Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/d5bf72-3115-4c71-a1bf-b06194d13c6b/1/MuHXFgbOrFXyRZkuiNF_D928ofU.roa
File: MuHXFgbOrFXyRZkuiNF_D928ofU.roa (raw, json)
Hash identifier: wE4cno26zzpNgYxhSlSBPE7VAlzRdgJ99wlgR+/ueT8=
Subject key identifier: 32:E1:D7:16:06:CE:AC:55:F2:45:99:2E:88:D1:7F:0F:DD:BC:A1:F5
Certificate issuer: /CN=a939cc1621ee3010ae98e127bd254a7833fd2827
Certificate serial: 0187E23602ACD11EB8CAFCBB6A81942D7F43
Authority key identifier: A9:39:CC:16:21:EE:30:10:AE:98:E1:27:BD:25:4A:78:33:FD:28:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qTnMFiHuMBCumOEnvSVKeDP9KCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/d5bf72-3115-4c71-a1bf-b06194d13c6b/1/MuHXFgbOrFXyRZkuiNF_D928ofU.roa
Signing time: Wed 03 May 2023 15:23:23 +0000
ROA not before: Wed 03 May 2023 15:23:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56623
IP address blocks: 31.133.112.0/24 maxlen: 24
31.133.115.0/24 maxlen: 24
31.133.118.0/24 maxlen: 24
31.133.114.0/24 maxlen: 24
31.133.117.0/24 maxlen: 24
31.133.113.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e2:36:02:ac:d1:1e:b8:ca:fc:bb:6a:81:94:2d:7f:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a939cc1621ee3010ae98e127bd254a7833fd2827
Validity
Not Before: May 3 15:23:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=32e1d71606ceac55f245992e88d17f0fddbca1f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:78:3b:d8:41:59:0c:f2:be:95:a3:59:82:49:
73:88:f8:f0:d9:5d:ef:cb:27:90:fa:32:5b:02:14:
ff:6e:a4:f3:d6:d5:eb:31:e8:f3:2b:b3:89:06:23:
45:69:0f:3d:5f:21:85:cf:60:e9:8b:6c:7d:e3:f9:
93:0a:21:30:0b:b5:6c:c5:7b:7e:6f:c4:17:82:2c:
65:3c:1d:68:60:e6:e5:5e:e5:ff:de:0e:b8:e6:61:
d5:78:10:cc:69:82:47:91:8f:26:7b:bc:be:c3:36:
26:a3:d4:44:a2:fd:6e:62:b5:61:d0:92:56:53:c7:
0e:13:cd:29:0a:19:5d:47:c9:50:95:df:f5:23:18:
f7:ee:74:17:49:6a:79:85:70:ed:a9:52:18:65:5d:
a5:19:f2:95:54:a1:8f:97:36:4a:98:fe:c6:44:e2:
1c:92:a2:ec:dd:39:5e:21:3b:6e:00:de:06:fa:f5:
32:57:92:69:ab:61:a9:25:57:c1:ca:62:ba:22:fd:
c8:09:ad:94:9a:a2:56:6e:2b:32:d9:f9:0a:7e:ea:
50:fc:f8:c1:63:2d:92:63:af:de:00:6c:84:f0:13:
f9:f6:d0:f6:44:ee:68:05:24:a4:8b:9f:3d:63:2a:
4c:94:18:62:3b:5a:c4:92:d9:9c:46:e2:98:39:81:
8e:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:E1:D7:16:06:CE:AC:55:F2:45:99:2E:88:D1:7F:0F:DD:BC:A1:F5
X509v3 Authority Key Identifier:
keyid:A9:39:CC:16:21:EE:30:10:AE:98:E1:27:BD:25:4A:78:33:FD:28:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qTnMFiHuMBCumOEnvSVKeDP9KCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/d5bf72-3115-4c71-a1bf-b06194d13c6b/1/MuHXFgbOrFXyRZkuiNF_D928ofU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/d5bf72-3115-4c71-a1bf-b06194d13c6b/1/qTnMFiHuMBCumOEnvSVKeDP9KCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.112.0/22
31.133.117.0-31.133.118.255
Signature Algorithm: sha256WithRSAEncryption
d9:ca:7b:71:ad:be:1c:98:ff:eb:70:bb:cd:d0:43:57:93:47:
97:3b:e6:c0:e7:83:0c:2a:5c:3d:02:0c:2f:4b:01:06:3a:90:
ec:a4:79:69:98:33:29:73:46:f4:f8:24:a5:4e:87:ae:82:af:
16:13:31:91:ff:a5:61:47:64:d7:ae:53:f0:da:81:dd:10:8d:
7c:db:84:01:51:c0:4e:e9:5f:a9:b3:e3:ac:87:54:83:48:49:
f7:90:f5:c5:53:d9:65:7a:96:53:a8:2a:f6:af:08:06:9e:dc:
07:b9:8a:7d:bc:9d:d1:7d:18:ad:1b:ba:16:af:e8:4a:bb:1b:
70:47:35:4e:ad:a6:06:c2:3a:c2:06:8b:f7:c5:3c:b0:85:e6:
ca:13:f6:5a:15:27:df:22:a1:c9:8e:1f:02:35:0f:bd:98:6a:
b9:63:77:2f:3d:4e:3a:af:7b:3e:1f:53:7a:30:ae:3c:ee:6c:
51:b1:b9:ff:65:37:e8:41:fd:8c:46:c5:59:f6:55:8a:55:86:
c7:91:86:68:1c:fd:f5:92:aa:a1:23:2e:e4:8b:5e:04:89:b3:
00:00:48:0d:87:10:9f:1e:9e:4a:02:76:ee:dd:61:b0:32:ff:
c1:74:da:02:5d:a5:25:a6:00:24:e5:13:1b:7c:93:90:77:6b:
23:5d:6e:0f
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYfiNgKs0R64yvy7aoGULX9DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5MzljYzE2MjFlZTMwMTBhZTk4ZTEyN2JkMjU0YTc4MzNm
ZDI4MjcwHhcNMjMwNTAzMTUyMzIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmUxZDcxNjA2Y2VhYzU1ZjI0NTk5MmU4OGQxN2YwZmRkYmNhMWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg3g72EFZDPK+laNZgklziPjw2V3v
yyeQ+jJbAhT/bqTz1tXrMejzK7OJBiNFaQ89XyGFz2Dpi2x94/mTCiEwC7VsxXt+
b8QXgixlPB1oYOblXuX/3g645mHVeBDMaYJHkY8me7y+wzYmo9REov1uYrVh0JJW
U8cOE80pChldR8lQld/1Ixj37nQXSWp5hXDtqVIYZV2lGfKVVKGPlzZKmP7GROIc
kqLs3TleITtuAN4G+vUyV5Jpq2GpJVfBymK6Iv3ICa2UmqJWbisy2fkKfupQ/PjB
Yy2SY6/eAGyE8BP59tD2RO5oBSSki589YypMlBhiO1rEktmcRuKYOYGOIQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDLh1xYGzqxV8kWZLojRfw/dvKH1MB8GA1UdIwQY
MBaAFKk5zBYh7jAQrpjhJ70lSngz/SgnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVRuTUZpSHVNQkN1bU9FbnZTVktlRFA5S0NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9kNWJmNzItMzExNS00YzcxLWExYmYt
YjA2MTk0ZDEzYzZiLzEvTXVIWEZnYk9yRlh5UlprdWlORl9EOTI4b2ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9kNWJmNzItMzExNS00YzcxLWExYmYtYjA2MTk0ZDEzYzZi
LzEvcVRuTUZpSHVNQkN1bU9FbnZTVktlRFA5S0NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCH4VwMAwD
BAAfhXUDBAAfhXYwDQYJKoZIhvcNAQELBQADggEBANnKe3GtvhyY/+twu83QQ1eT
R5c75sDngwwqXD0CDC9LAQY6kOykeWmYMylzRvT4JKVOh66CrxYTMZH/pWFHZNeu
U/Dagd0QjXzbhAFRwE7pX6mz46yHVINISfeQ9cVT2WV6llOoKvavCAae3Ae5in28
ndF9GK0buhav6Eq7G3BHNU6tpgbCOsIGi/fFPLCF5soT9loVJ98iocmOHwI1D72Y
arljdy89Tjqvez4fU3owrjzubFGxuf9lN+hB/YxGxVn2VYpVhseRhmgc/fWSqqEj
LuSLXgSJswAASA2HEJ8enkoCdu7dYbAy/8F02gJdpSWmACTlExt8k5B3ayNdbg8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:00 2025 by rpki-client