Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/0c7243-1ffb-49d2-b5c1-b402e8a1d934/1/PaqbxP0peoyPW-YkZ_ScTNtDLIM.roa
File: PaqbxP0peoyPW-YkZ_ScTNtDLIM.roa (raw, json)
Hash identifier: 3lTi8rFueGLJ8MVS3jNkLEyB2T2yV3cJKXXYeCDNBvI=
Subject key identifier: 3D:AA:9B:C4:FD:29:7A:8C:8F:5B:E6:24:67:F4:9C:4C:DB:43:2C:83
Certificate issuer: /CN=7fe0e759354e83cc19320381109de22da0f1a700
Certificate serial: 01856DC1EBC30876BAC0CE9983A29F425396
Authority key identifier: 7F:E0:E7:59:35:4E:83:CC:19:32:03:81:10:9D:E2:2D:A0:F1:A7:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f-DnWTVOg8wZMgOBEJ3iLaDxpwA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/0c7243-1ffb-49d2-b5c1-b402e8a1d934/1/PaqbxP0peoyPW-YkZ_ScTNtDLIM.roa
Signing time: Sun 01 Jan 2023 14:35:03 +0000
ROA not before: Sun 01 Jan 2023 14:35:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49814
IP address blocks: 176.65.32.0/19 maxlen: 19
31.24.24.0/21 maxlen: 21
2a00:9700::/32 maxlen: 32
2a00:9700::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:eb:c3:08:76:ba:c0:ce:99:83:a2:9f:42:53:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7fe0e759354e83cc19320381109de22da0f1a700
Validity
Not Before: Jan 1 14:35:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3daa9bc4fd297a8c8f5be62467f49c4cdb432c83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:2f:2e:4e:20:d7:62:c0:ec:96:54:cb:a5:91:
86:d1:01:f7:7d:2b:ab:65:12:4b:87:d6:93:cb:0e:
72:51:ef:32:ff:4b:7b:48:17:c9:79:72:25:f8:fe:
bb:c1:30:0a:0e:29:88:95:bd:cf:23:f8:04:c3:5c:
0c:4a:c0:a6:54:fe:9f:91:f4:80:43:7a:a4:b3:88:
16:2c:2c:fa:b4:e0:2f:33:c2:79:35:9d:cf:b3:87:
af:a6:45:a8:e3:47:ac:3b:64:de:c9:13:87:17:5b:
85:10:4f:31:31:5d:af:c4:f7:f6:54:93:50:bd:c1:
a7:c5:c5:ed:1d:40:0d:84:6f:0c:5b:18:5d:74:7d:
25:0a:c7:b0:07:5b:9a:c4:78:23:38:ea:0d:49:62:
1f:27:eb:e3:48:50:e9:cf:44:38:ce:fc:28:e6:03:
57:42:e7:e8:72:9f:b4:84:0d:68:19:f3:97:ab:4b:
98:34:68:28:d1:3c:5c:a7:b1:de:93:a7:b6:fb:30:
a5:b5:e7:b0:51:53:35:f7:91:a1:35:9f:8c:1f:66:
d6:ba:90:57:eb:67:db:b8:8a:c4:27:1b:94:ca:03:
22:15:68:19:67:0b:51:a4:16:bc:2d:24:cd:fc:bf:
da:5b:d6:fc:70:f8:6f:c8:43:5e:cf:dc:7b:18:72:
03:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:AA:9B:C4:FD:29:7A:8C:8F:5B:E6:24:67:F4:9C:4C:DB:43:2C:83
X509v3 Authority Key Identifier:
keyid:7F:E0:E7:59:35:4E:83:CC:19:32:03:81:10:9D:E2:2D:A0:F1:A7:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f-DnWTVOg8wZMgOBEJ3iLaDxpwA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/0c7243-1ffb-49d2-b5c1-b402e8a1d934/1/PaqbxP0peoyPW-YkZ_ScTNtDLIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/0c7243-1ffb-49d2-b5c1-b402e8a1d934/1/f-DnWTVOg8wZMgOBEJ3iLaDxpwA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.24.0/21
176.65.32.0/19
IPv6:
2a00:9700::/32
Signature Algorithm: sha256WithRSAEncryption
7e:10:17:e3:f9:79:14:8c:02:77:b1:21:6a:0e:cf:c1:29:4b:
f9:2c:74:60:c8:88:58:62:4f:56:90:82:31:e8:34:00:68:e7:
b3:a0:f4:d0:19:99:ef:0a:81:d3:e0:eb:71:24:3b:64:4f:e8:
71:05:61:2e:91:a0:9c:40:91:34:fe:e5:fc:18:eb:fb:26:53:
67:9f:12:80:b8:aa:ce:3d:c8:0f:94:eb:e1:9d:b6:39:ea:96:
77:54:99:b2:bf:7c:b1:7e:24:e1:29:97:fa:15:c7:45:3d:88:
7b:0c:a2:50:2e:29:6f:89:9b:73:7f:a9:bb:40:45:56:5e:f1:
7a:73:7e:04:28:b1:d2:cb:0b:91:74:6c:a5:0d:a6:ad:4d:9d:
99:6d:25:6d:9a:34:9d:11:bb:65:a3:a2:9a:51:80:6a:fa:0a:
53:39:77:19:e1:f2:af:bd:37:46:6b:09:80:fa:a8:77:b7:b4:
33:49:a9:9e:27:b7:ed:64:74:3e:35:c1:ce:75:f3:52:1d:48:
e6:1f:06:61:a6:cc:b2:5c:7f:be:21:5d:7b:46:39:f3:b2:6d:
bd:03:aa:33:f6:e6:17:3f:15:f4:e3:73:e2:5d:6f:02:43:48:
75:bb:16:97:9d:c9:c2:b0:f9:bd:f7:13:57:d6:c7:a7:a7:41:
eb:94:1c:f7
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVtwevDCHa6wM6Zg6KfQlOWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmZTBlNzU5MzU0ZTgzY2MxOTMyMDM4MTEwOWRlMjJkYTBm
MWE3MDAwHhcNMjMwMTAxMTQzNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGFhOWJjNGZkMjk3YThjOGY1YmU2MjQ2N2Y0OWM0Y2RiNDMyYzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvi8uTiDXYsDsllTLpZGG0QH3fSur
ZRJLh9aTyw5yUe8y/0t7SBfJeXIl+P67wTAKDimIlb3PI/gEw1wMSsCmVP6fkfSA
Q3qks4gWLCz6tOAvM8J5NZ3Ps4evpkWo40esO2TeyROHF1uFEE8xMV2vxPf2VJNQ
vcGnxcXtHUANhG8MWxhddH0lCsewB1uaxHgjOOoNSWIfJ+vjSFDpz0Q4zvwo5gNX
Qufocp+0hA1oGfOXq0uYNGgo0Txcp7Hek6e2+zClteewUVM195GhNZ+MH2bWupBX
62fbuIrEJxuUygMiFWgZZwtRpBa8LSTN/L/aW9b8cPhvyENez9x7GHIDWwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFD2qm8T9KXqMj1vmJGf0nEzbQyyDMB8GA1UdIwQY
MBaAFH/g51k1ToPMGTIDgRCd4i2g8acAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZi1EbldUVk9nOHdaTWdPQkVKM2lMYUR4cHdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8wYzcyNDMtMWZmYi00OWQyLWI1YzEt
YjQwMmU4YTFkOTM0LzEvUGFxYnhQMHBlb3lQVy1Za1pfU2NUTnRETElNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8wYzcyNDMtMWZmYi00OWQyLWI1YzEtYjQwMmU4YTFkOTM0
LzEvZi1EbldUVk9nOHdaTWdPQkVKM2lMYUR4cHdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDHxgYAwQF
sEEgMA0EAgACMAcDBQAqAJcAMA0GCSqGSIb3DQEBCwUAA4IBAQB+EBfj+XkUjAJ3
sSFqDs/BKUv5LHRgyIhYYk9WkIIx6DQAaOezoPTQGZnvCoHT4OtxJDtkT+hxBWEu
kaCcQJE0/uX8GOv7JlNnnxKAuKrOPcgPlOvhnbY56pZ3VJmyv3yxfiThKZf6FcdF
PYh7DKJQLilviZtzf6m7QEVWXvF6c34EKLHSywuRdGylDaatTZ2ZbSVtmjSdEbtl
o6KaUYBq+gpTOXcZ4fKvvTdGawmA+qh3t7QzSameJ7ftZHQ+NcHOdfNSHUjmHwZh
psyyXH++IV17Rjnzsm29A6oz9uYXPxX043PiXW8CQ0h1uxaXncnCsPm99xNX1sen
p0HrlBz3
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:54:39 2025 by rpki-client