Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/31315c-81a4-4969-8571-d76346a7adc6/1/kIlKh65aBAfASi0OQXWPULo2igw.roa
File: kIlKh65aBAfASi0OQXWPULo2igw.roa (raw, json)
Hash identifier: 3urnuiBKsufvxcY+0zpRhoqJX/MFJ95bssKYcQSTqwo=
Subject key identifier: 90:89:4A:87:AE:5A:04:07:C0:4A:2D:0E:41:75:8F:50:BA:36:8A:0C
Certificate issuer: /CN=34a2ea557b42a9fd3a80211506193c2b3389dc6f
Certificate serial: 0183F02CCEB480DA47182F8560919EBFD3AF
Authority key identifier: 34:A2:EA:55:7B:42:A9:FD:3A:80:21:15:06:19:3C:2B:33:89:DC:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NKLqVXtCqf06gCEVBhk8KzOJ3G8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/31315c-81a4-4969-8571-d76346a7adc6/1/kIlKh65aBAfASi0OQXWPULo2igw.roa
Signing time: Wed 19 Oct 2022 12:16:51 +0000
ROA not before: Wed 19 Oct 2022 12:16:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 31.193.191.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f0:2c:ce:b4:80:da:47:18:2f:85:60:91:9e:bf:d3:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34a2ea557b42a9fd3a80211506193c2b3389dc6f
Validity
Not Before: Oct 19 12:16:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=90894a87ae5a0407c04a2d0e41758f50ba368a0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:08:68:e0:33:bf:9d:21:36:5f:e1:d1:bb:49:
bc:5d:02:6b:ac:24:f0:d9:df:32:ab:81:3b:df:cd:
10:a1:1b:ae:de:16:db:44:7a:c3:e2:ad:4f:12:47:
d5:a3:11:11:a6:e1:24:57:41:f9:47:32:a3:25:dd:
c0:03:d4:8b:56:62:46:04:34:33:a5:5a:80:ed:d9:
d7:ee:90:30:82:e6:47:54:85:b3:8a:9f:ba:7a:1b:
06:2e:a2:e4:ff:77:69:25:ea:23:33:03:d3:bb:96:
95:b5:58:96:15:67:80:53:11:23:cb:f2:2a:02:ef:
15:01:62:45:57:8c:48:29:f9:50:06:ce:2c:9b:08:
26:64:a7:37:48:be:92:77:65:d4:1c:33:8e:c1:6e:
bf:5a:65:62:67:38:db:df:46:e2:f3:1f:ea:2b:e5:
b4:f9:0a:70:f4:a9:08:7f:65:f6:25:77:71:4d:75:
66:ba:88:41:d6:0b:1b:80:1f:98:e6:53:bb:5a:b9:
85:83:48:57:1e:66:4a:52:04:24:97:3b:22:69:0b:
88:cd:25:97:9c:dc:25:6b:81:40:da:ba:b4:df:4a:
46:33:85:47:a0:0e:7a:48:20:1c:97:ae:6d:c6:91:
5a:b4:65:b5:26:f4:cd:4e:2d:7a:45:0e:7e:ac:86:
8f:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:89:4A:87:AE:5A:04:07:C0:4A:2D:0E:41:75:8F:50:BA:36:8A:0C
X509v3 Authority Key Identifier:
keyid:34:A2:EA:55:7B:42:A9:FD:3A:80:21:15:06:19:3C:2B:33:89:DC:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NKLqVXtCqf06gCEVBhk8KzOJ3G8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/31315c-81a4-4969-8571-d76346a7adc6/1/kIlKh65aBAfASi0OQXWPULo2igw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/31315c-81a4-4969-8571-d76346a7adc6/1/NKLqVXtCqf06gCEVBhk8KzOJ3G8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.191.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:36:75:6f:d3:6c:97:26:8c:ff:17:a7:ff:09:2d:73:f8:ae:
d8:34:a5:c0:e5:6d:ca:55:5d:a8:af:11:9a:fc:c0:86:2f:16:
1c:a6:58:41:95:23:d8:7f:5b:f9:66:63:45:b2:c9:e6:6e:c3:
e6:84:52:6a:01:2d:08:7f:0e:38:03:31:8b:32:89:8a:45:ff:
4c:9e:37:30:c3:b4:56:c2:2a:e4:82:ba:fc:65:e5:d5:e5:17:
b7:55:80:76:2b:07:69:bc:59:51:85:f8:64:75:ce:0b:64:17:
af:5a:49:a4:04:4e:e1:3d:cd:f6:e3:1f:54:86:bd:13:8c:e0:
ec:60:1d:40:a1:c9:35:22:68:c8:2d:df:44:d0:1f:28:dc:b4:
a7:da:ea:9b:ab:33:c0:92:bf:f0:00:ce:7a:d1:62:01:36:a2:
75:0b:c5:43:2e:92:8d:1d:eb:7b:7c:f1:e1:f9:96:8e:4f:cb:
ee:b6:6b:2b:0d:e5:76:20:2e:63:1d:3a:85:37:6f:34:9c:87:
3a:b5:00:e2:34:40:c8:30:d4:a9:8a:b4:a7:42:06:75:76:b5:
58:6b:6f:6b:3d:52:14:98:a1:92:fa:aa:89:ea:ff:1d:ca:7d:
3f:24:c8:89:65:04:f1:50:c1:00:71:9a:4e:02:22:1e:dc:78:
a2:fe:a3:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPwLM60gNpHGC+FYJGev9OvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0YTJlYTU1N2I0MmE5ZmQzYTgwMjExNTA2MTkzYzJiMzM4
OWRjNmYwHhcNMjIxMDE5MTIxNjUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDg5NGE4N2FlNWEwNDA3YzA0YTJkMGU0MTc1OGY1MGJhMzY4YTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQho4DO/nSE2X+HRu0m8XQJrrCTw
2d8yq4E7380QoRuu3hbbRHrD4q1PEkfVoxERpuEkV0H5RzKjJd3AA9SLVmJGBDQz
pVqA7dnX7pAwguZHVIWzip+6ehsGLqLk/3dpJeojMwPTu5aVtViWFWeAUxEjy/Iq
Au8VAWJFV4xIKflQBs4smwgmZKc3SL6Sd2XUHDOOwW6/WmViZzjb30bi8x/qK+W0
+Qpw9KkIf2X2JXdxTXVmuohB1gsbgB+Y5lO7WrmFg0hXHmZKUgQklzsiaQuIzSWX
nNwla4FA2rq030pGM4VHoA56SCAcl65txpFatGW1JvTNTi16RQ5+rIaP+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJCJSoeuWgQHwEotDkF1j1C6NooMMB8GA1UdIwQY
MBaAFDSi6lV7Qqn9OoAhFQYZPCszidxvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTktMcVZYdENxZjA2Z0NFVkJoazhLek9KM0c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8zMTMxNWMtODFhNC00OTY5LTg1NzEt
ZDc2MzQ2YTdhZGM2LzEva0lsS2g2NWFCQWZBU2kwT1FYV1BVTG8yaWd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8zMTMxNWMtODFhNC00OTY5LTg1NzEtZDc2MzQ2YTdhZGM2
LzEvTktMcVZYdENxZjA2Z0NFVkJoazhLek9KM0c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAH8G/MA0G
CSqGSIb3DQEBCwUAA4IBAQBrNnVv02yXJoz/F6f/CS1z+K7YNKXA5W3KVV2orxGa
/MCGLxYcplhBlSPYf1v5ZmNFssnmbsPmhFJqAS0Ifw44AzGLMomKRf9Mnjcww7RW
wirkgrr8ZeXV5Re3VYB2KwdpvFlRhfhkdc4LZBevWkmkBE7hPc324x9Uhr0TjODs
YB1Aock1ImjILd9E0B8o3LSn2uqbqzPAkr/wAM560WIBNqJ1C8VDLpKNHet7fPHh
+ZaOT8vutmsrDeV2IC5jHTqFN280nIc6tQDiNEDIMNSpirSnQgZ1drVYa29rPVIU
mKGS+qqJ6v8dyn0/JMiJZQTxUMEAcZpOAiIe3Hii/qMV
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:12 2023 by rpki-client on console-fra.rpki-client.org