Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/K8cArjVTeaVtvuEP8K-1mEck8uk.roa
File: K8cArjVTeaVtvuEP8K-1mEck8uk.roa (raw, json)
Hash identifier: TKKm6q0042d44ByRhmx352O/VBXa9og4CzE5SEdjSL0=
Subject key identifier: 2B:C7:00:AE:35:53:79:A5:6D:BE:E1:0F:F0:AF:B5:98:47:24:F2:E9
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 01847FC400FA4344687699B43CFE989891A8
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/K8cArjVTeaVtvuEP8K-1mEck8uk.roa
Signing time: Wed 16 Nov 2022 09:27:42 +0000
ROA not before: Wed 16 Nov 2022 09:27:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211975
IP address blocks: 31.47.239.0/24 maxlen: 24
94.247.46.0/23 maxlen: 24
178.251.225.0/24 maxlen: 24
178.251.231.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7f:c4:00:fa:43:44:68:76:99:b4:3c:fe:98:98:91:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Nov 16 09:27:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2bc700ae355379a56dbee10ff0afb5984724f2e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:21:8c:28:ee:00:f7:18:c7:54:0f:7e:c8:81:
30:f3:0f:a5:32:81:46:a8:c2:6d:69:90:4b:15:d1:
73:6a:2b:c6:df:21:b9:e4:c8:a2:c6:93:48:4e:a4:
52:58:c6:e4:29:f7:8b:73:d5:46:d9:86:5b:23:92:
f1:2e:84:f4:28:ca:14:97:ae:35:03:6d:8c:ea:4c:
6d:12:f5:8e:35:36:e2:c9:6e:21:59:1f:80:82:6c:
50:d6:60:89:d1:70:72:79:26:ab:03:96:b1:55:cb:
95:ef:ad:e4:fb:04:4e:12:02:cd:88:d0:af:ab:89:
50:4a:f3:88:30:90:a5:6b:97:37:0b:1e:02:cc:91:
18:97:7d:59:a7:31:bf:d3:7b:48:dc:c3:c6:35:8c:
c8:59:e9:2b:45:32:44:46:e7:a9:4f:26:04:63:88:
40:66:aa:5f:81:a0:35:17:e5:1a:55:b6:df:98:27:
45:c7:8d:f5:cb:d8:f8:43:2f:5f:58:29:28:c4:9c:
aa:f1:a6:4e:58:8e:bb:49:ab:ec:e2:49:7a:e5:24:
47:96:c5:e7:88:ac:aa:c2:62:a6:98:6f:38:c7:f0:
c1:07:85:5d:ec:e1:9b:07:f5:07:e9:dd:fa:60:82:
7d:56:0f:e7:95:66:57:0d:50:99:1b:73:50:09:7c:
1e:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:C7:00:AE:35:53:79:A5:6D:BE:E1:0F:F0:AF:B5:98:47:24:F2:E9
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/K8cArjVTeaVtvuEP8K-1mEck8uk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.47.239.0/24
94.247.46.0/23
178.251.225.0/24
178.251.231.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:6c:e4:84:d3:24:64:1f:8c:8f:90:ca:f6:22:32:a1:4a:3f:
4d:30:ab:bb:ff:2f:61:24:65:ec:dd:12:01:a6:18:a1:38:f2:
96:f9:61:44:f0:ea:42:b7:b6:c4:f2:9a:83:bc:c6:d5:e4:21:
6f:ff:f7:c4:98:b2:cf:74:86:5b:a0:4f:8b:be:69:c7:3c:bf:
8a:3b:c6:3c:a9:f7:5a:fe:da:18:83:b2:8d:df:0b:08:35:cd:
46:df:7d:63:bc:79:e1:2a:91:d2:9a:dd:29:0a:75:85:1d:1a:
ac:c1:b5:51:b4:5b:1e:5c:49:3f:a6:6d:95:1e:23:96:03:40:
10:30:e4:10:80:e5:95:00:4e:40:cc:2c:76:ac:2f:91:0d:69:
d9:1e:8d:08:d8:d3:f9:82:00:e5:d1:3b:2d:fa:b7:ae:79:aa:
e4:4c:62:e4:29:1e:a8:eb:83:06:de:a1:0b:c4:a4:89:d8:1e:
4c:64:52:87:3e:4c:b3:dd:66:d2:4e:b6:c7:43:71:35:8d:6c:
86:b4:e8:a8:14:a0:b1:9c:ff:23:a0:0d:84:0d:1b:2f:25:5f:
c9:3f:d1:81:1a:ed:f6:c3:26:6f:85:73:ec:63:34:62:1c:39:
c5:9d:6f:e4:ac:e2:ef:2b:b4:82:82:25:e9:07:78:81:2b:b3:
11:4d:8a:a9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYR/xAD6Q0Rodpm0PP6YmJGoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjIxMTE2MDkyNzQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmM3MDBhZTM1NTM3OWE1NmRiZWUxMGZmMGFmYjU5ODQ3MjRmMmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzyGMKO4A9xjHVA9+yIEw8w+lMoFG
qMJtaZBLFdFzaivG3yG55MiixpNITqRSWMbkKfeLc9VG2YZbI5LxLoT0KMoUl641
A22M6kxtEvWONTbiyW4hWR+AgmxQ1mCJ0XByeSarA5axVcuV763k+wROEgLNiNCv
q4lQSvOIMJCla5c3Cx4CzJEYl31ZpzG/03tI3MPGNYzIWekrRTJERuepTyYEY4hA
ZqpfgaA1F+UaVbbfmCdFx431y9j4Qy9fWCkoxJyq8aZOWI67Savs4kl65SRHlsXn
iKyqwmKmmG84x/DBB4Vd7OGbB/UH6d36YIJ9Vg/nlWZXDVCZG3NQCXwerwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCvHAK41U3mlbb7hD/CvtZhHJPLpMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvSzhjQXJqVlRlYVZ0dnVFUDhLLTFtRWNrOHVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHy/vAwQB
XvcuAwQAsvvhAwQAsvvnMA0GCSqGSIb3DQEBCwUAA4IBAQBfbOSE0yRkH4yPkMr2
IjKhSj9NMKu7/y9hJGXs3RIBphihOPKW+WFE8OpCt7bE8pqDvMbV5CFv//fEmLLP
dIZboE+LvmnHPL+KO8Y8qfda/toYg7KN3wsINc1G331jvHnhKpHSmt0pCnWFHRqs
wbVRtFseXEk/pm2VHiOWA0AQMOQQgOWVAE5AzCx2rC+RDWnZHo0I2NP5ggDl0Tst
+reuearkTGLkKR6o64MG3qELxKSJ2B5MZFKHPkyz3WbSTrbHQ3E1jWyGtOioFKCx
nP8joA2EDRsvJV/JP9GBGu32wyZvhXPsYzRiHDnFnW/krOLvK7SCgiXpB3iBK7MR
TYqp
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:08 2023 by rpki-client on console-ams.rpki-client.org