Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/iSTRMKeTpB0mMEatJobJIoVLWGc.roa
File: iSTRMKeTpB0mMEatJobJIoVLWGc.roa (raw, json)
Hash identifier: LZnDgHRn33oxHbDaYKdUCUk+LadUUwq8bVoV7ojTxbA=
Subject key identifier: 89:24:D1:30:A7:93:A4:1D:26:30:46:AD:26:86:C9:22:85:4B:58:67
Certificate issuer: /CN=1e36de27974727aa0046b3e9c8d0624674541255
Certificate serial: 0182B574FA25F454396C90D47319D9379631
Authority key identifier: 1E:36:DE:27:97:47:27:AA:00:46:B3:E9:C8:D0:62:46:74:54:12:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HjbeJ5dHJ6oARrPpyNBiRnRUElU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/iSTRMKeTpB0mMEatJobJIoVLWGc.roa
Signing time: Fri 19 Aug 2022 09:35:18 +0000
ROA not before: Fri 19 Aug 2022 09:35:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47844
IP address blocks: 62.122.88.0/21 maxlen: 21
31.130.0.0/24 maxlen: 24
31.130.0.0/19 maxlen: 19
31.130.1.0/24 maxlen: 24
31.130.2.0/24 maxlen: 24
31.130.3.0/24 maxlen: 24
31.130.4.0/22 maxlen: 22
31.130.8.0/22 maxlen: 22
31.130.16.0/20 maxlen: 20
178.212.80.0/21 maxlen: 21
93.157.163.0/24 maxlen: 24
93.157.160.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:b5:74:fa:25:f4:54:39:6c:90:d4:73:19:d9:37:96:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e36de27974727aa0046b3e9c8d0624674541255
Validity
Not Before: Aug 19 09:35:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8924d130a793a41d263046ad2686c922854b5867
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:4e:2e:6a:b2:83:a1:6e:4a:9c:ce:f6:bd:c0:
85:65:6e:30:18:30:bf:30:60:7e:fc:8b:6f:b0:11:
19:cf:76:06:77:e6:e2:42:46:1f:a1:84:b2:69:b3:
6a:ce:6b:fc:d1:10:cb:d2:cd:8a:66:10:1e:6d:b4:
15:70:09:e8:bf:2a:42:b5:65:91:af:47:a9:2c:44:
7a:c6:c8:04:bd:73:94:bb:7d:c5:8a:7c:46:43:7b:
d2:4d:37:f7:60:80:65:7c:47:ad:7b:06:1f:b2:b1:
58:f4:1b:29:22:25:06:d4:d4:be:ea:2c:6e:8c:56:
0c:97:2b:27:81:ea:8a:ad:79:7d:ea:94:67:1c:7a:
8a:38:15:93:20:5e:9d:dd:1b:6f:13:c0:0b:01:c3:
83:04:42:49:09:7e:2d:58:63:77:41:f3:ed:95:4a:
f3:aa:57:c6:ce:e0:d0:6c:54:df:7d:1f:d8:23:19:
2d:2b:7c:b0:1d:32:73:89:ba:c5:fe:91:e0:10:d8:
68:0b:d0:9b:17:ef:06:6d:ac:df:d0:4c:10:b9:49:
2c:47:9a:6a:2d:25:ea:1c:39:78:32:c7:57:bc:68:
72:9d:d5:4a:c8:26:d7:55:c9:91:c8:1a:bb:a1:13:
15:1d:fb:30:f1:ce:31:48:b5:51:7c:13:8a:52:e0:
0d:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:24:D1:30:A7:93:A4:1D:26:30:46:AD:26:86:C9:22:85:4B:58:67
X509v3 Authority Key Identifier:
keyid:1E:36:DE:27:97:47:27:AA:00:46:B3:E9:C8:D0:62:46:74:54:12:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HjbeJ5dHJ6oARrPpyNBiRnRUElU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/iSTRMKeTpB0mMEatJobJIoVLWGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/HjbeJ5dHJ6oARrPpyNBiRnRUElU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.130.0.0/19
62.122.88.0/21
93.157.160.0/21
178.212.80.0/21
Signature Algorithm: sha256WithRSAEncryption
88:cc:ad:6a:43:41:63:ae:c6:9a:5d:d8:69:d5:4e:31:bc:6c:
3b:37:c2:30:d7:a7:1e:cd:3a:12:20:7b:32:fd:f0:98:ec:1f:
53:91:76:b8:e6:ac:d0:e2:35:0a:ce:44:8f:f5:99:ff:16:f7:
9a:c8:77:a1:b1:89:37:1d:20:9c:b9:e1:34:c9:d9:72:0f:e0:
91:86:c8:56:7c:4c:f8:c2:68:67:dc:29:dd:1e:d9:c1:f0:c5:
84:27:12:31:5a:0a:b3:6c:1d:0b:06:1a:72:86:ca:ae:dc:93:
ef:2f:3c:97:c8:2e:45:bd:00:8f:fc:d4:d6:b3:ed:38:7c:a3:
f1:7c:a9:d9:f6:91:a8:d9:e5:bc:d6:db:ec:a4:7a:d5:a6:2a:
13:0d:ff:e1:be:c8:02:72:d2:f8:ef:6b:7a:c3:b6:a0:d6:9f:
3c:6d:aa:4b:9c:c4:52:bd:b8:88:5b:07:96:cf:67:cd:78:37:
fa:ae:b5:d3:90:15:b1:b3:f8:b6:8f:1c:69:2d:74:8d:5a:b7:
0e:e1:a6:49:95:ac:95:6b:07:f5:d3:a6:3a:90:c4:43:f3:e1:
07:c0:b8:54:29:b4:d8:8c:0d:31:fc:95:48:ee:55:45:a2:a2:
ae:9a:3a:6e:e2:e4:1f:82:52:e8:62:f9:55:4c:05:06:fb:b9:
89:fe:ce:a4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYK1dPol9FQ5bJDUcxnZN5YxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMzZkZTI3OTc0NzI3YWEwMDQ2YjNlOWM4ZDA2MjQ2NzQ1
NDEyNTUwHhcNMjIwODE5MDkzNTE4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTI0ZDEzMGE3OTNhNDFkMjYzMDQ2YWQyNjg2YzkyMjg1NGI1ODY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp04uarKDoW5KnM72vcCFZW4wGDC/
MGB+/ItvsBEZz3YGd+biQkYfoYSyabNqzmv80RDL0s2KZhAebbQVcAnovypCtWWR
r0epLER6xsgEvXOUu33FinxGQ3vSTTf3YIBlfEetewYfsrFY9BspIiUG1NS+6ixu
jFYMlysngeqKrXl96pRnHHqKOBWTIF6d3RtvE8ALAcODBEJJCX4tWGN3QfPtlUrz
qlfGzuDQbFTffR/YIxktK3ywHTJzibrF/pHgENhoC9CbF+8Gbazf0EwQuUksR5pq
LSXqHDl4MsdXvGhyndVKyCbXVcmRyBq7oRMVHfsw8c4xSLVRfBOKUuANdwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIkk0TCnk6QdJjBGrSaGySKFS1hnMB8GA1UdIwQY
MBaAFB423ieXRyeqAEaz6cjQYkZ0VBJVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGpiZUo1ZEhKNm9BUnJQcHlOQmlSblJVRWxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy81OWU4YzMtNjI2Yi00ZWNlLThlMzkt
ZGY3OTNhOTQwYmFiLzEvaVNUUk1LZVRwQjBtTUVhdEpvYkpJb1ZMV0djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy81OWU4YzMtNjI2Yi00ZWNlLThlMzktZGY3OTNhOTQwYmFi
LzEvSGpiZUo1ZEhKNm9BUnJQcHlOQmlSblJVRWxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFH4IAAwQD
PnpYAwQDXZ2gAwQDstRQMA0GCSqGSIb3DQEBCwUAA4IBAQCIzK1qQ0FjrsaaXdhp
1U4xvGw7N8Iw16cezToSIHsy/fCY7B9TkXa45qzQ4jUKzkSP9Zn/FveayHehsYk3
HSCcueE0ydlyD+CRhshWfEz4wmhn3CndHtnB8MWEJxIxWgqzbB0LBhpyhsqu3JPv
LzyXyC5FvQCP/NTWs+04fKPxfKnZ9pGo2eW81tvspHrVpioTDf/hvsgCctL472t6
w7ag1p88bapLnMRSvbiIWweWz2fNeDf6rrXTkBWxs/i2jxxpLXSNWrcO4aZJlayV
awf106Y6kMRD8+EHwLhUKbTYjA0x/JVI7lVFoqKumjpu4uQfglLoYvlVTAUG+7mJ
/s6k
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:37 2023 by rpki-client on console-ams.rpki-client.org