Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/iDUrHaTDzW-8sOIYCpoiTNom9Vc.roa
File: iDUrHaTDzW-8sOIYCpoiTNom9Vc.roa (raw, json)
Hash identifier: EVkQ+ifRZzHx5/AaaFvDr6n+/Xm+92n91/pm8IJ1ZHA=
Subject key identifier: 88:35:2B:1D:A4:C3:CD:6F:BC:B0:E2:18:0A:9A:22:4C:DA:26:F5:57
Certificate issuer: /CN=ae7a9b1745a5a70c3bf7bcc2c2ee166460aff7a8
Certificate serial: 3762DE7F
Authority key identifier: AE:7A:9B:17:45:A5:A7:0C:3B:F7:BC:C2:C2:EE:16:64:60:AF:F7:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rnqbF0Wlpww797zCwu4WZGCv96g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/iDUrHaTDzW-8sOIYCpoiTNom9Vc.roa
Signing time: Sat 01 Jan 2022 08:59:25 +0000
ROA not before: Sat 01 Jan 2022 08:59:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6712
IP address blocks: 31.202.192.0/18 maxlen: 24
46.160.64.0/20 maxlen: 24
91.250.0.0/19 maxlen: 24
46.160.80.0/21 maxlen: 24
46.160.96.0/19 maxlen: 24
91.250.32.0/19 maxlen: 24
2a00:1210:ffff::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 929226367 (0x3762de7f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae7a9b1745a5a70c3bf7bcc2c2ee166460aff7a8
Validity
Not Before: Jan 1 08:59:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=88352b1da4c3cd6fbcb0e2180a9a224cda26f557
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c6:bb:74:aa:7c:4d:9f:b2:ad:14:6b:f4:3a:
21:0f:61:50:be:91:29:22:12:6e:69:0e:20:0c:c9:
cb:0d:2f:63:76:6f:d5:0c:3b:a7:67:7b:65:c1:15:
d4:b4:88:dd:f1:88:7d:47:b2:4d:fe:b5:79:a0:4d:
56:15:16:f4:e9:a3:20:a8:72:1f:9e:b8:4e:90:2b:
32:fa:b8:2f:39:6c:58:40:18:d9:db:20:ea:dd:59:
bd:9d:4c:37:b2:a3:91:d5:3d:f0:f5:ed:3c:26:da:
99:c3:62:e1:fb:e0:3c:06:73:04:ce:34:da:08:4e:
93:2f:94:85:f4:8c:56:69:69:3e:22:9a:f3:13:17:
29:57:e8:d4:f8:09:40:ad:2f:38:89:8d:64:39:86:
d0:93:2c:df:e1:72:64:9b:41:df:c3:93:54:4c:b4:
5c:0d:4f:2f:71:1f:24:97:7c:3d:ae:db:15:85:70:
f7:87:31:64:1e:05:ba:9d:e0:b5:13:02:c1:4f:39:
b9:2b:5c:44:5b:31:a1:45:5f:74:45:6d:f5:f9:73:
b6:f0:92:1d:8e:2b:34:c9:a3:a0:4d:66:cf:c2:a7:
44:42:62:2d:1f:32:5c:18:15:fc:54:c6:04:80:fe:
7a:2d:0e:1b:20:e7:f9:05:ab:d0:fa:6f:5a:8c:41:
b9:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:35:2B:1D:A4:C3:CD:6F:BC:B0:E2:18:0A:9A:22:4C:DA:26:F5:57
X509v3 Authority Key Identifier:
keyid:AE:7A:9B:17:45:A5:A7:0C:3B:F7:BC:C2:C2:EE:16:64:60:AF:F7:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnqbF0Wlpww797zCwu4WZGCv96g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/iDUrHaTDzW-8sOIYCpoiTNom9Vc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/rnqbF0Wlpww797zCwu4WZGCv96g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.202.192.0/18
46.160.64.0-46.160.87.255
46.160.96.0/19
91.250.0.0/18
IPv6:
2a00:1210:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
98:57:9b:ef:c3:86:8c:36:51:5a:e3:90:fc:72:ee:43:f6:ae:
12:be:fc:95:f6:da:e4:3f:3c:7b:78:6f:e3:99:d5:06:34:b6:
fd:94:6b:6c:4b:79:20:de:78:1c:b0:f0:51:98:19:40:c9:3a:
2a:07:dd:f1:97:c1:50:63:47:46:93:23:26:c8:95:a2:a2:d7:
3e:69:2d:d5:03:24:b8:3c:74:8c:a9:15:68:2b:74:b8:08:74:
d9:d8:e0:9f:ba:96:8b:fb:bb:df:b7:44:16:0c:d4:d2:3e:e7:
66:31:96:8c:99:90:6c:92:b2:78:86:d0:85:80:98:db:3b:de:
91:7f:45:74:bc:75:10:93:50:48:c1:2f:2d:5e:a9:af:64:d1:
45:96:89:99:88:92:bf:1d:f9:6b:6b:59:ba:fa:a0:ef:1c:d6:
98:cf:5c:e3:93:d9:5d:f8:80:03:06:6b:3b:da:9b:cc:bf:fb:
3c:e5:46:e8:81:1e:61:17:9a:a7:bb:66:3d:fd:c0:de:f9:62:
a4:6f:c6:8c:83:76:c9:81:af:a5:d9:94:2b:57:38:c5:d4:c1:
83:bf:62:a7:1a:82:5d:2b:f5:ed:71:85:cd:3c:51:17:fe:34:
b2:f1:b2:57:27:22:73:61:57:ab:8a:16:e9:66:c7:36:c3:2b:
b3:d0:4c:8c
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgIEN2LefzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZTdhOWIxNzQ1YTVhNzBjM2JmN2JjYzJjMmVlMTY2NDYwYWZmN2E4MB4XDTIyMDEw
MTA4NTkyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODgzNTJiMWRhNGMz
Y2Q2ZmJjYjBlMjE4MGE5YTIyNGNkYTI2ZjU1NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKfGu3SqfE2fsq0Ua/Q6IQ9hUL6RKSISbmkOIAzJyw0vY3Zv
1Qw7p2d7ZcEV1LSI3fGIfUeyTf61eaBNVhUW9OmjIKhyH564TpArMvq4LzlsWEAY
2dsg6t1ZvZ1MN7KjkdU98PXtPCbamcNi4fvgPAZzBM402ghOky+UhfSMVmlpPiKa
8xMXKVfo1PgJQK0vOImNZDmG0JMs3+FyZJtB38OTVEy0XA1PL3EfJJd8Pa7bFYVw
94cxZB4Fup3gtRMCwU85uStcRFsxoUVfdEVt9flztvCSHY4rNMmjoE1mz8KnREJi
LR8yXBgV/FTGBID+ei0OGyDn+QWr0PpvWoxBuTcCAwEAAaOCAjQwggIwMB0GA1Ud
DgQWBBSINSsdpMPNb7yw4hgKmiJM2ib1VzAfBgNVHSMEGDAWgBSuepsXRaWnDDv3
vMLC7hZkYK/3qDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JucWJGMFdscHd3Nzk3ekN3dTRXWkdDdjk2Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWMvNmU5MDlkLWQzMjUtNDhhMS05NDQzLWNjOWE3NThjOTkxNi8x
L2lEVXJIYVREelctOHNPSVlDcG9pVE5vbTlWYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMv
NmU5MDlkLWQzMjUtNDhhMS05NDQzLWNjOWE3NThjOTkxNi8xL3JucWJGMFdscHd3
Nzk3ekN3dTRXWkdDdjk2Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBK
BggrBgEFBQcBBwEB/wQ7MDkwJgQCAAEwIAMEBh/KwDAMAwQGLqBAAwQDLqBQAwQF
LqBgAwQGW/oAMA8EAgACMAkDBwAqABIQ//8wDQYJKoZIhvcNAQELBQADggEBAJhX
m+/Dhow2UVrjkPxy7kP2rhK+/JX22uQ/PHt4b+OZ1QY0tv2Ua2xLeSDeeByw8FGY
GUDJOioH3fGXwVBjR0aTIybIlaKi1z5pLdUDJLg8dIypFWgrdLgIdNnY4J+6lov7
u9+3RBYM1NI+52YxloyZkGySsniG0IWAmNs73pF/RXS8dRCTUEjBLy1eqa9k0UWW
iZmIkr8d+WtrWbr6oO8c1pjPXOOT2V34gAMGazvam8y/+zzlRuiBHmEXmqe7Zj39
wN75YqRvxoyDdsmBr6XZlCtXOMXUwYO/Yqcagl0r9e1xhc08URf+NLLxslcnInNh
V6uKFulmxzbDK7PQTIw=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:46 2023 by rpki-client on console-ams.rpki-client.org