Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/zYfHWQp2xjkQ9snnghwgzKMlzr0.roa
File: zYfHWQp2xjkQ9snnghwgzKMlzr0.roa (raw, json)
Hash identifier: f0T9ZYMFcIeP4vlDYYsUTB7YV6LJ2ULQpEIXgBHgzTI=
Subject key identifier: CD:87:C7:59:0A:76:C6:39:10:F6:C9:E7:82:1C:20:CC:A3:25:CE:BD
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 2A0EC916
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/zYfHWQp2xjkQ9snnghwgzKMlzr0.roa
Signing time: Wed 01 Jun 2022 09:05:24 +0000
ROA not before: Wed 01 Jun 2022 09:05:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60075
IP address blocks: 31.148.2.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 705612054 (0x2a0ec916)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jun 1 09:05:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cd87c7590a76c63910f6c9e7821c20cca325cebd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:3b:a8:8b:9f:4c:2c:fc:48:c5:b1:32:cf:12:
7b:c0:0d:a6:0b:d3:3e:94:d7:81:7c:23:5e:75:b3:
db:5d:de:f7:76:37:a5:40:6d:dc:5e:a4:56:ee:a9:
1f:4b:7f:a6:3a:ba:c9:be:0b:45:ce:93:8f:39:56:
24:54:3c:7c:fc:b1:ab:c7:f7:d5:ac:cb:1d:d4:73:
a2:93:d6:a5:d7:6f:1e:1b:b5:06:b9:ec:5c:c8:25:
bd:65:e8:5c:63:4c:55:8c:be:59:6f:dc:28:78:cd:
28:d6:ba:fc:74:7f:8c:98:1c:f2:11:6b:c6:63:00:
70:63:99:68:9f:69:d2:09:78:5b:ec:e5:57:5a:63:
25:ac:3d:91:41:f7:9d:71:3b:f0:0c:5c:66:a0:a7:
c4:e8:40:c4:17:ed:6d:52:af:58:68:7b:c7:7d:82:
cc:10:c9:ca:5c:01:e7:1b:4d:4b:bb:5b:81:ab:fc:
4a:b0:95:59:35:8c:79:9b:c9:f1:8b:4c:75:e4:07:
51:e0:de:28:28:c5:bf:4b:9d:b4:dd:59:ee:c5:d3:
e6:61:63:1c:99:a9:58:bc:c2:a7:6d:7f:0f:e4:37:
3c:c1:90:e8:f5:64:3e:a9:7c:88:56:40:56:c5:0a:
19:0e:7b:e1:46:00:75:3b:98:36:ab:da:ff:92:4b:
47:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:87:C7:59:0A:76:C6:39:10:F6:C9:E7:82:1C:20:CC:A3:25:CE:BD
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/zYfHWQp2xjkQ9snnghwgzKMlzr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.2.0/23
Signature Algorithm: sha256WithRSAEncryption
ae:06:b5:13:7c:34:eb:d1:77:70:23:ae:8f:98:f9:59:a4:f1:
a1:33:5d:f9:47:0b:49:fa:d7:16:d7:8d:98:02:c0:43:6a:39:
a0:85:46:e0:ab:1b:e8:0d:39:f3:3f:ca:56:52:d3:0d:19:19:
31:c2:a0:16:e9:5d:fd:4b:09:ef:5c:99:a6:83:25:09:ab:c3:
69:63:29:0b:1e:7e:d5:3c:7f:e2:9d:7d:4b:41:35:78:91:8a:
de:e3:15:81:92:ee:2b:e6:c2:22:18:65:7f:4f:ce:ca:67:bb:
46:7e:52:7b:ed:84:66:cf:d1:63:b6:19:cf:e3:2b:da:19:b5:
27:29:39:29:cf:d1:8c:f1:4f:e5:10:e7:8d:b9:06:d3:d1:45:
6c:80:43:c5:c8:df:d0:ed:5a:68:45:21:31:55:1a:1c:5d:fb:
20:8b:c1:7e:3c:ef:f7:e9:39:65:69:27:1d:26:03:6f:45:12:
cc:07:12:c0:10:bc:c1:15:8a:7f:83:68:59:ee:a9:68:d6:6f:
d3:e9:24:8e:2d:34:65:7d:b9:50:24:83:46:50:95:7b:44:e6:
1d:a7:4b:09:b8:b6:c7:69:0b:ad:28:61:5a:9d:c8:bf:8c:a9:
47:0a:c4:19:91:46:99:e5:1e:08:7b:83:03:f9:f1:1f:47:44:
62:80:64:0e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEKg7JFjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDkxMjJjMzU0MzhhNGViMjYyMzNmZGM2ZTRiYjFkZjJkYWFlZjQyMB4XDTIyMDYw
MTA5MDUyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2Q4N2M3NTkwYTc2
YzYzOTEwZjZjOWU3ODIxYzIwY2NhMzI1Y2ViZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL07qIufTCz8SMWxMs8Se8ANpgvTPpTXgXwjXnWz213e93Y3
pUBt3F6kVu6pH0t/pjq6yb4LRc6TjzlWJFQ8fPyxq8f31azLHdRzopPWpddvHhu1
BrnsXMglvWXoXGNMVYy+WW/cKHjNKNa6/HR/jJgc8hFrxmMAcGOZaJ9p0gl4W+zl
V1pjJaw9kUH3nXE78AxcZqCnxOhAxBftbVKvWGh7x32CzBDJylwB5xtNS7tbgav8
SrCVWTWMeZvJ8YtMdeQHUeDeKCjFv0udtN1Z7sXT5mFjHJmpWLzCp21/D+Q3PMGQ
6PVkPql8iFZAVsUKGQ574UYAdTuYNqva/5JLR/MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTNh8dZCnbGORD2yeeCHCDMoyXOvTAfBgNVHSMEGDAWgBR0kSLDVDik6yYj
P9xuS7HfLarvQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8x
L3pZZkhXUXAyeGprUTlzbm5naHdnektNbHpyMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
MThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8xL2RKRWl3MVE0cE9z
bUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAR+UAjANBgkqhkiG9w0BAQsFAAOC
AQEArga1E3w069F3cCOuj5j5WaTxoTNd+UcLSfrXFteNmALAQ2o5oIVG4Ksb6A05
8z/KVlLTDRkZMcKgFuld/UsJ71yZpoMlCavDaWMpCx5+1Tx/4p19S0E1eJGK3uMV
gZLuK+bCIhhlf0/Oyme7Rn5Se+2EZs/RY7YZz+Mr2hm1Jyk5Kc/RjPFP5RDnjbkG
09FFbIBDxcjf0O1aaEUhMVUaHF37IIvBfjzv9+k5ZWknHSYDb0USzAcSwBC8wRWK
f4NoWe6paNZv0+kkji00ZX25UCSDRlCVe0TmHadLCbi2x2kLrShhWp3Iv4ypRwrE
GZFGmeUeCHuDA/nxH0dEYoBkDg==
-----END CERTIFICATE-----
Generated at Sat Apr 12 19:48:58 2025 by rpki-client