Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/12d691-37a4-4b15-a7ea-bd37da0e447c/1/jtIbaqffOvdF1qPRZmsTyNmsAB8.roa
File: jtIbaqffOvdF1qPRZmsTyNmsAB8.roa (raw, json)
Hash identifier: JlFR8i+EufUXh4FyTp2I0hH40xp9b8hAH5zGVywMXxg=
Subject key identifier: 8E:D2:1B:6A:A7:DF:3A:F7:45:D6:A3:D1:66:6B:13:C8:D9:AC:00:1F
Certificate issuer: /CN=fb79c26f31575345159c840ed278a878a9256615
Certificate serial: 4495074E
Authority key identifier: FB:79:C2:6F:31:57:53:45:15:9C:84:0E:D2:78:A8:78:A9:25:66:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-3nCbzFXU0UVnIQO0nioeKklZhU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/12d691-37a4-4b15-a7ea-bd37da0e447c/1/jtIbaqffOvdF1qPRZmsTyNmsAB8.roa
Signing time: Sat 01 Jan 2022 01:58:38 +0000
ROA not before: Sat 01 Jan 2022 01:58:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208685
IP address blocks: 31.3.156.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1150617422 (0x4495074e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb79c26f31575345159c840ed278a878a9256615
Validity
Not Before: Jan 1 01:58:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8ed21b6aa7df3af745d6a3d1666b13c8d9ac001f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:e0:36:93:89:61:e2:27:e9:0d:d9:67:9a:28:
c5:28:da:eb:a9:8f:39:f4:8f:ae:96:06:f1:f6:18:
12:9c:54:7e:a2:06:58:a9:9c:08:ea:31:19:40:30:
e8:23:45:df:cf:6f:58:bc:84:06:17:9c:a0:59:47:
e4:b2:9f:33:8f:29:56:10:18:05:0b:e0:d7:a5:ab:
5f:aa:da:e8:cf:32:f5:57:1d:90:cc:a3:95:04:27:
af:8d:44:d1:b5:46:96:db:66:83:9e:52:01:45:dc:
08:02:f4:f2:28:06:83:93:f8:2c:6c:47:f7:0f:ff:
e2:00:57:d6:0f:ab:19:ec:96:8a:a5:0b:5e:13:19:
8a:98:b7:83:8a:50:50:4b:86:75:bf:6f:20:85:7f:
03:aa:6f:e4:23:ff:36:10:5e:a7:1b:dd:1d:65:85:
8c:17:06:9f:49:c9:15:56:b8:12:ee:17:bf:ac:92:
7c:95:39:82:34:9c:a4:a5:a3:c8:52:36:43:79:9c:
24:22:e9:30:74:7f:ec:44:cc:6b:bb:ef:68:a5:80:
14:67:ee:2f:62:2c:8f:34:0a:81:e0:2e:2c:74:72:
38:0f:b3:08:4d:99:e0:e4:3f:1b:29:f6:80:c6:18:
4a:68:f9:bb:37:0d:13:5d:bb:56:9a:99:79:2f:87:
17:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:D2:1B:6A:A7:DF:3A:F7:45:D6:A3:D1:66:6B:13:C8:D9:AC:00:1F
X509v3 Authority Key Identifier:
keyid:FB:79:C2:6F:31:57:53:45:15:9C:84:0E:D2:78:A8:78:A9:25:66:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-3nCbzFXU0UVnIQO0nioeKklZhU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/12d691-37a4-4b15-a7ea-bd37da0e447c/1/jtIbaqffOvdF1qPRZmsTyNmsAB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/12d691-37a4-4b15-a7ea-bd37da0e447c/1/1-3nCbzFXU0UVnIQO0nioeKklZhU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.156.0/24
Signature Algorithm: sha256WithRSAEncryption
14:a7:a7:46:9a:ad:24:e6:bf:54:43:2d:52:3c:5c:5a:42:6e:
cc:13:f6:64:35:31:43:5a:08:70:b9:c9:0b:aa:ba:f5:78:3a:
20:66:58:06:e2:fc:72:bb:6d:b1:9f:93:f9:9f:e5:d8:a0:7e:
8f:35:18:81:28:af:44:1b:c1:55:a6:5a:72:04:91:3d:ca:81:
c9:5d:6f:55:28:7a:29:11:d2:5e:36:b7:15:e6:d5:c5:55:8d:
09:9a:05:c1:17:1a:ba:98:28:ae:6b:ca:7c:8f:1b:82:f6:c9:
fa:78:e9:bd:a5:21:28:26:b7:38:34:96:a1:9f:02:cf:47:28:
75:07:21:fe:98:15:ed:45:39:0e:3c:71:e7:b8:fe:9a:07:62:
54:94:b2:90:3c:36:36:1a:ec:28:f6:43:ce:fa:4e:36:f8:e9:
d8:8d:aa:75:7c:de:28:2c:49:b4:fd:0b:99:d2:bb:47:81:b7:
b2:b9:6d:ba:31:88:50:6b:85:14:a9:0d:73:90:a2:f0:c3:56:
48:80:51:a6:ca:11:d6:21:b0:08:8e:a8:bf:57:6f:c8:4e:ce:
80:d3:95:89:b7:0f:d1:c5:e6:1d:1d:aa:40:81:61:9d:fc:7c:
59:ce:e1:d6:0e:14:bf:5d:bb:3a:b0:82:94:58:0d:ce:ec:fb:
43:7c:a1:73
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIERJUHTjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
Yjc5YzI2ZjMxNTc1MzQ1MTU5Yzg0MGVkMjc4YTg3OGE5MjU2NjE1MB4XDTIyMDEw
MTAxNTgzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGVkMjFiNmFhN2Rm
M2FmNzQ1ZDZhM2QxNjY2YjEzYzhkOWFjMDAxZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOrgNpOJYeIn6Q3ZZ5ooxSja66mPOfSPrpYG8fYYEpxUfqIG
WKmcCOoxGUAw6CNF389vWLyEBhecoFlH5LKfM48pVhAYBQvg16WrX6ra6M8y9Vcd
kMyjlQQnr41E0bVGlttmg55SAUXcCAL08igGg5P4LGxH9w//4gBX1g+rGeyWiqUL
XhMZipi3g4pQUEuGdb9vIIV/A6pv5CP/NhBepxvdHWWFjBcGn0nJFVa4Eu4Xv6yS
fJU5gjScpKWjyFI2Q3mcJCLpMHR/7ETMa7vvaKWAFGfuL2IsjzQKgeAuLHRyOA+z
CE2Z4OQ/Gyn2gMYYSmj5uzcNE127VpqZeS+HF+MCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBSO0htqp98690XWo9FmaxPI2awAHzAfBgNVHSMEGDAWgBT7ecJvMVdTRRWc
hA7SeKh4qSVmFTAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtM25DYnpGWFUwVVZuSVFPMG5pb2VLa2xaaFUuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzgwLzEyZDY5MS0zN2E0LTRiMTUtYTdlYS1iZDM3ZGEwZTQ0N2Mv
MS9qdEliYXFmZk92ZEYxcVBSWm1zVHlObXNBQjgucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzgw
LzEyZDY5MS0zN2E0LTRiMTUtYTdlYS1iZDM3ZGEwZTQ0N2MvMS8xLTNuQ2J6RlhV
MFVWbklRTzBuaW9lS2tsWmhVLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHwOcMA0GCSqGSIb3DQEBCwUA
A4IBAQAUp6dGmq0k5r9UQy1SPFxaQm7ME/ZkNTFDWghwuckLqrr1eDogZlgG4vxy
u22xn5P5n+XYoH6PNRiBKK9EG8FVplpyBJE9yoHJXW9VKHopEdJeNrcV5tXFVY0J
mgXBFxq6mCiua8p8jxuC9sn6eOm9pSEoJrc4NJahnwLPRyh1ByH+mBXtRTkOPHHn
uP6aB2JUlLKQPDY2Guwo9kPO+k42+OnYjap1fN4oLEm0/QuZ0rtHgbeyuW26MYhQ
a4UUqQ1zkKLww1ZIgFGmyhHWIbAIjqi/V2/ITs6A05WJtw/RxeYdHapAgWGd/HxZ
zuHWDhS/Xbs6sIKUWA3O7PtDfKFz
-----END CERTIFICATE-----
Generated at Wed Apr 16 09:00:57 2025 by rpki-client