Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/qUAGDxVt6eQEEbHnf_aBoA89tH8.roa
File: qUAGDxVt6eQEEbHnf_aBoA89tH8.roa (raw, json)
Hash identifier: wrddEQuWCc9h2GKfnbSqOAgX5u1ZkANc1NWKoVa33O4=
Subject key identifier: A9:40:06:0F:15:6D:E9:E4:04:11:B1:E7:7F:F6:81:A0:0F:3D:B4:7F
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 01856FD53414A69AF6AC5EC8BD43FD6191A2
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/qUAGDxVt6eQEEbHnf_aBoA89tH8.roa
Signing time: Mon 02 Jan 2023 00:15:21 +0000
ROA not before: Mon 02 Jan 2023 00:15:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57098
IP address blocks: 31.14.18.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:34:14:a6:9a:f6:ac:5e:c8:bd:43:fd:61:91:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 2 00:15:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a940060f156de9e40411b1e77ff681a00f3db47f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:32:6f:b2:db:5c:58:0a:5e:2c:b7:2a:4c:c9:
2a:91:d4:9f:ef:5d:9c:71:0d:83:9e:a2:a4:3a:99:
b6:9d:9e:b3:e6:01:e9:da:3f:48:df:87:c7:e1:9e:
a3:cc:16:0e:aa:4b:b7:77:c8:1c:97:69:8a:c3:93:
b4:01:72:3c:5b:00:14:5d:f9:7d:92:09:1b:cc:74:
04:3c:8c:88:e6:6d:23:10:d0:10:21:e8:40:ca:12:
e7:05:bd:f4:d7:44:d4:18:d3:f3:5c:b9:d3:99:2b:
18:94:b8:51:ce:ba:07:be:20:84:2e:a6:79:82:ec:
e3:e4:74:f6:e4:aa:c2:6e:f0:b1:e8:aa:69:b9:fb:
5f:00:d1:d1:1c:7f:30:36:9d:52:95:7e:85:9c:9f:
bc:40:0d:9e:17:fb:77:96:b1:9d:69:25:55:a1:db:
23:93:11:0f:fb:ff:6e:01:f6:10:27:9d:e1:2d:82:
16:b3:a4:7c:e2:e6:89:8b:60:ab:2d:14:ca:fa:64:
29:10:8a:f2:74:f5:2c:94:eb:e1:e5:53:f3:be:70:
65:01:ec:50:25:58:57:c1:6c:f7:8f:d2:64:8c:9b:
7a:38:43:25:2e:55:91:d7:52:fe:4b:0c:e3:ae:6a:
0e:00:e8:3f:c3:c2:55:00:55:3a:41:92:9f:30:3b:
57:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:40:06:0F:15:6D:E9:E4:04:11:B1:E7:7F:F6:81:A0:0F:3D:B4:7F
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/qUAGDxVt6eQEEbHnf_aBoA89tH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.18.0/24
Signature Algorithm: sha256WithRSAEncryption
c8:73:b7:4d:02:4c:fa:27:ff:89:18:b9:df:62:3e:d7:9a:c5:
f1:f6:2a:05:57:94:73:d2:12:60:3f:66:d0:7e:a4:dd:9e:6e:
8f:61:83:7f:34:7a:9f:9b:36:b8:35:45:bb:ef:73:e0:ca:7d:
0f:d6:1f:58:bc:2f:45:3c:ba:89:b3:23:b9:77:ba:12:18:08:
6b:a4:a5:74:ba:3d:c0:2d:db:68:6e:30:05:98:e7:24:fc:35:
bd:e7:d4:6c:9e:fe:f8:98:30:ea:49:f9:f9:00:bf:22:c2:34:
84:3f:2f:bc:32:e8:fe:8b:d3:9f:7f:bc:fe:bb:18:f2:7c:c5:
e6:47:0d:cc:71:16:24:f7:e2:57:b3:4e:00:ba:94:0e:17:be:
09:4f:07:53:35:3c:fc:2c:dc:0a:00:2f:2f:4a:b0:8e:c9:b5:
d5:2b:f2:37:17:40:a1:51:b7:66:9d:54:3c:81:f7:1d:ae:aa:
11:9a:e1:fd:ea:31:13:14:90:49:30:7a:15:59:24:0f:f5:47:
32:47:eb:a3:a4:bd:6b:2b:2d:fe:de:17:5a:fc:ef:c2:ce:69:
b9:24:6d:e3:a9:8b:ca:7d:de:9c:49:c4:a1:f9:e6:ee:76:e8:
50:e3:10:74:98:84:49:1b:c0:4e:4e:00:f7:5f:71:0f:2b:19:
a5:60:fe:b9
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVv1TQUppr2rF7IvUP9YZGiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjMwMTAyMDAxNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTQwMDYwZjE1NmRlOWU0MDQxMWIxZTc3ZmY2ODFhMDBmM2RiNDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjJvsttcWApeLLcqTMkqkdSf712c
cQ2DnqKkOpm2nZ6z5gHp2j9I34fH4Z6jzBYOqku3d8gcl2mKw5O0AXI8WwAUXfl9
kgkbzHQEPIyI5m0jENAQIehAyhLnBb3010TUGNPzXLnTmSsYlLhRzroHviCELqZ5
guzj5HT25KrCbvCx6KppuftfANHRHH8wNp1SlX6FnJ+8QA2eF/t3lrGdaSVVodsj
kxEP+/9uAfYQJ53hLYIWs6R84uaJi2CrLRTK+mQpEIrydPUslOvh5VPzvnBlAexQ
JVhXwWz3j9JkjJt6OEMlLlWR11L+SwzjrmoOAOg/w8JVAFU6QZKfMDtXJQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFKlABg8VbenkBBGx53/2gaAPPbR/MB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL3FVQUdEeFZ0NmVRRUViSG5mX2FCb0E4OXRIOC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAfDhIw
DQYJKoZIhvcNAQELBQADggEBAMhzt00CTPon/4kYud9iPteaxfH2KgVXlHPSEmA/
ZtB+pN2ebo9hg380ep+bNrg1Rbvvc+DKfQ/WH1i8L0U8uomzI7l3uhIYCGukpXS6
PcAt22huMAWY5yT8Nb3n1Gye/viYMOpJ+fkAvyLCNIQ/L7wy6P6L059/vP67GPJ8
xeZHDcxxFiT34lezTgC6lA4XvglPB1M1PPws3AoALy9KsI7JtdUr8jcXQKFRt2ad
VDyB9x2uqhGa4f3qMRMUkEkwehVZJA/1RzJH66OkvWsrLf7eF1r878LOabkkbeOp
i8p93pxJxKH55u526FDjEHSYhEkbwE5OAPdfcQ8rGaVg/rk=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:44:54 2025 by rpki-client