Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/e1nX9UwQCF2zSTFAX0QZsc1YNW0.roa
File: e1nX9UwQCF2zSTFAX0QZsc1YNW0.roa (raw, json)
Hash identifier: omqNqfNPNRjp9BbB36qH0C8+91W5pXHNWh8gPVTevUU=
Subject key identifier: 7B:59:D7:F5:4C:10:08:5D:B3:49:31:40:5F:44:19:B1:CD:58:35:6D
Certificate issuer: /CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Certificate serial: 0185732213FDEB3F4891BF155A945CB8CFB1
Authority key identifier: 1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/e1nX9UwQCF2zSTFAX0QZsc1YNW0.roa
Signing time: Mon 02 Jan 2023 15:38:11 +0000
ROA not before: Mon 02 Jan 2023 15:38:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213191
IP address blocks: 31.40.160.0/23 maxlen: 23
31.40.168.0/22 maxlen: 22
31.40.174.0/23 maxlen: 23
31.40.176.0/23 maxlen: 23
31.40.180.0/22 maxlen: 22
31.40.184.0/22 maxlen: 22
91.214.80.0/24 maxlen: 24
31.40.131.0/24 maxlen: 24
31.40.139.0/24 maxlen: 24
31.40.141.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:22:13:fd:eb:3f:48:91:bf:15:5a:94:5c:b8:cf:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Validity
Not Before: Jan 2 15:38:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7b59d7f54c10085db34931405f4419b1cd58356d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a4:00:d7:40:05:0e:d1:4c:a1:66:68:9a:64:
40:7b:40:10:10:4e:d4:d3:a6:65:64:38:43:af:76:
51:f1:db:09:5d:84:8d:1b:53:e4:29:ba:c8:49:92:
82:d5:d8:ca:8e:da:16:c0:84:37:c7:4a:f8:28:53:
7c:7e:b6:26:9e:8c:75:69:ad:86:a6:7a:40:ef:59:
3f:53:39:3b:16:83:63:13:fe:e7:f9:83:85:dd:57:
de:23:2b:37:0e:6c:9d:ad:c5:6e:0b:8f:50:95:38:
3f:b4:90:f4:ce:5e:d4:0e:5b:47:99:bf:c1:dc:71:
e9:0a:e4:10:5d:66:c6:45:43:ab:6d:ee:cd:d3:07:
0b:59:02:c4:3d:70:01:6a:01:d0:17:c1:0a:60:2a:
dc:f0:39:5d:18:74:c0:c1:e6:c1:ea:b0:f9:c1:b8:
bf:6b:5c:af:03:5d:0f:f9:be:8d:f4:93:cf:6f:d3:
3d:2f:78:35:ed:13:6e:c9:54:3c:46:f3:75:d3:33:
0b:cd:ca:0b:87:b0:a6:15:ff:d2:e1:ad:fe:2f:fd:
aa:62:01:7a:f3:8a:00:bd:0f:e4:98:8a:be:8b:91:
a1:b4:4b:6c:d6:58:65:e5:c8:4a:b0:a8:a1:82:d1:
c8:f7:dd:56:9b:1e:72:ec:f3:37:56:05:13:de:7a:
2d:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:59:D7:F5:4C:10:08:5D:B3:49:31:40:5F:44:19:B1:CD:58:35:6D
X509v3 Authority Key Identifier:
keyid:1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/e1nX9UwQCF2zSTFAX0QZsc1YNW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/Hq9cLl7cGXg00H80WWKwdFvuZtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.131.0/24
31.40.139.0/24
31.40.141.0/24
31.40.160.0/23
31.40.168.0/22
31.40.174.0-31.40.177.255
31.40.180.0-31.40.187.255
91.214.80.0/24
Signature Algorithm: sha256WithRSAEncryption
93:5c:a8:6b:47:86:a4:26:be:ec:bc:b4:18:74:89:89:c9:69:
47:14:23:7c:c5:0e:de:5e:49:1a:64:12:f2:89:24:67:c2:f6:
86:55:24:3e:bf:43:41:b0:60:d3:2a:cb:f9:0c:02:fa:27:a6:
43:d5:0f:3a:42:f5:82:77:5b:6b:7d:82:52:73:e1:e9:96:db:
ba:59:1e:be:66:ac:15:bc:87:4e:93:0c:2c:e0:dc:c0:b5:bf:
f4:f4:5e:39:39:d0:4e:db:1a:03:42:33:77:11:28:02:44:d4:
ca:57:5d:62:4a:5d:29:fa:7b:7d:8e:0f:65:90:7c:67:b8:03:
76:58:39:a7:1d:5c:45:bd:b3:55:b0:4c:45:14:ae:0f:04:fd:
89:49:23:fe:32:59:df:9d:b8:26:37:74:97:a6:39:4a:a9:84:
2b:38:df:ad:14:70:9c:e1:41:c7:27:81:a0:fe:86:67:c4:01:
8c:fc:9e:bb:62:51:f4:92:ef:99:1b:6f:6a:fb:7d:3a:2c:25:
a5:c5:69:fb:a7:12:9f:8a:96:0f:03:c2:24:52:a3:d3:a6:76:
9a:a1:89:0d:02:2a:4f:25:4f:3a:23:56:33:78:55:ea:07:cd:
34:d2:1a:1f:74:d6:4c:aa:54:d0:a8:16:67:da:af:fb:ff:d7:
bf:39:bb:f0
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYVzIhP96z9Ikb8VWpRcuM+xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYWY1YzJlNWVkYzE5NzgzNGQwN2YzNDU5NjJiMDc0NWJl
ZTY2ZDcwHhcNMjMwMTAyMTUzODExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjU5ZDdmNTRjMTAwODVkYjM0OTMxNDA1ZjQ0MTliMWNkNTgzNTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKQA10AFDtFMoWZommRAe0AQEE7U
06ZlZDhDr3ZR8dsJXYSNG1PkKbrISZKC1djKjtoWwIQ3x0r4KFN8frYmnox1aa2G
pnpA71k/Uzk7FoNjE/7n+YOF3VfeIys3DmydrcVuC49QlTg/tJD0zl7UDltHmb/B
3HHpCuQQXWbGRUOrbe7N0wcLWQLEPXABagHQF8EKYCrc8DldGHTAwebB6rD5wbi/
a1yvA10P+b6N9JPPb9M9L3g17RNuyVQ8RvN10zMLzcoLh7CmFf/S4a3+L/2qYgF6
84oAvQ/kmIq+i5GhtEts1lhl5chKsKihgtHI991Wmx5y7PM3VgUT3notQwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFHtZ1/VMEAhds0kxQF9EGbHNWDVtMB8GA1UdIwQY
MBaAFB6vXC5e3Bl4NNB/NFlisHRb7mbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODIt
NGEzNGMxYmJhYjJiLzEvZTFuWDlVd1FDRjJ6U1RGQVgwUVpzYzFZTlcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODItNGEzNGMxYmJhYjJi
LzEvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQAHyiDAwQA
HyiLAwQAHyiNAwQBHyigAwQCHyioMAwDBAEfKK4DBAEfKLAwDAMEAh8otAMEAh8o
uAMEAFvWUDANBgkqhkiG9w0BAQsFAAOCAQEAk1yoa0eGpCa+7Ly0GHSJiclpRxQj
fMUO3l5JGmQS8okkZ8L2hlUkPr9DQbBg0yrL+QwC+iemQ9UPOkL1gndba32CUnPh
6ZbbulkevmasFbyHTpMMLODcwLW/9PReOTnQTtsaA0IzdxEoAkTUylddYkpdKfp7
fY4PZZB8Z7gDdlg5px1cRb2zVbBMRRSuDwT9iUkj/jJZ3524Jjd0l6Y5SqmEKzjf
rRRwnOFBxyeBoP6GZ8QBjPyeu2JR9JLvmRtvavt9OiwlpcVp+6cSn4qWDwPCJFKj
06Z2mqGJDQIqTyVPOiNWM3hV6gfNNNIaH3TWTKpU0KgWZ9qv+//Xvzm78A==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:52 2025 by rpki-client