Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/AyOsBb3qtSuaIeptmk_Sro-P5gk.roa
File: AyOsBb3qtSuaIeptmk_Sro-P5gk.roa (raw, json)
Hash identifier: Vd4CLd5FYqjfvyD83jEoHozinV/tjGpxWeJ2i2lgoWI=
Subject key identifier: 03:23:AC:05:BD:EA:B5:2B:9A:21:EA:6D:9A:4F:D2:AE:8F:8F:E6:09
Certificate issuer: /CN=352f8919e6bc1ef5663489018fc875be34c0f24c
Certificate serial: 01835F4D2D7E89153F07494F5A494CB804EB
Authority key identifier: 35:2F:89:19:E6:BC:1E:F5:66:34:89:01:8F:C8:75:BE:34:C0:F2:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NS-JGea8HvVmNIkBj8h1vjTA8kw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/AyOsBb3qtSuaIeptmk_Sro-P5gk.roa
Signing time: Wed 21 Sep 2022 09:07:16 +0000
ROA not before: Wed 21 Sep 2022 09:07:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 31.193.240.0/21 maxlen: 24
185.74.52.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:5f:4d:2d:7e:89:15:3f:07:49:4f:5a:49:4c:b8:04:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=352f8919e6bc1ef5663489018fc875be34c0f24c
Validity
Not Before: Sep 21 09:07:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0323ac05bdeab52b9a21ea6d9a4fd2ae8f8fe609
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:57:40:77:91:22:d5:51:ef:55:f0:b7:63:c9:
f0:11:3f:8f:39:e0:14:81:91:75:05:f0:5d:51:ef:
e8:fa:33:89:16:8e:fd:a6:2f:6b:df:cd:fb:e0:57:
4a:f9:95:95:d1:81:0a:80:23:25:14:f0:af:14:e8:
ac:47:c1:39:5b:0b:40:90:db:c7:bc:46:35:42:45:
3b:ef:3b:aa:64:fc:7c:39:29:1b:60:1f:92:b1:fa:
bd:e0:8e:f1:36:32:50:d1:0e:dd:e6:16:f7:ba:42:
f7:7d:78:ae:dd:e2:ec:d0:10:6e:c1:19:bf:34:4b:
ad:dc:93:73:e6:17:9b:b7:fb:06:c2:37:ee:69:3a:
61:7a:32:8b:91:06:72:55:34:44:8d:04:40:cd:b0:
8d:4d:95:94:93:7a:cb:c4:b7:47:66:20:af:fb:20:
3f:44:07:39:3f:bd:5c:4a:90:b9:ff:6e:ce:53:d9:
7f:80:c6:ca:de:27:96:cd:59:b6:eb:19:93:54:7d:
4f:7c:39:24:b4:c1:95:9f:c6:52:c9:fb:ad:cf:0a:
4a:bc:ba:c0:46:40:c1:13:e4:b8:93:0e:36:19:aa:
70:aa:03:53:40:2b:fe:5b:c8:ed:01:7b:2c:ea:9c:
c1:d2:df:75:04:04:45:29:13:c8:55:0a:c1:09:a7:
a5:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:23:AC:05:BD:EA:B5:2B:9A:21:EA:6D:9A:4F:D2:AE:8F:8F:E6:09
X509v3 Authority Key Identifier:
keyid:35:2F:89:19:E6:BC:1E:F5:66:34:89:01:8F:C8:75:BE:34:C0:F2:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NS-JGea8HvVmNIkBj8h1vjTA8kw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/AyOsBb3qtSuaIeptmk_Sro-P5gk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/NS-JGea8HvVmNIkBj8h1vjTA8kw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.240.0/21
185.74.52.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:06:f6:2d:03:51:de:f8:e9:6f:0a:11:a6:d3:0c:bc:b2:68:
79:b0:dc:ae:89:22:cd:85:b0:22:ba:04:e3:89:6d:86:b7:ae:
5a:75:3f:1d:74:77:59:2d:ea:7b:91:2a:ba:3f:06:8c:e7:2a:
56:1b:b6:f0:83:1a:41:f5:72:18:a1:d2:d5:9b:c3:e2:41:77:
94:29:ed:c6:91:81:a7:37:86:a8:1a:0a:60:5c:bc:0b:09:16:
4a:52:f9:46:00:82:1e:c6:f1:01:db:b9:ab:fa:ba:da:d9:65:
79:ea:90:1f:b5:88:a9:62:b1:0e:4a:8a:7d:e6:e9:5c:cc:03:
cd:79:40:6c:ca:cd:19:3e:5d:35:e2:84:e2:8c:52:8a:ce:ab:
52:72:c9:51:9d:ce:c6:97:eb:38:a5:bb:32:21:86:0b:0b:f4:
d6:e7:dd:ed:6d:dc:eb:98:c6:4a:23:b6:73:97:ea:fa:a2:d8:
e9:41:76:96:43:d2:ca:2a:e4:aa:0e:9c:5a:d4:b0:b7:8c:8c:
31:d8:c7:63:61:62:a3:a5:34:8c:d9:da:19:d5:b7:ae:c4:c5:
49:9c:62:4f:a7:2f:a2:c3:da:2d:b3:6d:80:fb:20:0d:39:0f:
4a:ca:de:76:fd:1d:ae:a3:97:69:3e:20:f8:ed:3e:b0:c2:24:
85:c8:28:2b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYNfTS1+iRU/B0lPWklMuATrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MmY4OTE5ZTZiYzFlZjU2NjM0ODkwMThmYzg3NWJlMzRj
MGYyNGMwHhcNMjIwOTIxMDkwNzE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzIzYWMwNWJkZWFiNTJiOWEyMWVhNmQ5YTRmZDJhZThmOGZlNjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0FdAd5Ei1VHvVfC3Y8nwET+POeAU
gZF1BfBdUe/o+jOJFo79pi9r38374FdK+ZWV0YEKgCMlFPCvFOisR8E5WwtAkNvH
vEY1QkU77zuqZPx8OSkbYB+Ssfq94I7xNjJQ0Q7d5hb3ukL3fXiu3eLs0BBuwRm/
NEut3JNz5hebt/sGwjfuaTphejKLkQZyVTREjQRAzbCNTZWUk3rLxLdHZiCv+yA/
RAc5P71cSpC5/27OU9l/gMbK3ieWzVm26xmTVH1PfDkktMGVn8ZSyfutzwpKvLrA
RkDBE+S4kw42GapwqgNTQCv+W8jtAXss6pzB0t91BARFKRPIVQrBCael+wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAMjrAW96rUrmiHqbZpP0q6Pj+YJMB8GA1UdIwQY
MBaAFDUviRnmvB71ZjSJAY/Idb40wPJMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlMtSkdlYThIdlZtTklrQmo4aDF2alRBOGt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9jZjk0M2QtYzkyMS00ZWY3LTlhYTAt
ZTNmY2IyM2UzNDM4LzEvQXlPc0JiM3F0U3VhSWVwdG1rX1Nyby1QNWdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9jZjk0M2QtYzkyMS00ZWY3LTlhYTAtZTNmY2IyM2UzNDM4
LzEvTlMtSkdlYThIdlZtTklrQmo4aDF2alRBOGt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDH8HwAwQC
uUo0MA0GCSqGSIb3DQEBCwUAA4IBAQBfBvYtA1He+OlvChGm0wy8smh5sNyuiSLN
hbAiugTjiW2Gt65adT8ddHdZLep7kSq6PwaM5ypWG7bwgxpB9XIYodLVm8PiQXeU
Ke3GkYGnN4aoGgpgXLwLCRZKUvlGAIIexvEB27mr+rra2WV56pAftYipYrEOSop9
5ulczAPNeUBsys0ZPl014oTijFKKzqtScslRnc7Gl+s4pbsyIYYLC/TW593tbdzr
mMZKI7Zzl+r6otjpQXaWQ9LKKuSqDpxa1LC3jIwx2MdjYWKjpTSM2doZ1beuxMVJ
nGJPpy+iw9ots22A+yANOQ9Kyt52/R2uo5dpPiD47T6wwiSFyCgr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:37 2024 by rpki-client on console-fra.rpki-client.org