Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/mFUF-d0iCXiN9MvH4wnjr8chsu0.roa
File: mFUF-d0iCXiN9MvH4wnjr8chsu0.roa (raw, json)
Hash identifier: Aojf3mQ9xsmBt5RWAPQR3+49Ya2Xm3/sOZeqZ66aI2g=
Subject key identifier: 98:55:05:F9:DD:22:09:78:8D:F4:CB:C7:E3:09:E3:AF:C7:21:B2:ED
Certificate issuer: /CN=424feffb576e411de511871dc1e0bd7a20e2c4d7
Certificate serial: 01825EC3B2120D3AF981ED60B398D5D82EFB
Authority key identifier: 42:4F:EF:FB:57:6E:41:1D:E5:11:87:1D:C1:E0:BD:7A:20:E2:C4:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qk_v-1duQR3lEYcdweC9eiDixNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/mFUF-d0iCXiN9MvH4wnjr8chsu0.roa
Signing time: Tue 02 Aug 2022 13:34:19 +0000
ROA not before: Tue 02 Aug 2022 13:34:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213035
IP address blocks: 194.99.47.0/24 maxlen: 24
31.210.23.0/24 maxlen: 24
194.59.216.0/22 maxlen: 24
162.12.204.0/23 maxlen: 24
162.12.207.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:5e:c3:b2:12:0d:3a:f9:81:ed:60:b3:98:d5:d8:2e:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=424feffb576e411de511871dc1e0bd7a20e2c4d7
Validity
Not Before: Aug 2 13:34:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=985505f9dd2209788df4cbc7e309e3afc721b2ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:55:10:35:a4:42:00:f4:01:25:bc:f3:d4:77:
70:1a:f6:89:e0:87:3f:97:b4:d3:d4:50:6d:66:25:
26:64:9f:c5:7d:5a:b6:c2:2a:34:90:8e:e5:37:1d:
6d:9f:e7:4c:f1:99:62:02:0d:7d:3d:e1:d7:59:87:
99:d2:4b:75:37:c0:69:b5:c9:d3:7a:69:fd:88:97:
66:21:3f:9f:9e:54:19:46:1a:e2:09:77:77:a6:d1:
1a:dc:fe:21:87:57:73:56:57:20:3a:83:59:ed:a5:
20:e8:39:7a:91:31:bb:03:7f:96:89:5a:e7:c6:cf:
d8:fa:09:d5:a6:c7:15:38:2c:df:03:27:01:d9:b4:
5d:fe:7f:87:47:5b:3d:4a:ef:23:e2:10:54:6a:6e:
c1:d4:b9:1b:37:48:ab:d7:8d:02:4a:c2:8f:31:b9:
51:b2:2d:33:e5:ae:db:44:c1:ff:42:a5:d8:3c:d5:
79:25:3b:31:86:9c:e0:01:c1:70:fc:d6:ca:5f:64:
bd:bd:53:39:c2:03:bc:50:71:3e:85:0b:0c:f1:fb:
5e:4b:72:44:91:ee:7d:ff:f0:c9:53:9e:80:58:ba:
15:94:18:1f:63:e2:f1:ed:09:0e:4f:62:9f:b5:e6:
2a:58:4d:f1:e2:5a:31:d5:d8:09:df:7d:7b:28:9f:
40:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:55:05:F9:DD:22:09:78:8D:F4:CB:C7:E3:09:E3:AF:C7:21:B2:ED
X509v3 Authority Key Identifier:
keyid:42:4F:EF:FB:57:6E:41:1D:E5:11:87:1D:C1:E0:BD:7A:20:E2:C4:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qk_v-1duQR3lEYcdweC9eiDixNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/mFUF-d0iCXiN9MvH4wnjr8chsu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/Qk_v-1duQR3lEYcdweC9eiDixNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.23.0/24
162.12.204.0/23
162.12.207.0/24
194.59.216.0/22
194.99.47.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:07:31:74:8b:5d:ec:33:4c:70:52:de:c6:ea:f6:61:34:37:
71:0b:a8:0a:bd:b5:bd:9b:5c:b9:66:8c:2f:c5:07:84:b1:83:
7a:a8:69:6e:39:eb:b0:52:dd:d6:ac:fe:55:37:d7:c4:8d:16:
ac:75:1b:45:0f:0f:6f:fc:d0:23:32:12:38:00:c3:f8:e1:9f:
67:9e:de:e7:19:02:01:04:1c:48:8f:62:bf:64:67:75:93:e9:
2d:96:52:8c:fb:53:cc:c2:69:43:62:61:66:9e:d1:13:c7:a0:
3f:fd:ce:e5:f9:8c:e4:a9:58:7c:e9:1c:dd:46:cf:0f:e4:14:
28:8e:38:ca:ca:f1:96:2b:a5:88:61:32:40:d6:06:ec:3f:ed:
52:ce:f2:d9:bb:c2:ec:18:be:35:1c:4d:04:bd:bf:a3:c7:d3:
ba:fd:be:7c:26:7a:69:ef:9c:3f:14:c9:6d:da:cb:cc:d4:97:
8a:41:85:3a:92:69:26:e0:01:ea:23:6e:bb:d7:22:6d:0c:46:
c8:81:37:9c:6d:8d:d3:07:fe:12:26:33:fe:91:20:f7:98:df:
9a:8e:86:b5:5b:93:42:45:6f:b2:e5:76:e9:13:43:0e:83:e2:
01:91:0e:18:54:5f:04:1d:4a:56:af:b9:07:d6:33:41:92:05:
7c:8b:e9:3d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYJew7ISDTr5ge1gs5jV2C77MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyNGZlZmZiNTc2ZTQxMWRlNTExODcxZGMxZTBiZDdhMjBl
MmM0ZDcwHhcNMjIwODAyMTMzNDE5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODU1MDVmOWRkMjIwOTc4OGRmNGNiYzdlMzA5ZTNhZmM3MjFiMmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy1UQNaRCAPQBJbzz1HdwGvaJ4Ic/
l7TT1FBtZiUmZJ/FfVq2wio0kI7lNx1tn+dM8ZliAg19PeHXWYeZ0kt1N8BptcnT
emn9iJdmIT+fnlQZRhriCXd3ptEa3P4hh1dzVlcgOoNZ7aUg6Dl6kTG7A3+WiVrn
xs/Y+gnVpscVOCzfAycB2bRd/n+HR1s9Su8j4hBUam7B1LkbN0ir140CSsKPMblR
si0z5a7bRMH/QqXYPNV5JTsxhpzgAcFw/NbKX2S9vVM5wgO8UHE+hQsM8fteS3JE
ke59//DJU56AWLoVlBgfY+Lx7QkOT2KfteYqWE3x4lox1dgJ3317KJ9AewIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJhVBfndIgl4jfTLx+MJ46/HIbLtMB8GA1UdIwQY
MBaAFEJP7/tXbkEd5RGHHcHgvXog4sTXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWtfdi0xZHVRUjNsRVljZHdlQzllaURpeE5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy82MTM1MDgtMDgzMi00MWY2LWFjYjct
ODMxZjdlNmY1Y2NkLzEvbUZVRi1kMGlDWGlOOU12SDR3bmpyOGNoc3UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy82MTM1MDgtMDgzMi00MWY2LWFjYjctODMxZjdlNmY1Y2Nk
LzEvUWtfdi0xZHVRUjNsRVljZHdlQzllaURpeE5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAH9IXAwQB
ogzMAwQAogzPAwQCwjvYAwQAwmMvMA0GCSqGSIb3DQEBCwUAA4IBAQAKBzF0i13s
M0xwUt7G6vZhNDdxC6gKvbW9m1y5ZowvxQeEsYN6qGluOeuwUt3WrP5VN9fEjRas
dRtFDw9v/NAjMhI4AMP44Z9nnt7nGQIBBBxIj2K/ZGd1k+ktllKM+1PMwmlDYmFm
ntETx6A//c7l+YzkqVh86RzdRs8P5BQojjjKyvGWK6WIYTJA1gbsP+1SzvLZu8Ls
GL41HE0Evb+jx9O6/b58Jnpp75w/FMlt2svM1JeKQYU6kmkm4AHqI2671yJtDEbI
gTecbY3TB/4SJjP+kSD3mN+ajoa1W5NCRW+y5XbpE0MOg+IBkQ4YVF8EHUpWr7kH
1jNBkgV8i+k9
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:48 2023 by rpki-client on console-ams.rpki-client.org