Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/1KIIFiSh6AK5njoEZ0T9-NKlQjw.roa
File: 1KIIFiSh6AK5njoEZ0T9-NKlQjw.roa (raw, json)
Hash identifier: yp5vDn3nzJlnFnUIOYbO6Tv/CM4lKV/ankCoqVh8wOY=
Subject key identifier: D4:A2:08:16:24:A1:E8:02:B9:9E:3A:04:67:44:FD:F8:D2:A5:42:3C
Certificate issuer: /CN=fa3d0bc11b29da44ad57304c3f8568870a019c24
Certificate serial: 380243E9
Authority key identifier: FA:3D:0B:C1:1B:29:DA:44:AD:57:30:4C:3F:85:68:87:0A:01:9C:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-j0LwRsp2kStVzBMP4VohwoBnCQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/1KIIFiSh6AK5njoEZ0T9-NKlQjw.roa
Signing time: Sat 01 Jan 2022 10:01:04 +0000
ROA not before: Sat 01 Jan 2022 10:01:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202391
IP address blocks: 31.25.95.0/24 maxlen: 24
185.49.104.0/22 maxlen: 24
185.118.12.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 939672553 (0x380243e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa3d0bc11b29da44ad57304c3f8568870a019c24
Validity
Not Before: Jan 1 10:01:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d4a2081624a1e802b99e3a046744fdf8d2a5423c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:bd:49:e4:c7:35:db:02:81:33:92:18:31:f7:
db:50:fa:27:07:1f:2c:83:50:92:66:f2:af:f5:90:
8d:7a:d8:65:42:ef:64:16:0e:18:01:4b:35:6a:e7:
09:64:87:02:96:62:15:3e:ae:10:84:ff:4b:e0:9a:
16:cc:8e:8c:48:ba:f2:bb:13:c2:6f:6f:b8:1b:41:
8c:e3:5e:03:63:c2:e9:bc:86:19:29:1a:18:70:e6:
3b:79:a5:32:14:7f:05:38:64:39:ff:1b:c7:06:28:
b4:23:0c:32:40:b4:5b:92:f2:57:f6:0c:42:0c:b9:
e3:b9:10:c9:af:8e:35:8f:42:a6:b4:c7:ae:b6:3a:
30:36:21:bc:9f:46:0c:27:28:28:23:20:57:26:6d:
9f:67:10:e8:e5:48:62:9b:b8:e9:cb:cc:f8:ed:7c:
ea:52:8b:49:75:62:83:7d:0d:c3:bd:d7:d2:3e:0d:
e9:be:2f:8d:fb:47:6f:ee:4e:ef:51:fd:80:b8:9d:
84:53:1c:43:c0:4e:f8:83:c6:d9:23:a7:36:b5:08:
b5:2f:38:fc:be:1a:18:5c:db:35:70:16:6c:8f:78:
26:f6:d5:79:f5:97:29:79:e8:fc:34:3a:03:7a:84:
1c:6e:c1:b7:2a:89:1f:a8:6e:c2:92:f3:a9:3f:9a:
a9:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:A2:08:16:24:A1:E8:02:B9:9E:3A:04:67:44:FD:F8:D2:A5:42:3C
X509v3 Authority Key Identifier:
keyid:FA:3D:0B:C1:1B:29:DA:44:AD:57:30:4C:3F:85:68:87:0A:01:9C:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-j0LwRsp2kStVzBMP4VohwoBnCQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/1KIIFiSh6AK5njoEZ0T9-NKlQjw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/1-j0LwRsp2kStVzBMP4VohwoBnCQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.95.0/24
185.49.104.0/22
185.118.12.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:78:be:ad:24:98:62:ea:53:d3:7a:95:32:72:78:2a:0d:dc:
20:b9:b3:83:f5:e8:91:0a:28:1c:61:13:ef:fe:03:9e:b3:8b:
d6:54:f7:ef:07:3d:43:94:21:eb:f0:f0:ea:71:e7:66:a7:cc:
e0:ae:04:00:e4:70:1d:b6:d3:33:93:e0:05:84:34:ca:36:ed:
d8:bb:43:13:0f:fe:83:e1:c7:65:68:1f:9b:0b:0d:d4:d9:af:
64:75:46:3d:5a:16:46:0d:25:0f:9b:3e:b2:3e:d0:1b:42:0f:
c7:d2:40:95:85:76:12:85:34:94:1d:ec:57:9c:8f:7f:21:0e:
36:3b:05:65:a4:cb:7c:f7:25:42:fe:bc:72:4d:c9:b7:42:d6:
1a:ec:e1:e5:7f:ca:e6:03:b7:db:e9:3e:00:88:2d:ca:86:6d:
cf:47:c7:ed:ec:a4:1b:f8:1f:d0:88:01:2b:b5:2a:b8:77:46:
9e:e4:3d:c5:28:b4:0c:a1:1c:d9:93:0d:25:d5:d3:21:77:cc:
cf:6e:c0:c7:e5:64:0e:87:fd:56:be:01:8c:7e:cf:6e:1f:13:
5e:c8:e7:42:7f:3e:11:c0:d9:6e:ba:ab:6c:d7:7a:da:df:87:
83:35:ce:e0:d2:63:9d:23:29:b8:3e:cc:5a:3b:b2:2e:da:c4:
98:91:9a:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEOAJD6TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YTNkMGJjMTFiMjlkYTQ0YWQ1NzMwNGMzZjg1Njg4NzBhMDE5YzI0MB4XDTIyMDEw
MTEwMDEwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDRhMjA4MTYyNGEx
ZTgwMmI5OWUzYTA0Njc0NGZkZjhkMmE1NDIzYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMa9SeTHNdsCgTOSGDH321D6JwcfLINQkmbyr/WQjXrYZULv
ZBYOGAFLNWrnCWSHApZiFT6uEIT/S+CaFsyOjEi68rsTwm9vuBtBjONeA2PC6byG
GSkaGHDmO3mlMhR/BThkOf8bxwYotCMMMkC0W5LyV/YMQgy547kQya+ONY9CprTH
rrY6MDYhvJ9GDCcoKCMgVyZtn2cQ6OVIYpu46cvM+O186lKLSXVig30Nw73X0j4N
6b4vjftHb+5O71H9gLidhFMcQ8BO+IPG2SOnNrUItS84/L4aGFzbNXAWbI94JvbV
efWXKXno/DQ6A3qEHG7BtyqJH6huwpLzqT+aqa0CAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBTUoggWJKHoArmeOgRnRP340qVCPDAfBgNVHSMEGDAWgBT6PQvBGynaRK1X
MEw/hWiHCgGcJDAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtajBMd1JzcDJrU3RWekJNUDRWb2h3b0JuQ1EuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL2MzL2FhNjYyOS1kMTQ5LTQxOTctYTMxNS1kMjEwNzFlZjczNWIv
MS8xS0lJRmlTaDZBSzVuam9FWjBUOS1OS2xRancucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Mz
L2FhNjYyOS1kMTQ5LTQxOTctYTMxNS1kMjEwNzFlZjczNWIvMS8xLWowTHdSc3Ay
a1N0VnpCTVA0Vm9od29CbkNRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAHxlfAwQCuTFoAwQCuXYMMA0G
CSqGSIb3DQEBCwUAA4IBAQBreL6tJJhi6lPTepUycngqDdwgubOD9eiRCigcYRPv
/gOes4vWVPfvBz1DlCHr8PDqcedmp8zgrgQA5HAdttMzk+AFhDTKNu3Yu0MTD/6D
4cdlaB+bCw3U2a9kdUY9WhZGDSUPmz6yPtAbQg/H0kCVhXYShTSUHexXnI9/IQ42
OwVlpMt89yVC/rxyTcm3QtYa7OHlf8rmA7fb6T4AiC3Khm3PR8ft7KQb+B/QiAEr
tSq4d0ae5D3FKLQMoRzZkw0l1dMhd8zPbsDH5WQOh/1WvgGMfs9uHxNeyOdCfz4R
wNluuqts13ra34eDNc7g0mOdIym4PsxaO7Iu2sSYkZor
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:31 2023 by rpki-client on console-fra.rpki-client.org