Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/9h_rgTjdsWhB3yZHU4VoqFqK7tk.roa
File: 9h_rgTjdsWhB3yZHU4VoqFqK7tk.roa (raw, json)
Hash identifier: ovxstfepkKRoeDkb7cCKhJgpZHe53G80CYj8uH5yEVo=
Subject key identifier: F6:1F:EB:81:38:DD:B1:68:41:DF:26:47:53:85:68:A8:5A:8A:EE:D9
Certificate issuer: /CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Certificate serial: 3845C4FF
Authority key identifier: 6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/9h_rgTjdsWhB3yZHU4VoqFqK7tk.roa
Signing time: Mon 09 May 2022 07:48:13 +0000
ROA not before: Mon 09 May 2022 07:48:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34984
IP address blocks: 31.169.83.0/24 maxlen: 24
31.169.84.0/24 maxlen: 24
31.169.80.0/24 maxlen: 24
31.169.82.0/24 maxlen: 24
31.169.90.0/24 maxlen: 24
31.169.86.0/24 maxlen: 24
31.169.88.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 944096511 (0x3845c4ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Validity
Not Before: May 9 07:48:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f61feb8138ddb16841df2647538568a85a8aeed9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d1:34:96:0a:b1:e7:e4:80:74:3a:fb:4f:85:
73:0f:a8:98:2c:86:94:f1:f1:f7:8a:91:a1:18:7d:
39:85:ba:63:f7:54:af:c5:e2:a9:7b:60:43:b9:12:
88:85:c5:9d:a2:c1:94:e4:ce:9d:b1:9f:29:79:9a:
d1:94:cc:e7:ed:16:39:2f:ca:17:b1:9d:3c:2f:7c:
95:da:77:69:9f:ba:06:df:24:f5:e2:64:31:64:9e:
a6:eb:cc:cd:49:14:bd:9d:3b:de:01:6d:70:0f:29:
2c:de:06:1e:c4:02:40:48:2a:27:18:b2:ba:3c:29:
d7:e3:13:ae:d3:5a:65:18:eb:10:f1:56:8a:26:33:
61:48:53:03:87:4c:ab:b8:61:c2:97:8e:5f:57:2d:
cd:35:dc:a6:6e:e0:0a:52:9a:3a:86:47:e2:13:73:
55:b3:bb:d2:43:22:21:a2:f3:06:53:12:96:34:89:
4a:43:17:81:00:b1:e8:5b:b5:ae:97:03:c5:20:90:
26:64:2d:93:ac:f5:79:f7:6a:3b:a1:0d:68:31:49:
c7:59:84:d2:d8:7c:41:72:e7:5a:7a:91:c1:e7:17:
70:02:fa:78:df:2b:82:58:c2:1c:85:c2:d1:c4:32:
71:2d:49:7f:48:0e:e4:c2:0b:54:39:af:d7:d1:ba:
25:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:1F:EB:81:38:DD:B1:68:41:DF:26:47:53:85:68:A8:5A:8A:EE:D9
X509v3 Authority Key Identifier:
keyid:6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/9h_rgTjdsWhB3yZHU4VoqFqK7tk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.80.0/24
31.169.82.0-31.169.84.255
31.169.86.0/24
31.169.88.0/24
31.169.90.0/24
Signature Algorithm: sha256WithRSAEncryption
23:9f:b0:f0:2d:79:98:66:3f:48:86:b6:85:84:91:39:a7:83:
0a:81:bf:36:16:42:ce:d1:7c:30:bd:41:b0:28:9c:b9:4b:c5:
50:b7:41:57:9a:9d:1e:23:8f:29:ad:f9:3e:17:cc:77:ae:f0:
34:ee:45:02:a2:40:61:de:8e:b8:82:a3:48:60:1c:be:f3:05:
a4:e6:c5:50:b2:f4:4e:37:ba:f3:db:34:f7:39:86:16:6f:c5:
84:f1:61:43:dc:a1:68:6d:0d:00:9d:02:76:4b:29:10:e5:34:
d4:b9:e0:2e:41:14:43:db:8c:c9:86:52:8c:03:bc:07:08:c7:
69:59:6c:07:c9:47:3f:89:18:b4:da:06:11:e0:f3:82:31:09:
c9:96:03:2e:38:6c:e3:6f:71:51:9b:8c:8a:4b:ae:3d:2b:eb:
37:05:91:56:aa:31:68:bc:86:16:86:b0:58:fe:d9:9c:85:1e:
3a:3a:fc:55:66:ad:6c:9a:f9:a6:3a:85:1b:31:e0:e4:76:d0:
d6:8d:4c:33:1c:b5:90:26:82:e5:ca:62:2e:88:12:4c:9e:cc:
14:b3:88:a6:4a:5d:76:d3:5c:7f:2e:fa:d0:af:c0:80:03:ab:
bd:97:73:2c:c5:1a:a7:43:af:78:66:5f:0b:24:3f:3b:70:84:
68:7a:8f:f4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIEOEXE/zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZDY5ZGE0NGFlMDY3ZmMxYTk4YTVmNmYwNWYxMmU1NDVkMGZjNjJhMB4XDTIyMDUw
OTA3NDgxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjYxZmViODEzOGRk
YjE2ODQxZGYyNjQ3NTM4NTY4YTg1YThhZWVkOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKnRNJYKsefkgHQ6+0+Fcw+omCyGlPHx94qRoRh9OYW6Y/dU
r8XiqXtgQ7kSiIXFnaLBlOTOnbGfKXma0ZTM5+0WOS/KF7GdPC98ldp3aZ+6Bt8k
9eJkMWSepuvMzUkUvZ073gFtcA8pLN4GHsQCQEgqJxiyujwp1+MTrtNaZRjrEPFW
iiYzYUhTA4dMq7hhwpeOX1ctzTXcpm7gClKaOoZH4hNzVbO70kMiIaLzBlMSljSJ
SkMXgQCx6Fu1rpcDxSCQJmQtk6z1efdqO6ENaDFJx1mE0th8QXLnWnqRwecXcAL6
eN8rgljCHIXC0cQycS1Jf0gO5MILVDmv19G6JRUCAwEAAaOCAikwggIlMB0GA1Ud
DgQWBBT2H+uBON2xaEHfJkdThWioWoru2TAfBgNVHSMEGDAWgBRtadpErgZ/wamK
X28F8S5UXQ/GKjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JXbmFSSzRHZjhHcGlsOXZCZkV1VkYwUHhpby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDEvYjFhODJhLTQ5MGYtNDNmYi05ODZlLTI2MTcwZGE0YTBiMS8x
LzloX3JnVGpkc1doQjN5WkhVNFZvcUZxSzd0ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDEv
YjFhODJhLTQ5MGYtNDNmYi05ODZlLTI2MTcwZGE0YTBiMS8xL2JXbmFSSzRHZjhH
cGlsOXZCZkV1VkYwUHhpby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA/
BggrBgEFBQcBBwEB/wQwMC4wLAQCAAEwJgMEAB+pUDAMAwQBH6lSAwQAH6lUAwQA
H6lWAwQAH6lYAwQAH6laMA0GCSqGSIb3DQEBCwUAA4IBAQAjn7DwLXmYZj9IhraF
hJE5p4MKgb82FkLO0XwwvUGwKJy5S8VQt0FXmp0eI48prfk+F8x3rvA07kUCokBh
3o64gqNIYBy+8wWk5sVQsvRON7rz2zT3OYYWb8WE8WFD3KFobQ0AnQJ2SykQ5TTU
ueAuQRRD24zJhlKMA7wHCMdpWWwHyUc/iRi02gYR4POCMQnJlgMuOGzjb3FRm4yK
S649K+s3BZFWqjFovIYWhrBY/tmchR46OvxVZq1smvmmOoUbMeDkdtDWjUwzHLWQ
JoLlymIuiBJMnswUs4imSl1201x/LvrQr8CAA6u9l3MsxRqnQ694Zl8LJD87cIRo
eo/0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:47 2024 by rpki-client on console-ams.rpki-client.org