Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/85c6bd-6a68-4d11-b9cd-8c2df5a5c6d7/1/PesG3w_XYkvXi2TwCbpNwbRpz_0.roa
File: PesG3w_XYkvXi2TwCbpNwbRpz_0.roa (raw, json)
Hash identifier: 0nlQvq2KLKrcH32VZpgm8dy4ryB+52y+Pe9zj/XaD20=
Subject key identifier: 3D:EB:06:DF:0F:D7:62:4B:D7:8B:64:F0:09:BA:4D:C1:B4:69:CF:FD
Certificate issuer: /CN=9e8cd7d6a4105750bf8975a7d0b96794c1efe622
Certificate serial: 018B6085BE9E78EB910E93B8208C7DF31D60
Authority key identifier: 9E:8C:D7:D6:A4:10:57:50:BF:89:75:A7:D0:B9:67:94:C1:EF:E6:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nozX1qQQV1C_iXWn0LlnlMHv5iI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/85c6bd-6a68-4d11-b9cd-8c2df5a5c6d7/1/PesG3w_XYkvXi2TwCbpNwbRpz_0.roa
Signing time: Tue 24 Oct 2023 07:10:59 +0000
ROA not before: Tue 24 Oct 2023 07:10:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44710
IP address blocks: 91.217.244.0/24 maxlen: 24
31.131.142.0/24 maxlen: 24
31.131.141.0/24 maxlen: 24
31.131.140.0/24 maxlen: 24
31.131.143.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:60:85:be:9e:78:eb:91:0e:93:b8:20:8c:7d:f3:1d:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e8cd7d6a4105750bf8975a7d0b96794c1efe622
Validity
Not Before: Oct 24 07:10:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3deb06df0fd7624bd78b64f009ba4dc1b469cffd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:4a:34:9d:e0:92:fb:56:76:e1:8d:15:74:cf:
a1:73:5d:de:69:33:7d:67:71:c0:cd:10:2a:e7:a2:
55:6e:a7:2d:42:7c:09:7c:2a:a5:46:02:df:57:d1:
30:dd:92:d6:48:70:b2:61:6e:01:ad:b8:09:69:39:
92:49:b0:b4:13:56:16:73:2d:8a:59:5c:d0:00:9d:
14:2c:87:f7:9e:4a:d3:b9:aa:71:cf:21:11:5b:0b:
36:90:e1:19:0f:b4:94:3a:95:fd:81:7e:fa:95:6b:
a3:88:34:e1:61:4f:13:e0:40:22:9b:c5:bd:e3:f6:
fd:40:ed:c3:b4:a4:03:6c:82:74:c1:4e:1a:d4:f9:
67:a2:c1:0f:24:85:c6:51:9d:d6:e2:d0:c2:d1:52:
cb:61:f4:b0:86:e9:a7:82:dc:95:c0:00:53:7e:99:
2a:10:d0:89:4c:0b:a1:e0:75:91:fc:ab:36:31:53:
12:a1:1b:57:9c:0f:e8:d5:0b:2e:f6:54:52:49:f0:
67:61:ed:38:f3:96:4c:01:60:d1:f8:c8:1a:6f:ff:
92:a8:bb:6d:f3:c8:af:a2:88:70:9f:cf:b2:a3:7e:
bc:a7:c5:78:33:0a:6d:b0:8d:00:1c:27:41:a7:7c:
cc:eb:87:92:78:38:91:bd:bb:c7:86:fa:b4:b3:0b:
a2:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:EB:06:DF:0F:D7:62:4B:D7:8B:64:F0:09:BA:4D:C1:B4:69:CF:FD
X509v3 Authority Key Identifier:
keyid:9E:8C:D7:D6:A4:10:57:50:BF:89:75:A7:D0:B9:67:94:C1:EF:E6:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nozX1qQQV1C_iXWn0LlnlMHv5iI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/85c6bd-6a68-4d11-b9cd-8c2df5a5c6d7/1/PesG3w_XYkvXi2TwCbpNwbRpz_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/85c6bd-6a68-4d11-b9cd-8c2df5a5c6d7/1/nozX1qQQV1C_iXWn0LlnlMHv5iI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.140.0/22
91.217.244.0/24
Signature Algorithm: sha256WithRSAEncryption
02:09:a4:9f:3f:6d:d4:de:94:e6:a5:4b:c5:0f:53:a0:dd:63:
74:d8:c2:09:e7:05:cb:dc:23:15:fd:04:77:d3:af:c1:20:82:
17:9a:68:10:12:3d:9b:d0:84:14:1a:16:f2:de:80:e0:e1:a5:
5c:9a:18:81:35:99:56:b4:ad:be:e9:4d:ab:c9:85:50:70:6d:
35:61:ed:07:ad:14:6e:d8:c2:40:45:99:52:21:32:d6:6d:00:
03:18:96:2b:04:bd:c4:ca:f4:64:ab:c3:d2:41:b4:ef:09:4e:
98:74:f9:ad:73:7b:97:e4:58:16:c6:d9:88:44:86:71:05:de:
56:29:ef:77:78:54:a4:a8:5c:40:19:b4:cf:3b:d2:f3:a1:6b:
25:83:90:a8:be:fe:23:3a:7e:2b:6e:fe:68:99:e7:6a:1f:09:
20:08:58:44:25:91:1a:3f:4e:09:5f:86:ea:ff:3f:ec:6a:8d:
1a:0c:60:40:a0:71:01:bd:68:9c:33:a0:6f:94:68:58:f4:09:
7f:2a:2b:02:8f:69:2d:72:aa:55:9e:c1:bc:24:ed:bb:97:1b:
fc:a9:e0:e3:64:17:c7:b4:12:70:c9:32:b4:ed:73:86:f4:6d:
a5:1e:21:c9:cf:96:36:6d:a0:d7:fd:7c:af:4b:f2:70:7f:60:
12:b6:16:8c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYtghb6eeOuRDpO4IIx98x1gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOGNkN2Q2YTQxMDU3NTBiZjg5NzVhN2QwYjk2Nzk0YzFl
ZmU2MjIwHhcNMjMxMDI0MDcxMDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGViMDZkZjBmZDc2MjRiZDc4YjY0ZjAwOWJhNGRjMWI0NjljZmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqko0neCS+1Z24Y0VdM+hc13eaTN9
Z3HAzRAq56JVbqctQnwJfCqlRgLfV9Ew3ZLWSHCyYW4BrbgJaTmSSbC0E1YWcy2K
WVzQAJ0ULIf3nkrTuapxzyERWws2kOEZD7SUOpX9gX76lWujiDThYU8T4EAim8W9
4/b9QO3DtKQDbIJ0wU4a1PlnosEPJIXGUZ3W4tDC0VLLYfSwhumngtyVwABTfpkq
ENCJTAuh4HWR/Ks2MVMSoRtXnA/o1Qsu9lRSSfBnYe0485ZMAWDR+Mgab/+SqLtt
88ivoohwn8+yo368p8V4MwptsI0AHCdBp3zM64eSeDiRvbvHhvq0swuiTQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD3rBt8P12JL14tk8Am6TcG0ac/9MB8GA1UdIwQY
MBaAFJ6M19akEFdQv4l1p9C5Z5TB7+YiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbm96WDFxUVFWMUNfaVhXbjBMbG5sTUh2NWlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi84NWM2YmQtNmE2OC00ZDExLWI5Y2Qt
OGMyZGY1YTVjNmQ3LzEvUGVzRzN3X1hZa3ZYaTJUd0NicE53YlJwel8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi84NWM2YmQtNmE2OC00ZDExLWI5Y2QtOGMyZGY1YTVjNmQ3
LzEvbm96WDFxUVFWMUNfaVhXbjBMbG5sTUh2NWlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCH4OMAwQA
W9n0MA0GCSqGSIb3DQEBCwUAA4IBAQACCaSfP23U3pTmpUvFD1Og3WN02MIJ5wXL
3CMV/QR306/BIIIXmmgQEj2b0IQUGhby3oDg4aVcmhiBNZlWtK2+6U2ryYVQcG01
Ye0HrRRu2MJARZlSITLWbQADGJYrBL3EyvRkq8PSQbTvCU6YdPmtc3uX5FgWxtmI
RIZxBd5WKe93eFSkqFxAGbTPO9LzoWslg5Covv4jOn4rbv5omedqHwkgCFhEJZEa
P04JX4bq/z/sao0aDGBAoHEBvWicM6BvlGhY9Al/KisCj2ktcqpVnsG8JO27lxv8
qeDjZBfHtBJwyTK07XOG9G2lHiHJz5Y2baDX/XyvS/Jwf2ASthaM
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:36:20 2025 by rpki-client