Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/If5BLjpFBOt7-RcUeWYNdnJj0Ck.roa
File: If5BLjpFBOt7-RcUeWYNdnJj0Ck.roa (raw, json)
Hash identifier: ssFszzV8uYwOG2kqYuhlYZZIBKFQsHST4MJq9O+3/Pc=
Subject key identifier: 21:FE:41:2E:3A:45:04:EB:7B:F9:17:14:79:66:0D:76:72:63:D0:29
Certificate issuer: /CN=ee370985f83f41330111c350cd6b1e1eead526aa
Certificate serial: 364D33A9
Authority key identifier: EE:37:09:85:F8:3F:41:33:01:11:C3:50:CD:6B:1E:1E:EA:D5:26:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7jcJhfg_QTMBEcNQzWseHurVJqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/If5BLjpFBOt7-RcUeWYNdnJj0Ck.roa
Signing time: Sat 01 Jan 2022 02:59:52 +0000
ROA not before: Sat 01 Jan 2022 02:59:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57152
IP address blocks: 31.7.36.0/24 maxlen: 24
31.7.35.0/24 maxlen: 24
31.7.34.0/24 maxlen: 24
31.7.33.0/24 maxlen: 24
31.7.32.0/24 maxlen: 24
31.7.38.0/24 maxlen: 24
31.7.37.0/24 maxlen: 24
185.140.125.0/24 maxlen: 24
185.140.124.0/24 maxlen: 24
185.140.126.0/24 maxlen: 24
185.140.127.0/24 maxlen: 24
31.7.39.0/24 maxlen: 24
2a0a:9f40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 911029161 (0x364d33a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee370985f83f41330111c350cd6b1e1eead526aa
Validity
Not Before: Jan 1 02:59:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=21fe412e3a4504eb7bf9171479660d767263d029
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:8a:c6:0b:92:a1:59:ea:8f:d6:3d:4c:0c:d9:
2e:14:28:b4:28:ee:ad:d9:ce:73:a5:71:c3:1b:4f:
5c:9b:3e:2b:3f:20:c1:29:58:34:51:2a:d1:5e:db:
25:4b:b2:13:33:bc:75:cb:c2:e3:56:5b:b7:3d:24:
5a:ad:06:b5:00:93:2d:e4:b0:3b:ba:8e:09:bf:a7:
1c:7b:8d:43:52:a9:2f:ee:f8:ad:3a:87:a0:89:9a:
b3:2a:2a:43:da:41:29:70:b4:e9:30:17:e0:48:d5:
de:ee:71:b2:2d:44:02:fa:28:fc:80:9c:d7:81:36:
82:1b:14:21:f7:44:76:42:eb:91:56:92:3b:8a:b4:
be:d3:65:d3:56:cc:32:a4:05:1a:ee:be:55:33:5d:
ad:84:bd:35:b0:9e:a2:e6:76:6c:b1:00:c3:8d:69:
f9:26:30:be:4e:31:2f:43:13:01:22:b6:38:23:af:
23:c8:50:ed:02:d5:04:64:89:6a:15:41:48:48:5f:
63:07:99:73:53:15:e9:92:27:b5:a1:2e:8f:08:fa:
69:47:29:82:cd:08:5a:01:51:7c:94:69:49:f0:b5:
d0:e1:54:2a:fd:42:4b:b7:06:2a:33:81:7f:49:45:
f8:e9:3d:bf:fd:6e:27:54:a2:ea:0c:f6:a9:0a:7a:
73:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:FE:41:2E:3A:45:04:EB:7B:F9:17:14:79:66:0D:76:72:63:D0:29
X509v3 Authority Key Identifier:
keyid:EE:37:09:85:F8:3F:41:33:01:11:C3:50:CD:6B:1E:1E:EA:D5:26:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7jcJhfg_QTMBEcNQzWseHurVJqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/If5BLjpFBOt7-RcUeWYNdnJj0Ck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/7jcJhfg_QTMBEcNQzWseHurVJqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.7.32.0/21
185.140.124.0/22
IPv6:
2a0a:9f40::/29
Signature Algorithm: sha256WithRSAEncryption
39:71:d3:af:97:98:c9:6b:ec:45:05:20:59:e4:8d:70:b2:3e:
e1:48:34:72:45:3b:20:c2:5b:3a:c8:87:5f:f6:22:6c:f8:61:
02:f5:3e:fb:18:fa:96:70:19:f4:63:d0:a3:17:a2:62:26:9e:
66:b2:35:86:77:39:33:00:e3:21:4e:a0:08:b4:1f:4c:2c:c3:
46:6f:54:74:28:b6:16:36:9c:d0:11:b4:88:cd:67:85:04:3a:
fc:c9:93:72:50:34:ca:52:05:1c:40:9b:0d:db:77:e8:43:4c:
05:5c:42:77:a6:0c:36:66:4d:23:86:cd:fb:3c:0f:52:3e:94:
91:2c:bf:49:33:55:f9:c9:52:f1:1a:dd:ea:88:c4:c7:09:a0:
f1:ae:e7:8c:0a:6e:ef:af:76:8e:90:3d:63:ef:4f:8e:fc:54:
c4:db:cc:b6:25:b2:b5:e5:fd:87:c4:38:1d:42:51:c3:e4:88:
72:54:0c:43:4b:73:eb:d0:99:75:69:02:99:a0:44:65:43:61:
ff:26:4b:f1:68:d9:5a:29:60:51:25:77:ec:be:be:8f:fd:52:
24:07:5a:51:de:54:b9:de:01:fd:b1:cc:32:0b:2c:3b:15:49:
5a:af:90:88:30:92:d4:61:4c:fc:b2:be:ad:d6:3a:b3:79:02:
70:f6:0c:45
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIENk0zqTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZTM3MDk4NWY4M2Y0MTMzMDExMWMzNTBjZDZiMWUxZWVhZDUyNmFhMB4XDTIyMDEw
MTAyNTk1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjFmZTQxMmUzYTQ1
MDRlYjdiZjkxNzE0Nzk2NjBkNzY3MjYzZDAyOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN6KxguSoVnqj9Y9TAzZLhQotCjurdnOc6VxwxtPXJs+Kz8g
wSlYNFEq0V7bJUuyEzO8dcvC41Zbtz0kWq0GtQCTLeSwO7qOCb+nHHuNQ1KpL+74
rTqHoImasyoqQ9pBKXC06TAX4EjV3u5xsi1EAvoo/ICc14E2ghsUIfdEdkLrkVaS
O4q0vtNl01bMMqQFGu6+VTNdrYS9NbCeouZ2bLEAw41p+SYwvk4xL0MTASK2OCOv
I8hQ7QLVBGSJahVBSEhfYweZc1MV6ZIntaEujwj6aUcpgs0IWgFRfJRpSfC10OFU
Kv1CS7cGKjOBf0lF+Ok9v/1uJ1Si6gz2qQp6c2sCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQh/kEuOkUE63v5FxR5Zg12cmPQKTAfBgNVHSMEGDAWgBTuNwmF+D9BMwER
w1DNax4e6tUmqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdqY0poZmdfUVRNQkVjTlF6V3NlSHVyVkpxby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTAvMjc0NGQwLTQxYTAtNDQzNC1iNjkwLTMyNDQ1NDZmOGNiZi8x
L0lmNUJManBGQk90Ny1SY1VlV1lOZG5KajBDay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTAv
Mjc0NGQwLTQxYTAtNDQzNC1iNjkwLTMyNDQ1NDZmOGNiZi8xLzdqY0poZmdfUVRN
QkVjTlF6V3NlSHVyVkpxby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAx8HIAMEArmMfDANBAIAAjAHAwUD
KgqfQDANBgkqhkiG9w0BAQsFAAOCAQEAOXHTr5eYyWvsRQUgWeSNcLI+4Ug0ckU7
IMJbOsiHX/YibPhhAvU++xj6lnAZ9GPQoxeiYiaeZrI1hnc5MwDjIU6gCLQfTCzD
Rm9UdCi2Fjac0BG0iM1nhQQ6/MmTclA0ylIFHECbDdt36ENMBVxCd6YMNmZNI4bN
+zwPUj6UkSy/STNV+clS8Rrd6ojExwmg8a7njApu7692jpA9Y+9PjvxUxNvMtiWy
teX9h8Q4HUJRw+SIclQMQ0tz69CZdWkCmaBEZUNh/yZL8WjZWilgUSV37L6+j/1S
JAdaUd5Uud4B/bHMMgssOxVJWq+QiDCS1GFM/LK+rdY6s3kCcPYMRQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:46 2024 by rpki-client on console-fra.rpki-client.org