Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/OPBAdbRpQWaSbzg5nDvbyv-O4is.roa
File: OPBAdbRpQWaSbzg5nDvbyv-O4is.roa (raw, json)
Hash identifier: LIsFPgDl3j7aDwSuhS/KOuIHuNF+KhuEcc/0zP3/bq4=
Subject key identifier: 38:F0:40:75:B4:69:41:66:92:6F:38:39:9C:3B:DB:CA:FF:8E:E2:2B
Certificate issuer: /CN=5c64f9d04efd5a9fc2e23b42d5b51aefd9a50250
Certificate serial: 0BDA9CEF
Authority key identifier: 5C:64:F9:D0:4E:FD:5A:9F:C2:E2:3B:42:D5:B5:1A:EF:D9:A5:02:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/OPBAdbRpQWaSbzg5nDvbyv-O4is.roa
Signing time: Sat 01 Jan 2022 10:53:53 +0000
ROA not before: Sat 01 Jan 2022 10:53:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208435
IP address blocks: 31.133.47.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 198876399 (0xbda9cef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c64f9d04efd5a9fc2e23b42d5b51aefd9a50250
Validity
Not Before: Jan 1 10:53:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=38f04075b4694166926f38399c3bdbcaff8ee22b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:bb:bf:63:29:8f:31:0a:d6:51:bc:6c:7a:bf:
9b:02:ea:5d:f9:9b:1a:ec:17:94:06:bb:86:f8:e1:
f1:5b:bc:59:27:87:30:11:06:71:27:8b:99:c7:65:
7b:93:bc:72:1c:0c:a6:4d:73:7b:18:5a:78:35:c9:
13:5b:07:cf:a9:43:18:37:0b:3e:f8:41:ab:bd:bc:
55:ee:c1:29:05:23:eb:d2:da:a6:fc:b2:66:1c:a2:
b9:14:58:80:d8:15:26:0f:d7:8d:e9:21:41:e7:b8:
a8:48:cd:54:19:f9:2b:95:62:60:94:ed:58:e8:99:
d1:63:90:68:e3:c2:c6:8c:15:58:90:ec:0b:7a:56:
db:81:3a:8a:89:28:15:68:c8:37:07:83:aa:20:00:
46:15:60:bf:f7:f9:25:49:06:86:b9:71:ec:8b:c6:
da:ac:46:df:3b:89:a1:fc:ed:1b:47:f6:12:d3:f1:
bf:e1:ff:20:47:17:81:de:e2:4d:4b:32:6d:b5:4b:
ce:a0:79:95:33:fa:36:a9:5a:02:fc:ce:4b:5d:1f:
9e:a4:e6:54:96:d9:0e:07:5e:e6:5b:0c:1f:d3:19:
a2:02:60:f4:1e:13:8e:cb:c6:70:d3:ca:0c:24:c3:
fa:a0:f6:e1:4d:6d:09:fe:6c:f1:35:c3:8b:35:4d:
de:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:F0:40:75:B4:69:41:66:92:6F:38:39:9C:3B:DB:CA:FF:8E:E2:2B
X509v3 Authority Key Identifier:
keyid:5C:64:F9:D0:4E:FD:5A:9F:C2:E2:3B:42:D5:B5:1A:EF:D9:A5:02:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/OPBAdbRpQWaSbzg5nDvbyv-O4is.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/XGT50E79Wp_C4jtC1bUa79mlAlA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.47.0/24
Signature Algorithm: sha256WithRSAEncryption
41:2a:21:d3:87:8c:44:c2:b9:64:f8:00:35:c2:5e:ad:60:f9:
ed:50:7e:6e:4d:4e:31:84:4c:8c:e4:ee:1f:7e:b1:ee:6e:c6:
62:d8:b1:37:b1:6f:2d:99:5c:d2:01:a1:50:80:3d:1c:e9:e9:
b8:9e:c7:81:2b:68:7d:0d:1e:3f:0d:05:7b:83:75:d5:1c:7f:
42:04:bd:05:72:08:59:54:d8:78:4f:f9:6b:00:66:4c:f4:d4:
a9:e3:ff:fb:05:ea:d5:d3:3e:ae:cb:56:bb:3e:1c:b2:f9:b1:
10:8d:c0:a6:67:16:1c:05:14:10:13:b5:12:30:64:b5:80:62:
a0:d5:3d:a7:76:c9:47:ed:88:47:64:97:6b:ee:c4:43:4d:1d:
8a:89:51:18:1a:c7:97:31:22:ae:8b:60:da:56:72:6a:cc:39:
e8:d0:7a:2a:74:41:fd:44:ef:ef:25:1d:07:e5:39:e5:66:6b:
b6:20:d5:96:ce:3b:4f:02:a4:46:09:7d:e4:24:99:e5:f0:50:
01:3c:c3:54:10:27:7b:6a:6c:65:d5:15:1c:ec:d1:ee:28:28:
b0:4a:d8:79:59:c2:04:56:e2:71:f8:30:57:b3:0f:0e:e4:49:
29:1b:d3:b2:b7:33:c1:e7:4a:2e:a9:15:1b:c3:74:1b:93:47:
07:3b:b8:5f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEC9qc7zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YzY0ZjlkMDRlZmQ1YTlmYzJlMjNiNDJkNWI1MWFlZmQ5YTUwMjUwMB4XDTIyMDEw
MTEwNTM1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzhmMDQwNzViNDY5
NDE2NjkyNmYzODM5OWMzYmRiY2FmZjhlZTIyYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM27v2MpjzEK1lG8bHq/mwLqXfmbGuwXlAa7hvjh8Vu8WSeH
MBEGcSeLmcdle5O8chwMpk1zexhaeDXJE1sHz6lDGDcLPvhBq728Ve7BKQUj69La
pvyyZhyiuRRYgNgVJg/XjekhQee4qEjNVBn5K5ViYJTtWOiZ0WOQaOPCxowVWJDs
C3pW24E6iokoFWjINweDqiAARhVgv/f5JUkGhrlx7IvG2qxG3zuJofztG0f2EtPx
v+H/IEcXgd7iTUsybbVLzqB5lTP6NqlaAvzOS10fnqTmVJbZDgde5lsMH9MZogJg
9B4TjsvGcNPKDCTD+qD24U1tCf5s8TXDizVN3s8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ48EB1tGlBZpJvODmcO9vK/47iKzAfBgNVHSMEGDAWgBRcZPnQTv1an8Li
O0LVtRrv2aUCUDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hHVDUwRTc5V3BfQzRqdEMxYlVhNzltbEFsQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjkvMTg0OWE2LWY5MjEtNGI1MC05MTVlLWI2NmZhNGY0NzYzYS8x
L09QQkFkYlJwUVdhU2J6ZzVuRHZieXYtTzRpcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjkv
MTg0OWE2LWY5MjEtNGI1MC05MTVlLWI2NmZhNGY0NzYzYS8xL1hHVDUwRTc5V3Bf
QzRqdEMxYlVhNzltbEFsQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAB+FLzANBgkqhkiG9w0BAQsFAAOC
AQEAQSoh04eMRMK5ZPgANcJerWD57VB+bk1OMYRMjOTuH36x7m7GYtixN7FvLZlc
0gGhUIA9HOnpuJ7HgStofQ0ePw0Fe4N11Rx/QgS9BXIIWVTYeE/5awBmTPTUqeP/
+wXq1dM+rstWuz4csvmxEI3ApmcWHAUUEBO1EjBktYBioNU9p3bJR+2IR2SXa+7E
Q00diolRGBrHlzEirotg2lZyasw56NB6KnRB/UTv7yUdB+U55WZrtiDVls47TwKk
Rgl95CSZ5fBQATzDVBAne2psZdUVHOzR7igosErYeVnCBFbicfgwV7MPDuRJKRvT
srczwedKLqkVG8N0G5NHBzu4Xw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:36 2025 by rpki-client