Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/1b5961-84ab-40be-b0dc-2f6f9f888375/1/Ppj3zpLrOK8ev4EBZrWc4qkrDm8.roa
File: Ppj3zpLrOK8ev4EBZrWc4qkrDm8.roa (raw, json)
Hash identifier: xNXYAkEVpwLAMufRl3oKAgEXoSbrbjo/5BwaqGUNezY=
Subject key identifier: 3E:98:F7:CE:92:EB:38:AF:1E:BF:81:01:66:B5:9C:E2:A9:2B:0E:6F
Certificate issuer: /CN=49cd9ec8e53f8fc2a35e91b77014f6a73d8b5b3d
Certificate serial: 02CA03F9
Authority key identifier: 49:CD:9E:C8:E5:3F:8F:C2:A3:5E:91:B7:70:14:F6:A7:3D:8B:5B:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sc2eyOU_j8KjXpG3cBT2pz2LWz0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/1b5961-84ab-40be-b0dc-2f6f9f888375/1/Ppj3zpLrOK8ev4EBZrWc4qkrDm8.roa
Signing time: Sat 01 Jan 2022 06:56:20 +0000
ROA not before: Sat 01 Jan 2022 06:56:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56676
IP address blocks: 91.237.209.0/24 maxlen: 24
31.130.120.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46793721 (0x2ca03f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49cd9ec8e53f8fc2a35e91b77014f6a73d8b5b3d
Validity
Not Before: Jan 1 06:56:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3e98f7ce92eb38af1ebf810166b59ce2a92b0e6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:df:0c:f6:00:cd:91:58:a1:17:9b:ef:d2:cf:
d1:14:a1:93:1b:20:c6:3a:9e:4b:60:62:a5:62:e5:
69:64:07:7f:f6:f0:0e:8c:34:73:1f:21:12:64:61:
2b:b4:93:5f:e9:d3:74:f6:1d:95:84:37:5a:5f:f7:
54:76:8b:74:94:5b:b5:fb:b2:a7:46:b5:61:97:f7:
c2:5d:64:36:5d:a5:b0:d8:11:27:30:92:80:7b:0a:
55:39:1c:e0:84:da:b0:c6:25:8c:e0:92:a9:72:b6:
a5:e5:45:7e:15:87:a3:71:58:b9:bd:85:ce:8e:30:
a0:95:86:f6:ac:f7:bf:7b:34:40:18:a6:e0:de:63:
b4:0e:c1:8b:77:80:b0:bd:f0:77:33:f3:44:b4:6f:
e7:61:48:67:20:92:25:05:55:63:45:02:1f:5a:6a:
f0:af:9a:ed:83:76:3e:26:0b:07:b7:d3:c0:6f:04:
8b:4a:87:08:78:24:eb:a9:56:22:24:83:8d:81:73:
72:da:d7:13:18:23:50:f1:f0:3e:b9:3a:18:77:30:
b5:47:87:ca:7e:66:39:a1:8f:e9:ed:4f:c2:c1:1f:
08:3f:21:57:22:95:a0:69:60:18:00:e9:f6:d3:35:
cc:71:de:bb:5d:53:51:d9:57:39:ba:8b:ee:34:92:
99:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:98:F7:CE:92:EB:38:AF:1E:BF:81:01:66:B5:9C:E2:A9:2B:0E:6F
X509v3 Authority Key Identifier:
keyid:49:CD:9E:C8:E5:3F:8F:C2:A3:5E:91:B7:70:14:F6:A7:3D:8B:5B:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sc2eyOU_j8KjXpG3cBT2pz2LWz0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/1b5961-84ab-40be-b0dc-2f6f9f888375/1/Ppj3zpLrOK8ev4EBZrWc4qkrDm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/1b5961-84ab-40be-b0dc-2f6f9f888375/1/Sc2eyOU_j8KjXpG3cBT2pz2LWz0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.130.120.0/21
91.237.209.0/24
Signature Algorithm: sha256WithRSAEncryption
26:64:61:8e:b7:2d:92:fd:d9:ee:af:89:1f:cc:90:11:32:14:
db:43:0a:ca:bd:c5:09:47:1c:3c:01:49:ef:6d:d7:af:4b:a4:
83:7e:dd:9c:71:68:3c:c7:6f:7b:60:f4:bb:42:58:e1:69:6c:
59:77:5d:1a:36:2b:94:5e:6c:49:0a:f4:ec:03:af:2c:8a:3a:
54:99:5b:79:af:d2:cc:71:69:05:9c:7c:62:4e:60:73:b1:f0:
f3:68:99:81:8e:57:45:2f:2e:73:72:8b:15:b9:67:dc:bb:46:
5c:f5:ba:f2:79:8a:ec:d8:91:47:df:02:6c:39:25:4f:d6:d7:
b8:83:cd:4e:5c:43:70:36:71:1a:21:a4:32:a1:a6:9c:0b:8b:
63:29:1b:f9:bf:f2:bb:43:59:a3:91:c5:f5:d6:56:ef:ab:cb:
8e:b3:22:6a:50:5c:fa:2a:3a:0e:f3:07:58:a5:52:53:a2:c1:
f7:4c:3c:a0:ff:37:9e:78:95:12:9b:93:1c:f1:04:b3:6d:47:
f4:c4:8c:85:41:61:ca:fa:32:3e:aa:c5:11:6a:34:57:38:58:
6a:64:83:52:a8:4c:22:ac:a7:38:18:ae:1c:7a:a8:fc:a2:29:
91:3e:17:fa:f8:2f:52:8f:06:a8:ed:ef:c3:5f:6e:65:e0:8d:
55:ef:16:b3
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAsoD+TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
OWNkOWVjOGU1M2Y4ZmMyYTM1ZTkxYjc3MDE0ZjZhNzNkOGI1YjNkMB4XDTIyMDEw
MTA2NTYyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2U5OGY3Y2U5MmVi
MzhhZjFlYmY4MTAxNjZiNTljZTJhOTJiMGU2ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKLfDPYAzZFYoReb79LP0RShkxsgxjqeS2BipWLlaWQHf/bw
Dow0cx8hEmRhK7STX+nTdPYdlYQ3Wl/3VHaLdJRbtfuyp0a1YZf3wl1kNl2lsNgR
JzCSgHsKVTkc4ITasMYljOCSqXK2peVFfhWHo3FYub2Fzo4woJWG9qz3v3s0QBim
4N5jtA7Bi3eAsL3wdzPzRLRv52FIZyCSJQVVY0UCH1pq8K+a7YN2PiYLB7fTwG8E
i0qHCHgk66lWIiSDjYFzctrXExgjUPHwPrk6GHcwtUeHyn5mOaGP6e1PwsEfCD8h
VyKVoGlgGADp9tM1zHHeu11TUdlXObqL7jSSmdECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQ+mPfOkus4rx6/gQFmtZziqSsObzAfBgNVHSMEGDAWgBRJzZ7I5T+PwqNe
kbdwFPanPYtbPTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NjMmV5T1VfajhLalhwRzNjQlQycHoyTFd6MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTQvMWI1OTYxLTg0YWItNDBiZS1iMGRjLTJmNmY5Zjg4ODM3NS8x
L1BwajN6cExyT0s4ZXY0RUJacldjNHFrckRtOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTQv
MWI1OTYxLTg0YWItNDBiZS1iMGRjLTJmNmY5Zjg4ODM3NS8xL1NjMmV5T1VfajhL
alhwRzNjQlQycHoyTFd6MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAx+CeAMEAFvt0TANBgkqhkiG9w0B
AQsFAAOCAQEAJmRhjrctkv3Z7q+JH8yQETIU20MKyr3FCUccPAFJ723Xr0ukg37d
nHFoPMdve2D0u0JY4WlsWXddGjYrlF5sSQr07AOvLIo6VJlbea/SzHFpBZx8Yk5g
c7Hw82iZgY5XRS8uc3KLFbln3LtGXPW68nmK7NiRR98CbDklT9bXuIPNTlxDcDZx
GiGkMqGmnAuLYykb+b/yu0NZo5HF9dZW76vLjrMialBc+io6DvMHWKVSU6LB90w8
oP83nniVEpuTHPEEs21H9MSMhUFhyvoyPqrFEWo0VzhYamSDUqhMIqynOBiuHHqo
/KIpkT4X+vgvUo8GqO3vw19uZeCNVe8Wsw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:06 2025 by rpki-client