Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/DsPrBc4lh6TZpDoEhKMcKW4WksA.roa
File: DsPrBc4lh6TZpDoEhKMcKW4WksA.roa (raw, json)
Hash identifier: 5fRyXL6cNxUKWf1d9t/Lp4B6bwufWBGq/s3HshT0c2Q=
Subject key identifier: 0E:C3:EB:05:CE:25:87:A4:D9:A4:3A:04:84:A3:1C:29:6E:16:92:C0
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 018519EBB182F65AD80DB73B147F134E7753
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/DsPrBc4lh6TZpDoEhKMcKW4WksA.roa
Signing time: Fri 16 Dec 2022 07:52:34 +0000
ROA not before: Fri 16 Dec 2022 07:52:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 31.129.21.0/24 maxlen: 24
31.129.30.0/24 maxlen: 24
45.8.99.0/24 maxlen: 24
77.83.116.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:19:eb:b1:82:f6:5a:d8:0d:b7:3b:14:7f:13:4e:77:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Dec 16 07:52:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0ec3eb05ce2587a4d9a43a0484a31c296e1692c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:32:7d:d6:4c:10:f6:c5:2c:cf:b5:b5:1b:b4:
74:a2:82:d6:f9:33:24:d2:8c:74:5f:dc:5d:53:f9:
35:72:a9:24:4d:84:3e:66:0c:bf:55:3f:81:25:ff:
6f:91:e9:4b:03:33:72:c8:bc:70:5a:38:86:91:b1:
89:9e:15:c6:8a:f1:f7:b9:b6:4c:85:3e:e0:d6:5b:
48:93:3d:52:93:59:c6:63:73:4c:07:f4:4b:c4:06:
d1:85:29:35:a2:7c:96:f6:c6:5c:7b:4c:c2:92:59:
8e:85:92:60:bc:35:12:f3:2d:08:2b:61:91:d3:e5:
bc:dc:f6:0a:ff:ee:7f:7f:ae:da:c3:04:52:90:5f:
26:98:5f:03:49:7a:ec:f0:05:7c:ac:02:33:37:59:
cc:8b:0c:7c:be:0a:57:64:8a:32:f9:44:0f:6b:03:
49:a6:3b:57:ba:ff:13:9a:d9:81:23:29:4a:0c:e3:
58:78:91:9d:3c:5e:9d:d9:e6:32:2e:82:df:ad:8f:
94:72:27:04:d3:67:1f:46:59:1a:c2:ea:09:37:bb:
41:80:7b:eb:a1:e5:04:d4:3b:4e:85:b4:06:97:5d:
20:e0:90:43:c3:39:e3:67:7e:5c:bb:3d:1f:af:f5:
47:a6:2c:3f:0b:0b:52:06:4d:96:de:fa:39:b4:31:
e5:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:C3:EB:05:CE:25:87:A4:D9:A4:3A:04:84:A3:1C:29:6E:16:92:C0
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/DsPrBc4lh6TZpDoEhKMcKW4WksA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.21.0/24
31.129.30.0/24
45.8.99.0/24
77.83.116.0/24
Signature Algorithm: sha256WithRSAEncryption
03:a7:c7:7a:86:07:0d:b3:f1:28:ea:cd:7a:31:f4:57:61:aa:
36:14:b5:b3:da:c6:8a:7f:94:c5:2a:00:f7:37:e9:c2:4b:61:
cc:b5:e5:9b:9b:ad:25:df:bd:e3:53:db:f1:ac:7e:63:30:14:
f7:41:8f:6a:9c:fb:a6:56:35:9b:7f:71:ae:c6:f4:74:88:ec:
ec:dd:19:3e:73:ff:cd:67:da:43:33:c7:9c:90:37:9b:ef:ae:
76:4a:e4:33:17:43:f1:76:4f:4d:6c:18:e0:7e:23:31:cc:b6:
ab:3c:38:4a:fb:cb:56:01:ed:7e:47:ff:f9:70:d2:e4:44:b5:
11:81:a5:29:f5:90:66:e5:a6:47:12:47:9a:f8:bc:36:8a:15:
d9:8d:0e:25:ab:7f:bb:b1:36:a7:82:f8:60:4a:46:d4:48:5b:
a2:83:38:8b:a4:02:01:2c:d9:1a:ae:73:86:79:a4:06:31:d8:
d4:79:54:33:18:65:a0:cd:17:29:25:43:89:99:63:39:43:49:
cb:ab:3a:92:5f:27:73:b2:a4:40:4e:27:28:bf:83:d5:a6:c6:
9c:f3:47:98:55:63:c4:86:c7:40:94:20:85:ad:5a:4e:4b:40:
d4:e6:7a:50:de:c2:0e:d3:9b:13:43:48:a1:b0:9b:10:62:b1:
4b:f4:e4:87
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYUZ67GC9lrYDbc7FH8TTndTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjIxMjE2MDc1MjM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWMzZWIwNWNlMjU4N2E0ZDlhNDNhMDQ4NGEzMWMyOTZlMTY5MmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzJ91kwQ9sUsz7W1G7R0ooLW+TMk
0ox0X9xdU/k1cqkkTYQ+Zgy/VT+BJf9vkelLAzNyyLxwWjiGkbGJnhXGivH3ubZM
hT7g1ltIkz1Sk1nGY3NMB/RLxAbRhSk1onyW9sZce0zCklmOhZJgvDUS8y0IK2GR
0+W83PYK/+5/f67awwRSkF8mmF8DSXrs8AV8rAIzN1nMiwx8vgpXZIoy+UQPawNJ
pjtXuv8TmtmBIylKDONYeJGdPF6d2eYyLoLfrY+UcicE02cfRlkawuoJN7tBgHvr
oeUE1DtOhbQGl10g4JBDwznjZ35cuz0fr/VHpiw/CwtSBk2W3vo5tDHlPQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFA7D6wXOJYek2aQ6BISjHCluFpLAMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvRHNQckJjNGxoNlRacERvRWhLTWNLVzRXa3NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAH4EVAwQA
H4EeAwQALQhjAwQATVN0MA0GCSqGSIb3DQEBCwUAA4IBAQADp8d6hgcNs/Eo6s16
MfRXYao2FLWz2saKf5TFKgD3N+nCS2HMteWbm60l373jU9vxrH5jMBT3QY9qnPum
VjWbf3GuxvR0iOzs3Rk+c//NZ9pDM8eckDeb7652SuQzF0Pxdk9NbBjgfiMxzLar
PDhK+8tWAe1+R//5cNLkRLURgaUp9ZBm5aZHEkea+Lw2ihXZjQ4lq3+7sTangvhg
SkbUSFuigziLpAIBLNkarnOGeaQGMdjUeVQzGGWgzRcpJUOJmWM5Q0nLqzqSXydz
sqRATicov4PVpsac80eYVWPEhsdAlCCFrVpOS0DU5npQ3sIO05sTQ0ihsJsQYrFL
9OSH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:54 2024 by rpki-client on console-fra.rpki-client.org