Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/776747-624a-494e-94b2-323d34defc8a/1/PBQITHfj4SEe_n6p9GNA0Jr-DYI.roa
File: PBQITHfj4SEe_n6p9GNA0Jr-DYI.roa (raw, json)
Hash identifier: 0MO80JkNiLWhAbLhMNSqpbOa8SaNyhWlhFn/kn9G8p4=
Subject key identifier: 3C:14:08:4C:77:E3:E1:21:1E:FE:7E:A9:F4:63:40:D0:9A:FE:0D:82
Certificate issuer: /CN=e87ce7df23140c0005125a61aad721531e681f0e
Certificate serial: 01856E2676318C0DC0C536D82DB6D51228D8
Authority key identifier: E8:7C:E7:DF:23:14:0C:00:05:12:5A:61:AA:D7:21:53:1E:68:1F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6Hzn3yMUDAAFElphqtchUx5oHw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/776747-624a-494e-94b2-323d34defc8a/1/PBQITHfj4SEe_n6p9GNA0Jr-DYI.roa
Signing time: Sun 01 Jan 2023 16:24:52 +0000
ROA not before: Sun 01 Jan 2023 16:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203698
IP address blocks: 31.14.68.0/22 maxlen: 22
185.126.228.0/22 maxlen: 22
2a06:c480::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:26:76:31:8c:0d:c0:c5:36:d8:2d:b6:d5:12:28:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e87ce7df23140c0005125a61aad721531e681f0e
Validity
Not Before: Jan 1 16:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c14084c77e3e1211efe7ea9f46340d09afe0d82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:10:bf:cf:2e:ea:a7:0d:ac:20:6b:74:13:6a:
13:1a:0c:f7:6b:0f:3f:e2:05:79:ce:24:28:ff:61:
e6:9a:5e:cf:ac:d7:40:2f:a3:e7:09:3d:80:9d:52:
96:5f:18:d7:29:96:58:b8:e8:53:41:24:4f:4b:e1:
2e:6e:1f:93:38:9d:de:07:9e:87:bb:b8:21:32:99:
11:1e:eb:d6:66:1c:a7:39:f0:25:f6:98:bc:69:74:
42:9c:3b:63:fd:58:7f:48:80:41:0f:6c:b2:72:a7:
65:1f:7b:1b:03:25:e3:ea:6e:cf:b0:bc:42:8e:9c:
b9:98:21:fa:a4:68:51:a5:61:57:c9:13:c9:4a:b5:
24:36:32:2f:9c:15:80:aa:e5:c7:8c:b3:db:1e:90:
c4:10:64:eb:82:b4:f1:5f:4a:5d:7b:03:da:b7:21:
41:9c:b6:9d:fa:21:e4:38:8f:02:f8:54:e6:de:ad:
b4:7b:ce:cd:6f:df:1c:2e:f4:de:eb:53:13:9e:5b:
da:a5:a6:a9:a4:6c:d2:a4:14:a6:6b:ab:8e:53:20:
be:7c:98:47:97:57:90:a7:f8:43:bb:54:37:6c:b9:
14:da:46:29:e5:80:bc:5b:9f:07:79:02:ad:4d:23:
ce:c9:b6:8b:78:25:e7:a1:91:1f:7d:18:18:04:e6:
5f:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:14:08:4C:77:E3:E1:21:1E:FE:7E:A9:F4:63:40:D0:9A:FE:0D:82
X509v3 Authority Key Identifier:
keyid:E8:7C:E7:DF:23:14:0C:00:05:12:5A:61:AA:D7:21:53:1E:68:1F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6Hzn3yMUDAAFElphqtchUx5oHw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/776747-624a-494e-94b2-323d34defc8a/1/PBQITHfj4SEe_n6p9GNA0Jr-DYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/776747-624a-494e-94b2-323d34defc8a/1/6Hzn3yMUDAAFElphqtchUx5oHw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.68.0/22
185.126.228.0/22
IPv6:
2a06:c480::/29
Signature Algorithm: sha256WithRSAEncryption
77:9a:a5:f5:69:aa:d0:ad:3b:27:2b:bb:04:2d:d7:40:3b:b7:
f5:e4:19:26:e1:5c:3b:ee:5b:a6:fa:f1:d7:41:7f:a2:d9:29:
2d:26:b1:f4:07:48:37:fa:c6:ab:e4:52:6b:26:19:6a:9f:ce:
16:5c:6a:5a:e0:1f:58:47:e3:16:80:b0:19:c7:51:73:c5:be:
99:42:90:08:45:73:03:69:db:82:9e:0d:74:b6:1e:49:f3:75:
15:27:f9:e1:cf:9d:05:3b:a6:46:02:ab:6d:30:62:76:36:c4:
62:38:1f:ee:e0:87:72:93:ae:bf:d0:ff:64:f3:2c:23:b7:dc:
60:c8:a9:af:31:98:84:12:71:9a:b9:61:01:7e:f6:9e:0e:e9:
44:d0:67:65:d4:fa:d2:ba:ea:f8:33:00:e8:0e:59:51:62:43:
23:22:03:ad:9f:0d:ab:43:b2:11:91:b7:65:25:15:74:63:d3:
ea:9f:84:4e:45:51:9a:84:43:04:1c:4c:3c:28:7c:b8:58:fd:
53:75:d8:ae:c4:8d:31:40:bf:00:87:73:f7:b1:ad:d0:8a:d6:
13:75:19:c0:94:32:fc:3d:f6:ee:fc:5c:2c:c8:05:7d:11:b8:
8c:6e:4c:ef:f8:55:de:32:e5:e1:47:19:25:d3:60:15:64:44:
40:a2:4d:a7
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVuJnYxjA3AxTbYLbbVEijYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4N2NlN2RmMjMxNDBjMDAwNTEyNWE2MWFhZDcyMTUzMWU2
ODFmMGUwHhcNMjMwMTAxMTYyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzE0MDg0Yzc3ZTNlMTIxMWVmZTdlYTlmNDYzNDBkMDlhZmUwZDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhBC/zy7qpw2sIGt0E2oTGgz3aw8/
4gV5ziQo/2Hmml7PrNdAL6PnCT2AnVKWXxjXKZZYuOhTQSRPS+Eubh+TOJ3eB56H
u7ghMpkRHuvWZhynOfAl9pi8aXRCnDtj/Vh/SIBBD2yycqdlH3sbAyXj6m7PsLxC
jpy5mCH6pGhRpWFXyRPJSrUkNjIvnBWAquXHjLPbHpDEEGTrgrTxX0pdewPatyFB
nLad+iHkOI8C+FTm3q20e87Nb98cLvTe61MTnlvapaappGzSpBSma6uOUyC+fJhH
l1eQp/hDu1Q3bLkU2kYp5YC8W58HeQKtTSPOybaLeCXnoZEffRgYBOZfMQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDwUCEx34+EhHv5+qfRjQNCa/g2CMB8GA1UdIwQY
MBaAFOh8598jFAwABRJaYarXIVMeaB8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkh6bjN5TVVEQUFGRWxwaHF0Y2hVeDVvSHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC83NzY3NDctNjI0YS00OTRlLTk0YjIt
MzIzZDM0ZGVmYzhhLzEvUEJRSVRIZmo0U0VlX242cDlHTkEwSnItRFlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC83NzY3NDctNjI0YS00OTRlLTk0YjItMzIzZDM0ZGVmYzhh
LzEvNkh6bjN5TVVEQUFGRWxwaHF0Y2hVeDVvSHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCHw5EAwQC
uX7kMA0EAgACMAcDBQMqBsSAMA0GCSqGSIb3DQEBCwUAA4IBAQB3mqX1aarQrTsn
K7sELddAO7f15Bkm4Vw77lum+vHXQX+i2SktJrH0B0g3+sar5FJrJhlqn84WXGpa
4B9YR+MWgLAZx1Fzxb6ZQpAIRXMDaduCng10th5J83UVJ/nhz50FO6ZGAqttMGJ2
NsRiOB/u4Idyk66/0P9k8ywjt9xgyKmvMZiEEnGauWEBfvaeDulE0Gdl1PrSuur4
MwDoDllRYkMjIgOtnw2rQ7IRkbdlJRV0Y9Pqn4RORVGahEMEHEw8KHy4WP1Tddiu
xI0xQL8Ah3P3sa3QitYTdRnAlDL8Pfbu/FwsyAV9EbiMbkzv+FXeMuXhRxkl02AV
ZERAok2n
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:15:23 2025 by rpki-client