Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/5d15a8-22a7-401b-8c5e-075f24e4be71/1/R_0dZua5ejexqwYRPthk_qsovLk.roa
File: R_0dZua5ejexqwYRPthk_qsovLk.roa (raw, json)
Hash identifier: Ypbals4TdVlH5px3TKX7XepApKT3BOp1kejRz6q1C54=
Subject key identifier: 47:FD:1D:66:E6:B9:7A:37:B1:AB:06:11:3E:D8:64:FE:AB:28:BC:B9
Certificate issuer: /CN=0ef81d9e89e2c471321d967f7092094dadfe2aa8
Certificate serial: 02385B
Authority key identifier: 0E:F8:1D:9E:89:E2:C4:71:32:1D:96:7F:70:92:09:4D:AD:FE:2A:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DvgdnonixHEyHZZ_cJIJTa3-Kqg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/5d15a8-22a7-401b-8c5e-075f24e4be71/1/R_0dZua5ejexqwYRPthk_qsovLk.roa
Signing time: Fri 08 Apr 2022 08:17:55 +0000
ROA not before: Fri 08 Apr 2022 08:17:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60072
IP address blocks: 185.58.216.0/22 maxlen: 22
31.171.192.0/21 maxlen: 21
31.171.197.0/24 maxlen: 24
31.171.198.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 145499 (0x2385b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ef81d9e89e2c471321d967f7092094dadfe2aa8
Validity
Not Before: Apr 8 08:17:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=47fd1d66e6b97a37b1ab06113ed864feab28bcb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:6c:5e:3e:e6:3f:c0:66:81:18:6a:0a:51:c7:
a4:43:e0:3a:68:7f:aa:27:af:c4:7a:3f:60:d4:ca:
8f:9f:1c:b2:5c:49:c6:5a:1b:8b:b0:85:41:f6:80:
74:36:b7:88:c6:8b:2a:0f:81:d8:9d:8e:63:a8:5e:
29:39:9f:be:c3:42:fd:25:9f:40:84:0c:3f:3a:5f:
c8:02:26:0d:a2:21:98:2e:18:44:cf:d7:d0:c1:f3:
82:f9:f9:0c:1c:f7:48:31:e3:82:60:0f:97:00:8e:
dc:90:97:60:08:13:f9:5f:26:49:bf:7f:d1:a3:6f:
46:9e:ee:12:83:ea:e4:9c:12:d9:89:8f:b1:7b:f6:
23:8a:10:6a:b4:cc:30:5d:99:bd:c4:ad:fb:e8:39:
6e:26:30:ac:41:8c:3c:e5:79:fc:4c:ad:fb:ab:23:
b6:71:e7:9d:89:96:ba:9a:2d:5d:50:27:09:2e:5a:
b2:2d:78:c4:ca:c1:ab:ad:1b:6a:95:20:75:69:88:
29:6b:25:42:4d:35:d8:df:19:c9:a4:16:79:d2:d1:
ba:7c:08:98:b3:24:6e:03:c0:97:62:ef:47:87:52:
04:cf:3a:92:77:9a:62:17:e6:c7:a9:30:21:32:fe:
41:04:80:7e:d0:ae:ad:1f:a2:fb:8f:bf:e1:0e:6a:
19:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:FD:1D:66:E6:B9:7A:37:B1:AB:06:11:3E:D8:64:FE:AB:28:BC:B9
X509v3 Authority Key Identifier:
keyid:0E:F8:1D:9E:89:E2:C4:71:32:1D:96:7F:70:92:09:4D:AD:FE:2A:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DvgdnonixHEyHZZ_cJIJTa3-Kqg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/5d15a8-22a7-401b-8c5e-075f24e4be71/1/R_0dZua5ejexqwYRPthk_qsovLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/5d15a8-22a7-401b-8c5e-075f24e4be71/1/DvgdnonixHEyHZZ_cJIJTa3-Kqg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.192.0/21
185.58.216.0/22
Signature Algorithm: sha256WithRSAEncryption
87:f2:fc:bb:db:cb:0a:e5:5f:f0:29:5a:24:48:ff:43:04:e9:
03:07:63:d9:05:17:02:90:25:45:66:b5:77:06:f9:c1:97:d4:
b7:c4:98:ee:57:42:a0:9e:aa:09:1b:1b:74:09:e2:42:80:a4:
67:8b:eb:ea:e4:7c:dd:b5:24:3f:cc:9b:40:1e:ba:4d:ab:c1:
a5:e0:0b:19:c2:bb:e0:6c:36:77:29:4e:88:ad:81:a1:be:d2:
00:69:40:68:c6:1a:d7:24:0f:3e:70:c8:50:92:58:d9:6c:cb:
35:10:c2:ac:5a:54:d8:58:f3:bd:c2:65:f9:4a:4c:d4:30:e1:
f4:7b:af:1e:ed:e4:65:96:eb:15:8f:50:40:2f:c3:cd:35:5d:
fc:9f:5d:28:46:14:b3:9e:d4:a5:fe:1f:d3:65:b1:53:4a:ca:
50:a9:cb:34:7b:2a:55:2f:f5:9e:cb:53:be:c2:a7:47:df:db:
99:f1:e4:a6:7c:7c:ef:4b:d8:56:73:3b:55:9f:43:a9:c5:3d:
1f:7d:da:1e:9e:d9:d7:e6:c6:26:06:0e:ad:95:f2:99:8d:1a:
f0:0d:d6:95:0f:49:57:3a:b3:d1:30:55:57:d5:bb:99:f3:a2:
84:58:66:52:fe:43:95:47:de:a1:db:f5:25:c7:fb:a5:b7:58:
c0:ef:1d:09
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIDAjhbMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDBl
ZjgxZDllODllMmM0NzEzMjFkOTY3ZjcwOTIwOTRkYWRmZTJhYTgwHhcNMjIwNDA4
MDgxNzU1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg0N2ZkMWQ2NmU2Yjk3
YTM3YjFhYjA2MTEzZWQ4NjRmZWFiMjhiY2I5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAyGxePuY/wGaBGGoKUcekQ+A6aH+qJ6/Eej9g1MqPnxyyXEnG
WhuLsIVB9oB0NreIxosqD4HYnY5jqF4pOZ++w0L9JZ9AhAw/Ol/IAiYNoiGYLhhE
z9fQwfOC+fkMHPdIMeOCYA+XAI7ckJdgCBP5XyZJv3/Ro29Gnu4Sg+rknBLZiY+x
e/YjihBqtMwwXZm9xK376DluJjCsQYw85Xn8TK37qyO2ceediZa6mi1dUCcJLlqy
LXjEysGrrRtqlSB1aYgpayVCTTXY3xnJpBZ50tG6fAiYsyRuA8CXYu9Hh1IEzzqS
d5piF+bHqTAhMv5BBIB+0K6tH6L7j7/hDmoZ+wIDAQABo4ICDzCCAgswHQYDVR0O
BBYEFEf9HWbmuXo3sasGET7YZP6rKLy5MB8GA1UdIwQYMBaAFA74HZ6J4sRxMh2W
f3CSCU2t/iqoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
RHZnZG5vbml4SEV5SFpaX2NKSUpUYTMtS3FnLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9hMS81ZDE1YTgtMjJhNy00MDFiLThjNWUtMDc1ZjI0ZTRiZTcxLzEv
Ul8wZFp1YTVlamV4cXdZUlB0aGtfcXNvdkxrLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS81
ZDE1YTgtMjJhNy00MDFiLThjNWUtMDc1ZjI0ZTRiZTcxLzEvRHZnZG5vbml4SEV5
SFpaX2NKSUpUYTMtS3FnLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUG
CCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDH6vAAwQCuTrYMA0GCSqGSIb3DQEB
CwUAA4IBAQCH8vy728sK5V/wKVokSP9DBOkDB2PZBRcCkCVFZrV3BvnBl9S3xJju
V0KgnqoJGxt0CeJCgKRni+vq5HzdtSQ/zJtAHrpNq8Gl4AsZwrvgbDZ3KU6IrYGh
vtIAaUBoxhrXJA8+cMhQkljZbMs1EMKsWlTYWPO9wmX5SkzUMOH0e68e7eRllusV
j1BAL8PNNV38n10oRhSzntSl/h/TZbFTSspQqcs0eypVL/Wey1O+wqdH39uZ8eSm
fHzvS9hWcztVn0OpxT0ffdoentnX5sYmBg6tlfKZjRrwDdaVD0lXOrPRMFVX1buZ
86KEWGZS/kOVR96h2/Ulx/ult1jA7x0J
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:18 2025 by rpki-client