Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/3uXIsODsslKWrFi_bCFPPruRKf8.roa
File: 3uXIsODsslKWrFi_bCFPPruRKf8.roa (raw, json)
Hash identifier: ZIUh/aSQHAZv+3ZNHqm+CD204ITjBbAdlZ6dt9T1ki0=
Subject key identifier: DE:E5:C8:B0:E0:EC:B2:52:96:AC:58:BF:6C:21:4F:3E:BB:91:29:FF
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 122393EB
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/3uXIsODsslKWrFi_bCFPPruRKf8.roa
Signing time: Wed 23 Mar 2022 10:01:14 +0000
ROA not before: Wed 23 Mar 2022 10:01:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41789
IP address blocks: 31.129.17.0/24 maxlen: 24
31.129.16.0/24 maxlen: 24
31.129.18.0/24 maxlen: 24
31.129.22.0/24 maxlen: 24
31.129.21.0/24 maxlen: 24
31.129.20.0/24 maxlen: 24
31.129.19.0/24 maxlen: 24
31.129.24.0/24 maxlen: 24
31.129.23.0/24 maxlen: 24
31.129.29.0/24 maxlen: 24
31.129.28.0/24 maxlen: 24
31.129.27.0/24 maxlen: 24
31.129.26.0/24 maxlen: 24
31.129.31.0/24 maxlen: 24
31.129.25.0/24 maxlen: 24
31.129.0.0/20 maxlen: 24
85.92.108.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 304321515 (0x122393eb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Mar 23 10:01:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dee5c8b0e0ecb25296ac58bf6c214f3ebb9129ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:3f:bb:62:d8:a0:4c:0f:31:a3:62:88:8f:43:
6f:7d:7f:32:99:66:fc:d7:be:25:15:f5:d2:bb:1a:
57:36:ad:8d:3b:1c:d5:37:23:c3:7c:c3:f3:c0:94:
7e:3e:f8:29:21:09:66:cb:47:52:d3:39:ba:fd:bf:
20:1d:0d:e5:68:90:39:0f:33:d9:1a:c1:33:ac:f8:
1f:f0:27:33:66:82:47:ab:5c:ff:49:eb:2e:1a:c3:
f5:0f:ea:3f:a9:c8:2a:d1:19:98:b5:f6:aa:a5:ae:
a6:05:b4:81:1d:3c:85:8f:9a:b2:d0:f1:8e:a5:36:
9b:28:48:13:a5:0a:34:8e:12:47:b9:e1:89:78:37:
26:47:d3:1c:d6:a1:55:6f:18:9b:4e:78:95:db:ec:
17:a4:59:f0:50:66:ae:40:02:4b:7f:55:0c:b9:74:
5e:bc:33:30:f9:4e:5e:5c:e3:0a:91:3f:18:55:f1:
a1:3f:b0:09:4d:a8:c0:0c:5b:71:e6:51:84:87:3b:
84:7b:d3:dc:46:24:07:d5:e4:60:08:93:62:f0:63:
30:13:cd:38:11:f0:af:15:d4:6f:88:65:16:41:97:
ad:9f:21:66:54:f0:5e:6a:0a:27:06:dc:34:5b:15:
e0:50:f3:65:ae:ae:65:21:c8:44:01:da:53:70:cf:
87:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:E5:C8:B0:E0:EC:B2:52:96:AC:58:BF:6C:21:4F:3E:BB:91:29:FF
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/3uXIsODsslKWrFi_bCFPPruRKf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.0.0-31.129.29.255
31.129.31.0/24
85.92.108.0/24
Signature Algorithm: sha256WithRSAEncryption
86:df:d8:0d:5e:ed:c1:e5:a4:9e:37:12:b4:7e:bb:a3:05:db:
3f:02:e6:62:21:e4:2b:8c:22:c7:99:db:51:86:87:90:07:44:
12:93:94:fc:9b:a2:8f:73:ef:c0:69:fe:b2:a1:7c:d9:9b:86:
4b:d7:d3:2e:0d:b3:49:4a:2d:e2:f2:d3:5b:55:7c:bb:d0:5a:
bd:13:5e:a2:56:18:bc:fb:3f:2f:55:55:c1:57:2a:f5:d9:a6:
a4:29:3a:64:54:be:7e:1a:8f:94:67:02:48:c4:71:98:50:9e:
70:14:cf:7f:bd:79:e8:bb:23:1f:98:39:68:16:c7:a5:7f:1f:
f2:61:cf:e0:19:01:00:67:2a:3b:a9:44:89:f0:35:db:e3:72:
09:0e:7e:37:bc:6e:48:cb:26:df:00:9b:69:5c:f3:c5:fb:b9:
f4:8c:72:8d:55:b6:92:b7:29:58:56:ae:3c:9d:5b:2a:a7:70:
ab:70:43:39:cc:cf:cb:aa:47:26:d8:00:23:8a:b8:0b:fe:5c:
be:43:0e:20:43:8d:c1:d7:7f:d8:84:35:f7:98:ef:20:63:24:
c8:d4:0c:8a:2f:e6:8c:05:fa:dd:b4:cf:00:22:7e:81:b6:fb:
81:36:6c:89:f6:3c:2c:e2:fc:bf:ed:80:f5:c4:e1:b0:ed:a8:
c1:b5:f6:e8
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIEEiOT6zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NWIxZDEzYzJlMjZlMTI3ODYyNDZhNWVjNGM1YmVhNjk4NjRiMjBmMB4XDTIyMDMy
MzEwMDExNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGVlNWM4YjBlMGVj
YjI1Mjk2YWM1OGJmNmMyMTRmM2ViYjkxMjlmZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALw/u2LYoEwPMaNiiI9Db31/Mplm/Ne+JRX10rsaVzatjTsc
1Tcjw3zD88CUfj74KSEJZstHUtM5uv2/IB0N5WiQOQ8z2RrBM6z4H/AnM2aCR6tc
/0nrLhrD9Q/qP6nIKtEZmLX2qqWupgW0gR08hY+astDxjqU2myhIE6UKNI4SR7nh
iXg3JkfTHNahVW8Ym054ldvsF6RZ8FBmrkACS39VDLl0XrwzMPlOXlzjCpE/GFXx
oT+wCU2owAxbceZRhIc7hHvT3EYkB9XkYAiTYvBjMBPNOBHwrxXUb4hlFkGXrZ8h
ZlTwXmoKJwbcNFsV4FDzZa6uZSHIRAHaU3DPhz0CAwEAAaOCAhwwggIYMB0GA1Ud
DgQWBBTe5ciw4OyyUpasWL9sIU8+u5Ep/zAfBgNVHSMEGDAWgBQFsdE8LibhJ4Yk
al7Exb6mmGSyDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JiSFJQQzRtNFNlR0pHcGV4TVctcHBoa3NnOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTgvYzYxMDkyLTczNGEtNGVlZi05ZDY3LTQ5MDUyNDNiYzgyOC8x
LzN1WElzT0Rzc2xLV3JGaV9iQ0ZQUHJ1UktmOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTgv
YzYxMDkyLTczNGEtNGVlZi05ZDY3LTQ5MDUyNDNiYzgyOC8xL0JiSFJQQzRtNFNl
R0pHcGV4TVctcHBoa3NnOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAy
BggrBgEFBQcBBwEB/wQjMCEwHwQCAAEwGTALAwMAH4EDBAEfgRwDBAAfgR8DBABV
XGwwDQYJKoZIhvcNAQELBQADggEBAIbf2A1e7cHlpJ43ErR+u6MF2z8C5mIh5CuM
IseZ21GGh5AHRBKTlPyboo9z78Bp/rKhfNmbhkvX0y4Ns0lKLeLy01tVfLvQWr0T
XqJWGLz7Py9VVcFXKvXZpqQpOmRUvn4aj5RnAkjEcZhQnnAUz3+9eei7Ix+YOWgW
x6V/H/Jhz+AZAQBnKjupRInwNdvjcgkOfje8bkjLJt8Am2lc88X7ufSMco1VtpK3
KVhWrjydWyqncKtwQznMz8uqRybYACOKuAv+XL5DDiBDjcHXf9iENfeY7yBjJMjU
DIov5owF+t20zwAifoG2+4E2bIn2PCzi/L/tgPXE4bDtqMG19ug=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:15 2024 by rpki-client on console-ams.rpki-client.org