Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/41e90c-61cc-470c-a388-6d1c9b153cf0/1/ywnAMKlTru0NV5G1NE-QoHmHOn8.roa
File: ywnAMKlTru0NV5G1NE-QoHmHOn8.roa (raw, json)
Hash identifier: ymU2jxBWGAZ2FOz54gvtwtDTQEjTihWzwTxN6qWOoEI=
Subject key identifier: CB:09:C0:30:A9:53:AE:ED:0D:57:91:B5:34:4F:90:A0:79:87:3A:7F
Certificate issuer: /CN=0007534eb77caa836f8f118630164e0236e5fe86
Certificate serial: 0183754D112D3398AB9E106B6121E1B7C129
Authority key identifier: 00:07:53:4E:B7:7C:AA:83:6F:8F:11:86:30:16:4E:02:36:E5:FE:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AAdTTrd8qoNvjxGGMBZOAjbl_oY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/41e90c-61cc-470c-a388-6d1c9b153cf0/1/ywnAMKlTru0NV5G1NE-QoHmHOn8.roa
Signing time: Sun 25 Sep 2022 15:38:48 +0000
ROA not before: Sun 25 Sep 2022 15:38:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204722
IP address blocks: 31.135.182.0/24 maxlen: 24
31.135.182.0/23 maxlen: 23
31.135.183.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:75:4d:11:2d:33:98:ab:9e:10:6b:61:21:e1:b7:c1:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0007534eb77caa836f8f118630164e0236e5fe86
Validity
Not Before: Sep 25 15:38:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cb09c030a953aeed0d5791b5344f90a079873a7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:6b:b3:20:64:81:bd:8f:92:cb:2d:4e:11:2a:
8f:6c:0a:96:81:26:cd:47:32:e2:da:00:ad:26:7c:
0b:a0:92:f9:72:43:80:5c:c0:1b:e9:3d:c7:f8:51:
dd:7c:1e:aa:bb:cf:ea:c9:60:87:99:0c:6a:bc:ca:
ac:95:3b:2f:1b:32:81:ba:42:a8:41:80:ac:d9:3d:
f6:b6:8f:7b:63:a0:c0:49:d5:49:82:60:6a:b4:e5:
8a:4c:a3:23:fd:fa:e7:6a:36:e2:75:c1:5c:7c:51:
82:63:a0:4a:65:b1:ab:ac:12:f0:26:0d:a9:36:49:
9c:7f:ea:df:70:15:26:e7:af:3b:e5:4f:93:98:1b:
ad:64:fe:b8:77:23:4e:a6:c6:b9:d9:e5:e4:78:ed:
72:ef:ef:65:6c:35:0d:6d:03:a0:cd:94:c0:3c:ac:
9a:d8:e8:03:1c:26:e8:b9:78:49:b1:3a:88:48:38:
0c:96:bd:4a:03:5c:a5:10:8d:69:df:22:d0:3a:c2:
7b:2a:cf:bd:f3:e2:c1:c4:21:df:4a:2e:e8:a1:78:
9b:80:56:78:a7:47:7f:a7:f2:73:73:39:02:94:16:
a2:d7:bc:2a:5f:f1:4d:5e:30:06:ca:3d:20:ba:be:
42:bc:e2:56:36:14:bd:97:51:02:8f:0c:1b:db:a4:
50:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:09:C0:30:A9:53:AE:ED:0D:57:91:B5:34:4F:90:A0:79:87:3A:7F
X509v3 Authority Key Identifier:
keyid:00:07:53:4E:B7:7C:AA:83:6F:8F:11:86:30:16:4E:02:36:E5:FE:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AAdTTrd8qoNvjxGGMBZOAjbl_oY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/41e90c-61cc-470c-a388-6d1c9b153cf0/1/ywnAMKlTru0NV5G1NE-QoHmHOn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/41e90c-61cc-470c-a388-6d1c9b153cf0/1/AAdTTrd8qoNvjxGGMBZOAjbl_oY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.135.182.0/23
Signature Algorithm: sha256WithRSAEncryption
45:53:21:e6:90:7a:e4:9b:00:21:08:1b:d8:87:16:f5:08:c2:
f9:9f:49:c9:b1:52:db:e8:3d:da:89:4a:87:08:14:c3:b3:4a:
72:6d:a8:91:60:66:d6:41:68:bb:ce:1d:d2:cf:c1:c6:d6:be:
3a:6a:08:5f:08:3b:0e:be:33:12:7d:f2:10:e7:35:6f:64:6f:
86:69:27:d4:3a:a3:0e:be:9f:d8:1b:c6:d1:79:80:9c:d4:65:
3e:b9:84:6c:c9:25:ad:ee:af:62:5b:eb:b1:c4:c6:fb:1b:86:
ce:a3:88:92:26:c2:d8:2a:cd:c4:44:91:78:95:71:45:f2:74:
81:5a:d3:be:80:46:76:27:09:68:e1:ae:96:b4:bf:e5:eb:04:
cf:f0:ef:93:24:ab:95:9c:a4:b5:48:26:1c:2a:b1:47:c3:6e:
c5:25:5c:52:f1:95:2d:90:03:13:8a:e9:c0:27:52:31:13:9e:
fa:49:22:59:b0:ba:a3:ee:67:9a:b3:16:9f:59:40:95:e0:14:
79:04:e7:53:c8:7b:0e:2a:19:cb:8e:c2:34:b5:7a:27:df:dd:
45:f5:68:32:2d:52:ca:8f:dd:28:93:27:9d:2e:d5:09:fe:c8:
5a:70:c5:23:90:b8:0e:d7:22:f8:42:5a:cf:1f:12:09:80:9f:
6b:a1:4e:a9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYN1TREtM5irnhBrYSHht8EpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMDc1MzRlYjc3Y2FhODM2ZjhmMTE4NjMwMTY0ZTAyMzZl
NWZlODYwHhcNMjIwOTI1MTUzODQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjA5YzAzMGE5NTNhZWVkMGQ1NzkxYjUzNDRmOTBhMDc5ODczYTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGuzIGSBvY+Syy1OESqPbAqWgSbN
RzLi2gCtJnwLoJL5ckOAXMAb6T3H+FHdfB6qu8/qyWCHmQxqvMqslTsvGzKBukKo
QYCs2T32to97Y6DASdVJgmBqtOWKTKMj/frnajbidcFcfFGCY6BKZbGrrBLwJg2p
Nkmcf+rfcBUm56875U+TmButZP64dyNOpsa52eXkeO1y7+9lbDUNbQOgzZTAPKya
2OgDHCbouXhJsTqISDgMlr1KA1ylEI1p3yLQOsJ7Ks+98+LBxCHfSi7ooXibgFZ4
p0d/p/JzczkClBai17wqX/FNXjAGyj0gur5CvOJWNhS9l1ECjwwb26RQEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMsJwDCpU67tDVeRtTRPkKB5hzp/MB8GA1UdIwQY
MBaAFAAHU063fKqDb48RhjAWTgI25f6GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUFkVFRyZDhxb052anhHR01CWk9BamJsX29ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi80MWU5MGMtNjFjYy00NzBjLWEzODgt
NmQxYzliMTUzY2YwLzEveXduQU1LbFRydTBOVjVHMU5FLVFvSG1IT244LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi80MWU5MGMtNjFjYy00NzBjLWEzODgtNmQxYzliMTUzY2Yw
LzEvQUFkVFRyZDhxb052anhHR01CWk9BamJsX29ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBH4e2MA0G
CSqGSIb3DQEBCwUAA4IBAQBFUyHmkHrkmwAhCBvYhxb1CML5n0nJsVLb6D3aiUqH
CBTDs0pybaiRYGbWQWi7zh3Sz8HG1r46aghfCDsOvjMSffIQ5zVvZG+GaSfUOqMO
vp/YG8bReYCc1GU+uYRsySWt7q9iW+uxxMb7G4bOo4iSJsLYKs3ERJF4lXFF8nSB
WtO+gEZ2Jwlo4a6WtL/l6wTP8O+TJKuVnKS1SCYcKrFHw27FJVxS8ZUtkAMTiunA
J1IxE576SSJZsLqj7measxafWUCV4BR5BOdTyHsOKhnLjsI0tXon391F9WgyLVLK
j90okyedLtUJ/shacMUjkLgO1yL4QlrPHxIJgJ9roU6p
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:28 2023 by rpki-client on console-fra.rpki-client.org