Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Zpke4p27nBEdfM5zjgkTRGSOKkA.roa
File: Zpke4p27nBEdfM5zjgkTRGSOKkA.roa (raw, json)
Hash identifier: xA44D7VyJHqKL0usZlIGOZNygt+tomKXX7+RufwiAH8=
Subject key identifier: 66:99:1E:E2:9D:BB:9C:11:1D:7C:CE:73:8E:09:13:44:64:8E:2A:40
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0185709568A887BC61C9641A5B65FBD4281E
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Zpke4p27nBEdfM5zjgkTRGSOKkA.roa
Signing time: Mon 02 Jan 2023 03:45:17 +0000
ROA not before: Mon 02 Jan 2023 03:45:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60075
IP address blocks: 31.148.2.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:68:a8:87:bc:61:c9:64:1a:5b:65:fb:d4:28:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=66991ee29dbb9c111d7cce738e091344648e2a40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:b1:d1:fb:cf:61:78:4c:c0:0f:49:8d:cd:a0:
1f:f2:ae:87:4d:4b:b5:91:f4:5d:4c:c7:6e:5f:9e:
0b:5f:0e:29:62:69:51:a5:a6:e3:e9:5e:44:7b:26:
9d:3d:95:bd:2c:e2:7a:4f:80:13:66:cc:3f:58:65:
dc:ff:97:d8:40:71:d3:34:e4:20:24:0f:60:78:0c:
be:70:8d:43:5b:40:a9:ea:15:d9:83:5f:29:58:96:
ac:ab:3a:6b:21:77:a0:58:61:91:cb:84:8f:76:72:
e9:f9:27:22:de:b9:6d:fc:df:f2:d8:ad:00:24:b1:
03:29:d4:e1:0b:cd:ce:63:65:4e:07:61:57:51:fc:
0a:c2:dc:91:b8:be:e9:03:4f:b3:12:c3:46:8c:9a:
c0:54:53:e0:be:68:4a:5a:8a:ca:c3:fc:25:8d:a7:
1e:49:b7:02:e5:c6:c9:bc:8c:50:7b:62:3f:d9:a1:
a8:98:fc:8f:2c:28:32:8c:83:18:94:44:e8:4f:54:
21:9b:f5:41:d0:aa:d4:5b:41:d0:23:eb:8a:d0:95:
f6:d2:51:d5:40:d3:56:7b:d1:d4:87:76:d6:45:c0:
d9:d7:a1:ba:3c:db:51:71:7a:7c:fc:33:b5:d2:66:
15:65:19:7f:52:bb:4c:50:20:b7:82:ca:32:f5:8c:
7d:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:99:1E:E2:9D:BB:9C:11:1D:7C:CE:73:8E:09:13:44:64:8E:2A:40
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Zpke4p27nBEdfM5zjgkTRGSOKkA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.2.0/23
Signature Algorithm: sha256WithRSAEncryption
82:82:46:3c:43:5e:b1:a2:f9:09:60:cd:d1:2f:0f:e4:44:4f:
5b:2c:aa:dc:f6:a0:6f:68:f3:83:d3:aa:0b:e4:05:b6:aa:30:
51:34:9a:da:12:d0:0e:b2:3c:f8:61:ca:79:7c:41:9f:96:c3:
99:e2:f7:cb:5b:84:38:e2:48:b8:6b:49:9b:88:e5:5b:07:7f:
ed:71:33:be:be:9a:6f:03:5d:25:2e:c4:c7:9b:58:f4:aa:c4:
ff:6c:00:b9:e4:b5:e1:50:d5:7c:b3:5f:f1:1c:a2:70:ff:c2:
4f:e6:37:0e:83:ef:68:b3:ea:3e:d0:07:e0:6f:d7:8e:24:0b:
0b:48:36:28:ca:0c:f0:da:9b:0f:8c:4f:33:ca:b3:67:19:71:
95:11:91:e9:a4:60:ab:75:ee:56:27:59:dd:67:ec:f6:03:9f:
4c:18:4a:11:09:c5:76:fb:e3:e9:7d:5c:cf:b5:a1:2e:66:0a:
36:22:18:d2:fe:7f:20:c3:1b:0e:cb:99:97:e6:09:a9:7d:19:
04:a1:ca:1c:72:fa:0f:46:6d:d6:af:98:b2:65:ac:22:69:7e:
35:a6:b6:1a:ef:d2:80:4f:f8:35:a1:1c:8d:44:c7:46:f9:9c:
da:66:f0:c3:49:8c:4e:a4:72:f5:f4:0e:ea:b2:29:58:ef:83:
c4:af:09:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlWioh7xhyWQaW2X71CgeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Njk5MWVlMjlkYmI5YzExMWQ3Y2NlNzM4ZTA5MTM0NDY0OGUyYTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4rHR+89heEzAD0mNzaAf8q6HTUu1
kfRdTMduX54LXw4pYmlRpabj6V5EeyadPZW9LOJ6T4ATZsw/WGXc/5fYQHHTNOQg
JA9geAy+cI1DW0Cp6hXZg18pWJasqzprIXegWGGRy4SPdnLp+Sci3rlt/N/y2K0A
JLEDKdThC83OY2VOB2FXUfwKwtyRuL7pA0+zEsNGjJrAVFPgvmhKWorKw/wljace
SbcC5cbJvIxQe2I/2aGomPyPLCgyjIMYlEToT1Qhm/VB0KrUW0HQI+uK0JX20lHV
QNNWe9HUh3bWRcDZ16G6PNtRcXp8/DO10mYVZRl/UrtMUCC3gsoy9Yx9DQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGaZHuKdu5wRHXzOc44JE0RkjipAMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvWnBrZTRwMjduQkVkZk01empna1RSR1NPS2tBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBH5QCMA0G
CSqGSIb3DQEBCwUAA4IBAQCCgkY8Q16xovkJYM3RLw/kRE9bLKrc9qBvaPOD06oL
5AW2qjBRNJraEtAOsjz4Ycp5fEGflsOZ4vfLW4Q44ki4a0mbiOVbB3/tcTO+vppv
A10lLsTHm1j0qsT/bAC55LXhUNV8s1/xHKJw/8JP5jcOg+9os+o+0Afgb9eOJAsL
SDYoygzw2psPjE8zyrNnGXGVEZHppGCrde5WJ1ndZ+z2A59MGEoRCcV2++PpfVzP
taEuZgo2IhjS/n8gwxsOy5mX5gmpfRkEococcvoPRm3Wr5iyZawiaX41prYa79KA
T/g1oRyNRMdG+ZzaZvDDSYxOpHL19A7qsilY74PErwn9
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:48:47 2025 by rpki-client