Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/u3rXIhL7tWu3OjrD_5rX7ws8M70.roa
File: u3rXIhL7tWu3OjrD_5rX7ws8M70.roa (raw, json)
Hash identifier: ZUOu38asa7ymrk3IDAUaRPNfYegpNkdgyuCT/WoSGCc=
Subject key identifier: BB:7A:D7:22:12:FB:B5:6B:B7:3A:3A:C3:FF:9A:D7:EF:0B:3C:33:BD
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018570950EAA3561331BBB335D5EA7F7F3B4
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/u3rXIhL7tWu3OjrD_5rX7ws8M70.roa
Signing time: Mon 02 Jan 2023 03:44:54 +0000
ROA not before: Mon 02 Jan 2023 03:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34503
IP address blocks: 31.148.217.0/24 maxlen: 24
93.170.103.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:0e:aa:35:61:33:1b:bb:33:5d:5e:a7:f7:f3:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb7ad72212fbb56bb73a3ac3ff9ad7ef0b3c33bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:b2:d5:42:d5:d9:05:08:8a:aa:52:ad:f2:98:
74:71:60:6c:78:09:a9:0b:84:e5:a4:ce:57:a5:05:
13:10:88:f2:b7:e3:a1:78:6e:e0:96:66:56:13:b4:
da:c7:a4:a1:49:7b:31:31:2c:cc:83:c5:50:8c:a9:
87:03:0d:f3:7c:e0:da:81:29:f1:30:34:d1:79:c0:
9b:cf:da:0e:67:20:ab:42:9d:b8:53:55:b5:82:2e:
b8:1a:e9:ce:59:95:47:40:12:0d:34:e0:6f:ff:61:
38:49:e2:18:28:f1:10:39:95:03:38:a7:72:54:f1:
cd:2d:4f:5e:57:33:b2:05:21:fd:68:f1:c6:17:18:
f4:e1:1b:4d:d0:f2:1e:3f:65:20:06:75:6f:0c:1b:
9e:f4:0a:2b:04:44:54:7e:fe:85:e4:a6:b9:e9:6d:
68:6f:8a:47:6f:16:bd:28:03:c6:f1:93:97:b3:13:
58:41:2d:8a:c3:8b:60:4d:46:53:2e:30:2b:6b:ce:
86:45:e9:5d:64:90:e4:da:13:f6:2e:6a:17:60:1d:
be:3d:20:6b:f8:b9:7f:50:e6:1f:f7:8d:f1:f1:f5:
84:59:04:fc:fd:55:5f:f9:78:7e:17:05:64:71:35:
f6:7b:5d:06:a3:07:fe:66:00:04:28:d0:7a:2d:c3:
48:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:7A:D7:22:12:FB:B5:6B:B7:3A:3A:C3:FF:9A:D7:EF:0B:3C:33:BD
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/u3rXIhL7tWu3OjrD_5rX7ws8M70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.217.0/24
93.170.103.0/24
Signature Algorithm: sha256WithRSAEncryption
54:86:14:96:24:21:73:c8:45:22:67:47:b3:39:b2:42:85:f4:
56:c8:fd:06:20:0e:dd:57:13:9a:bc:5d:9a:b3:aa:85:f7:8e:
18:81:e3:01:68:01:83:22:7e:84:4b:63:ee:da:29:2b:79:9f:
f2:5f:c7:e3:df:c7:2f:58:bb:58:60:c5:24:e5:76:8b:33:b3:
25:06:c7:8d:35:dd:c5:0a:55:d6:b6:db:1b:a2:f8:35:dd:a9:
d5:5e:31:98:ac:e4:50:52:45:b5:8f:4b:ac:1d:0d:20:16:80:
1e:7c:d2:7b:77:d6:5f:4d:9f:3e:6c:6c:ba:d7:15:00:9e:8d:
2a:f4:70:44:3a:d0:6c:ba:a7:eb:61:04:d4:fa:5c:0d:69:3a:
d9:c9:dd:c5:f2:b2:b2:89:5f:c0:d2:58:11:0f:b9:63:15:7b:
54:2f:04:5b:c3:cf:0a:bf:c3:1e:1d:3e:18:c8:0e:42:2c:7c:
96:6d:06:43:d5:5a:12:97:84:b9:be:c7:74:1a:b3:9b:ad:3c:
d0:40:4a:7d:76:f6:3e:bf:21:25:20:24:fb:cf:af:51:4b:48:
a7:89:5e:96:96:b1:08:85:99:e6:1e:07:bc:95:dc:ab:78:e9:
53:bf:59:a8:e2:5a:2b:30:d4:86:17:f8:84:9b:a7:d3:b6:4c:
51:41:dc:11
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwlQ6qNWEzG7szXV6n9/O0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjdhZDcyMjEyZmJiNTZiYjczYTNhYzNmZjlhZDdlZjBiM2MzM2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2rLVQtXZBQiKqlKt8ph0cWBseAmp
C4TlpM5XpQUTEIjyt+OheG7glmZWE7Tax6ShSXsxMSzMg8VQjKmHAw3zfODagSnx
MDTRecCbz9oOZyCrQp24U1W1gi64GunOWZVHQBINNOBv/2E4SeIYKPEQOZUDOKdy
VPHNLU9eVzOyBSH9aPHGFxj04RtN0PIeP2UgBnVvDBue9AorBERUfv6F5Ka56W1o
b4pHbxa9KAPG8ZOXsxNYQS2Kw4tgTUZTLjAra86GReldZJDk2hP2LmoXYB2+PSBr
+Ll/UOYf943x8fWEWQT8/VVf+Xh+FwVkcTX2e10Gowf+ZgAEKNB6LcNIeQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLt61yIS+7Vrtzo6w/+a1+8LPDO9MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvdTNyWEloTDd0V3UzT2pyRF81clg3d3M4TTcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAH5TZAwQA
XapnMA0GCSqGSIb3DQEBCwUAA4IBAQBUhhSWJCFzyEUiZ0ezObJChfRWyP0GIA7d
VxOavF2as6qF944YgeMBaAGDIn6ES2Pu2ikreZ/yX8fj38cvWLtYYMUk5XaLM7Ml
BseNNd3FClXWttsbovg13anVXjGYrORQUkW1j0usHQ0gFoAefNJ7d9ZfTZ8+bGy6
1xUAno0q9HBEOtBsuqfrYQTU+lwNaTrZyd3F8rKyiV/A0lgRD7ljFXtULwRbw88K
v8MeHT4YyA5CLHyWbQZD1VoSl4S5vsd0GrObrTzQQEp9dvY+vyElICT7z69RS0in
iV6WlrEIhZnmHge8ldyreOlTv1mo4lorMNSGF/iEm6fTtkxRQdwR
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:46:20 2025 by rpki-client