Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/v_D6bzTWQeh9Utbbs1j89F_QdPo.roa
File: v_D6bzTWQeh9Utbbs1j89F_QdPo.roa (raw, json)
Hash identifier: ICSONW2XJMexI67PGdg5veSwILVqIQMgVvj6D4bMPWM=
Subject key identifier: BF:F0:FA:6F:34:D6:41:E8:7D:52:D6:DB:B3:58:FC:F4:5F:D0:74:FA
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018570959DC851758616376D6F5D54ECF21C
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/v_D6bzTWQeh9Utbbs1j89F_QdPo.roa
Signing time: Mon 02 Jan 2023 03:45:31 +0000
ROA not before: Mon 02 Jan 2023 03:45:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204889
IP address blocks: 31.148.20.0/24 maxlen: 24
92.253.204.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:9d:c8:51:75:86:16:37:6d:6f:5d:54:ec:f2:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bff0fa6f34d641e87d52d6dbb358fcf45fd074fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:9d:89:76:82:21:01:c5:2a:e8:87:eb:b2:30:
84:97:f2:b9:69:70:2d:64:a7:74:ba:5d:59:b3:40:
36:2c:98:18:39:9a:06:a5:b4:28:59:d9:18:3c:cc:
c4:2c:16:cc:ba:7e:38:47:c1:20:4d:d3:fe:84:3c:
92:71:46:eb:4b:7d:d1:60:f5:49:68:fb:81:f3:20:
fe:39:64:35:fc:b7:89:f2:47:fd:3b:b9:a0:ab:42:
9a:9e:bb:9d:53:f3:20:a1:0b:b6:8c:1d:7c:2e:4d:
19:24:2f:53:98:c8:cf:e6:84:24:e3:dc:fc:c1:de:
dc:66:66:7d:ca:3e:e3:21:50:05:d5:cb:eb:61:55:
e9:f1:46:4d:25:86:6e:3b:17:6e:e6:15:aa:87:bf:
36:ba:79:08:ff:ca:6f:3a:c6:3d:e0:6e:c0:b1:0e:
20:dd:fe:ec:25:bc:a7:aa:08:42:79:f5:30:85:04:
5d:0e:e8:28:54:d3:0b:df:b5:e9:f2:24:28:3f:71:
23:5c:67:52:57:54:1e:9f:49:d0:76:b5:b4:3c:97:
75:0d:37:9b:0a:4b:be:b2:a9:56:c7:b0:b1:b2:92:
1e:b7:e2:46:1a:65:d7:a2:21:fd:81:af:16:b0:53:
ba:90:13:69:7b:de:f2:ca:87:5d:dd:1f:8d:39:7c:
7b:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:F0:FA:6F:34:D6:41:E8:7D:52:D6:DB:B3:58:FC:F4:5F:D0:74:FA
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/v_D6bzTWQeh9Utbbs1j89F_QdPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.20.0/24
92.253.204.0/24
Signature Algorithm: sha256WithRSAEncryption
92:e0:3d:4e:5b:71:9d:ac:6b:2e:85:1a:df:5c:74:18:52:12:
00:00:fc:22:77:3f:3b:b1:fa:81:6b:62:57:36:e5:8d:73:cc:
dd:ea:93:e4:b7:0a:11:be:85:41:4a:39:dd:56:0e:ce:4f:e9:
3d:5a:3c:57:d7:8c:ba:0a:24:9f:75:df:40:54:88:07:6f:8d:
7d:28:ad:f3:47:43:17:0a:35:b7:45:83:02:ca:b7:17:c6:01:
67:db:be:b8:30:b2:e6:38:f9:68:71:bc:0b:79:e2:b5:1a:e8:
4b:c3:42:7e:3c:0e:79:1e:a9:fe:64:1e:be:57:e6:41:28:1d:
12:66:f1:b0:d2:33:66:73:55:89:a9:b4:1f:83:3b:66:b3:6d:
07:2b:94:77:c3:a8:15:ab:07:82:27:f3:4b:33:22:21:a0:df:
4e:24:70:05:5e:29:a7:a9:ac:6f:9e:3a:6f:51:42:34:a6:bc:
a0:dd:3b:c4:ea:be:41:f4:f0:be:dd:b4:81:1f:d1:a3:16:a7:
02:14:6e:44:97:be:e8:5c:d4:57:9b:14:62:10:72:ae:d5:05:
15:2d:30:25:01:e3:d3:62:f7:82:1f:db:23:2b:a5:94:3e:db:
ec:41:2e:53:45:4a:85:e5:8e:3b:f0:d3:9c:aa:e1:0d:8b:d9:
f5:9d:7f:35
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwlZ3IUXWGFjdtb11U7PIcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmYwZmE2ZjM0ZDY0MWU4N2Q1MmQ2ZGJiMzU4ZmNmNDVmZDA3NGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkp2JdoIhAcUq6IfrsjCEl/K5aXAt
ZKd0ul1Zs0A2LJgYOZoGpbQoWdkYPMzELBbMun44R8EgTdP+hDyScUbrS33RYPVJ
aPuB8yD+OWQ1/LeJ8kf9O7mgq0KanrudU/MgoQu2jB18Lk0ZJC9TmMjP5oQk49z8
wd7cZmZ9yj7jIVAF1cvrYVXp8UZNJYZuOxdu5hWqh782unkI/8pvOsY94G7AsQ4g
3f7sJbynqghCefUwhQRdDugoVNML37Xp8iQoP3EjXGdSV1Qen0nQdrW0PJd1DTeb
Cku+sqlWx7CxspIet+JGGmXXoiH9ga8WsFO6kBNpe97yyodd3R+NOXx7JQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL/w+m801kHofVLW27NY/PRf0HT6MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvdl9ENmJ6VFdRZWg5VXRiYnMxajg5Rl9RZFBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAH5QUAwQA
XP3MMA0GCSqGSIb3DQEBCwUAA4IBAQCS4D1OW3GdrGsuhRrfXHQYUhIAAPwidz87
sfqBa2JXNuWNc8zd6pPktwoRvoVBSjndVg7OT+k9WjxX14y6CiSfdd9AVIgHb419
KK3zR0MXCjW3RYMCyrcXxgFn2764MLLmOPlocbwLeeK1GuhLw0J+PA55Hqn+ZB6+
V+ZBKB0SZvGw0jNmc1WJqbQfgztms20HK5R3w6gVqweCJ/NLMyIhoN9OJHAFXimn
qaxvnjpvUUI0pryg3TvE6r5B9PC+3bSBH9GjFqcCFG5El77oXNRXmxRiEHKu1QUV
LTAlAePTYveCH9sjK6WUPtvsQS5TRUqF5Y478NOcquENi9n1nX81
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:32:11 2025 by rpki-client