Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/hQPqPf9xjxN8qK_MRuNwwf792qA.roa
File: hQPqPf9xjxN8qK_MRuNwwf792qA.roa (raw, json)
Hash identifier: TFVs6qLvwJj443foq/jmfy1WnZ8A3PKaGcOHci56fVE=
Subject key identifier: 85:03:EA:3D:FF:71:8F:13:7C:A8:AF:CC:46:E3:70:C1:FE:FD:DA:A0
Certificate issuer: /CN=8fe02b7eedffc38ab5eab4416172e7d88e9ad1e2
Certificate serial: 01CEC39F
Authority key identifier: 8F:E0:2B:7E:ED:FF:C3:8A:B5:EA:B4:41:61:72:E7:D8:8E:9A:D1:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j-Arfu3_w4q16rRBYXLn2I6a0eI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/hQPqPf9xjxN8qK_MRuNwwf792qA.roa
Signing time: Wed 02 Mar 2022 23:07:12 +0000
ROA not before: Wed 02 Mar 2022 23:07:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60025
IP address blocks: 31.40.7.0/24 maxlen: 24
31.40.5.0/24 maxlen: 24
31.40.6.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30327711 (0x1cec39f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8fe02b7eedffc38ab5eab4416172e7d88e9ad1e2
Validity
Not Before: Mar 2 23:07:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8503ea3dff718f137ca8afcc46e370c1fefddaa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:39:ee:c8:d3:43:e7:b3:30:c5:3b:1c:2d:00:
a1:b4:8a:58:0f:18:5d:6b:29:d8:f0:e3:51:72:f3:
b5:ec:46:df:67:6f:ec:de:36:38:f8:d2:59:b1:84:
94:f1:9e:d3:17:42:e4:b2:01:17:9a:73:52:9a:2e:
5a:04:62:4c:2f:b5:b5:2e:06:17:43:70:52:e2:23:
05:fc:b2:19:8e:22:b8:d3:df:97:b2:fa:50:a2:26:
40:fc:8d:dd:4a:ed:3a:0d:9b:a9:8f:ed:4e:7a:97:
18:9b:11:e8:b5:14:54:11:eb:a2:1b:39:94:50:9e:
22:62:69:2e:a5:77:5e:06:b5:c6:25:a2:2b:cb:ee:
98:b9:4c:a5:de:a1:30:0f:48:9d:92:7e:40:98:81:
d0:97:58:02:94:7c:73:57:38:5d:f7:e7:ce:59:69:
b5:c5:70:69:b7:30:cb:f6:b3:35:11:8c:69:c7:cf:
36:81:24:8c:67:4f:33:60:74:22:29:d8:fc:46:11:
ab:57:e4:30:8e:a7:7d:14:0a:c0:37:18:79:f1:50:
f3:f8:38:6e:32:f2:89:e2:dc:54:85:c1:46:55:d2:
cf:64:95:7d:ee:74:2d:0b:7a:ec:3b:f9:f5:1f:e4:
dd:c1:ea:1f:23:56:6a:e2:88:94:c9:5c:b9:fb:5c:
5d:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:03:EA:3D:FF:71:8F:13:7C:A8:AF:CC:46:E3:70:C1:FE:FD:DA:A0
X509v3 Authority Key Identifier:
keyid:8F:E0:2B:7E:ED:FF:C3:8A:B5:EA:B4:41:61:72:E7:D8:8E:9A:D1:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j-Arfu3_w4q16rRBYXLn2I6a0eI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/hQPqPf9xjxN8qK_MRuNwwf792qA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/j-Arfu3_w4q16rRBYXLn2I6a0eI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.5.0-31.40.7.255
Signature Algorithm: sha256WithRSAEncryption
0d:9e:ed:8a:4d:05:68:ed:b3:57:2c:8b:51:88:db:1f:b3:64:
9c:a7:dd:7c:f9:16:a6:76:68:09:3d:61:39:74:53:7f:09:6e:
e6:2b:86:e8:b0:b6:03:2c:63:76:20:86:a5:54:46:76:d0:8c:
b3:1b:a0:42:65:98:07:4a:f5:c6:05:82:6a:53:8a:d7:62:81:
20:37:ea:4f:21:4f:6f:ee:7d:b3:87:0d:15:7a:a8:d7:6d:86:
2b:fd:b9:f4:e1:be:30:9b:e5:69:ed:1c:1a:3e:b8:7d:96:b3:
9c:01:1a:b4:43:07:53:55:0b:80:8e:80:c9:6e:70:62:1a:48:
9b:12:cc:f7:b5:8d:de:a3:b1:3b:21:1d:8e:5f:b5:d9:4a:2a:
a3:a9:fb:af:5d:73:f9:83:e5:9d:c7:8e:01:cd:31:9b:fb:2e:
ec:34:16:67:b1:f0:ba:e3:ab:4e:e6:c6:89:91:fa:52:2d:b5:
d5:63:00:12:b9:0e:a9:2e:10:d7:04:13:eb:a9:8b:c8:e2:28:
14:1c:f5:25:c3:0f:eb:76:9b:8a:ee:f4:f9:da:f0:e7:68:86:
c2:a9:96:09:2e:65:fe:42:94:d8:c4:e5:da:59:cc:36:22:e2:
d7:6a:3d:6d:37:cb:bd:21:c0:be:73:00:30:e4:89:e1:3d:e1:
53:58:75:6b
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEAc7DnzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZmUwMmI3ZWVkZmZjMzhhYjVlYWI0NDE2MTcyZTdkODhlOWFkMWUyMB4XDTIyMDMw
MjIzMDcxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODUwM2VhM2RmZjcx
OGYxMzdjYThhZmNjNDZlMzcwYzFmZWZkZGFhMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM057sjTQ+ezMMU7HC0AobSKWA8YXWsp2PDjUXLztexG32dv
7N42OPjSWbGElPGe0xdC5LIBF5pzUpouWgRiTC+1tS4GF0NwUuIjBfyyGY4iuNPf
l7L6UKImQPyN3UrtOg2bqY/tTnqXGJsR6LUUVBHrohs5lFCeImJpLqV3Xga1xiWi
K8vumLlMpd6hMA9InZJ+QJiB0JdYApR8c1c4XffnzllptcVwabcwy/azNRGMacfP
NoEkjGdPM2B0IinY/EYRq1fkMI6nfRQKwDcYefFQ8/g4bjLyieLcVIXBRlXSz2SV
fe50LQt67Dv59R/k3cHqHyNWauKIlMlcuftcXRECAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBSFA+o9/3GPE3yor8xG43DB/v3aoDAfBgNVHSMEGDAWgBSP4Ct+7f/DirXq
tEFhcufYjprR4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2otQXJmdTNfdzRxMTZyUkJZWExuMkk2YTBlSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGUvZDJjMjM1LWExZjUtNDk4NC1hYWRmLTUxNDZmMTNiNzFhMS8x
L2hRUHFQZjl4anhOOHFLX01SdU53d2Y3OTJxQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGUv
ZDJjMjM1LWExZjUtNDk4NC1hYWRmLTUxNDZmMTNiNzFhMS8xL2otQXJmdTNfdzRx
MTZyUkJZWExuMkk2YTBlSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQAHygFAwQDHygAMA0GCSqGSIb3
DQEBCwUAA4IBAQANnu2KTQVo7bNXLItRiNsfs2Scp918+RamdmgJPWE5dFN/CW7m
K4bosLYDLGN2IIalVEZ20IyzG6BCZZgHSvXGBYJqU4rXYoEgN+pPIU9v7n2zhw0V
eqjXbYYr/bn04b4wm+Vp7RwaPrh9lrOcARq0QwdTVQuAjoDJbnBiGkibEsz3tY3e
o7E7IR2OX7XZSiqjqfuvXXP5g+Wdx44BzTGb+y7sNBZnsfC646tO5saJkfpSLbXV
YwASuQ6pLhDXBBPrqYvI4igUHPUlww/rdpuK7vT52vDnaIbCqZYJLmX+QpTYxOXa
Wcw2IuLXaj1tN8u9IcC+cwAw5InhPeFTWHVr
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:19 2023 by rpki-client on console-fra.rpki-client.org