Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/52bbe0-4cf3-4e31-9273-31668ae3b166/1/k08pO6iFT2cg8Pey2YmsrxWqveI.roa
File: k08pO6iFT2cg8Pey2YmsrxWqveI.roa (raw, json)
Hash identifier: pzJycjchZmOUtmYgbYaUrgr0SDR4hhvxzh+xvWgcavQ=
Subject key identifier: 93:4F:29:3B:A8:85:4F:67:20:F0:F7:B2:D9:89:AC:AF:15:AA:BD:E2
Certificate issuer: /CN=2437736e6f55900adbfb0456c4164f67b453ac8f
Certificate serial: 0183142EEDE463C76E60B0DA658A756AD56F
Authority key identifier: 24:37:73:6E:6F:55:90:0A:DB:FB:04:56:C4:16:4F:67:B4:53:AC:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JDdzbm9VkArb-wRWxBZPZ7RTrI8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/52bbe0-4cf3-4e31-9273-31668ae3b166/1/k08pO6iFT2cg8Pey2YmsrxWqveI.roa
Signing time: Tue 06 Sep 2022 19:02:43 +0000
ROA not before: Tue 06 Sep 2022 19:02:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212744
IP address blocks: 31.41.33.0/24 maxlen: 24
2a12:4046::/32 maxlen: 32
2a12:4044::/32 maxlen: 32
2a12:4042::/32 maxlen: 32
2a12:4040::/32 maxlen: 32
2a12:4043::/32 maxlen: 32
2a12:4045::/32 maxlen: 32
2a12:4040::/29 maxlen: 29
2a12:4041::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:14:2e:ed:e4:63:c7:6e:60:b0:da:65:8a:75:6a:d5:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2437736e6f55900adbfb0456c4164f67b453ac8f
Validity
Not Before: Sep 6 19:02:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=934f293ba8854f6720f0f7b2d989acaf15aabde2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:4a:bc:bd:71:cd:db:45:84:3b:41:8f:fd:74:
34:81:57:e0:63:2c:08:56:b1:63:1f:d4:8f:ea:70:
c7:55:b1:a1:ff:7c:42:0f:0c:0c:90:40:a4:e4:bd:
af:47:e5:94:03:92:28:4c:9b:9c:28:0e:4d:18:71:
b0:a3:3c:de:a3:ef:69:eb:ff:88:6a:8f:6f:6e:be:
9e:55:45:c4:d7:ee:0a:bd:2b:c6:ef:a1:8a:4f:c7:
bd:4e:4d:19:b9:ec:16:c9:1f:b3:bb:67:47:83:92:
68:00:bb:a8:8f:8b:94:ed:2a:4e:8e:6f:0c:a1:dc:
24:03:c6:7f:02:17:9d:0d:e6:62:0b:e8:df:25:2c:
d4:08:b7:5e:ac:00:15:1a:32:53:a5:b6:12:57:d6:
d4:52:de:5e:99:54:8d:85:4d:c2:f1:61:85:43:07:
f2:79:42:f5:10:c0:ff:35:bc:f5:a5:76:ab:2a:80:
07:62:13:aa:eb:74:aa:ee:fa:b2:ed:ab:64:2d:93:
dd:78:d7:d8:75:64:dc:b5:f6:fa:95:54:1e:d3:18:
9f:af:70:41:e1:a2:c3:56:c0:8b:76:f8:b7:45:91:
bb:1c:46:ef:ac:bf:de:44:e7:f6:38:2b:b6:da:9c:
34:ca:63:11:24:75:66:1e:ad:08:b8:ae:d1:85:b3:
4a:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:4F:29:3B:A8:85:4F:67:20:F0:F7:B2:D9:89:AC:AF:15:AA:BD:E2
X509v3 Authority Key Identifier:
keyid:24:37:73:6E:6F:55:90:0A:DB:FB:04:56:C4:16:4F:67:B4:53:AC:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JDdzbm9VkArb-wRWxBZPZ7RTrI8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/52bbe0-4cf3-4e31-9273-31668ae3b166/1/k08pO6iFT2cg8Pey2YmsrxWqveI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/52bbe0-4cf3-4e31-9273-31668ae3b166/1/JDdzbm9VkArb-wRWxBZPZ7RTrI8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.33.0/24
IPv6:
2a12:4040::/29
Signature Algorithm: sha256WithRSAEncryption
27:ff:12:de:cc:57:30:37:6a:7f:4f:78:e4:28:c3:dc:71:f2:
a8:51:f3:14:6f:1c:ac:a9:c8:cb:f5:25:9a:25:d5:70:13:cf:
e1:13:e7:34:f6:f7:89:4d:0a:66:5b:84:ef:31:4b:b0:22:71:
c9:43:c3:e0:6f:4d:2f:53:b8:d9:b1:db:37:b6:e2:a7:6c:cb:
b9:a0:0b:7e:32:6e:3a:59:b4:5f:5d:75:b6:f8:18:97:dc:0c:
d2:9b:88:4e:0d:7f:2e:f5:7c:95:cc:db:59:45:26:31:21:51:
b0:ce:a8:7c:86:1f:8d:7a:4f:21:31:4b:8b:4b:1d:90:01:4e:
f8:3b:0f:8a:d1:b4:02:20:b1:b2:ab:f0:83:c0:d4:04:35:a4:
b7:41:68:d2:88:a0:eb:1f:5d:7b:8a:71:33:69:0b:75:1a:88:
e0:48:6a:58:82:1e:76:a2:aa:79:6e:9b:31:18:b0:db:86:3a:
65:e9:0f:27:8c:5b:ee:62:19:e5:bf:a3:84:7d:72:cf:93:5d:
56:b2:56:45:dd:84:ed:c5:27:17:85:2e:1f:fa:f2:44:b5:42:
76:ee:6b:d0:d2:cb:5c:09:80:2b:c2:b6:ef:91:f7:15:75:e8:
ff:79:43:74:b8:e2:5f:01:95:d4:50:5a:df:02:63:e6:2d:24:
8c:ab:90:27
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYMULu3kY8duYLDaZYp1atVvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0Mzc3MzZlNmY1NTkwMGFkYmZiMDQ1NmM0MTY0ZjY3YjQ1
M2FjOGYwHhcNMjIwOTA2MTkwMjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzRmMjkzYmE4ODU0ZjY3MjBmMGY3YjJkOTg5YWNhZjE1YWFiZGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkq8vXHN20WEO0GP/XQ0gVfgYywI
VrFjH9SP6nDHVbGh/3xCDwwMkECk5L2vR+WUA5IoTJucKA5NGHGwozzeo+9p6/+I
ao9vbr6eVUXE1+4KvSvG76GKT8e9Tk0ZuewWyR+zu2dHg5JoALuoj4uU7SpOjm8M
odwkA8Z/AhedDeZiC+jfJSzUCLderAAVGjJTpbYSV9bUUt5emVSNhU3C8WGFQwfy
eUL1EMD/Nbz1pXarKoAHYhOq63Sq7vqy7atkLZPdeNfYdWTctfb6lVQe0xifr3BB
4aLDVsCLdvi3RZG7HEbvrL/eROf2OCu22pw0ymMRJHVmHq0IuK7RhbNKGwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJNPKTuohU9nIPD3stmJrK8Vqr3iMB8GA1UdIwQY
MBaAFCQ3c25vVZAK2/sEVsQWT2e0U6yPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkRkemJtOVZrQXJiLXdSV3hCWlBaN1JUckk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi81MmJiZTAtNGNmMy00ZTMxLTkyNzMt
MzE2NjhhZTNiMTY2LzEvazA4cE82aUZUMmNnOFBleTJZbXNyeFdxdmVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi81MmJiZTAtNGNmMy00ZTMxLTkyNzMtMzE2NjhhZTNiMTY2
LzEvSkRkemJtOVZrQXJiLXdSV3hCWlBaN1JUckk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAHykhMA0E
AgACMAcDBQMqEkBAMA0GCSqGSIb3DQEBCwUAA4IBAQAn/xLezFcwN2p/T3jkKMPc
cfKoUfMUbxysqcjL9SWaJdVwE8/hE+c09veJTQpmW4TvMUuwInHJQ8Pgb00vU7jZ
sds3tuKnbMu5oAt+Mm46WbRfXXW2+BiX3AzSm4hODX8u9XyVzNtZRSYxIVGwzqh8
hh+Nek8hMUuLSx2QAU74Ow+K0bQCILGyq/CDwNQENaS3QWjSiKDrH117inEzaQt1
GojgSGpYgh52oqp5bpsxGLDbhjpl6Q8njFvuYhnlv6OEfXLPk11WslZF3YTtxScX
hS4f+vJEtUJ27mvQ0stcCYArwrbvkfcVdej/eUN0uOJfAZXUUFrfAmPmLSSMq5An
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:43 2024 by rpki-client on console-ams.rpki-client.org