Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/tDae-PGPeCfW9ic1MXdRSHaIYRA.roa
File: tDae-PGPeCfW9ic1MXdRSHaIYRA.roa (raw, json)
Hash identifier: +1tj3nJLBiziiyUCeTnhNsEpNordYdlhLqv2nRYVDBc=
Subject key identifier: B4:36:9E:F8:F1:8F:78:27:D6:F6:27:35:31:77:51:48:76:88:61:10
Certificate issuer: /CN=8fe02b7eedffc38ab5eab4416172e7d88e9ad1e2
Certificate serial: 0183AD8BA35CBE342D8F9E04FEF916533209
Authority key identifier: 8F:E0:2B:7E:ED:FF:C3:8A:B5:EA:B4:41:61:72:E7:D8:8E:9A:D1:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j-Arfu3_w4q16rRBYXLn2I6a0eI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/tDae-PGPeCfW9ic1MXdRSHaIYRA.roa
Signing time: Thu 06 Oct 2022 13:45:53 +0000
ROA not before: Thu 06 Oct 2022 13:45:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 31.40.4.0/24 maxlen: 24
31.40.5.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ad:8b:a3:5c:be:34:2d:8f:9e:04:fe:f9:16:53:32:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8fe02b7eedffc38ab5eab4416172e7d88e9ad1e2
Validity
Not Before: Oct 6 13:45:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b4369ef8f18f7827d6f627353177514876886110
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:11:64:54:cd:cb:40:26:24:9f:99:eb:20:fe:
4f:4f:ba:f5:13:e7:0f:68:85:3c:88:c9:26:9b:12:
b2:91:7d:3b:1d:0f:8c:19:6b:f3:bd:e7:ba:4e:57:
18:ae:c6:8f:1c:62:67:59:fa:0d:f8:64:f6:d5:42:
85:04:e8:95:58:47:06:9e:f8:a5:3b:d1:6a:55:5c:
11:3e:cb:30:35:b5:b1:b8:6e:ad:08:3a:07:ce:b9:
ea:11:2e:ff:d6:70:aa:ff:3e:59:9b:fe:b7:f0:5d:
ce:09:ce:31:0e:b8:aa:12:56:d3:3c:ac:7a:96:5d:
cf:68:dd:56:46:7a:7d:29:8f:b1:0e:59:94:a4:82:
25:4c:36:c9:ec:38:1a:05:6e:38:00:e3:6f:6b:fe:
18:48:23:ca:bd:14:19:1e:c0:7d:44:cc:9e:7c:5f:
49:ad:32:ac:45:fe:03:e1:5a:7a:46:f5:86:38:14:
63:b2:2f:cb:99:5e:3f:82:31:f4:cc:8c:55:d8:5b:
da:08:90:e1:34:84:17:65:29:aa:df:50:22:f2:a2:
d9:8d:7b:14:37:ee:1b:9c:51:68:a2:87:b0:87:e0:
a8:3e:56:70:90:0e:5b:6f:88:e4:50:2c:5b:39:72:
77:fd:1c:98:c6:9d:eb:31:cc:65:31:5c:49:b5:d2:
8a:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:36:9E:F8:F1:8F:78:27:D6:F6:27:35:31:77:51:48:76:88:61:10
X509v3 Authority Key Identifier:
keyid:8F:E0:2B:7E:ED:FF:C3:8A:B5:EA:B4:41:61:72:E7:D8:8E:9A:D1:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j-Arfu3_w4q16rRBYXLn2I6a0eI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/tDae-PGPeCfW9ic1MXdRSHaIYRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/j-Arfu3_w4q16rRBYXLn2I6a0eI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.4.0/23
Signature Algorithm: sha256WithRSAEncryption
ad:4d:1a:b0:1b:01:c0:87:2c:bc:7c:83:a6:79:81:9e:09:31:
2c:70:fc:9a:a9:ee:a0:4b:5b:2c:18:9c:5f:e4:f5:9a:48:37:
45:f0:c0:5e:b2:32:83:12:bd:63:04:08:48:ed:be:51:f9:51:
7d:d2:93:4e:47:84:58:83:a6:3e:97:2c:03:59:8f:e6:a5:a1:
bc:09:6c:91:81:f6:80:f7:d3:ca:08:38:e6:ed:c9:4d:f9:ac:
34:2b:31:86:c9:61:dc:a1:be:b7:e3:98:a9:89:6c:32:e9:ef:
95:43:3c:6a:5c:a3:55:d0:8d:bc:6e:6b:43:2f:96:fa:80:72:
af:72:3b:90:f9:02:68:52:be:be:e0:63:f8:56:59:f4:e8:f2:
52:b9:1c:b7:8a:8b:b2:36:54:cf:78:24:24:46:9f:13:47:e2:
38:d7:61:09:e6:f8:c5:f6:25:28:89:65:39:be:53:53:df:e4:
68:b1:45:1f:ef:f3:42:2d:ac:5a:b0:a7:57:ee:71:6d:47:1c:
56:b6:fe:c2:f7:e2:b2:ce:7a:ae:5a:b0:73:1d:8b:71:6c:f7:
6b:32:89:b1:09:ca:51:08:34:38:a0:dc:53:0c:bf:bc:2e:a2:
bb:79:c2:11:8f:60:cc:7f:ee:97:14:02:c1:11:7e:bc:9d:fc:
b2:05:91:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYOti6NcvjQtj54E/vkWUzIJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmZTAyYjdlZWRmZmMzOGFiNWVhYjQ0MTYxNzJlN2Q4OGU5
YWQxZTIwHhcNMjIxMDA2MTM0NTUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDM2OWVmOGYxOGY3ODI3ZDZmNjI3MzUzMTc3NTE0ODc2ODg2MTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxFkVM3LQCYkn5nrIP5PT7r1E+cP
aIU8iMkmmxKykX07HQ+MGWvzvee6TlcYrsaPHGJnWfoN+GT21UKFBOiVWEcGnvil
O9FqVVwRPsswNbWxuG6tCDoHzrnqES7/1nCq/z5Zm/638F3OCc4xDriqElbTPKx6
ll3PaN1WRnp9KY+xDlmUpIIlTDbJ7DgaBW44AONva/4YSCPKvRQZHsB9RMyefF9J
rTKsRf4D4Vp6RvWGOBRjsi/LmV4/gjH0zIxV2FvaCJDhNIQXZSmq31Ai8qLZjXsU
N+4bnFFoooewh+CoPlZwkA5bb4jkUCxbOXJ3/RyYxp3rMcxlMVxJtdKKjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLQ2nvjxj3gn1vYnNTF3UUh2iGEQMB8GA1UdIwQY
MBaAFI/gK37t/8OKteq0QWFy59iOmtHiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvai1BcmZ1M193NHExNnJSQllYTG4ySTZhMGVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9kMmMyMzUtYTFmNS00OTg0LWFhZGYt
NTE0NmYxM2I3MWExLzEvdERhZS1QR1BlQ2ZXOWljMU1YZFJTSGFJWVJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9kMmMyMzUtYTFmNS00OTg0LWFhZGYtNTE0NmYxM2I3MWEx
LzEvai1BcmZ1M193NHExNnJSQllYTG4ySTZhMGVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBHygEMA0G
CSqGSIb3DQEBCwUAA4IBAQCtTRqwGwHAhyy8fIOmeYGeCTEscPyaqe6gS1ssGJxf
5PWaSDdF8MBesjKDEr1jBAhI7b5R+VF90pNOR4RYg6Y+lywDWY/mpaG8CWyRgfaA
99PKCDjm7clN+aw0KzGGyWHcob6345ipiWwy6e+VQzxqXKNV0I28bmtDL5b6gHKv
cjuQ+QJoUr6+4GP4Vln06PJSuRy3iouyNlTPeCQkRp8TR+I412EJ5vjF9iUoiWU5
vlNT3+RosUUf7/NCLaxasKdX7nFtRxxWtv7C9+KyznquWrBzHYtxbPdrMomxCcpR
CDQ4oNxTDL+8LqK7ecIRj2DMf+6XFALBEX68nfyyBZGD
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:23:39 2025 by rpki-client