Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/388c70-e4c7-420d-8188-8be146253356/1/tY-kLOjSa_Nx05GA-sV3RvM2uCc.roa
File: tY-kLOjSa_Nx05GA-sV3RvM2uCc.roa (raw, json)
Hash identifier: LNTYOoeqEJB6lJF1r4OCItkXnQbRBoqL8RCmImKPvSk=
Subject key identifier: B5:8F:A4:2C:E8:D2:6B:F3:71:D3:91:80:FA:C5:77:46:F3:36:B8:27
Certificate issuer: /CN=662f55d377127f28ce26b78fd83becf41becad4b
Certificate serial: 04680D63
Authority key identifier: 66:2F:55:D3:77:12:7F:28:CE:26:B7:8F:D8:3B:EC:F4:1B:EC:AD:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zi9V03cSfyjOJreP2Dvs9BvsrUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/388c70-e4c7-420d-8188-8be146253356/1/tY-kLOjSa_Nx05GA-sV3RvM2uCc.roa
Signing time: Wed 02 Mar 2022 10:54:22 +0000
ROA not before: Wed 02 Mar 2022 10:54:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 31.25.237.0/24 maxlen: 24
31.25.236.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73928035 (0x4680d63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=662f55d377127f28ce26b78fd83becf41becad4b
Validity
Not Before: Mar 2 10:54:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b58fa42ce8d26bf371d39180fac57746f336b827
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:d2:d3:74:b6:3b:90:ea:8f:20:0d:39:ca:c6:
5b:19:b1:4a:6b:90:6f:52:d4:ac:e3:f6:a3:8a:c2:
ee:f9:53:ea:f5:fd:03:90:97:ae:ef:75:8c:c0:fa:
54:fe:dd:a2:72:0c:9c:a0:33:45:9e:0d:19:46:62:
d9:ef:01:db:ad:09:f8:c2:08:67:0c:3c:02:59:49:
cf:9c:0e:f4:67:bd:b2:80:bf:cf:1c:a6:32:6f:69:
20:00:09:6f:af:31:6f:1f:2e:be:c6:bd:84:14:99:
6d:fc:08:64:98:b1:31:a6:e1:2c:8e:1c:0c:96:3a:
2d:26:50:0f:1d:08:82:ea:c3:4f:df:79:49:f1:cd:
68:75:d3:a9:4a:b0:a8:b5:80:fd:5a:91:53:5a:28:
a4:e2:b6:22:28:ed:3a:dc:4d:06:43:19:17:f2:92:
9d:1e:ce:43:02:6d:ef:00:d4:14:53:9d:b5:68:fa:
6a:02:04:3c:d0:8c:88:d0:54:a7:70:21:c6:23:e2:
71:f1:3f:cf:2c:5d:0e:ac:18:11:ef:c2:55:ff:d8:
a4:24:4c:9c:de:46:16:3d:f2:bf:f1:a4:93:a2:4b:
eb:8c:f1:3e:d8:78:99:62:e6:29:28:a2:25:05:8e:
a2:b2:a3:65:c5:f1:a1:a0:ad:72:05:3c:b0:e5:f1:
dc:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:8F:A4:2C:E8:D2:6B:F3:71:D3:91:80:FA:C5:77:46:F3:36:B8:27
X509v3 Authority Key Identifier:
keyid:66:2F:55:D3:77:12:7F:28:CE:26:B7:8F:D8:3B:EC:F4:1B:EC:AD:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zi9V03cSfyjOJreP2Dvs9BvsrUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/388c70-e4c7-420d-8188-8be146253356/1/tY-kLOjSa_Nx05GA-sV3RvM2uCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/388c70-e4c7-420d-8188-8be146253356/1/Zi9V03cSfyjOJreP2Dvs9BvsrUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.236.0/22
Signature Algorithm: sha256WithRSAEncryption
05:f5:1e:5a:25:31:73:06:6e:2d:e7:bb:6d:81:8d:f3:c6:5a:
8a:98:5e:a1:cb:8d:6f:00:3b:5a:76:2b:38:2d:19:03:79:c3:
9c:84:fe:ce:5b:6a:22:c5:96:d0:b4:b4:bd:bd:3c:98:a5:1c:
32:b7:90:14:a5:fd:d5:6e:e9:b2:c2:f8:4c:d3:ab:e6:38:2a:
b2:3b:bf:5a:e9:dc:6e:f8:2a:20:63:0a:d8:c9:f3:23:50:07:
b5:1e:d4:88:c3:2d:ce:95:d7:bc:8c:0d:a5:f5:89:76:d9:34:
1e:bf:da:7f:b9:25:d3:87:fb:9c:b3:fc:8d:db:99:0a:27:bc:
1d:79:b5:ad:7c:cc:84:6d:31:07:12:74:5b:28:9a:4d:cb:42:
e7:8e:4e:e8:66:d2:1f:71:26:c1:59:bc:cc:87:f9:79:ad:c3:
8c:00:10:1d:4d:de:4a:7e:21:10:37:da:e0:5a:ce:ec:79:15:
9e:34:9e:d8:00:d1:e7:ce:e7:10:6d:09:8c:1f:ee:0e:53:47:
fb:f8:e2:2f:5c:51:e6:af:07:d8:12:f6:6b:e0:5f:59:03:a8:
fc:c4:20:b8:8e:cc:30:33:ba:fa:fd:25:f0:7f:39:c5:0d:7f:
9a:ee:c8:d3:81:b5:8c:38:58:d2:c3:25:5a:3d:0b:51:62:6d:
34:1a:8f:76
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBGgNYzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NjJmNTVkMzc3MTI3ZjI4Y2UyNmI3OGZkODNiZWNmNDFiZWNhZDRiMB4XDTIyMDMw
MjEwNTQyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjU4ZmE0MmNlOGQy
NmJmMzcxZDM5MTgwZmFjNTc3NDZmMzM2YjgyNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN3S03S2O5DqjyANOcrGWxmxSmuQb1LUrOP2o4rC7vlT6vX9
A5CXru91jMD6VP7donIMnKAzRZ4NGUZi2e8B260J+MIIZww8AllJz5wO9Ge9soC/
zxymMm9pIAAJb68xbx8uvsa9hBSZbfwIZJixMabhLI4cDJY6LSZQDx0IgurDT995
SfHNaHXTqUqwqLWA/VqRU1oopOK2IijtOtxNBkMZF/KSnR7OQwJt7wDUFFOdtWj6
agIEPNCMiNBUp3AhxiPicfE/zyxdDqwYEe/CVf/YpCRMnN5GFj3yv/Gkk6JL64zx
Pth4mWLmKSiiJQWOorKjZcXxoaCtcgU8sOXx3G0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS1j6Qs6NJr83HTkYD6xXdG8za4JzAfBgNVHSMEGDAWgBRmL1XTdxJ/KM4m
t4/YO+z0G+ytSzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ppOVYwM2NTZnlqT0pyZVAyRHZzOUJ2c3JVcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODIvMzg4YzcwLWU0YzctNDIwZC04MTg4LThiZTE0NjI1MzM1Ni8x
L3RZLWtMT2pTYV9OeDA1R0Etc1YzUnZNMnVDYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODIv
Mzg4YzcwLWU0YzctNDIwZC04MTg4LThiZTE0NjI1MzM1Ni8xL1ppOVYwM2NTZnlq
T0pyZVAyRHZzOUJ2c3JVcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAh8Z7DANBgkqhkiG9w0BAQsFAAOC
AQEABfUeWiUxcwZuLee7bYGN88ZaipheocuNbwA7WnYrOC0ZA3nDnIT+zltqIsWW
0LS0vb08mKUcMreQFKX91W7pssL4TNOr5jgqsju/WuncbvgqIGMK2MnzI1AHtR7U
iMMtzpXXvIwNpfWJdtk0Hr/af7kl04f7nLP8jduZCie8HXm1rXzMhG0xBxJ0Wyia
TctC545O6GbSH3EmwVm8zIf5ea3DjAAQHU3eSn4hEDfa4FrO7HkVnjSe2ADR587n
EG0JjB/uDlNH+/jiL1xR5q8H2BL2a+BfWQOo/MQguI7MMDO6+v0l8H85xQ1/mu7I
04G1jDhY0sMlWj0LUWJtNBqPdg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:09 2024 by rpki-client on console-fra.rpki-client.org