Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/NyHkQD63X-JFPTc1kc1cH4IHkPU.roa
File: NyHkQD63X-JFPTc1kc1cH4IHkPU.roa (raw, json)
Hash identifier: G/5o+8ZfM0r4jhf7vdzxczuJv7ivD3ACuJUtYGN7Nx8=
Subject key identifier: 37:21:E4:40:3E:B7:5F:E2:45:3D:37:35:91:CD:5C:1F:82:07:90:F5
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01857095660915EA90E1E1A0A56D1A6EBB18
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/NyHkQD63X-JFPTc1kc1cH4IHkPU.roa
Signing time: Mon 02 Jan 2023 03:45:17 +0000
ROA not before: Mon 02 Jan 2023 03:45:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59738
IP address blocks: 31.148.6.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:66:09:15:ea:90:e1:e1:a0:a5:6d:1a:6e:bb:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3721e4403eb75fe2453d373591cd5c1f820790f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:ce:e6:14:09:63:5c:1f:4a:d0:f6:52:f0:80:
b8:4e:9c:00:eb:a3:46:e9:d1:7c:b3:03:a4:25:a1:
d6:e8:f5:ae:f8:32:21:a1:bc:28:bc:6f:e3:cf:f6:
89:06:fb:6d:ae:22:e5:d8:dd:00:fa:17:78:36:f6:
5b:e5:ac:a5:82:eb:f2:2b:de:18:69:27:72:5b:4b:
4e:e6:80:64:51:28:c3:d6:31:9f:2f:d3:b0:09:8a:
87:87:f4:1f:19:a3:87:49:92:ef:45:1a:66:b5:89:
a1:d6:12:a6:00:10:2a:5b:46:22:47:52:f0:ac:f1:
c4:68:0e:e4:30:e3:9e:4b:28:cf:7a:32:f1:6d:02:
e4:8e:28:ae:49:37:c5:c7:78:b4:c2:60:31:54:0a:
98:6b:bf:ba:3c:07:f4:39:58:86:75:d3:27:61:80:
7c:48:12:e2:9c:a5:82:bd:e0:41:2a:a7:bb:59:fa:
cb:57:04:fe:c4:98:07:44:b0:a5:e0:18:e2:57:ab:
ee:e6:ea:fc:09:5f:25:72:ab:71:79:6f:04:01:87:
11:11:c4:85:af:40:47:8d:50:ec:87:dc:2f:d0:f5:
5d:2e:db:e8:3a:b4:f5:8b:22:4a:55:9c:5c:75:d5:
e3:3c:f8:59:ac:81:15:47:29:9e:11:3f:c4:05:a5:
1b:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:21:E4:40:3E:B7:5F:E2:45:3D:37:35:91:CD:5C:1F:82:07:90:F5
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/NyHkQD63X-JFPTc1kc1cH4IHkPU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.6.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:db:c8:40:92:14:00:4d:8d:97:32:ce:06:59:24:b1:fa:d5:
b1:00:98:df:b4:a3:4d:07:83:91:21:28:a6:33:09:e4:fd:94:
e8:dc:d7:57:c4:ac:e9:09:d1:88:9c:94:a8:59:4b:0d:97:11:
ed:59:bd:03:bd:cf:41:a1:b6:21:9f:4d:ec:cb:e4:53:06:f0:
0f:ea:52:31:71:3d:b1:8b:0c:87:c5:d4:77:a7:48:14:04:e9:
0a:cf:45:fa:68:f3:b1:75:ae:97:3c:3b:47:2d:1d:97:06:9b:
a6:11:47:f4:4a:37:bf:a6:86:29:07:70:24:44:d9:80:20:9e:
ae:83:4b:d5:2c:e4:71:4b:76:3d:d8:74:36:bc:e3:a7:57:28:
f0:9e:59:3f:f0:93:1c:c3:12:99:a0:34:d6:43:c9:85:12:60:
1c:4e:e5:83:d8:00:a5:38:1f:35:89:f7:3d:cf:1e:fc:da:77:
e1:a3:16:25:bf:0a:ba:e2:d5:8c:2f:03:ea:62:79:7c:b6:48:
d1:f0:29:6c:2c:b6:11:db:a5:8d:d9:24:6f:8a:62:e9:55:58:
bb:ac:1e:2d:3c:a7:7c:61:aa:4f:39:7e:63:da:3c:a3:d0:7b:
ed:f3:87:03:0d:ea:c4:81:e7:2a:17:b7:64:bd:62:a2:4a:54:
52:e9:74:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlWYJFeqQ4eGgpW0abrsYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzIxZTQ0MDNlYjc1ZmUyNDUzZDM3MzU5MWNkNWMxZjgyMDc5MGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh87mFAljXB9K0PZS8IC4TpwA66NG
6dF8swOkJaHW6PWu+DIhobwovG/jz/aJBvttriLl2N0A+hd4NvZb5aylguvyK94Y
aSdyW0tO5oBkUSjD1jGfL9OwCYqHh/QfGaOHSZLvRRpmtYmh1hKmABAqW0YiR1Lw
rPHEaA7kMOOeSyjPejLxbQLkjiiuSTfFx3i0wmAxVAqYa7+6PAf0OViGddMnYYB8
SBLinKWCveBBKqe7WfrLVwT+xJgHRLCl4BjiV6vu5ur8CV8lcqtxeW8EAYcREcSF
r0BHjVDsh9wv0PVdLtvoOrT1iyJKVZxcddXjPPhZrIEVRymeET/EBaUbXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDch5EA+t1/iRT03NZHNXB+CB5D1MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvTnlIa1FENjNYLUpGUFRjMWtjMWNINElIa1BVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAH5QGMA0G
CSqGSIb3DQEBCwUAA4IBAQBv28hAkhQATY2XMs4GWSSx+tWxAJjftKNNB4ORISim
Mwnk/ZTo3NdXxKzpCdGInJSoWUsNlxHtWb0Dvc9BobYhn03sy+RTBvAP6lIxcT2x
iwyHxdR3p0gUBOkKz0X6aPOxda6XPDtHLR2XBpumEUf0Sje/poYpB3AkRNmAIJ6u
g0vVLORxS3Y92HQ2vOOnVyjwnlk/8JMcwxKZoDTWQ8mFEmAcTuWD2AClOB81ifc9
zx782nfhoxYlvwq64tWMLwPqYnl8tkjR8ClsLLYR26WN2SRvimLpVVi7rB4tPKd8
YapPOX5j2jyj0Hvt84cDDerEgecqF7dkvWKiSlRS6XTF
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:32:25 2025 by rpki-client