Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/83f977-82b8-4695-9c08-1896555a2f0e/1/CBLRURFq662lKTlpWFyJeqzSr6Y.roa
File: CBLRURFq662lKTlpWFyJeqzSr6Y.roa (raw, json)
Hash identifier: eXV+Ld4Ly7dG52n7cSUGkIx1Yuy69YercFsUW6hdFZg=
Subject key identifier: 08:12:D1:51:11:6A:EB:AD:A5:29:39:69:58:5C:89:7A:AC:D2:AF:A6
Certificate issuer: /CN=828bbad6f4916842bbe320284fafe10caf59edf0
Certificate serial: 018388566B73F288A83EDE716BC54CE8C1DD
Authority key identifier: 82:8B:BA:D6:F4:91:68:42:BB:E3:20:28:4F:AF:E1:0C:AF:59:ED:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gou61vSRaEK74yAoT6_hDK9Z7fA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/83f977-82b8-4695-9c08-1896555a2f0e/1/CBLRURFq662lKTlpWFyJeqzSr6Y.roa
Signing time: Thu 29 Sep 2022 08:21:48 +0000
ROA not before: Thu 29 Sep 2022 08:21:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51720
IP address blocks: 37.228.124.0/24 maxlen: 24
37.228.120.0/24 maxlen: 24
37.228.122.0/23 maxlen: 24
80.70.162.0/23 maxlen: 24
80.70.166.0/23 maxlen: 24
31.3.144.0/22 maxlen: 24
2a00:d340:ffff::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:88:56:6b:73:f2:88:a8:3e:de:71:6b:c5:4c:e8:c1:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=828bbad6f4916842bbe320284fafe10caf59edf0
Validity
Not Before: Sep 29 08:21:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0812d151116aebada5293969585c897aacd2afa6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:7c:b0:87:ca:fd:95:d3:11:c3:f6:74:a9:c8:
ba:22:ad:38:ca:05:73:bc:79:21:83:85:4c:11:9a:
4b:79:b0:aa:a0:8f:e0:f2:0e:76:50:99:34:05:be:
99:ff:25:e5:cc:f5:79:dd:f4:93:2e:bd:55:07:e4:
e7:7c:9a:b9:97:12:58:8e:fb:02:e9:2d:22:e7:c1:
79:fa:0d:3a:b7:a7:7e:42:e0:1c:f6:53:93:d1:5c:
43:d9:69:ff:ec:0a:21:87:f6:d4:a1:98:1f:a7:4d:
7f:4f:e5:eb:ed:53:7d:08:f3:73:e0:21:32:9d:90:
40:ae:db:a5:c7:d0:9c:74:d2:4d:19:a8:51:70:49:
44:6f:55:69:9c:b7:12:0f:0f:63:5d:77:96:54:d1:
b0:a3:bc:44:13:2c:99:02:46:af:6f:84:d8:65:ca:
98:b7:e1:4f:d2:61:b9:63:f0:2f:bc:42:fd:29:d2:
0c:81:85:86:27:df:01:b9:99:e7:eb:9b:4f:b3:ba:
ca:fd:d6:24:7a:9b:5b:b9:e2:58:ec:88:d8:cc:0c:
11:22:c7:87:7e:02:a0:48:cb:7f:1d:9d:ad:fb:8f:
02:a0:76:7c:9e:8c:b8:c7:b2:fe:20:91:2b:d8:1c:
84:31:92:83:f5:b5:bb:04:28:78:6c:6f:b0:e2:97:
76:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:12:D1:51:11:6A:EB:AD:A5:29:39:69:58:5C:89:7A:AC:D2:AF:A6
X509v3 Authority Key Identifier:
keyid:82:8B:BA:D6:F4:91:68:42:BB:E3:20:28:4F:AF:E1:0C:AF:59:ED:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gou61vSRaEK74yAoT6_hDK9Z7fA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/83f977-82b8-4695-9c08-1896555a2f0e/1/CBLRURFq662lKTlpWFyJeqzSr6Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/83f977-82b8-4695-9c08-1896555a2f0e/1/gou61vSRaEK74yAoT6_hDK9Z7fA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.144.0/22
37.228.120.0/24
37.228.122.0-37.228.124.255
80.70.162.0/23
80.70.166.0/23
IPv6:
2a00:d340:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
3d:f2:42:80:c7:62:01:9a:b8:eb:57:18:d4:7b:a2:63:44:17:
25:35:46:2a:16:0e:ac:d3:27:78:b1:30:7a:0c:5f:a4:63:fd:
be:0c:2b:d8:c2:5f:e7:cf:59:4f:46:a8:87:4c:5f:67:08:ff:
ad:b5:cb:4e:a1:65:06:36:df:85:2f:79:01:eb:8f:82:a7:02:
84:bb:0b:0a:11:48:5c:bd:da:fb:90:ac:f0:76:a2:3f:73:d7:
10:e8:53:2c:60:6d:18:23:74:9b:35:53:68:fa:cc:01:c3:17:
1a:29:92:ae:27:4f:56:4e:b3:ee:50:23:62:7d:16:01:75:61:
01:33:9c:e1:b7:62:45:b2:91:7c:d9:4f:bd:08:cb:e6:4d:84:
5e:1f:2b:7d:37:7a:ea:8e:62:fc:c6:a1:cf:16:58:ba:53:2f:
86:18:29:dd:e4:3a:8f:c9:d0:4f:da:b9:db:5f:8e:70:a7:c1:
4d:a0:40:f4:8b:8e:19:4c:0f:f2:bd:e0:1e:e6:98:2e:4a:68:
10:ca:2d:ad:6a:f7:af:81:ef:47:ca:44:d0:b3:4e:10:6d:76:
fe:bb:e2:ce:bd:13:56:bb:0d:79:99:8b:a3:ee:c6:fe:a0:dd:
b0:c6:54:db:04:98:33:b2:06:75:98:d4:b7:62:3c:45:c2:47:
6e:97:cc:7a
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYOIVmtz8oioPt5xa8VM6MHdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyOGJiYWQ2ZjQ5MTY4NDJiYmUzMjAyODRmYWZlMTBjYWY1
OWVkZjAwHhcNMjIwOTI5MDgyMTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODEyZDE1MTExNmFlYmFkYTUyOTM5Njk1ODVjODk3YWFjZDJhZmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXywh8r9ldMRw/Z0qci6Iq04ygVz
vHkhg4VMEZpLebCqoI/g8g52UJk0Bb6Z/yXlzPV53fSTLr1VB+TnfJq5lxJYjvsC
6S0i58F5+g06t6d+QuAc9lOT0VxD2Wn/7Aohh/bUoZgfp01/T+Xr7VN9CPNz4CEy
nZBArtulx9CcdNJNGahRcElEb1VpnLcSDw9jXXeWVNGwo7xEEyyZAkavb4TYZcqY
t+FP0mG5Y/AvvEL9KdIMgYWGJ98BuZnn65tPs7rK/dYkeptbueJY7IjYzAwRIseH
fgKgSMt/HZ2t+48CoHZ8noy4x7L+IJEr2ByEMZKD9bW7BCh4bG+w4pd2jwIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFAgS0VERauutpSk5aVhciXqs0q+mMB8GA1UdIwQY
MBaAFIKLutb0kWhCu+MgKE+v4QyvWe3wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ291NjF2U1JhRUs3NHlBb1Q2X2hESzlaN2ZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC84M2Y5NzctODJiOC00Njk1LTljMDgt
MTg5NjU1NWEyZjBlLzEvQ0JMUlVSRnE2NjJsS1RscFdGeUplcXpTcjZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC84M2Y5NzctODJiOC00Njk1LTljMDgtMTg5NjU1NWEyZjBl
LzEvZ291NjF2U1JhRUs3NHlBb1Q2X2hESzlaN2ZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAsBAIAATAmAwQCHwOQAwQA
JeR4MAwDBAEl5HoDBAAl5HwDBAFQRqIDBAFQRqYwDwQCAAIwCQMHACoA00D//zAN
BgkqhkiG9w0BAQsFAAOCAQEAPfJCgMdiAZq461cY1HuiY0QXJTVGKhYOrNMneLEw
egxfpGP9vgwr2MJf589ZT0aoh0xfZwj/rbXLTqFlBjbfhS95AeuPgqcChLsLChFI
XL3a+5Cs8HaiP3PXEOhTLGBtGCN0mzVTaPrMAcMXGimSridPVk6z7lAjYn0WAXVh
ATOc4bdiRbKRfNlPvQjL5k2EXh8rfTd66o5i/MahzxZYulMvhhgp3eQ6j8nQT9q5
21+OcKfBTaBA9IuOGUwP8r3gHuaYLkpoEMotrWr3r4HvR8pE0LNOEG12/rvizr0T
VrsNeZmLo+7G/qDdsMZU2wSYM7IGdZjUt2I8RcJHbpfMeg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:58 2024 by rpki-client on console-ams.rpki-client.org