Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/PHRF4Wl2ofTd4OGRhLGybKH1CTc.roa
File: PHRF4Wl2ofTd4OGRhLGybKH1CTc.roa (raw, json)
Hash identifier: DrOpqCZI0LaF6jlKN/cgPWUWzpAPoTT67N27ZatsqDE=
Subject key identifier: 3C:74:45:E1:69:76:A1:F4:DD:E0:E1:91:84:B1:B2:6C:A1:F5:09:37
Certificate issuer: /CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Certificate serial: 0185732209D04562BD2D2D48E19DD639B4BD
Authority key identifier: 1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/PHRF4Wl2ofTd4OGRhLGybKH1CTc.roa
Signing time: Mon 02 Jan 2023 15:38:08 +0000
ROA not before: Mon 02 Jan 2023 15:38:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12695
IP address blocks: 31.40.164.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:22:09:d0:45:62:bd:2d:2d:48:e1:9d:d6:39:b4:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Validity
Not Before: Jan 2 15:38:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c7445e16976a1f4dde0e19184b1b26ca1f50937
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:cb:17:5e:14:1c:d7:6d:a8:83:d4:76:07:2b:
c8:9d:d6:ea:bb:4d:11:ca:d3:1b:9b:56:2a:f6:e6:
aa:f9:0a:75:2c:8a:7c:cb:18:6e:bb:70:b0:43:f6:
9d:c4:36:7a:63:37:10:86:db:ee:cd:5c:15:8c:99:
26:dc:06:eb:80:de:3a:ea:56:0a:72:08:ea:1e:a0:
23:c5:cc:0a:e8:59:00:c2:b5:7e:25:14:90:9f:0e:
f0:1c:19:4d:1f:4a:8a:87:ae:a5:28:5b:d9:5a:f3:
f2:e6:76:90:bc:19:c4:01:60:74:20:63:53:d6:7c:
13:ff:12:9d:b1:24:82:9b:e3:93:9d:70:e0:a7:b5:
b0:7c:35:92:0e:7a:4b:df:bb:a6:8b:d8:a2:c1:6b:
3d:22:76:6d:50:30:58:5d:c1:36:7b:22:1d:e7:7b:
0b:ff:05:80:64:21:35:da:66:cd:d3:d5:3f:92:85:
b1:2e:12:bb:46:e2:4a:b7:54:81:df:69:12:8d:f0:
88:a2:26:57:90:44:1e:86:72:6c:f4:25:67:f8:12:
63:02:34:1b:98:b5:2e:cc:40:96:01:c4:06:bf:65:
41:a5:bb:90:c5:2c:0e:d6:42:4b:b5:b7:a9:10:16:
46:a7:0c:d2:fc:e7:e3:29:24:41:27:48:1e:0e:22:
7b:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:74:45:E1:69:76:A1:F4:DD:E0:E1:91:84:B1:B2:6C:A1:F5:09:37
X509v3 Authority Key Identifier:
keyid:1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/PHRF4Wl2ofTd4OGRhLGybKH1CTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/Hq9cLl7cGXg00H80WWKwdFvuZtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.164.0/24
Signature Algorithm: sha256WithRSAEncryption
02:c8:db:6a:25:9a:9b:94:2b:3b:b7:75:32:5d:63:ab:33:64:
f0:d5:e5:bf:5e:ba:53:27:13:74:ba:78:2d:b0:73:7e:2b:3e:
65:94:2b:f9:17:cc:c9:ff:9c:a7:62:30:ca:5a:4f:84:2e:32:
c8:7f:30:c0:f3:74:e4:88:cf:96:c4:5f:e4:38:29:58:a7:86:
77:7c:4c:b9:79:8d:62:8e:88:d0:6b:04:7e:cd:7d:ba:d1:a2:
90:39:1e:9b:58:26:d7:ed:2b:d1:1e:9e:7b:58:3f:8a:12:79:
6f:5c:30:71:71:af:66:9d:56:70:be:c0:a9:4a:49:3d:cc:f4:
0b:fd:ae:3b:04:a5:bd:cb:bd:51:62:a9:ca:73:b2:1b:d4:64:
76:c4:d9:f5:21:8d:09:44:38:d3:14:ea:cd:27:a8:e8:a5:7e:
e6:9a:4a:cb:c1:12:29:f4:3a:16:60:fe:ee:88:29:d0:32:08:
7a:b9:f8:9c:d7:8e:79:06:91:bc:dc:b9:a4:01:75:92:60:44:
3b:eb:3f:9b:98:6a:86:c9:ce:59:af:0f:28:31:c2:27:58:0d:
e9:d2:2b:b3:d4:7a:84:3c:db:93:18:7c:cb:86:0f:74:bc:a5:
f6:48:a8:e2:c0:85:48:07:f4:88:2c:4a:1c:e3:a5:c9:1f:23:
d2:29:a2:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzIgnQRWK9LS1I4Z3WObS9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYWY1YzJlNWVkYzE5NzgzNGQwN2YzNDU5NjJiMDc0NWJl
ZTY2ZDcwHhcNMjMwMTAyMTUzODA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzc0NDVlMTY5NzZhMWY0ZGRlMGUxOTE4NGIxYjI2Y2ExZjUwOTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwssXXhQc122og9R2ByvIndbqu00R
ytMbm1Yq9uaq+Qp1LIp8yxhuu3CwQ/adxDZ6YzcQhtvuzVwVjJkm3AbrgN466lYK
cgjqHqAjxcwK6FkAwrV+JRSQnw7wHBlNH0qKh66lKFvZWvPy5naQvBnEAWB0IGNT
1nwT/xKdsSSCm+OTnXDgp7WwfDWSDnpL37umi9iiwWs9InZtUDBYXcE2eyId53sL
/wWAZCE12mbN09U/koWxLhK7RuJKt1SB32kSjfCIoiZXkEQehnJs9CVn+BJjAjQb
mLUuzECWAcQGv2VBpbuQxSwO1kJLtbepEBZGpwzS/OfjKSRBJ0geDiJ7LQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDx0ReFpdqH03eDhkYSxsmyh9Qk3MB8GA1UdIwQY
MBaAFB6vXC5e3Bl4NNB/NFlisHRb7mbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODIt
NGEzNGMxYmJhYjJiLzEvUEhSRjRXbDJvZlRkNE9HUmhMR3liS0gxQ1RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODItNGEzNGMxYmJhYjJi
LzEvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHyikMA0G
CSqGSIb3DQEBCwUAA4IBAQACyNtqJZqblCs7t3UyXWOrM2Tw1eW/XrpTJxN0ungt
sHN+Kz5llCv5F8zJ/5ynYjDKWk+ELjLIfzDA83TkiM+WxF/kOClYp4Z3fEy5eY1i
jojQawR+zX260aKQOR6bWCbX7SvRHp57WD+KEnlvXDBxca9mnVZwvsCpSkk9zPQL
/a47BKW9y71RYqnKc7Ib1GR2xNn1IY0JRDjTFOrNJ6jopX7mmkrLwRIp9DoWYP7u
iCnQMgh6ufic1455BpG83LmkAXWSYEQ76z+bmGqGyc5Zrw8oMcInWA3p0iuz1HqE
PNuTGHzLhg90vKX2SKjiwIVIB/SILEoc46XJHyPSKaKs
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:21:45 2025 by rpki-client