Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/NGji7plYkg0frLL9DlAEkEIg3bk.roa
File: NGji7plYkg0frLL9DlAEkEIg3bk.roa (raw, json)
Hash identifier: FdpbUEgHj4vN0tfvFd+DYsrHo/1XqqMAKuBAq3mXBGo=
Subject key identifier: 34:68:E2:EE:99:58:92:0D:1F:AC:B2:FD:0E:50:04:90:42:20:DD:B9
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 27A71955
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/NGji7plYkg0frLL9DlAEkEIg3bk.roa
Signing time: Sat 01 Jan 2022 16:08:31 +0000
ROA not before: Sat 01 Jan 2022 16:08:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49038
IP address blocks: 31.148.23.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 665262421 (0x27a71955)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 1 16:08:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3468e2ee9958920d1facb2fd0e5004904220ddb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:3b:c5:15:16:c8:ba:4d:a4:70:1f:9f:26:7b:
fc:5b:d8:ad:d7:0f:60:bb:6a:0d:6f:b1:3d:55:fe:
4c:42:c4:20:66:3a:58:a4:a7:b5:05:9b:3b:23:23:
98:4b:78:18:a9:cd:88:e3:e2:ce:1c:7f:74:cd:81:
dd:7e:c9:54:8c:14:97:f4:7d:e1:f4:b9:d4:05:5f:
8f:e6:3b:77:37:a1:f4:86:21:e7:5c:3f:af:ed:00:
d4:99:65:79:46:59:7c:9e:92:13:f7:46:f3:33:9e:
c5:f9:f1:4d:7c:cd:e1:08:94:41:cc:0f:9c:06:3c:
52:8e:85:4c:36:58:57:a9:61:c6:c9:14:9d:39:59:
f9:6d:f2:4f:02:5e:9a:1a:4b:e3:b3:7e:f6:1e:f1:
3c:d9:1c:f0:79:60:3d:0b:69:a8:02:29:c4:90:1c:
05:5a:5c:a4:60:35:90:ac:d9:da:a2:40:c7:4f:29:
bf:ad:c7:b2:1a:73:0c:f3:2b:d2:fb:11:53:ee:54:
70:1e:47:f9:8e:81:a3:cf:18:df:a2:8c:e1:48:ce:
ba:44:ff:9b:4f:f7:fb:a7:23:ad:86:a8:c0:e3:ec:
d9:7e:46:11:88:55:d0:4c:0c:fc:54:88:ec:22:8c:
d7:9d:e7:b4:17:b9:f3:6d:69:1a:a4:de:7f:79:55:
77:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:68:E2:EE:99:58:92:0D:1F:AC:B2:FD:0E:50:04:90:42:20:DD:B9
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/NGji7plYkg0frLL9DlAEkEIg3bk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.23.0/24
Signature Algorithm: sha256WithRSAEncryption
46:42:0d:91:96:81:b8:fe:49:b2:0d:53:55:91:a8:10:61:c1:
12:ec:48:6c:6a:ef:7f:d2:b7:38:be:a3:f1:1e:31:21:b9:71:
5b:0f:7b:0e:7b:c6:9a:b8:43:a6:e6:47:8a:a3:f9:b9:d4:2b:
f2:e3:b5:94:8e:f3:e0:71:4a:51:49:25:a2:0e:83:de:41:72:
3c:ba:36:ca:c7:e6:9e:19:28:0c:ce:3e:44:d3:18:a8:71:8d:
34:bc:03:97:e8:82:21:24:a0:ad:ea:d3:d9:5b:64:ed:75:9f:
f3:0a:53:49:17:d2:f7:69:cf:7c:9e:3b:6f:74:5c:29:3b:8f:
a5:9c:e2:77:79:8e:60:9c:72:04:fc:86:fa:0d:cd:93:32:50:
85:7b:69:20:d2:c0:f4:63:54:e8:a8:0d:43:da:28:ca:79:2c:
bf:93:8d:5b:a7:dd:06:39:58:e7:34:2a:e7:31:d9:9f:11:2f:
a4:08:92:07:c5:50:91:1f:63:16:16:0f:f1:63:23:1b:45:3e:
bf:fc:69:4c:7b:92:83:fc:0c:54:e6:7a:c4:e7:08:f0:d9:5a:
ef:a0:15:32:68:10:e9:5e:54:28:2a:a6:f8:5d:ed:93:ed:9b:
3d:26:4d:5d:53:15:dd:f3:92:15:7e:64:31:83:31:fd:99:29:
c6:fc:d2:dd
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEJ6cZVTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDkxMjJjMzU0MzhhNGViMjYyMzNmZGM2ZTRiYjFkZjJkYWFlZjQyMB4XDTIyMDEw
MTE2MDgzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzQ2OGUyZWU5OTU4
OTIwZDFmYWNiMmZkMGU1MDA0OTA0MjIwZGRiOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALk7xRUWyLpNpHAfnyZ7/FvYrdcPYLtqDW+xPVX+TELEIGY6
WKSntQWbOyMjmEt4GKnNiOPizhx/dM2B3X7JVIwUl/R94fS51AVfj+Y7dzeh9IYh
51w/r+0A1JlleUZZfJ6SE/dG8zOexfnxTXzN4QiUQcwPnAY8Uo6FTDZYV6lhxskU
nTlZ+W3yTwJemhpL47N+9h7xPNkc8HlgPQtpqAIpxJAcBVpcpGA1kKzZ2qJAx08p
v63HshpzDPMr0vsRU+5UcB5H+Y6Bo88Y36KM4UjOukT/m0/3+6cjrYaowOPs2X5G
EYhV0EwM/FSI7CKM153ntBe5821pGqTef3lVd+0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ0aOLumViSDR+ssv0OUASQQiDduTAfBgNVHSMEGDAWgBR0kSLDVDik6yYj
P9xuS7HfLarvQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8x
L05Hamk3cGxZa2cwZnJMTDlEbEFFa0VJZzNiay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
MThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8xL2RKRWl3MVE0cE9z
bUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAB+UFzANBgkqhkiG9w0BAQsFAAOC
AQEARkINkZaBuP5Jsg1TVZGoEGHBEuxIbGrvf9K3OL6j8R4xIblxWw97DnvGmrhD
puZHiqP5udQr8uO1lI7z4HFKUUklog6D3kFyPLo2ysfmnhkoDM4+RNMYqHGNNLwD
l+iCISSgrerT2Vtk7XWf8wpTSRfS92nPfJ47b3RcKTuPpZzid3mOYJxyBPyG+g3N
kzJQhXtpINLA9GNU6KgNQ9ooynksv5ONW6fdBjlY5zQq5zHZnxEvpAiSB8VQkR9j
FhYP8WMjG0U+v/xpTHuSg/wMVOZ6xOcI8Nla76AVMmgQ6V5UKCqm+F3tk+2bPSZN
XVMV3fOSFX5kMYMx/ZkpxvzS3Q==
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:48:42 2025 by rpki-client