Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/O3DD9_Wy8_mR4VnBOc2rYzQIgCU.roa
File: O3DD9_Wy8_mR4VnBOc2rYzQIgCU.roa (raw, json)
Hash identifier: T3VUw3+u3v2TT6rRd4CNMNTJVGSELuse1KIEHXLlj9U=
Subject key identifier: 3B:70:C3:F7:F5:B2:F3:F9:91:E1:59:C1:39:CD:AB:63:34:08:80:25
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 01855836747F9BA3C49FF3AABF0262868A67
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/O3DD9_Wy8_mR4VnBOc2rYzQIgCU.roa
Signing time: Wed 28 Dec 2022 10:10:41 +0000
ROA not before: Wed 28 Dec 2022 10:10:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50129
IP address blocks: 31.44.144.0/20 maxlen: 24
178.239.240.0/20 maxlen: 24
31.222.96.0/19 maxlen: 24
185.209.8.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:58:36:74:7f:9b:a3:c4:9f:f3:aa:bf:02:62:86:8a:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Dec 28 10:10:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3b70c3f7f5b2f3f991e159c139cdab6334088025
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:08:fe:5c:2f:c9:37:3e:7e:5a:84:e6:e7:60:
bc:9d:7c:3a:75:e7:b6:70:d2:2f:9d:78:64:88:12:
99:33:bc:75:7c:9b:fc:d5:3b:df:1f:8e:a3:c5:5b:
4a:ec:61:98:e3:db:67:a1:7a:86:12:c2:55:ad:eb:
63:e3:1e:99:73:7a:3d:4e:bb:00:a5:f8:9c:f5:25:
54:e6:5a:46:e7:de:c9:e6:fc:c7:2e:53:c8:29:6a:
8f:87:24:cd:df:bf:e0:5d:c3:f9:8a:01:6f:eb:19:
4c:ee:7d:bb:d1:09:36:39:11:d0:78:52:00:8e:8e:
10:5e:fc:fe:4d:3f:67:88:cf:97:36:e7:c9:15:07:
81:8e:6b:4d:87:f1:0f:94:68:f8:33:c4:0b:03:c6:
1b:49:9c:46:ec:d6:0f:69:d5:ca:da:05:88:d6:00:
f3:e2:82:34:eb:bf:ce:bf:09:71:fc:6f:d2:86:4a:
7d:d9:a5:6c:32:fd:54:f4:61:c1:47:51:fe:38:e0:
c8:80:c0:29:db:57:d9:91:9b:06:15:43:41:1d:4d:
61:10:2b:17:99:48:28:b7:7f:a1:20:d8:d9:d4:06:
a1:31:57:45:7c:10:a6:46:88:7f:02:8b:ee:24:b4:
b2:83:01:f7:c5:a7:10:e4:d2:f9:47:75:13:38:b3:
59:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:70:C3:F7:F5:B2:F3:F9:91:E1:59:C1:39:CD:AB:63:34:08:80:25
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/O3DD9_Wy8_mR4VnBOc2rYzQIgCU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.144.0/20
31.222.96.0/19
178.239.240.0/20
185.209.8.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:83:ae:2a:81:57:37:04:bd:d4:15:de:2b:bb:7a:c7:66:a6:
35:12:9a:dd:56:da:ca:69:9c:42:3a:8c:fe:25:ab:b1:5b:cd:
cc:92:80:f4:98:d9:29:c3:a0:09:eb:5c:e7:75:42:8d:5b:9f:
e5:b5:bb:28:8a:22:65:c5:c9:fe:2a:90:50:36:15:a4:6f:85:
4b:5c:cb:1b:84:bf:33:d3:4a:88:6a:37:1d:7c:8d:3c:8c:1d:
0c:01:2e:c4:aa:17:40:75:3a:da:85:bb:04:bd:16:ca:a1:30:
fa:36:50:03:cc:d9:95:16:ae:76:6f:5c:ed:d2:2f:27:c8:8f:
63:2d:ae:0b:ce:51:89:6c:ae:09:c6:a7:a6:e1:29:17:af:af:
40:08:dc:5c:cc:cb:e7:77:0d:97:cf:3c:cd:df:7d:56:6c:7a:
7e:4e:d1:ee:4d:0b:3b:9b:34:62:ef:56:a6:58:86:85:a8:91:
a8:cd:ff:d5:c3:57:97:ab:e5:cf:66:af:cc:43:59:de:9d:f9:
2e:a3:1e:bd:53:9b:0b:43:66:d7:e3:d1:68:6e:f1:59:48:2b:
fb:c6:9e:d1:a6:4e:4f:da:f5:3a:1d:ea:0a:b7:bb:96:eb:b0:
72:1f:58:f4:e4:34:b6:8f:01:79:f7:6b:db:2d:c0:a1:63:55:
c4:73:aa:a6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVYNnR/m6PEn/OqvwJihopnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjIxMjI4MTAxMDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjcwYzNmN2Y1YjJmM2Y5OTFlMTU5YzEzOWNkYWI2MzM0MDg4MDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQj+XC/JNz5+WoTm52C8nXw6dee2
cNIvnXhkiBKZM7x1fJv81TvfH46jxVtK7GGY49tnoXqGEsJVretj4x6Zc3o9TrsA
pfic9SVU5lpG597J5vzHLlPIKWqPhyTN37/gXcP5igFv6xlM7n270Qk2ORHQeFIA
jo4QXvz+TT9niM+XNufJFQeBjmtNh/EPlGj4M8QLA8YbSZxG7NYPadXK2gWI1gDz
4oI067/Ovwlx/G/Shkp92aVsMv1U9GHBR1H+OODIgMAp21fZkZsGFUNBHU1hECsX
mUgot3+hINjZ1AahMVdFfBCmRoh/AovuJLSygwH3xacQ5NL5R3UTOLNZuwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDtww/f1svP5keFZwTnNq2M0CIAlMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvTzNERDlfV3k4X21SNFZuQk9jMnJZelFJZ0NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEHyyQAwQF
H95gAwQEsu/wAwQCudEIMA0GCSqGSIb3DQEBCwUAA4IBAQAfg64qgVc3BL3UFd4r
u3rHZqY1EprdVtrKaZxCOoz+JauxW83MkoD0mNkpw6AJ61zndUKNW5/ltbsoiiJl
xcn+KpBQNhWkb4VLXMsbhL8z00qIajcdfI08jB0MAS7EqhdAdTrahbsEvRbKoTD6
NlADzNmVFq52b1zt0i8nyI9jLa4LzlGJbK4Jxqem4SkXr69ACNxczMvndw2XzzzN
331WbHp+TtHuTQs7mzRi71amWIaFqJGozf/Vw1eXq+XPZq/MQ1nenfkuox69U5sL
Q2bX49FobvFZSCv7xp7Rpk5P2vU6HeoKt7uW67ByH1j05DS2jwF592vbLcChY1XE
c6qm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:50 2024 by rpki-client on console-ams.rpki-client.org