Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/3a1094-9b70-4251-b68f-7267073761d4/1/jAf7WD7A1eZRZMWLAxnViLIV7c4.roa
File: jAf7WD7A1eZRZMWLAxnViLIV7c4.roa (raw, json)
Hash identifier: DEqIHqT4qywAkNUeqU0SFWBQLtEQSWL+UtCFAp8aspE=
Subject key identifier: 8C:07:FB:58:3E:C0:D5:E6:51:64:C5:8B:03:19:D5:88:B2:15:ED:CE
Certificate issuer: /CN=3b230442feae9fc26b8bd887faa0ed0275827a58
Certificate serial: 0184F216F239D90B3413C7FC3AAC7B4DF75D
Authority key identifier: 3B:23:04:42:FE:AE:9F:C2:6B:8B:D8:87:FA:A0:ED:02:75:82:7A:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OyMEQv6un8Jri9iH-qDtAnWCelg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/3a1094-9b70-4251-b68f-7267073761d4/1/jAf7WD7A1eZRZMWLAxnViLIV7c4.roa
Signing time: Thu 08 Dec 2022 14:15:00 +0000
ROA not before: Thu 08 Dec 2022 14:15:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3320
IP address blocks: 31.224.0.0/11 maxlen: 11
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f2:16:f2:39:d9:0b:34:13:c7:fc:3a:ac:7b:4d:f7:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b230442feae9fc26b8bd887faa0ed0275827a58
Validity
Not Before: Dec 8 14:15:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8c07fb583ec0d5e65164c58b0319d588b215edce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:6c:0c:f6:37:33:c4:a4:c0:dd:d3:1c:d3:2b:
b5:76:29:1b:8f:59:b0:50:5f:f5:4f:e1:07:75:e8:
0c:10:68:95:66:fe:93:cd:44:32:7f:6e:94:e7:b8:
71:7b:20:b2:f5:04:55:67:cc:a7:d6:43:cc:76:1c:
72:bd:18:12:23:0d:a0:2f:87:99:ee:db:98:3d:8e:
34:b0:8b:a3:7f:a7:3a:34:05:ab:fc:31:95:6d:36:
9f:7c:46:75:b0:ed:c9:c2:0a:61:5a:1f:aa:f1:7f:
0f:81:2d:65:7a:d3:5d:96:92:2b:e3:86:79:ed:0e:
24:11:2a:0a:e3:a0:d8:08:0d:71:3f:e8:59:2d:69:
4a:ca:5d:b5:4b:a6:ab:e7:2f:55:98:1f:c7:e6:bd:
e7:0a:cd:6d:de:75:60:6b:02:05:c9:a3:62:86:c6:
fe:95:f9:70:c6:05:b8:3e:21:fa:22:68:1d:75:2f:
fa:ac:01:ca:d2:c1:c2:61:af:c4:10:60:ce:ac:3f:
e9:5e:c5:82:a7:3f:fe:f6:43:ee:fd:26:58:79:09:
35:20:87:52:c7:d0:6e:28:8b:d4:9e:ff:56:1c:e5:
18:1b:e5:54:6d:b9:82:e5:2b:9a:6a:ce:4d:05:1c:
58:ae:92:67:52:23:bc:cf:74:f1:d6:6a:0a:1a:b8:
f5:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:07:FB:58:3E:C0:D5:E6:51:64:C5:8B:03:19:D5:88:B2:15:ED:CE
X509v3 Authority Key Identifier:
keyid:3B:23:04:42:FE:AE:9F:C2:6B:8B:D8:87:FA:A0:ED:02:75:82:7A:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OyMEQv6un8Jri9iH-qDtAnWCelg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/3a1094-9b70-4251-b68f-7267073761d4/1/jAf7WD7A1eZRZMWLAxnViLIV7c4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/3a1094-9b70-4251-b68f-7267073761d4/1/OyMEQv6un8Jri9iH-qDtAnWCelg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.224.0.0/11
Signature Algorithm: sha256WithRSAEncryption
44:79:83:cb:34:eb:f7:05:de:90:c0:2a:80:43:bd:ce:4b:3c:
51:45:34:31:bf:c0:15:63:86:54:64:81:1e:aa:f7:47:58:8c:
25:ee:cd:02:fc:ac:b7:a0:9f:4a:a3:d5:13:40:0b:bb:78:d5:
26:df:46:74:1b:c2:45:1e:70:81:c0:13:6c:3e:3d:51:48:cd:
65:19:cf:11:9f:96:df:9b:07:6e:c5:5b:d6:e4:08:62:00:58:
b7:52:50:df:4c:be:5f:98:74:ee:0b:4b:5a:a3:44:83:55:67:
1b:8e:ae:e5:2d:5c:cf:61:8d:92:37:f7:b2:c2:cc:f6:e9:9e:
86:e3:40:52:34:dc:42:e7:e1:6d:8d:0b:98:9c:9a:a9:95:59:
3d:ce:fe:8c:2a:5e:0b:14:30:1a:7e:3d:2a:bb:ac:a8:c8:1e:
bc:1d:da:56:74:c5:e8:d6:aa:2a:cf:1f:ba:d1:19:13:d5:69:
bd:c5:60:e8:a5:15:ac:3a:38:d6:dd:fa:d0:17:35:16:d9:56:
d2:13:65:11:ce:25:3c:b1:8b:15:2c:7e:e0:3f:15:aa:76:9f:
34:c7:ef:4c:5c:0d:50:3b:d1:4b:a0:ca:40:f3:0c:a1:cf:49:
da:49:fb:4b:bf:05:4c:c1:9f:1d:a0:78:7b:36:9d:ff:08:22:
2e:7a:72:f4
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYTyFvI52Qs0E8f8Oqx7TfddMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMjMwNDQyZmVhZTlmYzI2YjhiZDg4N2ZhYTBlZDAyNzU4
MjdhNTgwHhcNMjIxMjA4MTQxNTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzA3ZmI1ODNlYzBkNWU2NTE2NGM1OGIwMzE5ZDU4OGIyMTVlZGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2wM9jczxKTA3dMc0yu1dikbj1mw
UF/1T+EHdegMEGiVZv6TzUQyf26U57hxeyCy9QRVZ8yn1kPMdhxyvRgSIw2gL4eZ
7tuYPY40sIujf6c6NAWr/DGVbTaffEZ1sO3JwgphWh+q8X8PgS1letNdlpIr44Z5
7Q4kESoK46DYCA1xP+hZLWlKyl21S6ar5y9VmB/H5r3nCs1t3nVgawIFyaNihsb+
lflwxgW4PiH6ImgddS/6rAHK0sHCYa/EEGDOrD/pXsWCpz/+9kPu/SZYeQk1IIdS
x9BuKIvUnv9WHOUYG+VUbbmC5Suaas5NBRxYrpJnUiO8z3Tx1moKGrj1HQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFIwH+1g+wNXmUWTFiwMZ1YiyFe3OMB8GA1UdIwQY
MBaAFDsjBEL+rp/Ca4vYh/qg7QJ1gnpYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3lNRVF2NnVuOEpyaTlpSC1xRHRBbldDZWxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8zYTEwOTQtOWI3MC00MjUxLWI2OGYt
NzI2NzA3Mzc2MWQ0LzEvakFmN1dEN0ExZVpSWk1XTEF4blZpTElWN2M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8zYTEwOTQtOWI3MC00MjUxLWI2OGYtNzI2NzA3Mzc2MWQ0
LzEvT3lNRVF2NnVuOEpyaTlpSC1xRHRBbldDZWxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMFH+AwDQYJ
KoZIhvcNAQELBQADggEBAER5g8s06/cF3pDAKoBDvc5LPFFFNDG/wBVjhlRkgR6q
90dYjCXuzQL8rLegn0qj1RNAC7t41SbfRnQbwkUecIHAE2w+PVFIzWUZzxGflt+b
B27FW9bkCGIAWLdSUN9Mvl+YdO4LS1qjRINVZxuOruUtXM9hjZI397LCzPbpnobj
QFI03ELn4W2NC5icmqmVWT3O/owqXgsUMBp+PSq7rKjIHrwd2lZ0xejWqirPH7rR
GRPVab3FYOilFaw6ONbd+tAXNRbZVtITZRHOJTyxixUsfuA/Fap2nzTH70xcDVA7
0UugykDzDKHPSdpJ+0u/BUzBnx2geHs2nf8IIi56cvQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:39 2024 by rpki-client on console-ams.rpki-client.org