Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/u4kPDk2nfjjVMjhHuSVljWpKMSg.roa
File: u4kPDk2nfjjVMjhHuSVljWpKMSg.roa (raw, json)
Hash identifier: AupXPVFYSIGJqEA8sIC6tdrBD/rK1mbVfb8+8LqbmjU=
Subject key identifier: BB:89:0F:0E:4D:A7:7E:38:D5:32:38:47:B9:25:65:8D:6A:4A:31:28
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01857095355BAE9225115174E56DA476FFB7
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/u4kPDk2nfjjVMjhHuSVljWpKMSg.roa
Signing time: Mon 02 Jan 2023 03:45:04 +0000
ROA not before: Mon 02 Jan 2023 03:45:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47673
IP address blocks: 31.148.28.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:35:5b:ae:92:25:11:51:74:e5:6d:a4:76:ff:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb890f0e4da77e38d5323847b925658d6a4a3128
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:c7:d4:72:00:f4:a9:67:7d:da:25:71:5c:41:
80:84:62:78:01:e4:ea:82:ac:96:52:01:72:16:85:
3c:65:71:38:02:42:f0:99:b7:9d:b5:6a:50:f5:7a:
37:a9:02:7f:5d:4b:d7:be:64:90:1b:ff:e1:d6:92:
4a:83:4c:4e:6d:9c:e3:a9:ee:96:07:2c:83:39:e3:
bd:e8:6d:f4:db:c0:f7:e6:6c:33:73:e2:00:b6:b4:
19:4d:2c:d0:e4:32:eb:fc:a6:b6:fb:54:52:42:56:
e6:b2:32:98:ec:ab:22:95:9f:47:7b:f9:72:2a:1c:
a9:9c:5c:79:6e:3a:fc:50:a2:00:1f:cf:4f:14:03:
e0:c0:7b:f4:f1:1f:41:f1:0e:45:05:8a:c7:2d:79:
cf:ca:01:f1:3f:f8:29:ad:31:49:5e:de:59:30:1d:
cc:0c:ee:25:ab:a5:dd:29:83:dc:d7:23:f5:e0:c5:
01:61:08:2c:b7:b6:44:e1:23:87:4b:61:aa:76:a9:
ed:5f:e3:12:a4:03:52:71:18:84:6c:23:45:b0:ab:
d4:9d:f3:c4:e0:b2:8b:8b:9a:4c:7c:b1:0f:79:9e:
a1:10:54:72:54:9a:59:ba:95:4a:00:f6:f9:41:09:
4e:d1:04:ef:1f:13:b1:ac:c9:ec:a8:00:13:54:db:
0a:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:89:0F:0E:4D:A7:7E:38:D5:32:38:47:B9:25:65:8D:6A:4A:31:28
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/u4kPDk2nfjjVMjhHuSVljWpKMSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.28.0/23
Signature Algorithm: sha256WithRSAEncryption
90:01:be:cc:7a:da:0a:1f:38:1f:6c:30:eb:ba:43:6f:00:60:
36:3f:7f:c5:97:c9:2d:de:72:55:f7:62:62:6b:dc:b2:5b:a0:
8d:55:70:2d:73:82:c4:88:a1:52:91:0f:7c:4b:5d:97:07:d3:
36:c8:42:3b:f8:84:42:d5:9c:90:cc:08:18:ec:57:3b:00:ff:
34:f8:11:fe:e1:05:2b:5c:91:03:4a:b7:83:a5:8b:3c:9f:05:
7d:16:e5:58:97:7a:22:2b:05:21:b1:9c:2a:ca:6f:a0:33:c1:
0d:6c:3f:6c:09:98:f5:78:09:74:e1:48:57:7c:98:5b:14:65:
df:c9:a3:fb:03:2f:28:e7:98:0f:87:90:64:0b:de:11:6b:13:
a1:b2:df:52:a1:d8:50:5f:ac:47:87:53:e4:bc:c1:dc:9f:4c:
32:09:61:08:b0:6d:ed:bf:f6:86:a2:59:d3:b3:da:2f:aa:1a:
60:0f:b8:fb:d9:9c:85:96:85:bd:ea:90:59:4f:2d:e1:65:75:
d8:c9:2c:71:03:63:f5:9b:05:98:b6:09:fd:fc:58:00:d6:e5:
9a:56:ee:e0:b3:50:0c:6c:b9:34:c9:89:2e:d0:58:33:08:ed:
8f:9c:e1:34:24:da:1e:d5:8b:e9:35:46:5d:8a:c3:db:9b:9a:
00:be:21:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlTVbrpIlEVF05W2kdv+3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjg5MGYwZTRkYTc3ZTM4ZDUzMjM4NDdiOTI1NjU4ZDZhNGEzMTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk8fUcgD0qWd92iVxXEGAhGJ4AeTq
gqyWUgFyFoU8ZXE4AkLwmbedtWpQ9Xo3qQJ/XUvXvmSQG//h1pJKg0xObZzjqe6W
ByyDOeO96G3028D35mwzc+IAtrQZTSzQ5DLr/Ka2+1RSQlbmsjKY7KsilZ9He/ly
KhypnFx5bjr8UKIAH89PFAPgwHv08R9B8Q5FBYrHLXnPygHxP/gprTFJXt5ZMB3M
DO4lq6XdKYPc1yP14MUBYQgst7ZE4SOHS2GqdqntX+MSpANScRiEbCNFsKvUnfPE
4LKLi5pMfLEPeZ6hEFRyVJpZupVKAPb5QQlO0QTvHxOxrMnsqAATVNsKAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLuJDw5Np3441TI4R7klZY1qSjEoMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvdTRrUERrMm5mampWTWpoSHVTVmxqV3BLTVNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBH5QcMA0G
CSqGSIb3DQEBCwUAA4IBAQCQAb7MetoKHzgfbDDrukNvAGA2P3/Fl8kt3nJV92Ji
a9yyW6CNVXAtc4LEiKFSkQ98S12XB9M2yEI7+IRC1ZyQzAgY7Fc7AP80+BH+4QUr
XJEDSreDpYs8nwV9FuVYl3oiKwUhsZwqym+gM8ENbD9sCZj1eAl04UhXfJhbFGXf
yaP7Ay8o55gPh5BkC94RaxOhst9SodhQX6xHh1PkvMHcn0wyCWEIsG3tv/aGolnT
s9ovqhpgD7j72ZyFloW96pBZTy3hZXXYySxxA2P1mwWYtgn9/FgA1uWaVu7gs1AM
bLk0yYku0FgzCO2PnOE0JNoe1YvpNUZdisPbm5oAviGV
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:20:06 2025 by rpki-client