Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/011ef2-7012-4a6e-8a1c-0e0e137e5591/1/0z830wHDM_59RAc9tegA975a1bE.roa
File: 0z830wHDM_59RAc9tegA975a1bE.roa (raw, json)
Hash identifier: NBENdZhKjDh4Tc99s9PccW6qOb5YB9d0IIpEN2PIO4Q=
Subject key identifier: D3:3F:37:D3:01:C3:33:FE:7D:44:07:3D:B5:E8:00:F7:BE:5A:D5:B1
Certificate issuer: /CN=e520446f79ffc2d7c3a9ef340ce9de25723a719a
Certificate serial: 01856F6FE60A3E377F5E045F997A6D555DF7
Authority key identifier: E5:20:44:6F:79:FF:C2:D7:C3:A9:EF:34:0C:E9:DE:25:72:3A:71:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5SBEb3n_wtfDqe80DOneJXI6cZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/011ef2-7012-4a6e-8a1c-0e0e137e5591/1/0z830wHDM_59RAc9tegA975a1bE.roa
Signing time: Sun 01 Jan 2023 22:24:42 +0000
ROA not before: Sun 01 Jan 2023 22:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56802
IP address blocks: 31.134.192.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:6f:e6:0a:3e:37:7f:5e:04:5f:99:7a:6d:55:5d:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e520446f79ffc2d7c3a9ef340ce9de25723a719a
Validity
Not Before: Jan 1 22:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d33f37d301c333fe7d44073db5e800f7be5ad5b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:2b:c6:67:8f:89:02:0f:5b:10:a7:0b:d1:5b:
62:a9:90:e4:7a:b0:64:d2:8a:57:94:f2:29:78:9b:
ea:f2:1d:57:66:18:fb:b6:10:85:a7:11:2e:ed:02:
43:e1:e5:78:51:08:b2:0a:4c:b4:f4:bc:8e:e4:37:
ae:6b:7f:22:26:e7:1e:f8:a5:6f:6f:68:f8:cf:69:
80:87:17:28:e3:68:8c:40:b8:d5:70:fb:ff:f9:13:
65:52:91:ea:15:b6:92:6c:7d:0f:d2:66:4d:50:2e:
da:a3:c8:64:66:90:f5:7c:1e:11:b2:71:ab:96:69:
f8:56:68:bd:1a:b8:f3:19:b4:b8:96:44:47:26:37:
a7:3f:10:fe:f5:4e:20:b1:ad:5e:7e:41:2a:75:e5:
d0:e6:e0:19:a2:b8:f2:43:a1:24:a3:56:ab:b6:29:
db:58:0f:f3:a6:e3:b4:68:6f:e7:f8:f4:99:ff:92:
09:5f:c3:91:16:8e:19:e0:77:0f:e6:26:4a:70:03:
d7:d0:bd:fa:f1:cb:1c:97:0e:0b:e1:17:6e:ed:84:
8e:7e:1a:6c:fd:1f:91:8d:e8:1f:66:d5:3d:9e:67:
bd:1b:24:0c:24:1c:2c:09:88:51:b2:37:89:c8:9c:
7c:0f:9c:c5:11:e1:55:aa:df:16:49:27:84:5f:39:
55:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:3F:37:D3:01:C3:33:FE:7D:44:07:3D:B5:E8:00:F7:BE:5A:D5:B1
X509v3 Authority Key Identifier:
keyid:E5:20:44:6F:79:FF:C2:D7:C3:A9:EF:34:0C:E9:DE:25:72:3A:71:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5SBEb3n_wtfDqe80DOneJXI6cZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/011ef2-7012-4a6e-8a1c-0e0e137e5591/1/0z830wHDM_59RAc9tegA975a1bE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/011ef2-7012-4a6e-8a1c-0e0e137e5591/1/5SBEb3n_wtfDqe80DOneJXI6cZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.134.192.0/21
Signature Algorithm: sha256WithRSAEncryption
3f:79:5e:b6:c8:e2:0b:0c:59:42:6c:bf:53:22:a2:bd:64:c0:
c9:aa:45:5b:94:41:55:b3:72:9d:ad:08:3d:2f:75:12:84:2e:
12:88:7f:31:ff:40:a0:2b:13:e0:7e:fb:f8:a2:37:1d:b8:e5:
74:86:cd:6c:5a:29:b8:dd:2c:6c:0b:90:fd:e8:99:a7:bc:57:
44:22:df:f6:a6:4c:ed:ae:4e:e6:b0:52:f0:6c:db:29:90:ca:
c3:1f:31:4e:a3:a1:60:0e:43:57:10:ad:41:06:af:8b:fe:49:
71:07:85:02:59:58:8e:d6:4c:f5:ff:e0:1a:a4:57:f0:5f:75:
76:40:e7:d9:96:2f:af:0e:9f:16:d7:cf:b8:53:f3:1a:96:94:
27:1d:cc:9c:d8:2f:22:87:cb:cc:3b:2c:0a:73:95:ec:55:ef:
2f:1f:9b:b2:59:8b:92:e8:03:4f:f5:f2:e2:a4:24:fd:02:70:
11:75:11:a7:4b:ae:ac:87:69:12:2f:a0:9c:af:8f:cc:e1:91:
8d:4e:c3:cb:27:f8:89:65:96:3d:05:60:d9:cc:ac:03:5d:23:
0f:b4:4b:a9:12:2c:7d:9d:de:b3:5d:11:1d:09:70:59:d5:d9:
6d:f5:c2:0a:3d:5c:1e:28:be:9d:bf:09:6a:93:9d:75:48:6b:
ed:39:1f:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvb+YKPjd/XgRfmXptVV33MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MjA0NDZmNzlmZmMyZDdjM2E5ZWYzNDBjZTlkZTI1NzIz
YTcxOWEwHhcNMjMwMTAxMjIyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzNmMzdkMzAxYzMzM2ZlN2Q0NDA3M2RiNWU4MDBmN2JlNWFkNWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyvGZ4+JAg9bEKcL0VtiqZDkerBk
0opXlPIpeJvq8h1XZhj7thCFpxEu7QJD4eV4UQiyCky09LyO5Deua38iJuce+KVv
b2j4z2mAhxco42iMQLjVcPv/+RNlUpHqFbaSbH0P0mZNUC7ao8hkZpD1fB4RsnGr
lmn4Vmi9GrjzGbS4lkRHJjenPxD+9U4gsa1efkEqdeXQ5uAZorjyQ6Eko1artinb
WA/zpuO0aG/n+PSZ/5IJX8ORFo4Z4HcP5iZKcAPX0L368csclw4L4Rdu7YSOfhps
/R+RjegfZtU9nme9GyQMJBwsCYhRsjeJyJx8D5zFEeFVqt8WSSeEXzlVGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNM/N9MBwzP+fUQHPbXoAPe+WtWxMB8GA1UdIwQY
MBaAFOUgRG95/8LXw6nvNAzp3iVyOnGaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVNCRWIzbl93dGZEcWU4MERPbmVKWEk2Y1pvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8wMTFlZjItNzAxMi00YTZlLThhMWMt
MGUwZTEzN2U1NTkxLzEvMHo4MzB3SERNXzU5UkFjOXRlZ0E5NzVhMWJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8wMTFlZjItNzAxMi00YTZlLThhMWMtMGUwZTEzN2U1NTkx
LzEvNVNCRWIzbl93dGZEcWU4MERPbmVKWEk2Y1pvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDH4bAMA0G
CSqGSIb3DQEBCwUAA4IBAQA/eV62yOILDFlCbL9TIqK9ZMDJqkVblEFVs3KdrQg9
L3UShC4SiH8x/0CgKxPgfvv4ojcduOV0hs1sWim43SxsC5D96JmnvFdEIt/2pkzt
rk7msFLwbNspkMrDHzFOo6FgDkNXEK1BBq+L/klxB4UCWViO1kz1/+AapFfwX3V2
QOfZli+vDp8W18+4U/MalpQnHcyc2C8ih8vMOywKc5XsVe8vH5uyWYuS6ANP9fLi
pCT9AnARdRGnS66sh2kSL6Ccr4/M4ZGNTsPLJ/iJZZY9BWDZzKwDXSMPtEupEix9
nd6zXREdCXBZ1dlt9cIKPVweKL6dvwlqk511SGvtOR+G
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:12 2025 by rpki-client