Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/FnqvxA6vvGfsrWTGmAB7YP8DWkg.roa
File: FnqvxA6vvGfsrWTGmAB7YP8DWkg.roa (raw, json)
Hash identifier: iCflb6plTp5ke8zQIrtCy0JV3BNEN1gCtD/x5gY3p+I=
Subject key identifier: 16:7A:AF:C4:0E:AF:BC:67:EC:AD:64:C6:98:00:7B:60:FF:03:5A:48
Certificate issuer: /CN=172537601a31697404922d957e74450f5a9cbe73
Certificate serial: 02E321F6
Authority key identifier: 17:25:37:60:1A:31:69:74:04:92:2D:95:7E:74:45:0F:5A:9C:BE:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FyU3YBoxaXQEki2VfnRFD1qcvnM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/FnqvxA6vvGfsrWTGmAB7YP8DWkg.roa
Signing time: Wed 18 May 2022 04:11:29 +0000
ROA not before: Wed 18 May 2022 04:11:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61185
IP address blocks: 31.223.200.0/21 maxlen: 24
31.223.192.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48439798 (0x2e321f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=172537601a31697404922d957e74450f5a9cbe73
Validity
Not Before: May 18 04:11:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=167aafc40eafbc67ecad64c698007b60ff035a48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:48:4f:5a:c7:e3:6d:b9:8c:c1:0f:24:b5:01:
c6:cf:94:f7:f2:d3:7d:7f:ec:23:02:7c:53:3e:23:
85:2e:dc:91:bb:1c:e8:0f:f6:0a:11:f5:af:95:e8:
bf:a5:98:5c:6d:ad:0a:7f:3b:ce:5f:ed:a5:57:40:
b5:7f:72:ae:6d:b5:6f:f4:c8:25:33:87:a1:97:2a:
26:e7:bc:f5:5e:11:08:b1:e2:c7:f8:8c:c5:33:6f:
cc:6c:c7:dc:39:f2:9a:d4:11:5f:ff:c4:fc:b5:cc:
6c:0e:de:32:44:ad:3d:03:2a:1a:7f:e7:4a:68:c5:
a1:f7:7b:cb:e6:a8:87:ff:d1:a5:b3:ee:40:5d:08:
a5:f4:c0:e1:fb:82:d6:69:ac:51:7e:ba:a3:fc:2b:
3d:19:ca:0a:42:4d:fa:2e:58:81:bb:91:3c:24:be:
13:a8:9c:78:8a:a6:5f:5c:e0:e4:b0:2c:4b:47:72:
31:ca:e6:1f:55:46:f7:d6:c8:b6:2e:17:24:da:e0:
27:c1:bb:83:66:7a:37:20:09:5c:98:fb:f9:b2:bf:
92:54:2a:c2:7c:06:3e:f6:a7:1a:40:10:73:29:39:
09:31:4f:5f:ce:df:a2:ae:7b:5e:75:dc:e8:52:1f:
c7:6b:b8:e4:5e:a5:1d:d0:d1:45:de:c3:5b:4e:21:
d4:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:7A:AF:C4:0E:AF:BC:67:EC:AD:64:C6:98:00:7B:60:FF:03:5A:48
X509v3 Authority Key Identifier:
keyid:17:25:37:60:1A:31:69:74:04:92:2D:95:7E:74:45:0F:5A:9C:BE:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FyU3YBoxaXQEki2VfnRFD1qcvnM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/FnqvxA6vvGfsrWTGmAB7YP8DWkg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/FyU3YBoxaXQEki2VfnRFD1qcvnM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.223.192.0/20
Signature Algorithm: sha256WithRSAEncryption
81:9a:55:16:f1:27:f9:a8:a5:74:73:77:66:1e:db:ec:fd:2a:
c0:8b:92:bf:b1:80:a2:76:51:62:68:d6:03:40:d3:f6:d1:05:
0e:57:08:c6:d9:be:48:d6:f7:f1:1d:80:99:16:39:61:f2:fb:
2b:d8:bb:4d:0e:d3:05:7b:af:c6:c5:e5:ee:60:e3:33:8f:03:
5f:71:ee:55:e8:d5:30:62:14:69:16:32:15:fa:dd:f7:af:d4:
29:96:f0:bc:c0:57:8c:d5:50:cf:4f:18:11:6c:89:7b:76:dc:
e3:5b:69:05:61:5d:70:53:30:7b:7b:09:40:d2:98:78:7a:7b:
ad:95:ea:93:32:3e:f8:a2:ca:47:ee:13:c6:61:95:6a:49:96:
c0:97:52:ea:b7:ca:9a:bf:45:71:cb:fc:68:db:10:89:71:13:
e3:c2:7e:2f:13:c4:7d:45:09:fa:b9:df:3a:6c:a2:ad:46:38:
b2:9b:0f:b1:0b:24:ef:59:aa:46:e8:73:e5:2a:b7:18:fc:6f:
74:d9:d1:a3:57:73:55:7a:79:43:9d:46:23:8f:1e:2f:75:e3:
c0:3c:2d:c1:9a:f8:dc:da:56:c4:64:37:39:ff:04:56:86:4e:
96:3c:07:11:e0:ab:b4:94:37:71:ee:87:16:74:ea:16:9f:49:
88:ef:7b:d9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAuMh9jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NzI1Mzc2MDFhMzE2OTc0MDQ5MjJkOTU3ZTc0NDUwZjVhOWNiZTczMB4XDTIyMDUx
ODA0MTEyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTY3YWFmYzQwZWFm
YmM2N2VjYWQ2NGM2OTgwMDdiNjBmZjAzNWE0ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMFIT1rH4225jMEPJLUBxs+U9/LTfX/sIwJ8Uz4jhS7ckbsc
6A/2ChH1r5Xov6WYXG2tCn87zl/tpVdAtX9yrm21b/TIJTOHoZcqJue89V4RCLHi
x/iMxTNvzGzH3DnymtQRX//E/LXMbA7eMkStPQMqGn/nSmjFofd7y+aoh//RpbPu
QF0IpfTA4fuC1mmsUX66o/wrPRnKCkJN+i5YgbuRPCS+E6iceIqmX1zg5LAsS0dy
McrmH1VG99bIti4XJNrgJ8G7g2Z6NyAJXJj7+bK/klQqwnwGPvanGkAQcyk5CTFP
X87foq57XnXc6FIfx2u45F6lHdDRRd7DW04h1AsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQWeq/EDq+8Z+ytZMaYAHtg/wNaSDAfBgNVHSMEGDAWgBQXJTdgGjFpdASS
LZV+dEUPWpy+czAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0Z5VTNZQm94YVhRRWtpMlZmblJGRDFxY3ZuTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzcvMjE5Y2FlLTI2NGQtNDZhNy05ZTY0LWU2MDRiNjFiZTBlYS8x
L0ZucXZ4QTZ2dkdmc3JXVEdtQUI3WVA4RFdrZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzcv
MjE5Y2FlLTI2NGQtNDZhNy05ZTY0LWU2MDRiNjFiZTBlYS8xL0Z5VTNZQm94YVhR
RWtpMlZmblJGRDFxY3ZuTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBB/fwDANBgkqhkiG9w0BAQsFAAOC
AQEAgZpVFvEn+aildHN3Zh7b7P0qwIuSv7GAonZRYmjWA0DT9tEFDlcIxtm+SNb3
8R2AmRY5YfL7K9i7TQ7TBXuvxsXl7mDjM48DX3HuVejVMGIUaRYyFfrd96/UKZbw
vMBXjNVQz08YEWyJe3bc41tpBWFdcFMwe3sJQNKYeHp7rZXqkzI++KLKR+4TxmGV
akmWwJdS6rfKmr9Fccv8aNsQiXET48J+LxPEfUUJ+rnfOmyirUY4spsPsQsk71mq
Ruhz5Sq3GPxvdNnRo1dzVXp5Q51GI48eL3XjwDwtwZr43NpWxGQ3Of8EVoZOljwH
EeCrtJQ3ce6HFnTqFp9JiO972Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:06 2023 by rpki-client on console-fra.rpki-client.org