Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/d5bf72-3115-4c71-a1bf-b06194d13c6b/1/QChw6jHvmpG7gD6s8ATdgmA77bk.roa
File: QChw6jHvmpG7gD6s8ATdgmA77bk.roa (raw, json)
Hash identifier: De+4hRg0BlujvSAYQTwVzpTTVeG1xeT8DUA6/FDtJ3E=
Subject key identifier: 40:28:70:EA:31:EF:9A:91:BB:80:3E:AC:F0:04:DD:82:60:3B:ED:B9
Certificate issuer: /CN=a939cc1621ee3010ae98e127bd254a7833fd2827
Certificate serial: 0183F110C8FF96044022B8B64D4F4C5B5E60
Authority key identifier: A9:39:CC:16:21:EE:30:10:AE:98:E1:27:BD:25:4A:78:33:FD:28:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qTnMFiHuMBCumOEnvSVKeDP9KCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/d5bf72-3115-4c71-a1bf-b06194d13c6b/1/QChw6jHvmpG7gD6s8ATdgmA77bk.roa
Signing time: Wed 19 Oct 2022 16:25:52 +0000
ROA not before: Wed 19 Oct 2022 16:25:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56623
IP address blocks: 31.133.112.0/24 maxlen: 24
31.133.115.0/24 maxlen: 24
31.133.114.0/24 maxlen: 24
31.133.117.0/24 maxlen: 24
31.133.113.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f1:10:c8:ff:96:04:40:22:b8:b6:4d:4f:4c:5b:5e:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a939cc1621ee3010ae98e127bd254a7833fd2827
Validity
Not Before: Oct 19 16:25:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=402870ea31ef9a91bb803eacf004dd82603bedb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:59:12:85:84:a4:ef:4f:b0:a8:08:04:88:19:
f6:5d:4c:db:4f:65:70:00:ce:25:3b:10:52:7a:8f:
97:05:94:99:0d:79:fa:f2:9a:78:df:ef:5d:99:31:
20:78:7c:92:f3:2f:d3:ec:f2:a8:a8:1c:a4:1b:62:
09:69:62:73:71:61:98:78:b6:e2:62:5a:56:6b:12:
9a:94:fb:9d:67:41:8e:4e:53:7c:ec:42:0c:8c:08:
40:f7:f1:4c:e0:79:6a:02:02:56:eb:bf:d4:b8:15:
2c:cf:2a:06:a1:bb:a0:67:1f:3e:9c:89:a1:dd:d3:
d7:7b:36:b8:60:ab:a2:c3:e7:10:23:f0:29:85:98:
a8:08:be:15:fa:32:bf:b0:fb:d6:99:ca:fe:a1:a7:
99:16:96:63:0c:b0:01:19:e1:46:bc:c3:36:00:88:
63:55:32:aa:65:13:b5:54:04:8e:64:9c:d6:80:46:
b5:cf:02:e0:d8:cb:3d:c9:4b:a5:1f:cc:75:a3:d4:
28:83:46:97:26:46:f0:51:1d:78:e5:98:4f:d7:6a:
3a:85:72:8d:16:c7:41:db:56:6e:c7:03:0c:b4:c6:
f2:9d:a1:a6:ad:60:27:d2:4d:e1:74:74:51:15:2d:
40:a4:45:1c:dd:05:77:85:73:5d:1a:4b:ec:f3:21:
eb:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:28:70:EA:31:EF:9A:91:BB:80:3E:AC:F0:04:DD:82:60:3B:ED:B9
X509v3 Authority Key Identifier:
keyid:A9:39:CC:16:21:EE:30:10:AE:98:E1:27:BD:25:4A:78:33:FD:28:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qTnMFiHuMBCumOEnvSVKeDP9KCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/d5bf72-3115-4c71-a1bf-b06194d13c6b/1/QChw6jHvmpG7gD6s8ATdgmA77bk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/d5bf72-3115-4c71-a1bf-b06194d13c6b/1/qTnMFiHuMBCumOEnvSVKeDP9KCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.112.0/22
31.133.117.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:65:6b:e0:f0:26:f9:d5:73:61:44:74:fe:7b:a4:51:05:7a:
69:26:f1:f3:85:21:55:dc:bb:b8:da:c2:fd:85:e7:08:cf:ad:
c8:f3:80:14:43:cd:00:bc:19:1a:41:cb:58:54:9d:8b:30:0d:
11:14:be:83:32:d7:4f:8c:7f:88:4c:51:d2:35:4f:8d:0c:e6:
f6:1c:bd:37:03:dd:41:07:88:db:8a:5b:7a:08:c9:3f:6d:2b:
f6:73:40:01:c0:3c:77:e4:33:d5:fd:e7:7d:b0:d6:03:5b:b8:
88:71:c7:4e:3d:45:27:a6:89:d1:3f:bd:80:d7:9b:80:1b:a2:
5c:b4:de:af:e5:fa:df:69:57:4f:c9:4b:6d:8d:f1:0d:3a:71:
2f:27:de:91:cd:56:2b:c7:2a:b9:2e:0e:90:da:17:d7:85:15:
f8:6a:98:e6:01:42:08:19:e2:22:ec:a5:2e:a7:3f:31:36:2f:
48:74:dd:a1:a8:4c:50:eb:38:7c:7d:7d:58:7e:08:3a:f2:30:
2e:d9:92:8b:66:f5:52:54:b4:da:e8:06:04:bc:b6:b3:d6:a2:
85:e2:6e:73:d2:a8:15:ac:ce:b1:fd:93:1f:f7:b9:46:eb:d1:
57:40:35:fc:ce:6d:9a:5c:ad:7a:a8:97:e8:1d:2e:76:45:1d:
d0:cd:75:89
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYPxEMj/lgRAIri2TU9MW15gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5MzljYzE2MjFlZTMwMTBhZTk4ZTEyN2JkMjU0YTc4MzNm
ZDI4MjcwHhcNMjIxMDE5MTYyNTUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDI4NzBlYTMxZWY5YTkxYmI4MDNlYWNmMDA0ZGQ4MjYwM2JlZGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFkShYSk70+wqAgEiBn2XUzbT2Vw
AM4lOxBSeo+XBZSZDXn68pp43+9dmTEgeHyS8y/T7PKoqBykG2IJaWJzcWGYeLbi
YlpWaxKalPudZ0GOTlN87EIMjAhA9/FM4HlqAgJW67/UuBUszyoGobugZx8+nImh
3dPXeza4YKuiw+cQI/AphZioCL4V+jK/sPvWmcr+oaeZFpZjDLABGeFGvMM2AIhj
VTKqZRO1VASOZJzWgEa1zwLg2Ms9yUulH8x1o9Qog0aXJkbwUR145ZhP12o6hXKN
FsdB21ZuxwMMtMbynaGmrWAn0k3hdHRRFS1ApEUc3QV3hXNdGkvs8yHr1wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEAocOox75qRu4A+rPAE3YJgO+25MB8GA1UdIwQY
MBaAFKk5zBYh7jAQrpjhJ70lSngz/SgnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVRuTUZpSHVNQkN1bU9FbnZTVktlRFA5S0NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9kNWJmNzItMzExNS00YzcxLWExYmYt
YjA2MTk0ZDEzYzZiLzEvUUNodzZqSHZtcEc3Z0Q2czhBVGRnbUE3N2JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9kNWJmNzItMzExNS00YzcxLWExYmYtYjA2MTk0ZDEzYzZi
LzEvcVRuTUZpSHVNQkN1bU9FbnZTVktlRFA5S0NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCH4VwAwQA
H4V1MA0GCSqGSIb3DQEBCwUAA4IBAQA6ZWvg8Cb51XNhRHT+e6RRBXppJvHzhSFV
3Lu42sL9hecIz63I84AUQ80AvBkaQctYVJ2LMA0RFL6DMtdPjH+ITFHSNU+NDOb2
HL03A91BB4jbilt6CMk/bSv2c0ABwDx35DPV/ed9sNYDW7iIccdOPUUnponRP72A
15uAG6JctN6v5frfaVdPyUttjfENOnEvJ96RzVYrxyq5Lg6Q2hfXhRX4apjmAUII
GeIi7KUupz8xNi9IdN2hqExQ6zh8fX1Yfgg68jAu2ZKLZvVSVLTa6AYEvLaz1qKF
4m5z0qgVrM6x/ZMf97lG69FXQDX8zm2aXK16qJfoHS52RR3QzXWJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:22 2024 by rpki-client on console-fra.rpki-client.org