Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/a0099c-d860-49a5-b459-3d0036603ea0/1/l3OZ-h8Ds6YxQZhig6_bsnwISTc.roa
File: l3OZ-h8Ds6YxQZhig6_bsnwISTc.roa (raw, json)
Hash identifier: uMsQvL8HBPkTtkhJLpozA9qnuRVRa5+O5K+pMNWW6MU=
Subject key identifier: 97:73:99:FA:1F:03:B3:A6:31:41:98:62:83:AF:DB:B2:7C:08:49:37
Certificate issuer: /CN=264d04c39641b82b5dc3844cf5ff550f54044689
Certificate serial: 0188210C87DF8E70210183A39DCDBD6565D8
Authority key identifier: 26:4D:04:C3:96:41:B8:2B:5D:C3:84:4C:F5:FF:55:0F:54:04:46:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jk0Ew5ZBuCtdw4RM9f9VD1QERok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/a0099c-d860-49a5-b459-3d0036603ea0/1/l3OZ-h8Ds6YxQZhig6_bsnwISTc.roa
Signing time: Mon 15 May 2023 20:14:09 +0000
ROA not before: Mon 15 May 2023 20:14:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210144
IP address blocks: 31.132.48.0/22 maxlen: 22
185.141.172.0/22 maxlen: 22
2a0d:e800::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:21:0c:87:df:8e:70:21:01:83:a3:9d:cd:bd:65:65:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=264d04c39641b82b5dc3844cf5ff550f54044689
Validity
Not Before: May 15 20:14:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=977399fa1f03b3a63141986283afdbb27c084937
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:ad:ec:d5:90:40:f7:50:94:d1:06:5f:bf:bd:
78:08:a7:35:50:65:80:20:ed:a6:8b:a5:45:e7:6b:
c5:c2:e7:d2:39:34:2d:d9:f7:da:cb:56:77:34:60:
b9:d5:33:83:7a:6a:28:97:a0:d6:fb:ab:1c:30:5d:
96:0b:3a:73:07:f7:d2:f6:aa:d9:30:88:b0:54:7f:
60:c5:c3:c1:7d:12:e1:af:61:85:cb:f9:ad:12:51:
91:a7:1b:91:96:b1:37:c9:9e:55:ed:1c:cd:43:56:
09:ac:2a:6e:bd:0c:50:d0:f1:3b:58:be:b8:fa:fe:
af:15:f1:b0:e8:08:79:06:7f:cf:09:c0:ff:f3:48:
e3:07:dd:ce:90:31:2b:2b:8f:f0:7b:ea:b4:06:5d:
23:7a:37:fe:8b:5d:b7:86:3a:e3:55:7b:52:95:9e:
8c:33:da:f4:e4:4e:23:b6:77:57:1e:20:83:87:e1:
6e:ab:c7:84:9f:69:2a:ee:c5:8e:c1:90:1a:d4:3b:
9d:d9:ef:c5:ff:51:c7:30:59:ff:82:a3:c5:3b:ce:
9b:81:05:ba:7c:e0:63:56:fc:ea:0d:41:82:26:d0:
48:7c:8e:2f:e3:6f:1b:d8:d3:41:e7:c4:93:44:e1:
47:a1:a1:6b:54:67:49:49:7c:c4:6e:3f:82:1b:4e:
e3:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:73:99:FA:1F:03:B3:A6:31:41:98:62:83:AF:DB:B2:7C:08:49:37
X509v3 Authority Key Identifier:
keyid:26:4D:04:C3:96:41:B8:2B:5D:C3:84:4C:F5:FF:55:0F:54:04:46:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jk0Ew5ZBuCtdw4RM9f9VD1QERok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/a0099c-d860-49a5-b459-3d0036603ea0/1/l3OZ-h8Ds6YxQZhig6_bsnwISTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/a0099c-d860-49a5-b459-3d0036603ea0/1/Jk0Ew5ZBuCtdw4RM9f9VD1QERok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.132.48.0/22
185.141.172.0/22
IPv6:
2a0d:e800::/29
Signature Algorithm: sha256WithRSAEncryption
47:48:6b:2c:50:c7:42:de:f8:ef:aa:9a:f2:82:55:41:fc:ac:
aa:7f:92:da:64:ff:26:a3:27:cf:11:90:72:3b:d2:e7:68:07:
74:76:44:a8:76:ca:16:e8:6c:f3:e6:8f:2d:86:a2:1c:b0:09:
73:76:27:de:60:7e:67:d5:10:02:a3:7a:bd:ef:24:b0:d4:e9:
bd:f8:f8:b1:c1:9e:82:40:1d:fa:b4:48:02:40:60:15:00:0b:
3c:86:ec:62:cb:65:dc:82:13:85:19:bb:35:18:58:8b:d2:04:
72:91:68:39:ec:5e:8b:6d:e5:52:af:f6:8b:46:2b:e9:9b:e4:
6c:c7:18:f3:1f:0d:6d:ec:7b:e0:71:47:c2:c6:28:56:0f:6b:
55:e5:54:5f:7b:09:42:d2:5b:78:d8:03:f5:0b:42:d5:e7:dd:
2b:b7:ee:6f:a1:29:ea:c6:40:24:14:8f:e5:21:00:b3:3b:58:
05:d3:90:cd:4e:d7:aa:e9:b3:f6:bf:00:af:c4:01:af:98:77:
17:af:a1:37:f8:90:20:ce:2f:a8:eb:6a:46:e8:2e:38:1a:d7:
0f:c1:92:4a:4b:21:ab:39:21:3c:64:1d:2a:c8:e0:71:4d:3d:
ff:81:33:c6:11:ab:97:4f:65:d6:af:1c:d8:02:d3:ec:11:da:
db:30:f3:86
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYghDIffjnAhAYOjnc29ZWXYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NGQwNGMzOTY0MWI4MmI1ZGMzODQ0Y2Y1ZmY1NTBmNTQw
NDQ2ODkwHhcNMjMwNTE1MjAxNDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzczOTlmYTFmMDNiM2E2MzE0MTk4NjI4M2FmZGJiMjdjMDg0OTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0q3s1ZBA91CU0QZfv714CKc1UGWA
IO2mi6VF52vFwufSOTQt2ffay1Z3NGC51TODemool6DW+6scMF2WCzpzB/fS9qrZ
MIiwVH9gxcPBfRLhr2GFy/mtElGRpxuRlrE3yZ5V7RzNQ1YJrCpuvQxQ0PE7WL64
+v6vFfGw6Ah5Bn/PCcD/80jjB93OkDErK4/we+q0Bl0jejf+i123hjrjVXtSlZ6M
M9r05E4jtndXHiCDh+Fuq8eEn2kq7sWOwZAa1Dud2e/F/1HHMFn/gqPFO86bgQW6
fOBjVvzqDUGCJtBIfI4v428b2NNB58STROFHoaFrVGdJSXzEbj+CG07jtwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJdzmfofA7OmMUGYYoOv27J8CEk3MB8GA1UdIwQY
MBaAFCZNBMOWQbgrXcOETPX/VQ9UBEaJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmswRXc1WkJ1Q3RkdzRSTTlmOVZEMVFFUm9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9hMDA5OWMtZDg2MC00OWE1LWI0NTkt
M2QwMDM2NjAzZWEwLzEvbDNPWi1oOERzNll4UVpoaWc2X2JzbndJU1RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9hMDA5OWMtZDg2MC00OWE1LWI0NTktM2QwMDM2NjAzZWEw
LzEvSmswRXc1WkJ1Q3RkdzRSTTlmOVZEMVFFUm9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCH4QwAwQC
uY2sMA0EAgACMAcDBQMqDegAMA0GCSqGSIb3DQEBCwUAA4IBAQBHSGssUMdC3vjv
qpryglVB/Kyqf5LaZP8moyfPEZByO9LnaAd0dkSodsoW6Gzz5o8thqIcsAlzdife
YH5n1RACo3q97ySw1Om9+PixwZ6CQB36tEgCQGAVAAs8huxiy2XcghOFGbs1GFiL
0gRykWg57F6LbeVSr/aLRivpm+RsxxjzHw1t7HvgcUfCxihWD2tV5VRfewlC0lt4
2AP1C0LV590rt+5voSnqxkAkFI/lIQCzO1gF05DNTteq6bP2vwCvxAGvmHcXr6E3
+JAgzi+o62pG6C44GtcPwZJKSyGrOSE8ZB0qyOBxTT3/gTPGEauXT2XWrxzYAtPs
EdrbMPOG
-----END CERTIFICATE-----
Generated at Tue Mar 11 19:25:45 2025 by rpki-client