Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/3HQAi5w4rMwTszNoI2xp7jI9RVY.roa
File: 3HQAi5w4rMwTszNoI2xp7jI9RVY.roa (raw, json)
Hash identifier: 7vt147ul3+28BJzCNGweTV5qXjPHtEf5iaQtOD8hQPc=
Subject key identifier: DC:74:00:8B:9C:38:AC:CC:13:B3:33:68:23:6C:69:EE:32:3D:45:56
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 038FD18A
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/3HQAi5w4rMwTszNoI2xp7jI9RVY.roa
Signing time: Mon 23 May 2022 12:51:22 +0000
ROA not before: Mon 23 May 2022 12:51:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56940
IP address blocks: 31.131.40.0/22 maxlen: 22
31.131.46.0/24 maxlen: 24
31.131.47.0/24 maxlen: 24
91.229.14.0/23 maxlen: 23
91.229.12.0/23 maxlen: 23
176.114.56.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59756938 (0x38fd18a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: May 23 12:51:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dc74008b9c38accc13b33368236c69ee323d4556
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:6c:57:2f:95:ed:a1:16:eb:01:99:a3:22:c5:
1e:78:9d:9a:b8:ee:56:3d:10:f3:36:13:f9:24:2b:
3f:8d:a7:29:a2:71:41:1e:fb:e8:42:be:b9:91:5b:
65:69:c7:31:e1:90:dd:8c:40:06:40:29:55:6e:95:
4f:82:d8:5c:dd:a7:d7:6b:ca:c5:e0:0e:ad:91:cb:
7c:95:f8:81:88:d0:cc:aa:2e:c5:56:99:18:fc:77:
4d:3b:e6:0b:0c:6b:24:d6:7f:88:ad:1d:e7:0d:c7:
19:58:c3:67:e8:0a:ee:76:85:57:82:74:4c:23:32:
1d:25:94:0e:18:14:78:e3:58:5e:f5:8f:d0:e2:0d:
a5:84:c6:6f:0d:ba:9d:e2:8d:2a:d5:38:7a:8d:9b:
93:21:61:66:8b:cf:59:45:df:d7:68:ec:3a:95:90:
59:4f:76:70:84:69:6d:de:f1:30:ff:a5:42:f2:71:
81:6f:a8:77:33:c6:9d:c9:8e:93:a4:bb:8a:3f:6b:
c8:b5:9e:13:eb:54:88:03:00:5c:c7:e8:38:0c:91:
2a:50:97:f1:5f:30:26:02:18:d1:8c:79:01:0c:6f:
ab:43:57:e2:18:18:e9:57:19:ea:95:58:85:27:61:
ed:f4:b3:0a:22:c8:d0:95:f4:f5:3b:79:4b:6b:76:
09:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:74:00:8B:9C:38:AC:CC:13:B3:33:68:23:6C:69:EE:32:3D:45:56
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/3HQAi5w4rMwTszNoI2xp7jI9RVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.40.0/22
31.131.46.0/23
91.229.12.0/22
176.114.56.0/21
Signature Algorithm: sha256WithRSAEncryption
0e:0e:36:26:8a:11:d2:33:57:74:16:9d:9d:2e:e0:02:56:9b:
14:a7:c1:11:c2:40:67:11:bf:be:39:9e:95:65:da:c0:26:1c:
31:e8:b4:18:85:fc:a5:df:b5:3d:9a:29:da:dc:b3:00:3d:1c:
db:b8:99:45:37:79:eb:d5:25:d8:ac:73:95:4d:7e:45:ee:18:
8d:34:f8:c4:d6:a9:a1:42:fd:a5:d1:ef:8c:05:d4:fa:1b:fa:
3e:aa:19:d2:22:e5:dc:74:4d:1c:1e:4d:59:0d:42:37:22:d0:
26:46:94:a7:c3:4e:a5:4c:ff:77:cf:d1:27:8d:46:53:87:7a:
34:c5:3f:22:27:cb:a3:c1:c5:5e:4f:b7:9f:96:bc:ab:9e:75:
eb:3f:49:95:37:ee:b8:37:f5:5f:db:4b:1f:74:3a:f4:29:3e:
43:87:a1:c2:6d:31:d2:fe:e8:4e:ea:a8:26:c4:01:ec:8f:22:
b7:ce:24:cb:d8:21:af:dc:6d:da:29:3a:77:cf:7a:57:01:a5:
31:1a:9e:16:1c:5c:4c:09:f9:15:3c:40:98:89:8c:15:85:24:
22:7b:34:79:b5:3b:d2:6d:e8:5f:ca:a4:b8:b1:5c:15:46:91:
df:0b:3b:23:d0:06:ca:c3:ab:40:c5:32:cf:38:b3:ab:f5:e2:
a3:b0:08:f1
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEA4/RijANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmYyYzJlN2JjMWRhNTRkOTE5Y2E1YjU5NDFkMzc4ODkyYjJjY2IyMB4XDTIyMDUy
MzEyNTEyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGM3NDAwOGI5YzM4
YWNjYzEzYjMzMzY4MjM2YzY5ZWUzMjNkNDU1NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANRsVy+V7aEW6wGZoyLFHnidmrjuVj0Q8zYT+SQrP42nKaJx
QR776EK+uZFbZWnHMeGQ3YxABkApVW6VT4LYXN2n12vKxeAOrZHLfJX4gYjQzKou
xVaZGPx3TTvmCwxrJNZ/iK0d5w3HGVjDZ+gK7naFV4J0TCMyHSWUDhgUeONYXvWP
0OINpYTGbw26neKNKtU4eo2bkyFhZovPWUXf12jsOpWQWU92cIRpbd7xMP+lQvJx
gW+odzPGncmOk6S7ij9ryLWeE+tUiAMAXMfoOAyRKlCX8V8wJgIY0Yx5AQxvq0NX
4hgY6VcZ6pVYhSdh7fSzCiLI0JX09Tt5S2t2CcUCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBTcdACLnDiszBOzM2gjbGnuMj1FVjAfBgNVHSMEGDAWgBQi8sLnvB2lTZGc
pbWUHTeIkrLMsjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0l2TEM1N3dkcFUyUm5LVzFsQjAzaUpLeXpMSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2IvNjAyNTMwLTZkMjItNDZmMS04ZTA1LTAyZGVmNmU4NGM5MS8x
LzNIUUFpNXc0ck13VHN6Tm9JMnhwN2pJOVJWWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Iv
NjAyNTMwLTZkMjItNDZmMS04ZTA1LTAyZGVmNmU4NGM5MS8xL0l2TEM1N3dkcFUy
Um5LVzFsQjAzaUpLeXpMSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAh+DKAMEAR+DLgMEAlvlDAMEA7By
ODANBgkqhkiG9w0BAQsFAAOCAQEADg42JooR0jNXdBadnS7gAlabFKfBEcJAZxG/
vjmelWXawCYcMei0GIX8pd+1PZop2tyzAD0c27iZRTd569Ul2KxzlU1+Re4YjTT4
xNapoUL9pdHvjAXU+hv6PqoZ0iLl3HRNHB5NWQ1CNyLQJkaUp8NOpUz/d8/RJ41G
U4d6NMU/IifLo8HFXk+3n5a8q5516z9JlTfuuDf1X9tLH3Q69Ck+Q4ehwm0x0v7o
TuqoJsQB7I8it84ky9ghr9xt2ik6d896VwGlMRqeFhxcTAn5FTxAmImMFYUkIns0
ebU70m3oX8qkuLFcFUaR3ws7I9AGysOrQMUyzzizq/Xio7AI8Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:07 2024 by rpki-client on console-fra.rpki-client.org