Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/_OCbTfAJvjmPqNRsdu25x2Ca3_o.roa
File: _OCbTfAJvjmPqNRsdu25x2Ca3_o.roa (raw, json)
Hash identifier: i1J6v/Erme8wdBZT4iFCM2vzviJkeP/32lfqz1QpfbE=
Subject key identifier: FC:E0:9B:4D:F0:09:BE:39:8F:A8:D4:6C:76:ED:B9:C7:60:9A:DF:FA
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0185709549705F8C584F0A3D138E9692A7F4
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/_OCbTfAJvjmPqNRsdu25x2Ca3_o.roa
Signing time: Mon 02 Jan 2023 03:45:09 +0000
ROA not before: Mon 02 Jan 2023 03:45:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50334
IP address blocks: 31.148.250.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:49:70:5f:8c:58:4f:0a:3d:13:8e:96:92:a7:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fce09b4df009be398fa8d46c76edb9c7609adffa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:bc:3f:2a:60:b5:dd:e7:19:d8:c2:53:11:46:
ff:c1:35:74:d1:15:c4:90:6b:58:1b:97:db:1a:9d:
5d:45:de:75:67:0b:1a:1a:44:ca:fc:43:ce:9f:09:
86:97:6e:e4:1d:6e:e1:b7:63:19:16:8a:d5:80:a7:
3b:56:40:65:91:68:19:6f:60:54:64:44:35:23:20:
83:41:73:c3:fc:c7:bc:70:f6:f4:b9:61:2b:6d:4e:
a6:1a:23:09:2c:63:c5:82:84:4a:6c:a9:13:cc:46:
5f:86:33:0a:72:42:f7:fd:bc:60:cf:6f:79:94:1e:
9c:4b:a7:5c:3c:15:d5:75:ad:35:99:5d:c5:2a:9c:
bf:fa:fd:72:e1:79:2f:23:42:22:00:79:c4:99:6d:
a3:f7:66:23:e1:52:8c:fc:6a:ae:f6:80:ec:60:b8:
2a:e7:dc:a9:79:c2:47:00:61:57:37:d8:47:9f:80:
49:02:50:eb:9a:e0:c0:13:21:4f:17:17:34:07:ab:
49:3a:04:9e:09:70:79:70:9b:d5:96:fb:3e:d8:f5:
77:a4:ed:94:2a:85:c2:6d:8e:ff:48:75:ee:b0:6d:
c7:0a:46:f3:45:03:76:36:f3:98:68:44:c9:c4:96:
4c:c0:28:04:88:33:ed:15:de:fa:ad:7b:5d:17:01:
02:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:E0:9B:4D:F0:09:BE:39:8F:A8:D4:6C:76:ED:B9:C7:60:9A:DF:FA
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/_OCbTfAJvjmPqNRsdu25x2Ca3_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.250.0/23
Signature Algorithm: sha256WithRSAEncryption
b2:d9:d0:fc:69:91:f9:8e:5d:40:ee:5c:9b:e1:a6:14:9f:05:
b3:f0:b1:d1:62:bf:90:ef:36:ae:bb:12:c3:32:cf:2b:aa:04:
e7:f4:40:79:1c:ad:25:4f:b1:fe:6b:f8:ac:13:42:57:9a:b1:
c9:76:6a:c4:db:16:6b:5c:29:5c:cd:8c:99:ad:a1:43:ee:dd:
ca:ce:fb:78:f4:04:1e:0a:b7:c5:02:e6:91:aa:f4:0c:a4:b2:
cc:32:60:c5:cc:31:da:ab:0f:21:57:bb:96:03:43:b6:4a:38:
98:44:b1:a3:c3:7d:46:fb:d1:13:8a:eb:07:79:62:e9:70:8d:
1c:ec:b9:55:4e:87:f4:40:80:70:a3:77:68:ff:0e:c2:2b:ca:
6d:de:88:71:b0:27:5b:9a:55:92:0e:1c:96:fa:16:0b:7a:94:
0a:4d:fd:8c:b4:80:7c:bb:0c:da:4a:7e:25:70:9c:6e:a3:96:
78:f4:e5:42:3e:df:05:41:90:8c:62:db:cf:1e:3e:59:bd:3a:
a3:9f:be:d4:e1:b2:42:40:67:57:fe:df:58:49:d8:be:06:32:
15:2d:f7:40:73:d9:87:e6:ca:12:e2:bb:f6:d0:2f:08:74:45:
35:69:12:5d:0b:75:47:ef:ed:b4:c5:d8:69:65:8b:fe:68:9a:
01:0e:dc:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlUlwX4xYTwo9E46Wkqf0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2UwOWI0ZGYwMDliZTM5OGZhOGQ0NmM3NmVkYjljNzYwOWFkZmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Lw/KmC13ecZ2MJTEUb/wTV00RXE
kGtYG5fbGp1dRd51ZwsaGkTK/EPOnwmGl27kHW7ht2MZForVgKc7VkBlkWgZb2BU
ZEQ1IyCDQXPD/Me8cPb0uWErbU6mGiMJLGPFgoRKbKkTzEZfhjMKckL3/bxgz295
lB6cS6dcPBXVda01mV3FKpy/+v1y4XkvI0IiAHnEmW2j92Yj4VKM/Gqu9oDsYLgq
59ypecJHAGFXN9hHn4BJAlDrmuDAEyFPFxc0B6tJOgSeCXB5cJvVlvs+2PV3pO2U
KoXCbY7/SHXusG3HCkbzRQN2NvOYaETJxJZMwCgEiDPtFd76rXtdFwECcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPzgm03wCb45j6jUbHbtucdgmt/6MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvX09DYlRmQUp2am1QcU5Sc2R1MjV4MkNhM19vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBH5T6MA0G
CSqGSIb3DQEBCwUAA4IBAQCy2dD8aZH5jl1A7lyb4aYUnwWz8LHRYr+Q7zauuxLD
Ms8rqgTn9EB5HK0lT7H+a/isE0JXmrHJdmrE2xZrXClczYyZraFD7t3Kzvt49AQe
CrfFAuaRqvQMpLLMMmDFzDHaqw8hV7uWA0O2SjiYRLGjw31G+9ETiusHeWLpcI0c
7LlVTof0QIBwo3do/w7CK8pt3ohxsCdbmlWSDhyW+hYLepQKTf2MtIB8uwzaSn4l
cJxuo5Z49OVCPt8FQZCMYtvPHj5ZvTqjn77U4bJCQGdX/t9YSdi+BjIVLfdAc9mH
5soS4rv20C8IdEU1aRJdC3VH7+20xdhpZYv+aJoBDtys
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:34:25 2025 by rpki-client