Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/HJgXapk1sD5Nc1Vj016eX0aSxnY.roa
File: HJgXapk1sD5Nc1Vj016eX0aSxnY.roa (raw, json)
Hash identifier: NAYuG8u9io1M/9wRVw9/h2zjSacJU6sEgNUM6Po8yh0=
Subject key identifier: 1C:98:17:6A:99:35:B0:3E:4D:73:55:63:D3:5E:9E:5F:46:92:C6:76
Certificate issuer: /CN=dafb645f134f4fdada45e70bcfcd93b897dbd725
Certificate serial: 01856DB8934EBABA86622BB15206026C02E7
Authority key identifier: DA:FB:64:5F:13:4F:4F:DA:DA:45:E7:0B:CF:CD:93:B8:97:DB:D7:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2vtkXxNPT9raRecLz82TuJfb1yU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/HJgXapk1sD5Nc1Vj016eX0aSxnY.roa
Signing time: Sun 01 Jan 2023 14:24:50 +0000
ROA not before: Sun 01 Jan 2023 14:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57292
IP address blocks: 31.184.130.0/23 maxlen: 24
31.184.130.0/24 maxlen: 24
31.184.131.0/24 maxlen: 24
31.184.132.0/23 maxlen: 24
31.184.132.0/24 maxlen: 24
31.184.133.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:b8:93:4e:ba:ba:86:62:2b:b1:52:06:02:6c:02:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dafb645f134f4fdada45e70bcfcd93b897dbd725
Validity
Not Before: Jan 1 14:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c98176a9935b03e4d735563d35e9e5f4692c676
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:79:68:04:46:f3:44:2a:ba:50:cd:43:b9:4b:
09:54:39:4e:df:b6:88:96:17:5d:77:28:e8:3a:49:
35:a1:01:5a:b6:4c:49:fa:b4:b3:37:47:19:9f:f3:
e2:54:10:dd:30:4f:0f:10:16:96:6b:d8:8c:db:13:
f2:40:fe:b4:8a:9a:ac:bb:ab:0f:d4:3c:37:51:31:
52:c2:f2:db:4e:80:77:8d:8d:a1:cf:82:8a:d9:c8:
d5:0d:2f:4a:da:d1:80:15:37:b6:4c:03:96:52:01:
ff:64:b1:64:38:76:c4:9f:00:6d:c8:a1:fe:04:6f:
fd:7a:dc:fc:5d:28:5c:0c:18:e3:8f:e0:ec:1f:09:
92:41:0e:58:4f:1f:07:ff:83:b0:72:a2:bf:61:9f:
5e:55:b1:98:ee:2b:c8:b0:fb:74:fb:73:9d:af:7b:
ce:ee:85:e2:a0:17:c7:7e:14:e3:db:8f:ff:ca:a2:
b6:a3:97:1b:83:f8:55:47:4e:b1:28:ea:83:7f:ff:
d0:63:8a:3c:fb:90:1c:22:44:9c:bb:0d:50:b6:b9:
57:78:37:e9:18:9f:b8:31:53:0b:72:93:18:05:84:
df:7d:93:49:dd:3c:05:3a:a4:8f:12:23:cf:10:cc:
39:d4:c7:9d:fb:e4:46:47:d1:0a:72:47:f3:ee:9d:
c5:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:98:17:6A:99:35:B0:3E:4D:73:55:63:D3:5E:9E:5F:46:92:C6:76
X509v3 Authority Key Identifier:
keyid:DA:FB:64:5F:13:4F:4F:DA:DA:45:E7:0B:CF:CD:93:B8:97:DB:D7:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2vtkXxNPT9raRecLz82TuJfb1yU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/HJgXapk1sD5Nc1Vj016eX0aSxnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/2vtkXxNPT9raRecLz82TuJfb1yU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.184.130.0-31.184.133.255
Signature Algorithm: sha256WithRSAEncryption
89:e0:e1:a0:16:9d:1d:bc:43:fa:b8:fe:f6:bb:12:b8:ce:13:
52:f5:81:28:95:be:33:b9:fe:d6:9c:85:15:9c:40:3a:df:76:
a3:17:5a:8b:62:2c:20:a9:a4:9c:da:4d:b4:df:1e:bd:25:b4:
43:88:42:d4:f7:d4:ce:5e:5b:db:a8:21:e6:df:65:88:e3:ea:
07:25:3c:a6:d3:e5:55:7d:02:b3:68:7e:f7:ee:3c:6f:be:1a:
c9:9b:ba:84:7d:78:da:8f:bc:45:f2:6c:39:f8:b7:23:a1:c9:
bb:0c:1c:ac:df:e7:e1:0e:cd:23:43:ec:a6:f9:74:77:7c:d0:
3e:c2:1e:ce:79:8d:22:28:09:1c:f3:a0:4a:bb:d4:47:84:74:
48:1f:39:88:35:b8:7f:c0:e8:63:a5:6f:40:ac:37:22:04:73:
99:cc:ab:96:75:ad:54:3f:a8:95:8e:b0:36:94:3c:8a:f0:86:
a7:50:d0:d6:41:ca:82:71:1d:12:54:08:3f:e4:f7:fe:87:a4:
de:9c:77:9c:d5:f3:07:e6:7e:bf:47:db:d4:a1:0b:22:f4:c3:
93:e2:06:18:2b:fe:10:73:99:85:47:c1:a1:ba:b4:58:0b:8d:
f8:8e:42:8e:14:d6:68:8b:ab:26:db:bb:e4:fd:96:d2:ef:21:
08:48:5e:d9
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVtuJNOurqGYiuxUgYCbALnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhZmI2NDVmMTM0ZjRmZGFkYTQ1ZTcwYmNmY2Q5M2I4OTdk
YmQ3MjUwHhcNMjMwMTAxMTQyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzk4MTc2YTk5MzViMDNlNGQ3MzU1NjNkMzVlOWU1ZjQ2OTJjNjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXloBEbzRCq6UM1DuUsJVDlO37aI
lhdddyjoOkk1oQFatkxJ+rSzN0cZn/PiVBDdME8PEBaWa9iM2xPyQP60ipqsu6sP
1Dw3UTFSwvLbToB3jY2hz4KK2cjVDS9K2tGAFTe2TAOWUgH/ZLFkOHbEnwBtyKH+
BG/9etz8XShcDBjjj+DsHwmSQQ5YTx8H/4OwcqK/YZ9eVbGY7ivIsPt0+3Odr3vO
7oXioBfHfhTj24//yqK2o5cbg/hVR06xKOqDf//QY4o8+5AcIkScuw1QtrlXeDfp
GJ+4MVMLcpMYBYTffZNJ3TwFOqSPEiPPEMw51Med++RGR9EKckfz7p3FAQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFByYF2qZNbA+TXNVY9Nenl9GksZ2MB8GA1UdIwQY
MBaAFNr7ZF8TT0/a2kXnC8/Nk7iX29clMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnZ0a1h4TlBUOXJhUmVjTHo4MlR1SmZiMXlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi83YTQ4ZjUtYmQyNC00ZGM0LThjY2Et
NmJhMGEwY2UwMWVkLzEvSEpnWGFwazFzRDVOYzFWajAxNmVYMGFTeG5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi83YTQ4ZjUtYmQyNC00ZGM0LThjY2EtNmJhMGEwY2UwMWVk
LzEvMnZ0a1h4TlBUOXJhUmVjTHo4MlR1SmZiMXlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAEfuIID
BAEfuIQwDQYJKoZIhvcNAQELBQADggEBAIng4aAWnR28Q/q4/va7ErjOE1L1gSiV
vjO5/tachRWcQDrfdqMXWotiLCCppJzaTbTfHr0ltEOIQtT31M5eW9uoIebfZYjj
6gclPKbT5VV9ArNofvfuPG++GsmbuoR9eNqPvEXybDn4tyOhybsMHKzf5+EOzSND
7Kb5dHd80D7CHs55jSIoCRzzoEq71EeEdEgfOYg1uH/A6GOlb0CsNyIEc5nMq5Z1
rVQ/qJWOsDaUPIrwhqdQ0NZByoJxHRJUCD/k9/6HpN6cd5zV8wfmfr9H29ShCyL0
w5PiBhgr/hBzmYVHwaG6tFgLjfiOQo4U1miLqybbu+T9ltLvIQhIXtk=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:50:12 2025 by rpki-client