Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/n5e_tVKoAOEIOjcQPE9_5f5_m_M.roa
File: n5e_tVKoAOEIOjcQPE9_5f5_m_M.roa (raw, json)
Hash identifier: 3vL+7ptEoEJf9dlj6VGwAGyuHoRhhtEtm0l543NPeVk=
Subject key identifier: 9F:97:BF:B5:52:A8:00:E1:08:3A:37:10:3C:4F:7F:E5:FE:7F:9B:F3
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0183A73C907970A1EBCC8B5189D0B07732C2
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/n5e_tVKoAOEIOjcQPE9_5f5_m_M.roa
Signing time: Wed 05 Oct 2022 08:21:46 +0000
ROA not before: Wed 05 Oct 2022 08:21:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56361
IP address blocks: 31.148.192.0/22 maxlen: 24
31.148.104.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:a7:3c:90:79:70:a1:eb:cc:8b:51:89:d0:b0:77:32:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Oct 5 08:21:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9f97bfb552a800e1083a37103c4f7fe5fe7f9bf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:3f:6f:27:51:96:be:37:ea:62:7e:3a:25:9e:
49:09:88:0b:3f:c1:9f:c8:18:2a:b8:1e:d9:90:84:
f0:5b:46:d0:a3:92:5b:88:bd:9b:43:40:5a:e3:0b:
49:14:59:d2:a0:65:bd:2c:06:d0:e5:9f:99:83:03:
31:19:25:b8:73:5e:25:71:9f:e5:53:1b:10:0a:6f:
a5:bb:82:23:cd:a2:82:de:96:ee:63:5d:ee:65:5a:
a2:4e:e0:ba:22:b3:d8:ab:d5:e1:ff:ca:de:e2:a0:
bb:be:1e:a4:12:39:ee:d1:24:9e:7f:3a:a2:96:52:
a0:08:80:4b:90:10:5f:64:ea:b0:6a:63:d9:88:a1:
f2:39:03:ac:42:b3:9e:de:0d:aa:04:94:82:0b:02:
f3:ff:a1:70:e1:18:f5:57:60:36:53:69:70:d4:21:
f0:20:41:5f:a5:63:40:70:67:f5:c5:d7:54:6d:ec:
e7:4e:48:48:ad:7e:e7:26:9a:e2:3f:21:0b:5f:93:
40:15:80:eb:8d:f2:16:bc:a0:7a:df:07:9a:f9:2e:
60:f6:4a:39:99:ea:21:a0:cc:4b:14:f0:13:53:82:
04:63:28:1b:90:0a:a1:80:9f:90:e0:d4:d8:21:19:
04:d5:74:e7:54:d0:f0:10:23:12:82:2c:0a:ce:81:
01:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:97:BF:B5:52:A8:00:E1:08:3A:37:10:3C:4F:7F:E5:FE:7F:9B:F3
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/n5e_tVKoAOEIOjcQPE9_5f5_m_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.104.0/21
31.148.192.0/22
Signature Algorithm: sha256WithRSAEncryption
83:a5:53:ba:88:f9:cd:df:8c:30:1e:6f:db:72:48:64:13:84:
22:8e:bf:da:d4:36:d3:7a:1f:af:54:7c:e6:18:bb:3e:97:c5:
4d:87:29:c2:c2:f2:b6:3a:0e:66:f6:e5:2a:5b:2d:57:d9:86:
1c:52:bd:72:57:e9:86:62:ea:5f:dd:bf:f5:59:4b:82:fe:cb:
bb:c9:1e:ec:68:0b:25:b7:fd:2c:1b:91:d2:57:9a:28:fa:cc:
81:15:7d:12:2e:25:3a:97:fc:99:c4:3a:60:c2:19:92:bf:19:
b8:c5:54:2e:6c:26:19:ac:88:13:63:84:19:6d:2e:44:6e:91:
ad:72:b9:2a:91:ce:fb:72:a7:aa:5d:61:e0:e7:ff:0e:b4:ab:
2b:5d:44:4b:39:15:3a:40:9d:fe:8e:19:a6:96:52:51:8e:df:
f6:e7:5e:68:d3:e4:f3:e3:20:2a:a0:df:e0:e8:cc:ad:69:de:
69:d5:9b:46:47:33:e6:b5:4a:c3:ce:2e:71:04:93:cf:4f:57:
c4:d8:80:41:3e:fe:d7:4d:d1:c6:5f:a3:b7:4d:03:de:56:22:
0c:cc:3a:86:b8:33:e2:f5:b8:12:38:1e:0f:01:ed:40:f5:26:
e2:d5:a9:61:ee:d4:07:9f:5c:81:50:7c:9f:a6:a6:4b:72:b8:
c9:a4:e9:33
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYOnPJB5cKHrzItRidCwdzLCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjIxMDA1MDgyMTQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Zjk3YmZiNTUyYTgwMGUxMDgzYTM3MTAzYzRmN2ZlNWZlN2Y5YmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlj9vJ1GWvjfqYn46JZ5JCYgLP8Gf
yBgquB7ZkITwW0bQo5JbiL2bQ0Ba4wtJFFnSoGW9LAbQ5Z+ZgwMxGSW4c14lcZ/l
UxsQCm+lu4IjzaKC3pbuY13uZVqiTuC6IrPYq9Xh/8re4qC7vh6kEjnu0SSefzqi
llKgCIBLkBBfZOqwamPZiKHyOQOsQrOe3g2qBJSCCwLz/6Fw4Rj1V2A2U2lw1CHw
IEFfpWNAcGf1xddUbeznTkhIrX7nJpriPyELX5NAFYDrjfIWvKB63wea+S5g9ko5
meohoMxLFPATU4IEYygbkAqhgJ+Q4NTYIRkE1XTnVNDwECMSgiwKzoEB0wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ+Xv7VSqADhCDo3EDxPf+X+f5vzMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvbjVlX3RWS29BT0VJT2pjUVBFOV81ZjVfbV9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDH5RoAwQC
H5TAMA0GCSqGSIb3DQEBCwUAA4IBAQCDpVO6iPnN34wwHm/bckhkE4Qijr/a1DbT
eh+vVHzmGLs+l8VNhynCwvK2Og5m9uUqWy1X2YYcUr1yV+mGYupf3b/1WUuC/su7
yR7saAslt/0sG5HSV5oo+syBFX0SLiU6l/yZxDpgwhmSvxm4xVQubCYZrIgTY4QZ
bS5EbpGtcrkqkc77cqeqXWHg5/8OtKsrXURLORU6QJ3+jhmmllJRjt/2515o0+Tz
4yAqoN/g6Mytad5p1ZtGRzPmtUrDzi5xBJPPT1fE2IBBPv7XTdHGX6O3TQPeViIM
zDqGuDPi9bgSOB4PAe1A9Sbi1alh7tQHn1yBUHyfpqZLcrjJpOkz
-----END CERTIFICATE-----
Generated at Sat Apr 12 07:12:14 2025 by rpki-client