Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/f6f339-8455-4db4-a650-7f78a3baa7c1/1/o-yPAj33pFXJSUG-1u8NEMsQEsU.roa
File: o-yPAj33pFXJSUG-1u8NEMsQEsU.roa (raw, json)
Hash identifier: hW+R5zlvhvQxslItvkWyBPYLdUm5Xr1QL6kFBYOFLg8=
Subject key identifier: A3:EC:8F:02:3D:F7:A4:55:C9:49:41:BE:D6:EF:0D:10:CB:10:12:C5
Certificate issuer: /CN=2688ef373f8f00e01c25cf924b4f2e8ec6a219d1
Certificate serial: 018570FBDD6D48CB7763858A0E5B3C11074B
Authority key identifier: 26:88:EF:37:3F:8F:00:E0:1C:25:CF:92:4B:4F:2E:8E:C6:A2:19:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JojvNz-PAOAcJc-SS08ujsaiGdE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/f6f339-8455-4db4-a650-7f78a3baa7c1/1/o-yPAj33pFXJSUG-1u8NEMsQEsU.roa
Signing time: Mon 02 Jan 2023 05:37:12 +0000
ROA not before: Mon 02 Jan 2023 05:37:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51906
IP address blocks: 31.204.112.0/20 maxlen: 24
79.171.56.0/21 maxlen: 24
91.106.0.0/20 maxlen: 24
146.66.224.0/21 maxlen: 24
185.2.120.0/22 maxlen: 24
176.241.160.0/20 maxlen: 24
37.130.128.0/20 maxlen: 24
2a00:7380::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:dd:6d:48:cb:77:63:85:8a:0e:5b:3c:11:07:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2688ef373f8f00e01c25cf924b4f2e8ec6a219d1
Validity
Not Before: Jan 2 05:37:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a3ec8f023df7a455c94941bed6ef0d10cb1012c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e5:6c:0a:2a:5f:80:a5:a1:7e:b4:63:21:36:
c8:44:6a:c5:21:75:d7:6e:c1:10:0f:2f:15:c3:3c:
bc:d5:4d:4c:46:8c:8f:59:c1:02:48:db:c8:fe:41:
2f:90:ef:00:c2:81:00:65:da:3a:e0:57:1a:f6:77:
21:e9:f4:aa:3e:29:cf:99:df:99:0d:fc:37:16:13:
ea:ca:81:1c:3e:5b:a0:8d:0a:7e:8e:70:e4:79:49:
8d:35:55:36:09:bb:12:94:c2:a8:4e:78:60:e3:36:
0b:fd:a0:d4:f9:05:f6:95:6e:36:7b:30:9c:bd:33:
c7:c1:fc:eb:c2:b5:eb:5d:ff:e4:34:d5:b5:97:6f:
f6:5d:08:2d:a1:20:81:8a:de:69:3b:64:24:0a:b4:
d8:4d:7f:19:7b:a5:1a:78:1d:75:30:92:19:ae:7a:
19:8e:d1:04:d3:3b:6a:02:a6:37:d6:9d:36:35:aa:
81:c3:2a:9f:45:62:bc:46:39:b8:89:cd:bb:2c:95:
3d:f3:37:76:37:5e:53:e4:6d:86:25:54:52:a5:78:
d2:fc:43:ec:50:12:29:09:11:9d:4c:f8:96:01:d6:
12:52:7d:94:5a:8d:58:e3:a8:72:23:1e:9a:f4:45:
90:58:08:a7:a0:ed:6d:bb:9a:9e:e5:b4:90:9f:26:
d7:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:EC:8F:02:3D:F7:A4:55:C9:49:41:BE:D6:EF:0D:10:CB:10:12:C5
X509v3 Authority Key Identifier:
keyid:26:88:EF:37:3F:8F:00:E0:1C:25:CF:92:4B:4F:2E:8E:C6:A2:19:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JojvNz-PAOAcJc-SS08ujsaiGdE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/f6f339-8455-4db4-a650-7f78a3baa7c1/1/o-yPAj33pFXJSUG-1u8NEMsQEsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/f6f339-8455-4db4-a650-7f78a3baa7c1/1/JojvNz-PAOAcJc-SS08ujsaiGdE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.204.112.0/20
37.130.128.0/20
79.171.56.0/21
91.106.0.0/20
146.66.224.0/21
176.241.160.0/20
185.2.120.0/22
IPv6:
2a00:7380::/32
Signature Algorithm: sha256WithRSAEncryption
5f:2a:8c:0f:d0:84:cb:22:e8:7e:0e:c6:8c:33:97:9c:cc:91:
35:71:a5:2b:d3:2b:0c:57:87:63:eb:cf:08:06:80:95:b5:91:
31:c0:94:ae:a3:41:62:90:6f:95:fe:3a:8f:4d:f0:80:bc:dd:
1c:f8:d6:a3:c6:ad:be:62:86:ad:b9:dc:d1:ee:c4:a2:0b:0b:
ff:e1:1a:2c:91:ad:c4:e6:1c:44:1e:80:37:e5:86:da:18:94:
16:16:e8:b7:46:98:f2:fc:eb:3d:46:ce:bd:97:b5:eb:b5:24:
88:e6:ab:82:74:69:80:d5:2e:da:49:2d:64:41:52:b4:c7:fa:
18:9f:0a:66:b3:f2:cb:c4:80:db:01:ba:50:a0:27:26:4a:40:
3d:04:31:be:cf:96:05:af:12:4b:ad:b4:f8:ec:96:7d:45:e5:
f9:82:71:fd:5b:88:93:6f:3d:ae:68:8f:e5:78:f9:4c:7e:fa:
c7:77:eb:0d:d1:91:f3:57:13:49:2c:42:b8:0b:a4:db:03:24:
66:a8:18:d7:3a:08:a3:e7:3a:e0:a0:e5:a1:28:4e:f5:8f:61:
0c:09:f1:8f:3c:41:d4:5e:d4:09:d9:e5:2f:65:59:be:45:e9:
1f:85:d7:ab:95:36:06:df:bc:b1:c9:78:30:4d:b5:44:ae:af:
48:d2:23:3e
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYVw+91tSMt3Y4WKDls8EQdLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2ODhlZjM3M2Y4ZjAwZTAxYzI1Y2Y5MjRiNGYyZThlYzZh
MjE5ZDEwHhcNMjMwMTAyMDUzNzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2VjOGYwMjNkZjdhNDU1Yzk0OTQxYmVkNmVmMGQxMGNiMTAxMmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOVsCipfgKWhfrRjITbIRGrFIXXX
bsEQDy8Vwzy81U1MRoyPWcECSNvI/kEvkO8AwoEAZdo64Fca9nch6fSqPinPmd+Z
Dfw3FhPqyoEcPlugjQp+jnDkeUmNNVU2CbsSlMKoTnhg4zYL/aDU+QX2lW42ezCc
vTPHwfzrwrXrXf/kNNW1l2/2XQgtoSCBit5pO2QkCrTYTX8Ze6UaeB11MJIZrnoZ
jtEE0ztqAqY31p02NaqBwyqfRWK8Rjm4ic27LJU98zd2N15T5G2GJVRSpXjS/EPs
UBIpCRGdTPiWAdYSUn2UWo1Y46hyIx6a9EWQWAinoO1tu5qe5bSQnybXMQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFKPsjwI996RVyUlBvtbvDRDLEBLFMB8GA1UdIwQY
MBaAFCaI7zc/jwDgHCXPkktPLo7GohnRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm9qdk56LVBBT0FjSmMtU1MwOHVqc2FpR2RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9mNmYzMzktODQ1NS00ZGI0LWE2NTAt
N2Y3OGEzYmFhN2MxLzEvby15UEFqMzNwRlhKU1VHLTF1OE5FTXNRRXNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9mNmYzMzktODQ1NS00ZGI0LWE2NTAtN2Y3OGEzYmFhN2Mx
LzEvSm9qdk56LVBBT0FjSmMtU1MwOHVqc2FpR2RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQEH8xwAwQE
JYKAAwQDT6s4AwQEW2oAAwQDkkLgAwQEsPGgAwQCuQJ4MA0EAgACMAcDBQAqAHOA
MA0GCSqGSIb3DQEBCwUAA4IBAQBfKowP0ITLIuh+DsaMM5eczJE1caUr0ysMV4dj
688IBoCVtZExwJSuo0FikG+V/jqPTfCAvN0c+Najxq2+YoatudzR7sSiCwv/4Ros
ka3E5hxEHoA35YbaGJQWFui3Rpjy/Os9Rs69l7XrtSSI5quCdGmA1S7aSS1kQVK0
x/oYnwpms/LLxIDbAbpQoCcmSkA9BDG+z5YFrxJLrbT47JZ9ReX5gnH9W4iTbz2u
aI/lePlMfvrHd+sN0ZHzVxNJLEK4C6TbAyRmqBjXOgij5zrgoOWhKE71j2EMCfGP
PEHUXtQJ2eUvZVm+RekfhderlTYG37yxyXgwTbVErq9I0iM+
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:52 2025 by rpki-client