Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/IcPGVigUaMLKFiywrqcwxuL6JdQ.roa
File: IcPGVigUaMLKFiywrqcwxuL6JdQ.roa (raw, json)
Hash identifier: e0Yn8fOudQpqiaao/KDXt12V5VodB1sjqHMDZPuOyxk=
Subject key identifier: 21:C3:C6:56:28:14:68:C2:CA:16:2C:B0:AE:A7:30:C6:E2:FA:25:D4
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 27A55D56
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/IcPGVigUaMLKFiywrqcwxuL6JdQ.roa
Signing time: Sat 01 Jan 2022 16:08:30 +0000
ROA not before: Sat 01 Jan 2022 16:08:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48709
IP address blocks: 31.148.24.0/24 maxlen: 24
2a02:128:10::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 665148758 (0x27a55d56)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 1 16:08:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=21c3c656281468c2ca162cb0aea730c6e2fa25d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:18:de:75:3d:6d:59:23:61:4d:83:4e:a6:54:
7b:9d:d3:dc:bd:af:3c:ce:9b:7e:4b:cb:86:da:cc:
cd:91:ef:b1:86:da:96:af:2a:15:99:d9:16:37:0e:
9c:be:a0:03:02:f7:0d:21:cb:29:66:e4:9f:86:2d:
27:26:c1:2c:e0:a4:4c:e1:07:31:05:e8:0d:ac:1a:
ca:65:1a:48:c1:31:a5:7e:82:cb:03:77:64:e7:24:
a1:9c:70:f0:e5:f4:b0:1c:9f:b3:c9:90:fd:9e:6d:
31:4a:9e:7e:83:3d:be:a3:72:a2:9d:9d:b9:d1:39:
cb:44:e1:71:ee:80:3d:df:19:11:2c:d5:42:e5:98:
24:6e:09:d1:c0:b7:67:fc:22:64:fc:7a:03:d0:a9:
35:63:ba:76:a4:a9:c8:13:c4:8b:7f:87:0b:10:23:
d7:e2:6d:fe:88:19:dc:b5:52:73:20:ef:46:9e:94:
31:33:a8:0b:a7:21:9f:48:db:e1:9a:61:24:d3:1c:
b0:db:f9:aa:06:c4:c0:dc:f4:da:41:1d:ec:e2:40:
c3:3b:9b:8b:2b:7c:4f:b9:cf:0b:98:93:79:04:4e:
78:25:e8:9e:49:42:89:19:ae:c8:87:89:9c:5e:43:
ca:58:22:50:82:3d:db:5a:8e:e5:26:41:19:4d:f1:
59:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:C3:C6:56:28:14:68:C2:CA:16:2C:B0:AE:A7:30:C6:E2:FA:25:D4
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/IcPGVigUaMLKFiywrqcwxuL6JdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.24.0/24
IPv6:
2a02:128:10::/48
Signature Algorithm: sha256WithRSAEncryption
16:aa:ec:06:04:81:c6:07:ba:c9:6a:4f:76:4b:24:1e:22:6b:
97:12:48:41:cb:23:c2:7c:ff:a9:f0:9b:b9:20:6f:2c:d8:29:
c7:e8:8b:a3:69:83:86:b4:f0:d8:9f:59:34:9e:78:55:8c:a7:
05:0d:1c:32:bb:0b:1f:a4:78:8a:69:3f:72:bc:a6:9e:59:f2:
72:81:c7:1b:dc:f1:38:5c:84:09:40:8e:20:25:be:f4:e7:35:
87:2d:d9:f5:78:67:f9:76:17:8a:ee:ef:55:3c:91:34:cf:52:
aa:d8:19:25:73:00:ca:af:2d:c3:96:ea:20:7e:53:c7:9d:ae:
4e:70:10:d0:22:b6:03:a0:da:ef:cd:ad:24:18:03:a7:c1:e2:
f7:39:0c:31:c2:d6:04:2d:41:f5:8b:11:e7:bb:0b:ea:38:ea:
dd:c0:e8:25:a6:8c:e4:3c:c2:b0:f9:95:b0:2e:66:b3:84:b1:
ef:48:19:35:25:4d:27:4a:b1:ca:bc:6a:41:eb:2e:be:ce:3c:
a7:cb:b2:58:e9:87:cb:5c:72:c2:72:81:7d:7e:e8:79:c8:f3:
94:83:a9:57:f7:4f:0f:5f:66:69:72:cb:7e:69:22:fb:36:17:
17:4a:48:7c:08:28:0c:f5:07:e0:b0:ef:ee:7e:8f:53:7d:5c:
36:85:89:15
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEJ6VdVjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDkxMjJjMzU0MzhhNGViMjYyMzNmZGM2ZTRiYjFkZjJkYWFlZjQyMB4XDTIyMDEw
MTE2MDgzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjFjM2M2NTYyODE0
NjhjMmNhMTYyY2IwYWVhNzMwYzZlMmZhMjVkNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOoY3nU9bVkjYU2DTqZUe53T3L2vPM6bfkvLhtrMzZHvsYba
lq8qFZnZFjcOnL6gAwL3DSHLKWbkn4YtJybBLOCkTOEHMQXoDawaymUaSMExpX6C
ywN3ZOckoZxw8OX0sByfs8mQ/Z5tMUqefoM9vqNyop2dudE5y0Thce6APd8ZESzV
QuWYJG4J0cC3Z/wiZPx6A9CpNWO6dqSpyBPEi3+HCxAj1+Jt/ogZ3LVScyDvRp6U
MTOoC6chn0jb4ZphJNMcsNv5qgbEwNz02kEd7OJAwzubiyt8T7nPC5iTeQROeCXo
nklCiRmuyIeJnF5DylgiUII921qO5SZBGU3xWZ8CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQhw8ZWKBRowsoWLLCupzDG4vol1DAfBgNVHSMEGDAWgBR0kSLDVDik6yYj
P9xuS7HfLarvQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8x
L0ljUEdWaWdVYU1MS0ZpeXdycWN3eHVMNkpkUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
MThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8xL2RKRWl3MVE0cE9z
bUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAB+UGDAPBAIAAjAJAwcAKgIBKAAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAWquwGBIHGB7rJak92SyQeImuXEkhByyPCfP+p
8Ju5IG8s2CnH6IujaYOGtPDYn1k0nnhVjKcFDRwyuwsfpHiKaT9yvKaeWfJygccb
3PE4XIQJQI4gJb705zWHLdn1eGf5dheK7u9VPJE0z1Kq2BklcwDKry3DluogflPH
na5OcBDQIrYDoNrvza0kGAOnweL3OQwxwtYELUH1ixHnuwvqOOrdwOglpozkPMKw
+ZWwLmazhLHvSBk1JU0nSrHKvGpB6y6+zjyny7JY6YfLXHLCcoF9fuh5yPOUg6lX
908PX2Zpcst+aSL7NhcXSkh8CCgM9QfgsO/ufo9TfVw2hYkV
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:13:11 2025 by rpki-client