Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/YK8Ex-9a1-GEmaQKnWZnsNUSno4.roa
File: YK8Ex-9a1-GEmaQKnWZnsNUSno4.roa (raw, json)
Hash identifier: z9KRuwq3JZdJu5oCVcXn2XIytKT6fm67v8a1bCkba0Q=
Subject key identifier: 60:AF:04:C7:EF:5A:D7:E1:84:99:A4:0A:9D:66:67:B0:D5:12:9E:8E
Certificate issuer: /CN=8fe02b7eedffc38ab5eab4416172e7d88e9ad1e2
Certificate serial: 018AF87C
Authority key identifier: 8F:E0:2B:7E:ED:FF:C3:8A:B5:EA:B4:41:61:72:E7:D8:8E:9A:D1:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j-Arfu3_w4q16rRBYXLn2I6a0eI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/YK8Ex-9a1-GEmaQKnWZnsNUSno4.roa
Signing time: Thu 03 Feb 2022 13:23:18 +0000
ROA not before: Thu 03 Feb 2022 13:23:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201702
IP address blocks: 31.40.6.0/24 maxlen: 24
31.40.7.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25884796 (0x18af87c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8fe02b7eedffc38ab5eab4416172e7d88e9ad1e2
Validity
Not Before: Feb 3 13:23:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=60af04c7ef5ad7e18499a40a9d6667b0d5129e8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:10:94:55:5e:35:8b:f2:2c:50:de:9c:90:f1:
3e:5f:10:75:99:2f:45:a6:3d:c1:37:a4:79:09:35:
9d:ca:59:34:e0:ba:24:71:b2:43:00:12:10:71:ea:
35:7b:a0:5a:e0:8e:cf:75:33:47:e7:08:d3:05:17:
24:52:a5:6a:0c:a2:40:dd:c7:2d:28:b0:30:d6:d2:
51:42:ec:2f:13:00:7e:b5:53:d1:cb:95:33:b7:b8:
f6:09:ee:dc:66:0d:b3:04:50:e5:38:9b:ea:3d:50:
55:65:40:60:4b:39:b8:8d:f1:8f:02:e9:46:b0:7d:
c8:a8:4d:3c:f3:cf:9a:c0:a1:bc:3a:24:00:4b:01:
b7:81:11:41:05:85:8b:1f:f3:45:a1:5e:5d:94:de:
6e:47:e1:ba:59:c2:96:78:78:84:4b:0f:a0:53:48:
52:91:61:c8:70:51:2f:7c:80:ba:79:21:d5:aa:95:
5b:e9:8c:c8:59:df:43:6e:6b:68:dd:2b:73:d3:ea:
ab:5d:d8:7b:88:26:0e:7b:a6:04:d1:0c:a6:8b:8d:
33:03:82:cf:d3:bd:ea:3d:11:6b:57:3c:db:e5:c5:
1d:1e:4d:e9:fb:47:cb:3d:60:27:33:33:c7:aa:be:
07:58:4e:07:69:d7:fc:bb:97:90:eb:e9:5b:4c:4e:
71:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:AF:04:C7:EF:5A:D7:E1:84:99:A4:0A:9D:66:67:B0:D5:12:9E:8E
X509v3 Authority Key Identifier:
keyid:8F:E0:2B:7E:ED:FF:C3:8A:B5:EA:B4:41:61:72:E7:D8:8E:9A:D1:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j-Arfu3_w4q16rRBYXLn2I6a0eI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/YK8Ex-9a1-GEmaQKnWZnsNUSno4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/j-Arfu3_w4q16rRBYXLn2I6a0eI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.6.0/23
Signature Algorithm: sha256WithRSAEncryption
89:e9:e6:74:1f:3e:ab:35:7f:07:f7:25:6a:6c:0c:5a:d1:07:
88:35:24:73:be:ba:55:30:a0:7b:51:f5:7b:12:80:dd:1e:cd:
07:e2:39:4b:7d:77:38:ea:c1:33:93:40:7f:f8:bb:91:49:32:
8a:f3:d1:06:28:59:f2:f2:56:4f:0b:b5:f2:d8:17:e5:0e:c8:
ce:ba:2e:32:f2:32:d2:6d:18:c0:fd:0c:51:98:1d:93:4b:02:
86:3c:38:70:3a:21:c0:b6:80:72:bd:7e:35:c7:a5:dc:25:1f:
4c:0b:0c:a0:b1:c8:ba:97:0f:b3:fc:09:e5:50:d6:40:ff:ed:
e4:ec:f5:8f:1b:41:f5:3f:ba:82:d4:36:39:95:34:20:e8:7f:
44:82:b0:e4:f3:2f:3b:13:f1:77:fe:5a:84:a6:75:81:60:ae:
93:f3:f4:e8:5d:cd:47:8e:63:da:b2:ba:70:8f:0b:90:9d:b9:
36:ce:2a:11:68:82:51:b5:6d:4d:8c:95:cc:67:29:c9:d8:5e:
2c:6b:22:3a:cf:4e:bb:a1:3a:02:c6:ba:68:4c:f1:6a:1b:26:
db:06:6d:3e:e5:94:35:15:f4:ca:ac:35:45:8e:ec:63:91:11:
7b:4d:51:d0:a8:f8:7d:03:3c:9b:35:0d:4d:d7:6a:b3:26:48:
9b:3f:c3:36
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAYr4fDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZmUwMmI3ZWVkZmZjMzhhYjVlYWI0NDE2MTcyZTdkODhlOWFkMWUyMB4XDTIyMDIw
MzEzMjMxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjBhZjA0YzdlZjVh
ZDdlMTg0OTlhNDBhOWQ2NjY3YjBkNTEyOWU4ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJwQlFVeNYvyLFDenJDxPl8QdZkvRaY9wTekeQk1ncpZNOC6
JHGyQwASEHHqNXugWuCOz3UzR+cI0wUXJFKlagyiQN3HLSiwMNbSUULsLxMAfrVT
0cuVM7e49gnu3GYNswRQ5Tib6j1QVWVAYEs5uI3xjwLpRrB9yKhNPPPPmsChvDok
AEsBt4ERQQWFix/zRaFeXZTebkfhulnClnh4hEsPoFNIUpFhyHBRL3yAunkh1aqV
W+mMyFnfQ25raN0rc9Pqq13Ye4gmDnumBNEMpouNMwOCz9O96j0Ra1c82+XFHR5N
6ftHyz1gJzMzx6q+B1hOB2nX/LuXkOvpW0xOcY0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRgrwTH71rX4YSZpAqdZmew1RKejjAfBgNVHSMEGDAWgBSP4Ct+7f/DirXq
tEFhcufYjprR4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2otQXJmdTNfdzRxMTZyUkJZWExuMkk2YTBlSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGUvZDJjMjM1LWExZjUtNDk4NC1hYWRmLTUxNDZmMTNiNzFhMS8x
L1lLOEV4LTlhMS1HRW1hUUtuV1puc05VU25vNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGUv
ZDJjMjM1LWExZjUtNDk4NC1hYWRmLTUxNDZmMTNiNzFhMS8xL2otQXJmdTNfdzRx
MTZyUkJZWExuMkk2YTBlSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAR8oBjANBgkqhkiG9w0BAQsFAAOC
AQEAienmdB8+qzV/B/clamwMWtEHiDUkc766VTCge1H1exKA3R7NB+I5S313OOrB
M5NAf/i7kUkyivPRBihZ8vJWTwu18tgX5Q7IzrouMvIy0m0YwP0MUZgdk0sChjw4
cDohwLaAcr1+Ncel3CUfTAsMoLHIupcPs/wJ5VDWQP/t5Oz1jxtB9T+6gtQ2OZU0
IOh/RIKw5PMvOxPxd/5ahKZ1gWCuk/P06F3NR45j2rK6cI8LkJ25Ns4qEWiCUbVt
TYyVzGcpydheLGsiOs9Ou6E6Asa6aEzxahsm2wZtPuWUNRX0yqw1RY7sY5ERe01R
0Kj4fQM8mzUNTddqsyZImz/DNg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:25 2024 by rpki-client on console-ams.rpki-client.org