Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/yB5VPja3Q4slPIML6MKapOXH9rg.roa
File: yB5VPja3Q4slPIML6MKapOXH9rg.roa (raw, json)
Hash identifier: Z+lOnA8LZp6iPoLaftbvAvsyBOEZR4P32HVXhCDLvV0=
Subject key identifier: C8:1E:55:3E:36:B7:43:8B:25:3C:83:0B:E8:C2:9A:A4:E5:C7:F6:B8
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01857095A16FDF76EECAEAD0502AC8DAB161
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/yB5VPja3Q4slPIML6MKapOXH9rg.roa
Signing time: Mon 02 Jan 2023 03:45:32 +0000
ROA not before: Mon 02 Jan 2023 03:45:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207228
IP address blocks: 31.148.48.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:a1:6f:df:76:ee:ca:ea:d0:50:2a:c8:da:b1:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c81e553e36b7438b253c830be8c29aa4e5c7f6b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:a8:53:3d:b3:41:af:07:74:90:c6:6f:4b:93:
0f:17:bc:f4:a7:19:ef:8b:38:c8:8e:fa:8e:16:a8:
d7:87:d7:82:4e:03:88:35:b0:42:c9:82:8f:38:d1:
8f:c7:94:91:53:66:02:aa:73:04:41:86:eb:6e:5a:
d3:d0:49:0d:58:53:cb:71:d9:53:eb:05:93:46:45:
e0:0f:b3:36:46:3b:57:93:8f:e9:0b:49:8b:fe:1b:
72:d6:29:1c:e9:f8:7b:7d:e3:e2:88:e5:e7:2b:f1:
2e:48:13:4e:00:04:19:14:d7:eb:d9:80:f5:c3:ac:
3a:9e:16:33:2b:24:4a:e7:aa:69:24:11:61:53:ea:
2f:57:c5:98:08:04:af:ed:9c:2f:d2:f4:7d:d7:e1:
77:2a:da:ce:83:c4:04:a0:f7:71:44:5e:8b:48:ed:
89:9c:a5:ee:1d:34:f4:7d:98:bc:bc:a6:66:67:6a:
39:5e:c3:77:ca:21:a6:8b:f9:b1:32:a3:f5:ab:00:
69:5c:3e:2b:d7:2f:b5:30:50:dd:14:62:ac:53:f8:
44:25:39:da:c7:d0:a4:63:1f:b7:30:4b:23:98:d4:
9f:43:4a:6e:17:34:1a:6a:6c:7c:e8:cd:1e:28:bb:
c6:7c:ad:aa:f0:cd:42:c8:3a:57:07:5a:05:95:21:
da:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:1E:55:3E:36:B7:43:8B:25:3C:83:0B:E8:C2:9A:A4:E5:C7:F6:B8
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/yB5VPja3Q4slPIML6MKapOXH9rg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.48.0/23
Signature Algorithm: sha256WithRSAEncryption
27:46:9a:a8:26:92:5c:d9:90:a8:d9:d7:9f:b2:2c:df:a6:03:
fa:ee:11:8b:eb:13:8a:a3:f0:26:fd:6d:80:1e:6b:90:c0:9f:
ff:44:40:dc:82:72:0b:20:ad:b1:b8:66:c4:cc:6b:78:92:4b:
7f:8f:b2:b2:da:7a:dd:ef:28:ed:8b:4f:c1:57:ee:b7:bb:01:
03:18:a1:40:2f:70:85:20:57:d3:de:dd:1d:9c:ee:fb:14:2a:
c6:36:7b:78:06:be:41:a6:14:24:81:9a:16:c6:c6:b2:be:68:
63:66:8a:e7:e6:b7:56:a3:5d:c2:7f:5d:7d:cf:f9:ce:5b:8a:
fa:e5:05:ce:8d:73:f4:da:1d:a9:45:eb:94:0e:f5:80:cd:d7:
74:dc:23:a3:b1:a4:e7:ac:ef:b6:d8:40:04:3c:e5:3f:c8:98:
72:1d:f1:35:85:9a:64:c8:e6:e7:07:ee:7d:91:e6:6b:00:32:
a0:2d:57:1e:6a:d7:c1:c6:a3:2b:fb:f1:34:bf:82:dc:7d:0e:
12:8d:ad:3d:9d:c6:aa:57:b3:c9:0e:01:9d:d0:b1:b7:98:e6:
8b:6b:7c:aa:1b:79:74:89:f4:91:37:9b:7e:74:70:c6:61:96:
e0:5d:3c:c4:2a:14:94:39:4e:53:02:a2:8f:57:d1:76:77:fc:
3f:15:70:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlaFv33buyurQUCrI2rFhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODFlNTUzZTM2Yjc0MzhiMjUzYzgzMGJlOGMyOWFhNGU1YzdmNmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyahTPbNBrwd0kMZvS5MPF7z0pxnv
izjIjvqOFqjXh9eCTgOINbBCyYKPONGPx5SRU2YCqnMEQYbrblrT0EkNWFPLcdlT
6wWTRkXgD7M2RjtXk4/pC0mL/hty1ikc6fh7fePiiOXnK/EuSBNOAAQZFNfr2YD1
w6w6nhYzKyRK56ppJBFhU+ovV8WYCASv7Zwv0vR91+F3KtrOg8QEoPdxRF6LSO2J
nKXuHTT0fZi8vKZmZ2o5XsN3yiGmi/mxMqP1qwBpXD4r1y+1MFDdFGKsU/hEJTna
x9CkYx+3MEsjmNSfQ0puFzQaamx86M0eKLvGfK2q8M1CyDpXB1oFlSHaFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMgeVT42t0OLJTyDC+jCmqTlx/a4MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEveUI1VlBqYTNRNHNsUElNTDZNS2FwT1hIOXJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBH5QwMA0G
CSqGSIb3DQEBCwUAA4IBAQAnRpqoJpJc2ZCo2defsizfpgP67hGL6xOKo/Am/W2A
HmuQwJ//REDcgnILIK2xuGbEzGt4kkt/j7Ky2nrd7yjti0/BV+63uwEDGKFAL3CF
IFfT3t0dnO77FCrGNnt4Br5BphQkgZoWxsayvmhjZorn5rdWo13Cf119z/nOW4r6
5QXOjXP02h2pReuUDvWAzdd03COjsaTnrO+22EAEPOU/yJhyHfE1hZpkyObnB+59
keZrADKgLVceatfBxqMr+/E0v4LcfQ4Sja09ncaqV7PJDgGd0LG3mOaLa3yqG3l0
ifSRN5t+dHDGYZbgXTzEKhSUOU5TAqKPV9F2d/w/FXCj
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:36:54 2025 by rpki-client