Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/bima9sQeUH57hX2F5XHU0InZSJE.roa
File: bima9sQeUH57hX2F5XHU0InZSJE.roa (raw, json)
Hash identifier: s++FNtcLFY+fnZdrrNWuIHw89FA8MtkQkYtlU0lWjxY=
Subject key identifier: 6E:29:9A:F6:C4:1E:50:7E:7B:85:7D:85:E5:71:D4:D0:89:D9:48:91
Certificate issuer: /CN=dff24726df3e77f6f4c8e0436613b35110eeaf38
Certificate serial: 03C54D1B
Authority key identifier: DF:F2:47:26:DF:3E:77:F6:F4:C8:E0:43:66:13:B3:51:10:EE:AF:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3_JHJt8-d_b0yOBDZhOzURDurzg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/bima9sQeUH57hX2F5XHU0InZSJE.roa
Signing time: Wed 13 Apr 2022 07:12:06 +0000
ROA not before: Wed 13 Apr 2022 07:12:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 31.43.164.0/23 maxlen: 24
31.43.166.0/23 maxlen: 24
195.34.78.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63261979 (0x3c54d1b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dff24726df3e77f6f4c8e0436613b35110eeaf38
Validity
Not Before: Apr 13 07:12:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6e299af6c41e507e7b857d85e571d4d089d94891
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:49:94:49:5b:5c:3f:fb:5a:8b:86:f7:36:ce:
f4:9b:68:23:72:13:7e:a2:55:27:4a:e2:07:8b:8e:
c4:e3:0f:67:9a:80:b5:a4:cc:be:29:a8:48:f9:d0:
a7:74:05:95:19:36:87:b0:e8:7f:f8:67:66:f4:10:
c0:4e:18:51:08:7e:7a:4d:37:d0:23:c0:d6:06:db:
f3:5b:1e:eb:2e:92:a1:6c:ab:f1:28:68:8b:08:86:
c9:ab:43:01:81:99:65:e8:75:16:d1:0e:85:f6:30:
2d:c6:11:c3:e2:2b:da:e5:7d:ed:b6:fb:fd:06:6f:
58:8b:b7:5c:d3:36:cb:45:8e:4a:68:e4:7d:9f:ce:
de:e7:39:f2:41:dc:f8:b7:90:09:47:a9:73:09:c4:
07:a8:97:98:3e:91:a2:cf:8c:c9:d4:18:c9:84:6e:
7b:5f:1f:99:28:c7:7e:a8:31:d9:b3:90:d9:ef:aa:
80:de:f4:6a:26:ff:33:61:d1:cb:c8:71:2f:50:62:
b4:51:cb:cd:53:01:a7:a2:4f:74:07:54:eb:9d:29:
3c:eb:34:41:9c:6b:42:06:f7:19:6b:c6:7a:1a:d8:
a2:7f:88:04:a9:bf:7b:80:4d:bb:67:9a:e7:b5:32:
fe:b4:c4:e2:43:3f:fc:41:6e:a5:cc:13:86:5f:06:
46:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:29:9A:F6:C4:1E:50:7E:7B:85:7D:85:E5:71:D4:D0:89:D9:48:91
X509v3 Authority Key Identifier:
keyid:DF:F2:47:26:DF:3E:77:F6:F4:C8:E0:43:66:13:B3:51:10:EE:AF:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3_JHJt8-d_b0yOBDZhOzURDurzg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/bima9sQeUH57hX2F5XHU0InZSJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/3_JHJt8-d_b0yOBDZhOzURDurzg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.43.164.0/22
195.34.78.0/24
Signature Algorithm: sha256WithRSAEncryption
c5:10:72:58:41:1f:47:3e:38:42:9e:2d:70:36:96:af:ae:1b:
8a:9c:3e:51:8d:d7:1f:f6:a4:a0:08:44:8f:4e:bd:a5:af:a0:
69:0c:8d:a1:5d:e0:9a:a8:0f:c4:ff:26:5e:b8:05:7f:5c:ff:
17:8e:e4:a7:56:bc:81:f2:58:5b:9f:ff:62:5b:bb:19:92:02:
17:76:f8:5d:8c:2a:dd:fd:d4:e8:1b:70:fe:1e:1b:4a:74:7f:
a7:06:ff:60:c4:0a:4a:bf:c0:25:fb:6c:6c:4e:73:0d:76:64:
1e:d8:99:db:b1:02:df:a6:5a:d3:db:78:54:35:fb:1f:45:bd:
e0:f2:44:d1:61:78:20:e2:41:d9:0a:58:a2:e8:c1:69:31:ee:
f4:e5:70:98:a7:e5:18:55:9f:81:02:46:2f:f3:75:f8:75:b3:
29:3a:8e:1a:37:8c:f8:64:1b:eb:19:fb:14:df:b3:8e:96:57:
04:f1:72:ed:4e:a4:c4:2a:f7:27:d3:f4:3c:37:80:a1:0a:d3:
ee:dc:30:18:c4:57:06:fb:5c:31:51:41:8d:4a:4d:2f:e2:6c:
0d:57:37:6c:9e:9a:80:9b:36:f5:00:d7:e3:c5:aa:52:de:59:
47:a3:56:47:05:8a:87:a5:97:c7:ea:f9:7d:bf:fc:85:66:21:
b0:45:ab:74
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEA8VNGzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZmYyNDcyNmRmM2U3N2Y2ZjRjOGUwNDM2NjEzYjM1MTEwZWVhZjM4MB4XDTIyMDQx
MzA3MTIwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmUyOTlhZjZjNDFl
NTA3ZTdiODU3ZDg1ZTU3MWQ0ZDA4OWQ5NDg5MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJtJlElbXD/7WouG9zbO9JtoI3ITfqJVJ0riB4uOxOMPZ5qA
taTMvimoSPnQp3QFlRk2h7Dof/hnZvQQwE4YUQh+ek030CPA1gbb81se6y6SoWyr
8ShoiwiGyatDAYGZZeh1FtEOhfYwLcYRw+Ir2uV97bb7/QZvWIu3XNM2y0WOSmjk
fZ/O3uc58kHc+LeQCUepcwnEB6iXmD6Ros+MydQYyYRue18fmSjHfqgx2bOQ2e+q
gN70aib/M2HRy8hxL1BitFHLzVMBp6JPdAdU650pPOs0QZxrQgb3GWvGehrYon+I
BKm/e4BNu2ea57Uy/rTE4kM//EFupcwThl8GRmsCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRuKZr2xB5QfnuFfYXlcdTQidlIkTAfBgNVHSMEGDAWgBTf8kcm3z539vTI
4ENmE7NREO6vODAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNfSkhKdDgtZF9iMHlPQkRaaE96VVJEdXJ6Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzgvYTk2MDI0LTY1NTUtNGU4ZC1hZjM3LTYyYmI2ZDYzZTU5ZC8x
L2JpbWE5c1FlVUg1N2hYMkY1WEhVMEluWlNKRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzgv
YTk2MDI0LTY1NTUtNGU4ZC1hZjM3LTYyYmI2ZDYzZTU5ZC8xLzNfSkhKdDgtZF9i
MHlPQkRaaE96VVJEdXJ6Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAh8rpAMEAMMiTjANBgkqhkiG9w0B
AQsFAAOCAQEAxRByWEEfRz44Qp4tcDaWr64bipw+UY3XH/akoAhEj069pa+gaQyN
oV3gmqgPxP8mXrgFf1z/F47kp1a8gfJYW5//Ylu7GZICF3b4XYwq3f3U6Btw/h4b
SnR/pwb/YMQKSr/AJftsbE5zDXZkHtiZ27EC36Za09t4VDX7H0W94PJE0WF4IOJB
2QpYoujBaTHu9OVwmKflGFWfgQJGL/N1+HWzKTqOGjeM+GQb6xn7FN+zjpZXBPFy
7U6kxCr3J9P0PDeAoQrT7twwGMRXBvtcMVFBjUpNL+JsDVc3bJ6agJs29QDX48Wq
Ut5ZR6NWRwWKh6WXx+r5fb/8hWYhsEWrdA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:43 2023 by rpki-client on console-ams.rpki-client.org