Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/upvnH1tEJ6P5G9r6LpbhlujtpJc.roa
File: upvnH1tEJ6P5G9r6LpbhlujtpJc.roa (raw, json)
Hash identifier: EtLqLXhPd9Bf+4OmeCVUMV3DAViVDVmdvz/mZTm5yaQ=
Subject key identifier: BA:9B:E7:1F:5B:44:27:A3:F9:1B:DA:FA:2E:96:E1:96:E8:ED:A4:97
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0185709555A36AA7427F235BA36613601BB7
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/upvnH1tEJ6P5G9r6LpbhlujtpJc.roa
Signing time: Mon 02 Jan 2023 03:45:13 +0000
ROA not before: Mon 02 Jan 2023 03:45:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56361
IP address blocks: 31.148.192.0/22 maxlen: 24
31.148.104.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:55:a3:6a:a7:42:7f:23:5b:a3:66:13:60:1b:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ba9be71f5b4427a3f91bdafa2e96e196e8eda497
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:f3:2b:14:67:db:ae:e1:c2:5d:ae:61:a0:99:
15:d9:fe:5c:01:c8:97:4b:0f:7b:d0:a1:b6:01:c5:
b8:39:ec:41:0a:a4:69:81:9a:6c:ce:2d:c0:0d:c1:
44:6b:15:05:55:ae:e9:83:dc:d5:46:7b:e5:f4:e5:
b6:1f:fb:c1:00:a0:e5:cf:fd:f2:8b:6c:45:f9:10:
09:2a:e1:fb:39:ee:d8:31:b5:8b:ea:5a:1f:e3:da:
11:a5:8d:17:e9:b1:c3:d8:e8:94:02:51:4a:6f:1d:
e8:0b:b2:f2:b6:78:5d:07:9b:58:17:d6:d5:77:1a:
84:0f:6c:c2:88:2b:28:03:76:b5:2e:4a:0b:4a:8a:
0f:bf:ae:38:3f:a2:51:0c:04:03:17:ff:99:89:3f:
31:fb:83:60:2a:5b:bc:65:07:f3:eb:11:ab:a3:d4:
84:7c:3e:50:f4:71:84:a2:29:a3:8f:56:c3:b5:44:
f8:64:02:4f:7e:1d:6e:64:c7:c7:9c:df:81:ae:b9:
8a:2a:db:2d:05:1e:1e:4b:c7:92:54:e7:36:7e:b8:
48:4a:74:4b:ed:93:84:6f:27:e7:e7:1b:cc:01:92:
c9:62:3c:1e:c7:55:3a:d2:aa:8b:c3:bf:60:5e:57:
61:31:b4:00:10:f5:f3:79:61:8f:9b:3a:d4:56:87:
5c:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:9B:E7:1F:5B:44:27:A3:F9:1B:DA:FA:2E:96:E1:96:E8:ED:A4:97
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/upvnH1tEJ6P5G9r6LpbhlujtpJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.104.0/21
31.148.192.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:a3:f6:e9:9d:10:52:c0:ed:95:16:6a:eb:ec:20:cc:52:0d:
71:32:1e:a9:28:13:13:7a:b9:8b:7d:2e:2e:55:ce:dd:83:b0:
f7:80:48:6e:e2:97:73:3e:e7:ba:4f:ea:23:8a:dd:73:dc:5b:
b6:45:82:2d:98:36:a4:9b:4a:91:c1:12:10:9c:32:72:d2:33:
d8:04:20:46:b5:e6:5c:37:b7:67:ee:a6:e8:b7:05:99:a0:18:
02:7e:16:a0:31:d7:d9:0c:8c:ba:2d:15:ae:36:27:17:3e:d1:
cc:4e:bd:61:b0:91:4f:77:f3:5d:5a:fa:97:3b:c3:5f:a7:f3:
43:42:f1:55:58:40:60:12:cd:68:17:c9:99:db:f5:91:6f:c0:
87:84:bb:fb:88:4b:b0:66:10:5e:7c:5a:6a:80:d9:34:95:49:
e5:42:79:9c:6d:8a:69:31:d8:1e:46:58:1e:de:20:53:cd:28:
04:43:7a:09:fc:3f:12:75:dc:0f:cb:07:ad:06:34:87:7e:a7:
5f:4f:e9:e1:85:0c:a5:52:42:b6:12:8c:ab:27:3a:57:4e:39:
a7:01:30:ae:b0:5a:4d:17:56:28:96:54:55:2c:fa:af:5b:9b:
f6:9a:c7:48:7f:f8:38:a5:b4:74:a8:75:96:97:45:15:bd:fc:
bf:b3:5e:cf
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwlVWjaqdCfyNbo2YTYBu3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTliZTcxZjViNDQyN2EzZjkxYmRhZmEyZTk2ZTE5NmU4ZWRhNDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/MrFGfbruHCXa5hoJkV2f5cAciX
Sw970KG2AcW4OexBCqRpgZpszi3ADcFEaxUFVa7pg9zVRnvl9OW2H/vBAKDlz/3y
i2xF+RAJKuH7Oe7YMbWL6lof49oRpY0X6bHD2OiUAlFKbx3oC7LytnhdB5tYF9bV
dxqED2zCiCsoA3a1LkoLSooPv644P6JRDAQDF/+ZiT8x+4NgKlu8ZQfz6xGro9SE
fD5Q9HGEoimjj1bDtUT4ZAJPfh1uZMfHnN+BrrmKKtstBR4eS8eSVOc2frhISnRL
7ZOEbyfn5xvMAZLJYjwex1U60qqLw79gXldhMbQAEPXzeWGPmzrUVodc8QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLqb5x9bRCej+Rva+i6W4Zbo7aSXMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvdXB2bkgxdEVKNlA1RzlyNkxwYmhsdWp0cEpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDH5RoAwQC
H5TAMA0GCSqGSIb3DQEBCwUAA4IBAQCLo/bpnRBSwO2VFmrr7CDMUg1xMh6pKBMT
ermLfS4uVc7dg7D3gEhu4pdzPue6T+ojit1z3Fu2RYItmDakm0qRwRIQnDJy0jPY
BCBGteZcN7dn7qbotwWZoBgCfhagMdfZDIy6LRWuNicXPtHMTr1hsJFPd/NdWvqX
O8Nfp/NDQvFVWEBgEs1oF8mZ2/WRb8CHhLv7iEuwZhBefFpqgNk0lUnlQnmcbYpp
MdgeRlge3iBTzSgEQ3oJ/D8SddwPywetBjSHfqdfT+nhhQylUkK2EoyrJzpXTjmn
ATCusFpNF1YollRVLPqvW5v2msdIf/g4pbR0qHWWl0UVvfy/s17P
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:36:37 2025 by rpki-client