Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/CqFDuuvMbePnDOEnSpYUo8Wh9Mo.roa
File: CqFDuuvMbePnDOEnSpYUo8Wh9Mo.roa (raw, json)
Hash identifier: oOGX/8CzPJJnCSi2C+XbscN6Vy4aiq0vN5iaD8GWzrY=
Subject key identifier: 0A:A1:43:BA:EB:CC:6D:E3:E7:0C:E1:27:4A:96:14:A3:C5:A1:F4:CA
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 01832316D89084E76FC773295A19ABFFC714
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/CqFDuuvMbePnDOEnSpYUo8Wh9Mo.roa
Signing time: Fri 09 Sep 2022 16:30:43 +0000
ROA not before: Fri 09 Sep 2022 16:30:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56887
IP address blocks: 31.131.44.0/23 maxlen: 24
194.40.205.0/24 maxlen: 24
194.40.204.0/24 maxlen: 24
194.40.206.0/24 maxlen: 24
194.40.207.0/24 maxlen: 24
176.124.72.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:23:16:d8:90:84:e7:6f:c7:73:29:5a:19:ab:ff:c7:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: Sep 9 16:30:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0aa143baebcc6de3e70ce1274a9614a3c5a1f4ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:d2:c3:80:da:58:ff:14:f8:73:39:e1:cd:ea:
82:a8:e2:a2:3e:2c:09:a8:7f:92:36:96:6a:4d:93:
08:cf:34:ce:59:42:48:51:4e:d2:a8:66:ce:fa:3c:
d8:53:d3:3e:69:c2:77:4e:ef:55:be:f2:ea:de:f2:
f8:06:45:1b:8b:8a:6a:3d:22:8b:87:4a:00:f2:49:
80:80:84:27:ce:f9:77:96:0d:28:1c:d2:72:40:7c:
8f:1a:b4:21:ea:6a:8f:9c:43:86:5d:82:28:64:b1:
c2:29:71:49:d2:6e:72:bc:4d:8c:d7:f1:35:3f:80:
fb:77:28:ed:de:bd:82:ee:83:6c:4f:b0:92:fe:4e:
4f:45:a1:24:e2:52:5e:f0:dc:0c:e6:dc:84:3f:7e:
09:96:7c:e6:54:2c:a4:89:3f:04:6e:e7:7c:24:8a:
d6:f0:14:c6:3b:37:04:08:1c:6a:73:9a:c7:77:6d:
a2:b2:95:e4:20:4b:e8:88:4d:76:65:d9:fb:c1:12:
14:22:7d:9a:d6:72:30:9f:33:7f:ce:ca:38:30:6e:
90:b4:95:2c:ed:14:70:9e:b5:a6:50:65:91:01:c9:
44:24:e2:ed:03:cb:28:96:e5:81:41:e1:31:e7:90:
b7:31:ea:cd:ed:7e:cb:57:b3:2a:4c:dd:89:02:6a:
e4:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:A1:43:BA:EB:CC:6D:E3:E7:0C:E1:27:4A:96:14:A3:C5:A1:F4:CA
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/CqFDuuvMbePnDOEnSpYUo8Wh9Mo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.44.0/23
176.124.72.0/22
194.40.204.0/22
Signature Algorithm: sha256WithRSAEncryption
01:8a:47:12:65:33:eb:1b:98:df:55:71:0a:4f:57:87:47:c5:
e1:1f:3a:dc:8f:29:a9:39:21:75:9e:1b:5c:c8:88:f1:5b:be:
da:ad:5b:f9:b0:07:0b:c5:81:18:0c:d0:36:f2:1f:b8:57:0a:
c2:38:9e:f6:26:c9:02:22:66:0e:e5:aa:f6:7f:1a:be:19:fd:
f1:3e:35:31:c2:74:76:5e:98:cd:22:4a:17:94:ac:79:00:25:
27:32:da:ae:8d:c9:9f:3a:d9:4c:d9:3e:e0:88:b0:6a:d4:28:
e9:f3:95:99:0d:18:90:c5:ae:b4:72:0e:80:e1:a4:a3:6e:98:
14:c2:e5:7a:2e:7c:53:ad:68:1e:17:7b:c0:98:b4:f4:5f:6d:
01:f2:40:94:62:cf:15:51:a6:c8:01:07:92:a9:f1:08:04:67:
cf:0a:74:a9:dd:4d:3a:15:72:77:53:d3:69:fd:91:f2:00:11:
5e:26:8f:e8:5d:33:5f:a2:b8:b6:6e:77:61:99:2a:b2:14:60:
8f:d7:53:42:2e:0b:3d:da:86:4e:92:e2:d8:bd:46:d5:eb:15:
f9:5e:42:1d:a2:4e:22:36:48:f1:1c:c8:ed:df:ed:ec:49:df:
81:84:e8:30:c2:7f:d4:71:b9:fe:27:33:42:86:1f:d5:25:9b:
6b:37:42:cc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYMjFtiQhOdvx3MpWhmr/8cUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjIwOTA5MTYzMDQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWExNDNiYWViY2M2ZGUzZTcwY2UxMjc0YTk2MTRhM2M1YTFmNGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9LDgNpY/xT4cznhzeqCqOKiPiwJ
qH+SNpZqTZMIzzTOWUJIUU7SqGbO+jzYU9M+acJ3Tu9VvvLq3vL4BkUbi4pqPSKL
h0oA8kmAgIQnzvl3lg0oHNJyQHyPGrQh6mqPnEOGXYIoZLHCKXFJ0m5yvE2M1/E1
P4D7dyjt3r2C7oNsT7CS/k5PRaEk4lJe8NwM5tyEP34JlnzmVCykiT8Ebud8JIrW
8BTGOzcECBxqc5rHd22ispXkIEvoiE12Zdn7wRIUIn2a1nIwnzN/zso4MG6QtJUs
7RRwnrWmUGWRAclEJOLtA8soluWBQeEx55C3MerN7X7LV7MqTN2JAmrk5QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAqhQ7rrzG3j5wzhJ0qWFKPFofTKMB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvQ3FGRHV1dk1iZVBuRE9FblNwWVVvOFdoOU1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBH4MsAwQC
sHxIAwQCwijMMA0GCSqGSIb3DQEBCwUAA4IBAQABikcSZTPrG5jfVXEKT1eHR8Xh
HzrcjympOSF1nhtcyIjxW77arVv5sAcLxYEYDNA28h+4VwrCOJ72JskCImYO5ar2
fxq+Gf3xPjUxwnR2XpjNIkoXlKx5ACUnMtqujcmfOtlM2T7giLBq1Cjp85WZDRiQ
xa60cg6A4aSjbpgUwuV6LnxTrWgeF3vAmLT0X20B8kCUYs8VUabIAQeSqfEIBGfP
CnSp3U06FXJ3U9Np/ZHyABFeJo/oXTNfori2bndhmSqyFGCP11NCLgs92oZOkuLY
vUbV6xX5XkIdok4iNkjxHMjt3+3sSd+BhOgwwn/Ucbn+JzNChh/VJZtrN0LM
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:21 2023 by rpki-client on console-fra.rpki-client.org