Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/PojnYK3X2peQUshq8Yxlaw0-4Ek.roa
File: PojnYK3X2peQUshq8Yxlaw0-4Ek.roa (raw, json)
Hash identifier: C0J7dNZmP4xNFn7vdAJ1UGHp3YgcJFQOq69u6pUBYtk=
Subject key identifier: 3E:88:E7:60:AD:D7:DA:97:90:52:C8:6A:F1:8C:65:6B:0D:3E:E0:49
Certificate issuer: /CN=86cb742a03bc9c85507217a25204dfff82fccdf9
Certificate serial: 0191000C
Authority key identifier: 86:CB:74:2A:03:BC:9C:85:50:72:17:A2:52:04:DF:FF:82:FC:CD:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hst0KgO8nIVQcheiUgTf_4L8zfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/PojnYK3X2peQUshq8Yxlaw0-4Ek.roa
Signing time: Tue 19 Apr 2022 11:23:02 +0000
ROA not before: Tue 19 Apr 2022 11:23:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44493
IP address blocks: 31.192.233.0/24 maxlen: 24
31.192.232.0/24 maxlen: 24
31.192.234.0/24 maxlen: 24
31.192.238.0/24 maxlen: 24
31.192.237.0/24 maxlen: 24
31.192.236.0/24 maxlen: 24
31.192.235.0/24 maxlen: 24
31.192.239.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26279948 (0x191000c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cb742a03bc9c85507217a25204dfff82fccdf9
Validity
Not Before: Apr 19 11:23:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3e88e760add7da979052c86af18c656b0d3ee049
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:81:27:e3:c5:ab:24:9a:2c:16:4f:31:a2:46:
1b:e1:fa:0a:c9:dc:fb:71:4a:2b:8a:4e:d6:01:9c:
fd:84:05:75:f4:56:99:6f:1a:fc:b2:ea:a4:d4:6c:
9a:ef:85:40:23:90:47:13:d5:c4:51:ba:37:76:8b:
fe:1a:f8:c4:19:9f:95:19:cd:ad:b4:d5:5b:5e:33:
4c:91:44:27:4e:87:a1:04:ba:cc:88:75:b1:3b:68:
23:2d:1d:50:de:53:78:0d:05:d8:eb:f1:81:f4:88:
4d:66:f0:98:e5:4c:b2:16:f8:b2:cf:bf:95:6e:b4:
2a:65:da:d1:ed:3c:8e:4a:61:cc:ff:0f:9a:07:1b:
71:6c:15:04:a0:b8:06:a5:94:a2:94:b0:fe:5b:39:
0a:2e:fd:ff:31:86:3a:29:e1:4e:e1:72:0d:09:fc:
bd:48:60:24:0c:a6:2d:6a:43:c8:59:b6:9d:82:44:
2a:3a:de:5e:82:7f:46:94:88:6a:c9:e4:41:e4:93:
d3:6e:68:7d:27:28:2f:04:e6:a0:56:ca:ba:c3:91:
36:6e:73:5e:a5:00:bd:05:b7:a3:dd:ed:8d:44:5f:
82:f0:0c:87:c1:e6:ab:ae:0b:e2:77:3e:7e:f9:05:
43:6c:9c:ff:73:db:9d:c2:6c:58:31:70:9e:ad:0c:
77:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:88:E7:60:AD:D7:DA:97:90:52:C8:6A:F1:8C:65:6B:0D:3E:E0:49
X509v3 Authority Key Identifier:
keyid:86:CB:74:2A:03:BC:9C:85:50:72:17:A2:52:04:DF:FF:82:FC:CD:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hst0KgO8nIVQcheiUgTf_4L8zfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/PojnYK3X2peQUshq8Yxlaw0-4Ek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/hst0KgO8nIVQcheiUgTf_4L8zfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.192.232.0/21
Signature Algorithm: sha256WithRSAEncryption
02:f0:a7:37:46:9e:83:22:f8:31:84:d8:56:ce:d6:bc:2b:34:
31:c9:21:02:be:93:84:4f:b5:58:d2:ae:eb:e3:74:ec:ea:26:
54:60:b9:4e:76:99:ee:34:e9:39:c5:93:f1:9c:08:e9:bc:b4:
e1:6a:82:e3:f6:a2:00:ec:21:af:68:c4:86:8c:7b:f1:84:be:
83:b0:a5:51:60:14:f6:e1:2e:c7:bb:29:21:e6:40:b4:13:13:
e9:cb:2f:22:ad:30:b2:89:68:d4:6f:27:c5:89:0a:66:03:51:
b0:5a:2a:e0:3a:38:a2:f7:57:d0:c2:31:9f:ff:93:f3:ce:34:
7a:e3:bb:f7:37:83:74:42:66:d0:f4:48:95:c8:fa:27:59:08:
72:b9:18:ff:d4:db:49:31:4a:bb:42:9a:fa:1e:cc:94:23:71:
49:de:98:ce:53:4a:84:76:21:49:fc:2d:bd:bb:de:93:1d:da:
d2:7e:be:0b:f1:75:dd:e3:25:69:31:29:e1:1d:f3:f1:92:5e:
6e:51:fc:0d:d5:a8:9b:1f:43:6f:34:42:b7:1c:89:b3:fe:7a:
f0:6a:0b:14:a2:bd:a7:85:1a:85:2b:ac:14:8e:fd:37:99:52:
f3:57:e0:7e:85:6e:6b:d7:dc:40:8c:09:fb:01:84:57:5a:b2:
11:cb:dd:8a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAZEADDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NmNiNzQyYTAzYmM5Yzg1NTA3MjE3YTI1MjA0ZGZmZjgyZmNjZGY5MB4XDTIyMDQx
OTExMjMwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2U4OGU3NjBhZGQ3
ZGE5NzkwNTJjODZhZjE4YzY1NmIwZDNlZTA0OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKKBJ+PFqySaLBZPMaJGG+H6Csnc+3FKK4pO1gGc/YQFdfRW
mW8a/LLqpNRsmu+FQCOQRxPVxFG6N3aL/hr4xBmflRnNrbTVW14zTJFEJ06HoQS6
zIh1sTtoIy0dUN5TeA0F2OvxgfSITWbwmOVMshb4ss+/lW60KmXa0e08jkphzP8P
mgcbcWwVBKC4BqWUopSw/ls5Ci79/zGGOinhTuFyDQn8vUhgJAymLWpDyFm2nYJE
KjreXoJ/RpSIasnkQeST025ofScoLwTmoFbKusORNm5zXqUAvQW3o93tjURfgvAM
h8Hmq64L4nc+fvkFQ2yc/3PbncJsWDFwnq0Md8sCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ+iOdgrdfal5BSyGrxjGVrDT7gSTAfBgNVHSMEGDAWgBSGy3QqA7ychVBy
F6JSBN//gvzN+TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hzdDBLZ084bklWUWNoZWlVZ1RmXzRMOHpmay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjkvNzY3YWU1LWI5YTItNDk5My04MWE4LTA1ZjE4ZmMyMTJhNy8x
L1Bvam5ZSzNYMnBlUVVzaHE4WXhsYXcwLTRFay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjkv
NzY3YWU1LWI5YTItNDk5My04MWE4LTA1ZjE4ZmMyMTJhNy8xL2hzdDBLZ084bklW
UWNoZWlVZ1RmXzRMOHpmay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAx/A6DANBgkqhkiG9w0BAQsFAAOC
AQEAAvCnN0aegyL4MYTYVs7WvCs0MckhAr6ThE+1WNKu6+N07OomVGC5TnaZ7jTp
OcWT8ZwI6by04WqC4/aiAOwhr2jEhox78YS+g7ClUWAU9uEux7spIeZAtBMT6csv
Iq0wsolo1G8nxYkKZgNRsFoq4Do4ovdX0MIxn/+T8840euO79zeDdEJm0PRIlcj6
J1kIcrkY/9TbSTFKu0Ka+h7MlCNxSd6YzlNKhHYhSfwtvbvekx3a0n6+C/F13eMl
aTEp4R3z8ZJeblH8DdWomx9DbzRCtxyJs/568GoLFKK9p4UahSusFI79N5lS81fg
foVua9fcQIwJ+wGEV1qyEcvdig==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:20 2024 by rpki-client on console-fra.rpki-client.org