Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/dcfbc7-64b8-4c91-89a0-1af05a2237c3/1/4cmZmY131sUSqH35_e7vfzYnDQ4.roa
File: 4cmZmY131sUSqH35_e7vfzYnDQ4.roa (raw, json)
Hash identifier: FW8YSegcnHxPJS127jMMIw4c3sxVbHY5IP9QZlULrXU=
Subject key identifier: E1:C9:99:99:8D:77:D6:C5:12:A8:7D:F9:FD:EE:EF:7F:36:27:0D:0E
Certificate issuer: /CN=8a566885a1d6d5544546cd285d86c4effeaa3c2c
Certificate serial: 17CC5BDF
Authority key identifier: 8A:56:68:85:A1:D6:D5:54:45:46:CD:28:5D:86:C4:EF:FE:AA:3C:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ilZohaHW1VRFRs0oXYbE7_6qPCw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/dcfbc7-64b8-4c91-89a0-1af05a2237c3/1/4cmZmY131sUSqH35_e7vfzYnDQ4.roa
Signing time: Sat 01 Jan 2022 15:03:21 +0000
ROA not before: Sat 01 Jan 2022 15:03:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56554
IP address blocks: 31.130.224.0/20 maxlen: 24
31.133.128.0/18 maxlen: 24
2001:67c:1230::/46 maxlen: 48
2001:67c:370::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 399268831 (0x17cc5bdf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a566885a1d6d5544546cd285d86c4effeaa3c2c
Validity
Not Before: Jan 1 15:03:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e1c999998d77d6c512a87df9fdeeef7f36270d0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:82:f8:65:de:64:00:6f:d8:0e:e2:25:58:aa:
82:5d:d7:6d:b3:bb:3a:ae:66:9f:fa:29:32:74:23:
0b:d7:d9:98:32:12:a0:ca:6d:75:c8:ad:76:57:30:
49:0e:c7:75:f4:4b:c4:63:46:d0:b7:63:77:28:47:
25:f3:ae:11:7f:d8:fa:19:c5:65:1c:54:8a:5b:e8:
bc:08:f8:da:93:fb:3d:62:93:bf:a8:bd:64:00:d2:
f5:bf:53:bd:8e:ed:ee:bb:41:48:a0:22:a9:6a:7e:
e2:cb:b6:56:fb:39:93:3a:80:39:d9:b5:ba:53:56:
7a:d9:67:28:1a:ca:99:e7:2d:e7:71:41:36:f6:f8:
0d:29:ff:05:4b:de:07:57:fd:34:66:6c:80:1e:6a:
02:19:5c:fb:3f:a7:0c:22:a0:94:27:2f:84:0c:1f:
c7:87:37:77:32:74:ca:59:b1:93:7d:f7:b4:a8:2a:
88:40:25:13:61:f7:9d:70:f0:dc:e6:3c:40:9b:ea:
07:9d:d3:61:d5:c0:15:ea:76:5f:be:7c:2b:3a:32:
b3:00:bf:d2:a2:0a:ed:be:69:71:79:65:10:90:02:
95:32:b1:64:07:17:dd:b6:55:0e:a6:d5:e7:b2:7e:
cf:19:58:91:21:a2:87:cb:72:89:6e:67:49:05:ac:
36:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:C9:99:99:8D:77:D6:C5:12:A8:7D:F9:FD:EE:EF:7F:36:27:0D:0E
X509v3 Authority Key Identifier:
keyid:8A:56:68:85:A1:D6:D5:54:45:46:CD:28:5D:86:C4:EF:FE:AA:3C:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ilZohaHW1VRFRs0oXYbE7_6qPCw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/dcfbc7-64b8-4c91-89a0-1af05a2237c3/1/4cmZmY131sUSqH35_e7vfzYnDQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/dcfbc7-64b8-4c91-89a0-1af05a2237c3/1/ilZohaHW1VRFRs0oXYbE7_6qPCw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.130.224.0/20
31.133.128.0/18
IPv6:
2001:67c:370::/48
2001:67c:1230::/46
Signature Algorithm: sha256WithRSAEncryption
61:1d:09:bc:06:02:fd:84:60:a9:80:df:4b:7a:e5:1f:05:09:
48:f9:61:9b:94:0e:bd:22:ca:bb:2e:4f:70:15:18:4d:5b:7b:
ca:6e:0f:70:06:f1:87:06:13:e1:ef:34:89:6e:14:77:f1:2f:
12:0f:7e:b0:ba:f6:ac:07:a0:c7:2b:98:2d:31:8b:27:f3:ce:
61:fd:27:66:5c:ad:04:dc:f0:1c:1f:a1:5d:25:28:49:78:0d:
bb:21:b2:aa:f5:c9:e5:c3:a2:eb:18:f6:83:2d:d8:82:5b:27:
94:0b:f0:c3:97:96:0a:a2:40:a3:f1:49:78:37:fb:63:f2:16:
ef:c7:ad:60:e3:39:5c:79:30:1a:82:0c:d7:47:34:f0:a3:f9:
c8:7a:9b:bb:c0:03:4d:9d:24:3c:f8:05:a7:3d:81:be:43:ab:
54:34:cc:4e:09:e2:93:61:6c:e3:c8:e7:13:70:9f:18:72:3a:
08:ef:bf:f3:3c:c6:c4:e3:e8:0d:9a:7d:8f:54:21:86:fc:ce:
d1:c1:3a:78:48:cb:0e:62:ca:c3:33:df:bf:5f:eb:f3:ed:7d:
38:c3:bc:e2:6d:d0:90:ae:22:3b:ec:e8:d9:67:73:83:5a:70:
5f:c4:8d:54:e1:bc:f4:1c:41:0c:d5:d8:59:45:c1:2f:dd:02:
e0:0c:ee:f4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIEF8xb3zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YTU2Njg4NWExZDZkNTU0NDU0NmNkMjg1ZDg2YzRlZmZlYWEzYzJjMB4XDTIyMDEw
MTE1MDMyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTFjOTk5OTk4ZDc3
ZDZjNTEyYTg3ZGY5ZmRlZWVmN2YzNjI3MGQwZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIaC+GXeZABv2A7iJViqgl3XbbO7Oq5mn/opMnQjC9fZmDIS
oMptdcitdlcwSQ7HdfRLxGNG0LdjdyhHJfOuEX/Y+hnFZRxUilvovAj42pP7PWKT
v6i9ZADS9b9TvY7t7rtBSKAiqWp+4su2Vvs5kzqAOdm1ulNWetlnKBrKmect53FB
Nvb4DSn/BUveB1f9NGZsgB5qAhlc+z+nDCKglCcvhAwfx4c3dzJ0ylmxk333tKgq
iEAlE2H3nXDw3OY8QJvqB53TYdXAFep2X758KzoyswC/0qIK7b5pcXllEJAClTKx
ZAcX3bZVDqbV57J+zxlYkSGih8tyiW5nSQWsNs8CAwEAAaOCAikwggIlMB0GA1Ud
DgQWBBThyZmZjXfWxRKoffn97u9/NicNDjAfBgNVHSMEGDAWgBSKVmiFodbVVEVG
zShdhsTv/qo8LDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lsWm9oYUhXMVZSRlJzMG9YWWJFN182cVBDdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2IvZGNmYmM3LTY0YjgtNGM5MS04OWEwLTFhZjA1YTIyMzdjMy8x
LzRjbVptWTEzMXNVU3FIMzVfZTd2ZnpZbkRRNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Iv
ZGNmYmM3LTY0YjgtNGM5MS04OWEwLTFhZjA1YTIyMzdjMy8xL2lsWm9oYUhXMVZS
RlJzMG9YWWJFN182cVBDdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA/
BggrBgEFBQcBBwEB/wQwMC4wEgQCAAEwDAMEBB+C4AMEBh+FgDAYBAIAAjASAwcA
IAEGfANwAwcCIAEGfBIwMA0GCSqGSIb3DQEBCwUAA4IBAQBhHQm8BgL9hGCpgN9L
euUfBQlI+WGblA69Isq7Lk9wFRhNW3vKbg9wBvGHBhPh7zSJbhR38S8SD36wuvas
B6DHK5gtMYsn885h/SdmXK0E3PAcH6FdJShJeA27IbKq9cnlw6LrGPaDLdiCWyeU
C/DDl5YKokCj8Ul4N/tj8hbvx61g4zlceTAaggzXRzTwo/nIepu7wANNnSQ8+AWn
PYG+Q6tUNMxOCeKTYWzjyOcTcJ8YcjoI77/zPMbE4+gNmn2PVCGG/M7RwTp4SMsO
YsrDM9+/X+vz7X04w7zibdCQriI77OjZZ3ODWnBfxI1U4bz0HEEM1dhZRcEv3QLg
DO70
-----END CERTIFICATE-----
Generated at Tue Apr 22 10:44:49 2025 by rpki-client