Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/C-i6IBuugC5aGKkCTmKau_lPzAk.roa
File: C-i6IBuugC5aGKkCTmKau_lPzAk.roa (raw, json)
Hash identifier: CwZEmTyAWAjxSgLfcD812WtnYW7cacyT0Te+xygjyLY=
Subject key identifier: 0B:E8:BA:20:1B:AE:80:2E:5A:18:A9:02:4E:62:9A:BB:F9:4F:CC:09
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 28268DBE
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/C-i6IBuugC5aGKkCTmKau_lPzAk.roa
Signing time: Sat 01 Jan 2022 16:09:42 +0000
ROA not before: Sat 01 Jan 2022 16:09:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202198
IP address blocks: 31.148.171.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 673615294 (0x28268dbe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 1 16:09:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0be8ba201bae802e5a18a9024e629abbf94fcc09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:88:ac:71:db:3f:2c:4e:0b:1f:0a:ad:2a:7a:
0d:87:c4:4e:4d:42:16:e5:af:69:6c:0b:44:d4:9b:
97:a5:28:cb:26:5a:96:5f:ed:97:8a:af:1b:c7:6f:
a6:dd:4a:1c:b0:ee:80:24:5a:a4:df:7c:19:87:db:
1f:d9:48:51:c7:b9:cf:d9:31:af:af:d7:36:d0:10:
dc:18:12:9a:c7:ae:80:b4:48:89:96:51:94:4c:f5:
3e:80:b1:c9:16:6f:03:40:52:08:20:bf:16:84:4c:
3a:4f:a2:b1:4a:d4:0b:50:f0:e8:37:2d:38:eb:d5:
6d:14:1a:82:6a:40:e6:b7:7c:03:a7:66:30:a0:21:
9b:02:07:67:61:73:14:b0:36:4f:bd:5d:0d:f7:8a:
ef:e8:06:91:bf:51:91:60:94:71:ad:10:fa:e5:a2:
62:aa:0c:ef:ef:79:67:67:e2:78:9d:b6:b6:ba:4d:
b6:e9:2f:7c:df:81:62:e2:72:15:d2:c4:b0:3d:d5:
90:e0:25:c5:e4:f9:15:6e:cf:73:25:97:14:36:14:
5a:05:70:58:2e:74:73:79:49:b9:bc:07:58:ef:ce:
d8:ac:ad:72:95:0b:0e:d0:37:dc:84:2a:ed:b3:e3:
6e:6f:e1:f3:c6:1e:31:b2:4d:8f:2a:21:2a:b2:d8:
0d:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:E8:BA:20:1B:AE:80:2E:5A:18:A9:02:4E:62:9A:BB:F9:4F:CC:09
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/C-i6IBuugC5aGKkCTmKau_lPzAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.171.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:79:c8:32:fc:4d:f1:da:32:b9:3a:7e:76:83:c5:06:c8:c1:
d7:f3:43:e2:c3:f8:b8:70:9a:4b:5f:5c:00:f8:e6:15:64:f6:
31:f7:9a:d3:4a:8a:1f:81:a8:e8:c6:c9:50:69:7b:76:78:dc:
86:cd:0b:7a:56:dd:ab:0d:01:0f:18:36:dd:a0:43:6b:25:81:
14:2c:ad:40:97:42:24:e2:d4:ce:17:93:22:66:0b:96:c0:f5:
68:77:96:c4:19:89:74:e7:d6:85:41:ce:b8:12:5f:11:a0:6d:
17:90:ab:16:b1:62:72:20:e6:be:1f:dc:93:95:85:3f:cb:84:
57:e0:bf:b5:be:a9:93:08:5d:99:1e:71:01:1a:00:ba:0f:34:
02:7f:01:47:e6:d0:6d:55:61:07:7e:98:c5:d6:e1:6d:98:6d:
6f:0a:dc:60:31:be:e4:51:5d:c0:9f:d9:8f:68:63:b7:07:8b:
eb:ff:4a:20:68:9c:4b:44:59:24:a6:37:a7:49:5b:2f:f0:82:
b9:5b:5b:a6:db:a4:a4:47:72:5a:15:4b:cb:d1:11:2e:e8:46:
1f:bf:67:6e:a3:09:af:59:5b:2f:31:e8:2c:d0:12:ea:10:32:
68:a1:ad:ae:b2:53:37:85:51:1a:a4:e7:86:22:e9:9f:eb:33:
05:14:55:69
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEKCaNvjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDkxMjJjMzU0MzhhNGViMjYyMzNmZGM2ZTRiYjFkZjJkYWFlZjQyMB4XDTIyMDEw
MTE2MDk0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGJlOGJhMjAxYmFl
ODAyZTVhMThhOTAyNGU2MjlhYmJmOTRmY2MwOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIyIrHHbPyxOCx8KrSp6DYfETk1CFuWvaWwLRNSbl6UoyyZa
ll/tl4qvG8dvpt1KHLDugCRapN98GYfbH9lIUce5z9kxr6/XNtAQ3BgSmseugLRI
iZZRlEz1PoCxyRZvA0BSCCC/FoRMOk+isUrUC1Dw6DctOOvVbRQagmpA5rd8A6dm
MKAhmwIHZ2FzFLA2T71dDfeK7+gGkb9RkWCUca0Q+uWiYqoM7+95Z2fieJ22trpN
tukvfN+BYuJyFdLEsD3VkOAlxeT5FW7PcyWXFDYUWgVwWC50c3lJubwHWO/O2Kyt
cpULDtA33IQq7bPjbm/h88YeMbJNjyohKrLYDVcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQL6LogG66ALloYqQJOYpq7+U/MCTAfBgNVHSMEGDAWgBR0kSLDVDik6yYj
P9xuS7HfLarvQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8x
L0MtaTZJQnV1Z0M1YUdLa0NUbUthdV9sUHpBay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
MThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8xL2RKRWl3MVE0cE9z
bUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAB+UqzANBgkqhkiG9w0BAQsFAAOC
AQEAGnnIMvxN8doyuTp+doPFBsjB1/ND4sP4uHCaS19cAPjmFWT2Mfea00qKH4Go
6MbJUGl7dnjchs0Lelbdqw0BDxg23aBDayWBFCytQJdCJOLUzheTImYLlsD1aHeW
xBmJdOfWhUHOuBJfEaBtF5CrFrFiciDmvh/ck5WFP8uEV+C/tb6pkwhdmR5xARoA
ug80An8BR+bQbVVhB36YxdbhbZhtbwrcYDG+5FFdwJ/Zj2hjtweL6/9KIGicS0RZ
JKY3p0lbL/CCuVtbptukpEdyWhVLy9ERLuhGH79nbqMJr1lbLzHoLNAS6hAyaKGt
rrJTN4VRGqTnhiLpn+szBRRVaQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:27:22 2025 by rpki-client