Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/0VAbMuD8nRkKrkFEZDBrwwEhdm4.roa
File: 0VAbMuD8nRkKrkFEZDBrwwEhdm4.roa (raw, json)
Hash identifier: LDs8ThlHqUIc2bOwBWJmuGqGBZD3Im+SdOCI2ujMwHA=
Subject key identifier: D1:50:1B:32:E0:FC:9D:19:0A:AE:41:44:64:30:6B:C3:01:21:76:6E
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018570959E47D15DB6E660C0C9752F7E21A4
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/0VAbMuD8nRkKrkFEZDBrwwEhdm4.roa
Signing time: Mon 02 Jan 2023 03:45:31 +0000
ROA not before: Mon 02 Jan 2023 03:45:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204917
IP address blocks: 31.148.170.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:9e:47:d1:5d:b6:e6:60:c0:c9:75:2f:7e:21:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1501b32e0fc9d190aae414464306bc30121766e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:cc:1e:ec:71:3b:b4:dd:6a:ed:22:78:20:ec:
bb:0d:2d:1d:ac:f2:19:78:41:5d:41:a1:e3:6e:e3:
0c:a1:e9:e4:10:70:70:81:43:7d:11:7d:c6:25:d4:
4c:00:18:2d:b6:3b:b7:d5:38:a2:04:6e:ca:ff:80:
54:75:66:8e:1c:27:01:42:58:ad:39:05:a8:8a:36:
df:23:b3:40:ae:f5:1c:f1:8f:b3:43:11:4e:1b:45:
61:96:c8:94:2b:fb:03:e6:aa:cc:ff:4f:72:90:55:
31:ae:2c:5f:81:61:8a:dd:e9:c7:06:b0:cf:b4:29:
e1:d6:3c:45:c9:ae:38:0e:0c:42:2b:80:e8:f6:d2:
7b:af:91:3d:1c:cf:cd:d3:fa:20:44:a6:e8:b2:96:
4d:18:36:a1:e9:b9:30:9a:26:dc:4b:2f:5f:bc:35:
bf:c1:68:25:bd:84:d6:cb:2c:c5:fb:fe:3e:55:c6:
99:b0:7e:34:9a:c5:d1:44:19:3a:de:de:c7:4e:27:
4b:49:b2:0e:c9:5a:99:05:32:ca:ec:7f:62:76:b5:
f2:ad:6d:d2:09:5c:2c:63:81:6c:1d:3d:1d:e4:72:
20:b3:db:26:70:b7:14:e7:21:2a:d2:22:56:fa:fe:
75:c2:18:df:6d:34:2e:81:f4:3a:c2:c6:2f:b7:cd:
66:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:50:1B:32:E0:FC:9D:19:0A:AE:41:44:64:30:6B:C3:01:21:76:6E
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/0VAbMuD8nRkKrkFEZDBrwwEhdm4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.170.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:8b:2f:22:47:de:6f:13:23:9e:33:e3:a4:bb:aa:b3:34:ba:
78:09:20:30:0e:2d:41:8d:35:83:b2:d0:47:2e:58:5a:64:f9:
8e:21:78:48:84:08:bd:4c:b7:30:7d:4b:62:fe:35:aa:0d:3c:
a6:8e:55:d4:50:b5:0e:fa:bf:d1:19:d6:39:d1:99:87:03:c7:
38:0c:b6:01:05:27:d2:98:19:71:2d:29:7a:e4:7c:18:de:3d:
98:69:af:65:5a:3e:c3:54:10:5a:58:2e:66:30:f5:4f:5f:f4:
42:2e:30:91:f0:33:29:b2:b6:35:ed:d2:52:94:31:02:e4:d7:
45:c1:c3:dc:09:fc:5d:70:2d:ef:3f:85:00:47:67:a3:9d:4a:
6a:8f:5d:29:18:a4:5b:7f:d2:db:5a:07:e2:ad:52:8b:60:9b:
bf:ea:6b:2f:5b:4b:ce:80:36:b0:79:e3:bc:3f:18:90:21:7b:
db:83:3b:42:7c:ad:98:fd:f1:5f:e9:73:a1:06:86:22:3c:77:
1d:cf:08:86:b6:90:ff:a9:15:73:22:ae:64:da:df:67:85:80:
d9:ff:22:72:0a:96:7a:2f:ca:6e:bd:25:ce:ce:7c:33:d1:d5:
35:ec:ec:26:20:89:32:45:61:56:b7:3c:f3:ef:37:f0:55:bd:
ba:74:83:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlZ5H0V225mDAyXUvfiGkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTUwMWIzMmUwZmM5ZDE5MGFhZTQxNDQ2NDMwNmJjMzAxMjE3NjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcwe7HE7tN1q7SJ4IOy7DS0drPIZ
eEFdQaHjbuMMoenkEHBwgUN9EX3GJdRMABgttju31TiiBG7K/4BUdWaOHCcBQlit
OQWoijbfI7NArvUc8Y+zQxFOG0VhlsiUK/sD5qrM/09ykFUxrixfgWGK3enHBrDP
tCnh1jxFya44DgxCK4Do9tJ7r5E9HM/N0/ogRKbospZNGDah6bkwmibcSy9fvDW/
wWglvYTWyyzF+/4+VcaZsH40msXRRBk63t7HTidLSbIOyVqZBTLK7H9idrXyrW3S
CVwsY4FsHT0d5HIgs9smcLcU5yEq0iJW+v51whjfbTQugfQ6wsYvt81mswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNFQGzLg/J0ZCq5BRGQwa8MBIXZuMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvMFZBYk11RDhuUmtLcmtGRVpEQnJ3d0VoZG00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAH5SqMA0G
CSqGSIb3DQEBCwUAA4IBAQAuiy8iR95vEyOeM+Oku6qzNLp4CSAwDi1BjTWDstBH
LlhaZPmOIXhIhAi9TLcwfUti/jWqDTymjlXUULUO+r/RGdY50ZmHA8c4DLYBBSfS
mBlxLSl65HwY3j2Yaa9lWj7DVBBaWC5mMPVPX/RCLjCR8DMpsrY17dJSlDEC5NdF
wcPcCfxdcC3vP4UAR2ejnUpqj10pGKRbf9LbWgfirVKLYJu/6msvW0vOgDaweeO8
PxiQIXvbgztCfK2Y/fFf6XOhBoYiPHcdzwiGtpD/qRVzIq5k2t9nhYDZ/yJyCpZ6
L8puvSXOznwz0dU17OwmIIkyRWFWtzzz7zfwVb26dIPE
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:41:27 2025 by rpki-client