Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/5c06bc-8ca1-4091-9418-734fab6fec6f/1/oymOIm3KZkCDquQZmCv9iUEUU_4.roa
File: oymOIm3KZkCDquQZmCv9iUEUU_4.roa (raw, json)
Hash identifier: pNSEBgck67++zU5Rh6nyDjpbhepqeRUlWk4d9JSzLWA=
Subject key identifier: A3:29:8E:22:6D:CA:66:40:83:AA:E4:19:98:2B:FD:89:41:14:53:FE
Certificate issuer: /CN=95e81311ef1d36ecc6d125e36c82c26f915b0df7
Certificate serial: 02617DDE
Authority key identifier: 95:E8:13:11:EF:1D:36:EC:C6:D1:25:E3:6C:82:C2:6F:91:5B:0D:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/legTEe8dNuzG0SXjbILCb5FbDfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/5c06bc-8ca1-4091-9418-734fab6fec6f/1/oymOIm3KZkCDquQZmCv9iUEUU_4.roa
Signing time: Sat 01 Jan 2022 08:53:19 +0000
ROA not before: Sat 01 Jan 2022 08:53:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49461
IP address blocks: 31.42.160.0/24 maxlen: 24
31.42.166.0/24 maxlen: 24
31.42.160.0/20 maxlen: 20
31.42.162.0/24 maxlen: 24
31.42.161.0/24 maxlen: 24
31.42.164.0/24 maxlen: 24
31.42.163.0/24 maxlen: 24
31.42.165.0/24 maxlen: 24
31.42.167.0/24 maxlen: 24
31.42.171.0/24 maxlen: 24
31.42.170.0/24 maxlen: 24
31.42.172.0/23 maxlen: 23
31.42.174.0/24 maxlen: 24
31.42.175.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 39943646 (0x2617dde)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95e81311ef1d36ecc6d125e36c82c26f915b0df7
Validity
Not Before: Jan 1 08:53:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a3298e226dca664083aae419982bfd89411453fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:3a:87:2f:fa:24:36:f1:d0:1e:b4:18:b1:59:
ee:c8:fa:b0:53:5a:ea:16:76:99:08:c1:2f:c8:50:
31:85:90:f7:4a:aa:36:b1:d9:e9:4f:7e:9b:64:34:
f6:93:c4:5f:d4:94:83:f3:3a:f4:c7:17:24:f5:e7:
0b:75:f9:a3:3e:5a:2a:14:7a:fe:d7:56:af:9c:62:
e4:21:df:f9:d4:72:b0:e3:d9:b5:0d:cc:f5:9c:62:
34:71:03:2b:2c:55:e7:68:fe:f1:7a:10:d0:da:77:
b9:1f:21:ef:41:a4:2a:da:97:3f:73:66:fa:d4:93:
9d:ad:c8:24:05:0d:39:7d:35:2a:ec:09:6a:01:fd:
9a:95:ca:09:6e:32:d5:fd:f4:90:7b:36:16:92:51:
06:97:05:1e:dd:cd:35:fb:c5:69:d5:1c:c9:3b:36:
08:66:b5:d6:bd:87:96:eb:85:00:8c:cf:d6:db:be:
4e:28:58:d2:88:87:ea:9b:34:4a:4e:de:58:ed:2f:
95:a8:82:aa:37:6e:12:ba:b1:8c:56:a2:37:a2:a3:
9e:73:bc:df:74:e3:e9:58:c7:7a:b1:d3:54:f3:73:
f9:13:10:9d:67:b7:c7:2c:f5:53:a0:87:87:10:0d:
b2:32:06:cd:42:4a:bd:6e:cc:3e:78:b4:80:8d:9f:
03:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:29:8E:22:6D:CA:66:40:83:AA:E4:19:98:2B:FD:89:41:14:53:FE
X509v3 Authority Key Identifier:
keyid:95:E8:13:11:EF:1D:36:EC:C6:D1:25:E3:6C:82:C2:6F:91:5B:0D:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/legTEe8dNuzG0SXjbILCb5FbDfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/5c06bc-8ca1-4091-9418-734fab6fec6f/1/oymOIm3KZkCDquQZmCv9iUEUU_4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/5c06bc-8ca1-4091-9418-734fab6fec6f/1/legTEe8dNuzG0SXjbILCb5FbDfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.160.0/20
Signature Algorithm: sha256WithRSAEncryption
38:31:11:05:97:7e:42:2a:74:b1:72:ff:e7:f4:74:f6:0d:9e:
d5:a7:33:52:09:7b:1a:f2:bc:7e:0f:60:61:29:bf:93:e7:b1:
1d:26:0b:fc:87:41:af:9e:60:52:09:06:2d:38:91:eb:1a:8c:
90:ef:08:c6:7e:26:c8:7d:ec:7c:83:00:31:19:f0:3f:c1:47:
41:3c:68:f0:92:2d:de:70:b8:e5:97:7c:33:e0:1e:0d:40:7c:
2c:2f:ed:f1:2a:32:30:17:9d:99:5b:45:b0:2b:08:24:d8:a4:
8d:11:12:45:78:6a:06:a0:50:9f:c5:b7:06:f6:7e:ea:30:68:
84:6e:2a:5c:aa:10:fa:37:66:92:1f:7f:02:a1:24:03:97:b3:
68:4d:4b:93:a6:26:32:b0:c9:c5:d5:13:03:0a:f2:94:77:e3:
42:bb:61:a5:41:e0:1f:e5:00:e8:b7:2d:27:a3:20:3b:8e:12:
29:66:ed:59:26:69:03:15:7e:aa:a9:43:f7:86:6a:ea:e5:49:
bf:67:96:ab:fb:ca:e0:15:98:f0:9a:2e:ac:08:92:34:d4:82:
a1:66:b3:e9:0d:42:5b:77:1e:9f:83:4b:52:f4:5c:f9:cb:14:
e5:dc:ba:a3:95:5f:41:2e:2c:3b:8e:b9:df:6b:46:21:2f:0d:
c6:9f:21:b5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAmF93jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NWU4MTMxMWVmMWQzNmVjYzZkMTI1ZTM2YzgyYzI2ZjkxNWIwZGY3MB4XDTIyMDEw
MTA4NTMxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTMyOThlMjI2ZGNh
NjY0MDgzYWFlNDE5OTgyYmZkODk0MTE0NTNmZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL86hy/6JDbx0B60GLFZ7sj6sFNa6hZ2mQjBL8hQMYWQ90qq
NrHZ6U9+m2Q09pPEX9SUg/M69McXJPXnC3X5oz5aKhR6/tdWr5xi5CHf+dRysOPZ
tQ3M9ZxiNHEDKyxV52j+8XoQ0Np3uR8h70GkKtqXP3Nm+tSTna3IJAUNOX01KuwJ
agH9mpXKCW4y1f30kHs2FpJRBpcFHt3NNfvFadUcyTs2CGa11r2HluuFAIzP1tu+
TihY0oiH6ps0Sk7eWO0vlaiCqjduErqxjFaiN6KjnnO833Tj6VjHerHTVPNz+RMQ
nWe3xyz1U6CHhxANsjIGzUJKvW7MPni0gI2fAzsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSjKY4ibcpmQIOq5BmYK/2JQRRT/jAfBgNVHSMEGDAWgBSV6BMR7x027MbR
JeNsgsJvkVsN9zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xlZ1RFZThkTnV6RzBTWGpiSUxDYjVGYkRmYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvNWMwNmJjLThjYTEtNDA5MS05NDE4LTczNGZhYjZmZWM2Zi8x
L295bU9JbTNLWmtDRHF1UVptQ3Y5aVVFVVVfNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
NWMwNmJjLThjYTEtNDA5MS05NDE4LTczNGZhYjZmZWM2Zi8xL2xlZ1RFZThkTnV6
RzBTWGpiSUxDYjVGYkRmYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBB8qoDANBgkqhkiG9w0BAQsFAAOC
AQEAODERBZd+Qip0sXL/5/R09g2e1aczUgl7GvK8fg9gYSm/k+exHSYL/IdBr55g
UgkGLTiR6xqMkO8Ixn4myH3sfIMAMRnwP8FHQTxo8JIt3nC45Zd8M+AeDUB8LC/t
8SoyMBedmVtFsCsIJNikjRESRXhqBqBQn8W3BvZ+6jBohG4qXKoQ+jdmkh9/AqEk
A5ezaE1Lk6YmMrDJxdUTAwrylHfjQrthpUHgH+UA6LctJ6MgO44SKWbtWSZpAxV+
qqlD94Zq6uVJv2eWq/vK4BWY8JourAiSNNSCoWaz6Q1CW3cen4NLUvRc+csU5dy6
o5VfQS4sO46532tGIS8Nxp8htQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:29:56 2025 by rpki-client