Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/5a337f-c843-45f4-8d99-163fb7003e5d/1/RLfsC2ugVX1wAfzJI1tlHL6Uc-s.roa
File: RLfsC2ugVX1wAfzJI1tlHL6Uc-s.roa (raw, json)
Hash identifier: v7BuWqmd+Vbgtn48b11SQWNgxJvYq0x4cvuriSH8gi4=
Subject key identifier: 44:B7:EC:0B:6B:A0:55:7D:70:01:FC:C9:23:5B:65:1C:BE:94:73:EB
Certificate issuer: /CN=62d190b238d97af7900bdcbd02304b782ffcaf2a
Certificate serial: 01869205BCA7C446341DC742C58CC8D32699
Authority key identifier: 62:D1:90:B2:38:D9:7A:F7:90:0B:DC:BD:02:30:4B:78:2F:FC:AF:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YtGQsjjZeveQC9y9AjBLeC_8ryo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/5a337f-c843-45f4-8d99-163fb7003e5d/1/RLfsC2ugVX1wAfzJI1tlHL6Uc-s.roa
Signing time: Mon 27 Feb 2023 08:38:14 +0000
ROA not before: Mon 27 Feb 2023 08:38:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200468
IP address blocks: 31.3.217.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:92:05:bc:a7:c4:46:34:1d:c7:42:c5:8c:c8:d3:26:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62d190b238d97af7900bdcbd02304b782ffcaf2a
Validity
Not Before: Feb 27 08:38:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=44b7ec0b6ba0557d7001fcc9235b651cbe9473eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:00:db:2e:13:3a:00:9b:ea:08:1a:32:97:ad:
31:0a:87:ca:07:51:bb:96:58:5d:aa:49:a6:7e:c7:
3b:e6:d3:1b:b5:2e:94:ba:c0:71:5c:6e:6a:dc:df:
46:63:97:e9:97:a0:e9:eb:3d:e3:ab:83:6e:fa:93:
ca:eb:ee:8a:14:66:34:2f:04:87:3d:c7:70:56:64:
c5:b5:65:5e:8e:09:a3:8b:3f:e2:10:88:29:58:cb:
16:69:fa:5e:aa:c7:85:80:96:0c:71:d3:a2:60:45:
1d:58:14:11:98:cc:ee:1c:b9:cb:8a:f0:6e:77:42:
56:05:03:09:48:ec:53:18:5b:28:96:d2:f9:17:80:
4d:1c:cd:85:d3:0a:bf:8e:6b:1e:90:84:7f:bb:82:
45:6c:29:d6:ea:ea:1e:b3:f8:bc:a4:d0:65:9e:68:
11:41:7a:b9:c0:b4:69:f5:cf:d3:ee:48:a1:38:83:
d8:ad:d3:1e:a6:90:06:e9:34:fd:b8:39:f9:b2:16:
83:66:43:19:72:6a:a6:c4:5a:be:3a:8f:ca:39:c7:
97:2d:54:5f:05:33:af:1d:fb:ec:14:07:25:87:d8:
0f:b2:a1:e4:60:dd:a6:65:2e:b0:50:f1:59:28:d7:
05:19:d1:6f:1e:60:0f:1f:d3:03:b4:ac:ea:d6:19:
13:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:B7:EC:0B:6B:A0:55:7D:70:01:FC:C9:23:5B:65:1C:BE:94:73:EB
X509v3 Authority Key Identifier:
keyid:62:D1:90:B2:38:D9:7A:F7:90:0B:DC:BD:02:30:4B:78:2F:FC:AF:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YtGQsjjZeveQC9y9AjBLeC_8ryo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5a337f-c843-45f4-8d99-163fb7003e5d/1/RLfsC2ugVX1wAfzJI1tlHL6Uc-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5a337f-c843-45f4-8d99-163fb7003e5d/1/YtGQsjjZeveQC9y9AjBLeC_8ryo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.217.0/24
Signature Algorithm: sha256WithRSAEncryption
78:f1:c5:0c:b6:1c:9c:ad:40:e1:58:c9:0f:85:43:ac:d6:87:
c4:07:50:1b:a4:8b:77:44:70:ac:c2:33:a5:4c:fb:64:21:f3:
1f:a2:c1:54:d2:14:23:ee:c8:68:f3:54:38:03:42:90:e3:64:
aa:53:63:8f:03:92:92:5d:fd:dc:e0:aa:74:bf:53:85:90:21:
2c:37:d0:94:ec:b3:dc:e8:f8:5d:92:14:5a:18:50:1d:6d:33:
ee:cd:23:c2:3a:c6:ed:36:66:b8:b6:02:4e:84:dc:ec:4d:e5:
0f:d1:3f:f8:3f:c2:83:3a:d1:1d:09:e7:bd:88:40:35:d6:8d:
d7:fe:68:c8:cb:30:76:b4:89:a6:54:55:d9:d6:bc:f6:71:2d:
6a:a2:63:17:23:3e:e0:f3:c9:dc:1a:33:66:3d:c0:93:d5:b9:
a5:cc:91:24:d7:0e:13:1e:06:e9:fd:71:2a:a7:4f:a2:e7:6a:
fc:2c:41:9a:10:24:4f:e2:db:68:3b:c6:ee:32:27:e9:fc:c3:
64:ea:af:f3:14:ab:0b:e2:75:13:d4:be:0a:76:57:d2:99:48:
16:59:09:5a:8f:ce:3f:f7:2d:17:ea:4b:ae:d3:b1:d9:05:e1:
29:c4:4c:fb:f3:b7:61:a2:d3:c6:68:36:6a:91:f8:74:56:c1:
06:cb:35:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaSBbynxEY0HcdCxYzI0yaZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZDE5MGIyMzhkOTdhZjc5MDBiZGNiZDAyMzA0Yjc4MmZm
Y2FmMmEwHhcNMjMwMjI3MDgzODE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGI3ZWMwYjZiYTA1NTdkNzAwMWZjYzkyMzViNjUxY2JlOTQ3M2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqADbLhM6AJvqCBoyl60xCofKB1G7
llhdqkmmfsc75tMbtS6UusBxXG5q3N9GY5fpl6Dp6z3jq4Nu+pPK6+6KFGY0LwSH
PcdwVmTFtWVejgmjiz/iEIgpWMsWafpeqseFgJYMcdOiYEUdWBQRmMzuHLnLivBu
d0JWBQMJSOxTGFsoltL5F4BNHM2F0wq/jmsekIR/u4JFbCnW6uoes/i8pNBlnmgR
QXq5wLRp9c/T7kihOIPYrdMeppAG6TT9uDn5shaDZkMZcmqmxFq+Oo/KOceXLVRf
BTOvHfvsFAclh9gPsqHkYN2mZS6wUPFZKNcFGdFvHmAPH9MDtKzq1hkTwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFES37AtroFV9cAH8ySNbZRy+lHPrMB8GA1UdIwQY
MBaAFGLRkLI42Xr3kAvcvQIwS3gv/K8qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXRHUXNqalpldmVRQzl5OUFqQkxlQ184cnlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi81YTMzN2YtYzg0My00NWY0LThkOTkt
MTYzZmI3MDAzZTVkLzEvUkxmc0MydWdWWDF3QWZ6SkkxdGxITDZVYy1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi81YTMzN2YtYzg0My00NWY0LThkOTktMTYzZmI3MDAzZTVk
LzEvWXRHUXNqalpldmVRQzl5OUFqQkxlQ184cnlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHwPZMA0G
CSqGSIb3DQEBCwUAA4IBAQB48cUMthycrUDhWMkPhUOs1ofEB1AbpIt3RHCswjOl
TPtkIfMfosFU0hQj7sho81Q4A0KQ42SqU2OPA5KSXf3c4Kp0v1OFkCEsN9CU7LPc
6PhdkhRaGFAdbTPuzSPCOsbtNma4tgJOhNzsTeUP0T/4P8KDOtEdCee9iEA11o3X
/mjIyzB2tImmVFXZ1rz2cS1qomMXIz7g88ncGjNmPcCT1bmlzJEk1w4THgbp/XEq
p0+i52r8LEGaECRP4ttoO8buMifp/MNk6q/zFKsL4nUT1L4KdlfSmUgWWQlaj84/
9y0X6kuu07HZBeEpxEz787dhotPGaDZqkfh0VsEGyzWs
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:10:59 2025 by rpki-client