Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/AopY_AB_IgzNqxMTUOxgFxuhit0.roa
File: AopY_AB_IgzNqxMTUOxgFxuhit0.roa (raw, json)
Hash identifier: KTebGImVE9ag/Waw4KFyi+xlztBVUAULrwmajG/HD5c=
Subject key identifier: 02:8A:58:FC:00:7F:22:0C:CD:AB:13:13:50:EC:60:17:1B:A1:8A:DD
Certificate issuer: /CN=172537601a31697404922d957e74450f5a9cbe73
Certificate serial: 025CA7B9
Authority key identifier: 17:25:37:60:1A:31:69:74:04:92:2D:95:7E:74:45:0F:5A:9C:BE:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FyU3YBoxaXQEki2VfnRFD1qcvnM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/AopY_AB_IgzNqxMTUOxgFxuhit0.roa
Signing time: Fri 25 Mar 2022 07:03:55 +0000
ROA not before: Fri 25 Mar 2022 07:03:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6939
IP address blocks: 31.223.200.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 39626681 (0x25ca7b9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=172537601a31697404922d957e74450f5a9cbe73
Validity
Not Before: Mar 25 07:03:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=028a58fc007f220ccdab131350ec60171ba18add
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:17:ae:56:88:ad:9a:77:9a:8f:71:45:bc:0a:
5b:12:52:02:9a:42:30:b9:46:36:fd:3a:e0:d0:a9:
bd:53:e5:32:2f:60:b9:4c:f8:ee:c1:1f:1f:cc:ab:
bf:2e:16:ec:eb:c1:39:b3:27:28:ef:fe:c5:b3:cd:
af:60:9c:c5:20:fd:41:4a:06:ff:e0:dc:f8:27:91:
c6:d9:1e:d7:3c:70:24:2a:3f:41:15:a7:df:22:27:
7b:3d:39:3c:6c:c1:8f:c0:78:91:65:e9:61:c6:1c:
d8:1e:77:08:1e:ce:35:77:3e:8c:01:b0:9c:09:18:
a3:d5:2a:ca:95:d5:2b:f7:22:94:e1:69:ed:67:bb:
27:d1:9f:87:15:f8:43:51:95:55:a2:65:65:7a:ee:
2a:cd:47:59:8d:d9:20:8a:4a:99:72:e4:76:77:f4:
1c:86:81:31:36:4f:75:25:17:14:c9:25:e1:c3:b5:
21:6d:0b:2f:65:2a:a5:ed:e7:93:50:13:b5:a2:07:
ba:4a:39:66:d0:a0:01:f4:54:70:a5:7e:84:1a:f3:
0b:3f:3e:cf:cd:6a:60:80:33:c0:f5:1d:87:a6:e9:
cc:83:67:a5:0f:64:58:83:7f:f9:20:31:b6:f4:1b:
6d:37:df:7e:44:3a:f7:c9:5f:75:97:8b:21:74:95:
30:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:8A:58:FC:00:7F:22:0C:CD:AB:13:13:50:EC:60:17:1B:A1:8A:DD
X509v3 Authority Key Identifier:
keyid:17:25:37:60:1A:31:69:74:04:92:2D:95:7E:74:45:0F:5A:9C:BE:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FyU3YBoxaXQEki2VfnRFD1qcvnM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/AopY_AB_IgzNqxMTUOxgFxuhit0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/FyU3YBoxaXQEki2VfnRFD1qcvnM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.223.200.0/21
Signature Algorithm: sha256WithRSAEncryption
3f:06:96:06:bf:29:85:08:e0:81:5f:46:2e:35:17:01:42:d4:
95:bb:59:6b:2b:fd:e4:e6:f2:f3:8a:48:f1:bf:f0:e6:b8:d4:
9c:95:66:8d:b1:b8:41:88:75:5a:01:c3:03:1c:29:a6:fe:10:
d6:93:8a:50:c5:ac:2c:7f:5b:22:96:04:18:c5:06:b8:f6:c3:
74:c3:73:90:60:48:db:5c:75:f4:63:fa:a4:fb:7a:46:9b:e2:
cb:7b:23:e8:49:8f:02:19:c7:b2:97:3b:c3:ad:5a:b8:3a:a3:
77:af:c9:66:52:a4:dc:71:1f:29:59:ec:38:e8:86:48:90:8f:
da:f7:97:c7:12:da:32:d1:e7:9d:c0:fc:7f:b8:fd:c6:9a:66:
5c:9c:9d:11:3e:9a:b5:39:db:74:ef:b5:18:25:91:d6:04:af:
74:8c:b2:39:33:09:6b:b0:f6:2e:d4:15:6b:52:76:37:ea:a1:
d4:2d:5a:3b:e1:1f:54:a7:7f:fa:29:60:66:90:85:0e:c9:2c:
d8:df:b0:d2:c9:22:14:4d:70:ba:db:8b:44:ca:fd:2a:31:ab:
ec:59:f4:15:a0:be:2f:c1:b0:01:69:fa:84:19:2c:5a:1e:97:
aa:e4:ce:27:5d:d6:72:fb:d3:f3:dc:29:f8:6f:c4:83:24:52:
ed:7b:1f:ce
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAlynuTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NzI1Mzc2MDFhMzE2OTc0MDQ5MjJkOTU3ZTc0NDUwZjVhOWNiZTczMB4XDTIyMDMy
NTA3MDM1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDI4YTU4ZmMwMDdm
MjIwY2NkYWIxMzEzNTBlYzYwMTcxYmExOGFkZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM8XrlaIrZp3mo9xRbwKWxJSAppCMLlGNv064NCpvVPlMi9g
uUz47sEfH8yrvy4W7OvBObMnKO/+xbPNr2CcxSD9QUoG/+Dc+CeRxtke1zxwJCo/
QRWn3yInez05PGzBj8B4kWXpYcYc2B53CB7ONXc+jAGwnAkYo9UqypXVK/cilOFp
7We7J9GfhxX4Q1GVVaJlZXruKs1HWY3ZIIpKmXLkdnf0HIaBMTZPdSUXFMkl4cO1
IW0LL2Uqpe3nk1ATtaIHuko5ZtCgAfRUcKV+hBrzCz8+z81qYIAzwPUdh6bpzINn
pQ9kWIN/+SAxtvQbbTfffkQ698lfdZeLIXSVMD8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQCilj8AH8iDM2rExNQ7GAXG6GK3TAfBgNVHSMEGDAWgBQXJTdgGjFpdASS
LZV+dEUPWpy+czAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0Z5VTNZQm94YVhRRWtpMlZmblJGRDFxY3ZuTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzcvMjE5Y2FlLTI2NGQtNDZhNy05ZTY0LWU2MDRiNjFiZTBlYS8x
L0FvcFlfQUJfSWd6TnF4TVRVT3hnRnh1aGl0MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzcv
MjE5Y2FlLTI2NGQtNDZhNy05ZTY0LWU2MDRiNjFiZTBlYS8xL0Z5VTNZQm94YVhR
RWtpMlZmblJGRDFxY3ZuTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAx/fyDANBgkqhkiG9w0BAQsFAAOC
AQEAPwaWBr8phQjggV9GLjUXAULUlbtZayv95Oby84pI8b/w5rjUnJVmjbG4QYh1
WgHDAxwppv4Q1pOKUMWsLH9bIpYEGMUGuPbDdMNzkGBI21x19GP6pPt6Rpviy3sj
6EmPAhnHspc7w61auDqjd6/JZlKk3HEfKVnsOOiGSJCP2veXxxLaMtHnncD8f7j9
xppmXJydET6atTnbdO+1GCWR1gSvdIyyOTMJa7D2LtQVa1J2N+qh1C1aO+EfVKd/
+ilgZpCFDsks2N+w0skiFE1wutuLRMr9KjGr7Fn0FaC+L8GwAWn6hBksWh6XquTO
J13WcvvT89wp+G/EgyRS7Xsfzg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:06 2023 by rpki-client on console-fra.rpki-client.org