Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/f4ea59-1810-4210-98f3-709f03624e7e/1/qa6IyeySqaZ45LCOff1HDejUAWY.roa
File: qa6IyeySqaZ45LCOff1HDejUAWY.roa (raw, json)
Hash identifier: uG2Rbup0oB2Oyy2+kWPWoFuETonXW81b3XSrsyQWf14=
Subject key identifier: A9:AE:88:C9:EC:92:A9:A6:78:E4:B0:8E:7D:FD:47:0D:E8:D4:01:66
Certificate issuer: /CN=34bca94f6b61e10100dc3a7186ffa3f9b00c69dd
Certificate serial: 01857155694E9A1276891889B5B1C707E58E
Authority key identifier: 34:BC:A9:4F:6B:61:E1:01:00:DC:3A:71:86:FF:A3:F9:B0:0C:69:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NLypT2th4QEA3Dpxhv-j-bAMad0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/f4ea59-1810-4210-98f3-709f03624e7e/1/qa6IyeySqaZ45LCOff1HDejUAWY.roa
Signing time: Mon 02 Jan 2023 07:15:00 +0000
ROA not before: Mon 02 Jan 2023 07:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197686
IP address blocks: 31.31.216.0/21 maxlen: 24
31.31.216.0/24 maxlen: 24
31.31.218.0/24 maxlen: 24
31.31.217.0/24 maxlen: 24
31.31.219.0/24 maxlen: 24
31.31.223.0/24 maxlen: 24
31.31.222.0/24 maxlen: 24
31.31.221.0/24 maxlen: 24
31.31.220.0/24 maxlen: 24
2a07:1e00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:55:69:4e:9a:12:76:89:18:89:b5:b1:c7:07:e5:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34bca94f6b61e10100dc3a7186ffa3f9b00c69dd
Validity
Not Before: Jan 2 07:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9ae88c9ec92a9a678e4b08e7dfd470de8d40166
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:2c:92:03:17:da:8d:55:91:ce:6c:84:3a:c7:
a0:a3:15:5d:3d:50:1f:bd:29:7c:85:e8:40:df:b8:
ac:00:56:bb:7a:ca:33:e4:1c:13:a4:74:54:7e:19:
fa:5e:08:9d:96:2a:37:9d:50:56:81:30:ef:6d:5e:
5b:98:be:4e:91:e1:c2:14:90:fb:70:02:56:4b:44:
52:e0:62:f7:6b:64:78:a0:6e:e9:e8:a3:0b:53:9c:
48:7a:b0:2a:ea:ec:51:9b:a1:10:71:24:92:df:04:
fa:3e:b8:57:ac:8d:c4:af:90:37:1d:98:53:2c:d1:
51:7b:d7:2b:77:56:a0:b6:e9:b3:30:60:35:48:27:
ce:12:2c:e3:6c:ae:e0:af:47:30:8e:6f:79:40:c8:
79:c2:d4:c9:33:bd:c7:78:74:7e:4b:19:e1:3d:b3:
a2:c1:a7:e6:6d:8d:d9:fd:31:0f:44:95:9d:06:57:
38:2f:80:65:b9:a0:03:1e:08:3f:b0:ce:32:3f:c9:
ab:6c:5e:f5:43:95:b2:2f:9a:e5:6e:d1:f3:2d:e7:
a1:2e:a1:bd:c5:0d:3a:c5:ea:6c:79:d5:d4:17:02:
8d:ab:28:ec:75:fa:87:4f:28:98:88:3e:8a:69:c5:
ad:f0:67:f1:7e:31:24:2b:7f:3b:b6:72:ed:0c:bc:
ab:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:AE:88:C9:EC:92:A9:A6:78:E4:B0:8E:7D:FD:47:0D:E8:D4:01:66
X509v3 Authority Key Identifier:
keyid:34:BC:A9:4F:6B:61:E1:01:00:DC:3A:71:86:FF:A3:F9:B0:0C:69:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NLypT2th4QEA3Dpxhv-j-bAMad0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f4ea59-1810-4210-98f3-709f03624e7e/1/qa6IyeySqaZ45LCOff1HDejUAWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f4ea59-1810-4210-98f3-709f03624e7e/1/NLypT2th4QEA3Dpxhv-j-bAMad0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.31.216.0/21
IPv6:
2a07:1e00::/32
Signature Algorithm: sha256WithRSAEncryption
ab:7e:96:9f:d4:50:04:ed:f2:64:44:00:a3:9e:6a:75:49:e4:
f9:14:06:95:94:51:8d:76:a3:ac:74:3e:0e:e0:d7:b1:b6:77:
85:08:bd:43:87:94:04:1d:2a:d4:0c:36:c1:aa:b0:a1:98:9c:
e9:80:0e:d1:0d:b6:fc:aa:f4:fe:bc:47:0f:f7:c6:55:49:5e:
8d:e6:28:f0:ca:be:10:2f:3f:71:42:d3:8d:f3:3b:44:ed:f2:
fc:fd:72:96:79:d6:d9:0f:28:93:f6:fd:90:a4:ee:f1:6f:7c:
2c:cd:fb:1b:6c:fa:ab:81:23:fb:18:14:b1:d2:fe:8e:53:64:
68:a8:0d:d9:06:ba:4f:fb:70:68:a5:36:59:34:dc:fa:66:71:
d8:8c:35:6e:c2:6b:1a:a9:37:6e:8c:55:15:b5:52:76:46:a8:
cc:c6:5a:f1:20:e0:38:dc:bb:96:61:5e:ed:41:ab:8a:4c:e2:
4b:82:3b:91:31:5a:7c:58:41:9c:17:ec:04:f6:07:fe:46:c6:
aa:bc:34:c8:4b:b2:ec:e8:ba:77:da:c6:95:52:dd:44:fe:2b:
be:60:eb:24:f6:a5:80:59:ed:6a:f1:e5:a5:94:99:11:b4:fa:
9f:cf:e9:5d:7f:b2:8b:15:ed:59:79:56:4d:3a:45:07:92:f2:
96:9c:6c:ff
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxVWlOmhJ2iRiJtbHHB+WOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0YmNhOTRmNmI2MWUxMDEwMGRjM2E3MTg2ZmZhM2Y5YjAw
YzY5ZGQwHhcNMjMwMTAyMDcxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWFlODhjOWVjOTJhOWE2NzhlNGIwOGU3ZGZkNDcwZGU4ZDQwMTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmyySAxfajVWRzmyEOsegoxVdPVAf
vSl8hehA37isAFa7esoz5BwTpHRUfhn6Xgidlio3nVBWgTDvbV5bmL5OkeHCFJD7
cAJWS0RS4GL3a2R4oG7p6KMLU5xIerAq6uxRm6EQcSSS3wT6PrhXrI3Er5A3HZhT
LNFRe9crd1agtumzMGA1SCfOEizjbK7gr0cwjm95QMh5wtTJM73HeHR+SxnhPbOi
wafmbY3Z/TEPRJWdBlc4L4BluaADHgg/sM4yP8mrbF71Q5WyL5rlbtHzLeehLqG9
xQ06xepsedXUFwKNqyjsdfqHTyiYiD6KacWt8GfxfjEkK387tnLtDLyrJwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKmuiMnskqmmeOSwjn39Rw3o1AFmMB8GA1UdIwQY
MBaAFDS8qU9rYeEBANw6cYb/o/mwDGndMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkx5cFQydGg0UUVBM0RweGh2LWotYkFNYWQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9mNGVhNTktMTgxMC00MjEwLTk4ZjMt
NzA5ZjAzNjI0ZTdlLzEvcWE2SXlleVNxYVo0NUxDT2ZmMUhEZWpVQVdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9mNGVhNTktMTgxMC00MjEwLTk4ZjMtNzA5ZjAzNjI0ZTdl
LzEvTkx5cFQydGg0UUVBM0RweGh2LWotYkFNYWQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDHx/YMA0E
AgACMAcDBQAqBx4AMA0GCSqGSIb3DQEBCwUAA4IBAQCrfpaf1FAE7fJkRACjnmp1
SeT5FAaVlFGNdqOsdD4O4NextneFCL1Dh5QEHSrUDDbBqrChmJzpgA7RDbb8qvT+
vEcP98ZVSV6N5ijwyr4QLz9xQtON8ztE7fL8/XKWedbZDyiT9v2QpO7xb3wszfsb
bPqrgSP7GBSx0v6OU2RoqA3ZBrpP+3BopTZZNNz6ZnHYjDVuwmsaqTdujFUVtVJ2
RqjMxlrxIOA43LuWYV7tQauKTOJLgjuRMVp8WEGcF+wE9gf+RsaqvDTIS7Ls6Lp3
2saVUt1E/iu+YOsk9qWAWe1q8eWllJkRtPqfz+ldf7KLFe1ZeVZNOkUHkvKWnGz/
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:15 2025 by rpki-client