Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/d815fd-cfab-4a4a-9595-4166b75b08af/1/vm9bdO0vNfKfwGASM39F1z0RMK8.roa
File: vm9bdO0vNfKfwGASM39F1z0RMK8.roa (raw, json)
Hash identifier: 9w0FQ8zNNDyRLvaF+kmwNXZmuS+vsp5r29reTc6PoAs=
Subject key identifier: BE:6F:5B:74:ED:2F:35:F2:9F:C0:60:12:33:7F:45:D7:3D:11:30:AF
Certificate issuer: /CN=e122e2b58233a193d1f72778565d6c98d76163a7
Certificate serial: 02CE707D
Authority key identifier: E1:22:E2:B5:82:33:A1:93:D1:F7:27:78:56:5D:6C:98:D7:61:63:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4SLitYIzoZPR9yd4Vl1smNdhY6c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/d815fd-cfab-4a4a-9595-4166b75b08af/1/vm9bdO0vNfKfwGASM39F1z0RMK8.roa
Signing time: Sat 01 Jan 2022 12:54:45 +0000
ROA not before: Sat 01 Jan 2022 12:54:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211757
IP address blocks: 31.43.172.0/23 maxlen: 24
31.43.172.0/24 maxlen: 24
31.43.173.0/24 maxlen: 24
185.242.186.0/24 maxlen: 24
2a10:9840:1::/48 maxlen: 48
2a10:9840::/29 maxlen: 48
2a10:9840:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47083645 (0x2ce707d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e122e2b58233a193d1f72778565d6c98d76163a7
Validity
Not Before: Jan 1 12:54:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=be6f5b74ed2f35f29fc06012337f45d73d1130af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c2:fa:6b:3d:be:99:a0:a7:39:05:66:81:ab:
fb:1c:29:db:94:42:f3:b9:ed:7b:7c:94:82:79:5b:
e4:2e:8f:23:ac:68:c4:17:39:a4:bb:5b:5b:41:98:
93:e1:8d:0a:64:91:80:f2:17:6b:e0:fa:a0:df:75:
fc:8b:c1:0c:4a:8c:e3:0e:3f:a1:47:69:ee:3e:72:
76:88:c2:49:02:e2:18:76:a5:78:6f:28:65:85:da:
9f:77:9f:d7:76:df:b4:5a:94:ff:40:11:36:c2:ab:
9a:aa:d5:8b:72:7b:5d:9a:d4:0b:9b:20:9c:be:df:
f2:9b:4e:5c:67:98:1d:0a:87:4b:12:13:f4:66:94:
e9:83:95:ff:13:73:65:57:28:12:ea:f1:66:ff:64:
95:1e:a7:37:65:60:7e:92:2b:7e:2a:6a:bf:0a:1a:
6c:bb:51:eb:9f:ba:82:be:0e:c4:9d:95:78:7b:61:
59:42:ac:3e:0f:e3:3a:86:39:45:98:a0:b5:2a:92:
ce:d4:c0:51:ba:2a:f7:f3:e4:28:a8:7e:1b:4d:64:
1b:6f:1c:70:9e:38:6b:f0:65:9c:1c:9b:39:39:f7:
eb:51:b9:6c:c4:39:10:e4:b4:a6:ad:49:8d:4f:4a:
07:6d:a0:ff:fc:df:90:79:4a:cf:c7:a1:70:ab:57:
6e:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:6F:5B:74:ED:2F:35:F2:9F:C0:60:12:33:7F:45:D7:3D:11:30:AF
X509v3 Authority Key Identifier:
keyid:E1:22:E2:B5:82:33:A1:93:D1:F7:27:78:56:5D:6C:98:D7:61:63:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4SLitYIzoZPR9yd4Vl1smNdhY6c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d815fd-cfab-4a4a-9595-4166b75b08af/1/vm9bdO0vNfKfwGASM39F1z0RMK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d815fd-cfab-4a4a-9595-4166b75b08af/1/4SLitYIzoZPR9yd4Vl1smNdhY6c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.43.172.0/23
185.242.186.0/24
IPv6:
2a10:9840::/29
Signature Algorithm: sha256WithRSAEncryption
80:7f:b8:9a:d5:46:f3:11:97:40:c1:42:41:38:fc:f5:08:47:
08:f8:a9:0f:2b:c9:47:1a:45:64:81:ff:dc:0d:50:65:c9:bc:
4c:d7:91:72:43:2d:0d:f9:b3:25:c0:89:f8:03:3b:2b:55:a1:
3c:ca:d6:ee:d1:bf:1f:32:1c:bd:af:35:4e:1d:82:a0:e3:e3:
ff:ed:69:2f:98:48:44:f9:b3:3d:b8:b8:c6:70:34:6d:1d:e0:
8b:a8:79:b4:f6:b0:43:3c:46:ac:e2:53:dd:72:71:37:0e:8a:
64:18:2f:ea:db:87:ad:10:26:bb:42:1c:11:6c:76:09:45:63:
e4:c3:6d:f9:db:b3:10:a8:80:f8:36:30:3c:35:bb:96:2e:37:
2f:5f:34:71:af:e1:c6:d5:d0:6a:f3:85:88:1e:61:e5:39:b1:
7c:fa:68:f4:ef:38:9d:14:d5:8a:19:65:f9:cf:ce:4a:5f:ff:
9f:a8:fa:46:92:3f:ae:cd:a4:29:89:37:42:b0:46:5e:40:f7:
7b:85:4a:b8:91:6f:6d:39:c5:1c:07:e9:08:2b:e3:44:fe:8b:
7c:ff:9c:0e:9d:6c:a2:a9:b1:8d:42:41:b3:a2:e0:db:e2:d7:
51:c4:89:f1:b3:16:3f:9f:37:9a:27:26:5a:ad:98:43:a2:59:
29:f1:c6:24
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEAs5wfTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MTIyZTJiNTgyMzNhMTkzZDFmNzI3Nzg1NjVkNmM5OGQ3NjE2M2E3MB4XDTIyMDEw
MTEyNTQ0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmU2ZjViNzRlZDJm
MzVmMjlmYzA2MDEyMzM3ZjQ1ZDczZDExMzBhZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMLC+ms9vpmgpzkFZoGr+xwp25RC87nte3yUgnlb5C6PI6xo
xBc5pLtbW0GYk+GNCmSRgPIXa+D6oN91/IvBDEqM4w4/oUdp7j5ydojCSQLiGHal
eG8oZYXan3ef13bftFqU/0ARNsKrmqrVi3J7XZrUC5sgnL7f8ptOXGeYHQqHSxIT
9GaU6YOV/xNzZVcoEurxZv9klR6nN2VgfpIrfipqvwoabLtR65+6gr4OxJ2VeHth
WUKsPg/jOoY5RZigtSqSztTAUboq9/PkKKh+G01kG28ccJ44a/BlnBybOTn361G5
bMQ5EOS0pq1JjU9KB22g//zfkHlKz8ehcKtXbksCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBS+b1t07S818p/AYBIzf0XXPREwrzAfBgNVHSMEGDAWgBThIuK1gjOhk9H3
J3hWXWyY12FjpzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzRTTGl0WUl6b1pQUjl5ZDRWbDFzbU5kaFk2Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWEvZDgxNWZkLWNmYWItNGE0YS05NTk1LTQxNjZiNzViMDhhZi8x
L3ZtOWJkTzB2TmZLZndHQVNNMzlGMXowUk1LOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWEv
ZDgxNWZkLWNmYWItNGE0YS05NTk1LTQxNjZiNzViMDhhZi8xLzRTTGl0WUl6b1pQ
Ujl5ZDRWbDFzbU5kaFk2Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAR8rrAMEALnyujANBAIAAjAHAwUD
KhCYQDANBgkqhkiG9w0BAQsFAAOCAQEAgH+4mtVG8xGXQMFCQTj89QhHCPipDyvJ
RxpFZIH/3A1QZcm8TNeRckMtDfmzJcCJ+AM7K1WhPMrW7tG/HzIcva81Th2CoOPj
/+1pL5hIRPmzPbi4xnA0bR3gi6h5tPawQzxGrOJT3XJxNw6KZBgv6tuHrRAmu0Ic
EWx2CUVj5MNt+duzEKiA+DYwPDW7li43L180ca/hxtXQavOFiB5h5TmxfPpo9O84
nRTVihll+c/OSl//n6j6RpI/rs2kKYk3QrBGXkD3e4VKuJFvbTnFHAfpCCvjRP6L
fP+cDp1soqmxjUJBs6Lg2+LXUcSJ8bMWP583micmWq2YQ6JZKfHGJA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:48 2024 by rpki-client on console-ams.rpki-client.org