5:bb:07:3a:f7:ea:
c2:d2:64:9f:8f:2b:c5:97:6b:85:42:c4:c5:b3:7b:ca:99:0d:
b8:5f:dc:76:21:3a:17:43:8a:db:1b:f0:c6:99:53:7f:dc:2b:
da:af:73:67:4f:8a:b0:93:ba:66:37:0d:6e:e7:42:95:e8:f0:
69:b2:ba:c6:f7:fb:27:06:63:b5:4f:a8:e2:9d:af:99:02:6f:
90:56:c2:0c:7c:66:fc:a1:0b:22:a0:95:22:42:58:6f:28:c2:
97:7b:e4:9f:64:f1:df:64:ab:c2:da:62:e8:0e:69:38:1b:ee:
a2:50:38:da:60:75:5d:1e:e5:a5:e8:a0:0c:06:79:e5:8f:ff:
e2:bb:35:d7
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgIECIf5DDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZWFmNWMyZTVlZGMxOTc4MzRkMDdmMzQ1OTYyYjA3NDViZWU2NmQ3MB4XDTIyMDEw
MTE0NTk1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2EzYmYxZGIzZGFl
ODUzZTIzZWNkN2M0OWMwMzM4NmY4MGE3NjM4ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJWPPAK/fuBR0EXQjb9udhm4Xasj1wlXAE5YuS+Na4/+jyn1
AR69X8F9mlLlAIPmATJx1Mq6djxLUFmRlZcKMG/I1xfO1kKUvK+220t7ZW0p52yW
DrZjoaLCInpMLJdKLP4SoKjABJ9vwORj4KoMAhixblIlnjiEkH5YDrlw+lY8JHwt
UyveuRND0i95FojSYLUmKlq9M1X8q3sbmdF95xK0d36v1DeTg+j0LSW0wXNZCa28
od0wbkgDgz5k5/w3EZFPqbUBWUvqLu2uZciPmd51xPNyzfcyEj0bHX7LsG8riAzN
Mr+L0JymzXuqT8I8/5RBfBwahGT1RrLs/17DAtMCAwEAAaOCAkEwggI9MB0GA1Ud
DgQWBBTKO/HbPa6FPiPs18ScAzhvgKdjjTAfBgNVHSMEGDAWgBQer1wuXtwZeDTQ
fzRZYrB0W+5m1zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hxOWNMbDdjR1hnMDBIODBXV0t3ZEZ2dVp0Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzYvMWNmYjkyLTljMzEtNDY0Zi05MzgyLTRhMzRjMWJiYWIyYi8x
L3lqdngyejJ1aFQ0ajdOZkVuQU00YjRDblk0MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzYv
MWNmYjkyLTljMzEtNDY0Zi05MzgyLTRhMzRjMWJiYWIyYi8xL0hxOWNMbDdjR1hn
MDBIODBXV0t3ZEZ2dVp0Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBX
BggrBgEFBQcBBwEB/wRIMEYwRAQCAAEwPgMEAB8ohAMEAR8ohjAMAwQAHyiJAwQA
HyiKAwQAHyiMAwQBHyiOAwQAHyiXAwQBHyiiAwQBHyisAwQBHyiyMA0GCSqGSIb3
DQEBCwUAA4IBAQAK/ZUL7D+YyhiOVYO5YZUaFmgx56s4wL06izLnYBftDyY1C5IQ
xGmd9TSaQgL9QCm5ksasoHM26N6EJkHqS/XN/ykQzDqK863Ro47gjzzG/v1McQx6
uonauU8auGD1/U5f0YLdV9C3qIcV07A6Heo7eJ7R+YTCF2vluwc69+rC0mSfjyvF
l2uFQsTFs3vKmQ24X9x2IToXQ4rbG/DGmVN/3Cvar3NnT4qwk7pmNw1u50KV6PBp
srrG9/snBmO1T6jina+ZAm+QVsIMfGb8oQsioJUiQlhvKMKXe+SfZPHfZKvC2mLo
Dmk4G+6iUDjaYHVdHuWl6KAMBnnlj//iuzXX
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:04 2023 by rpki-client on console-fra.rpki-client.org