Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/oZudtJOmAy85-F98kUaNFMUpITA.roa
File: oZudtJOmAy85-F98kUaNFMUpITA.roa (raw, json)
Hash identifier: XPzNZ9iSuHcjU3hguyUAsNwNy7YHImqI0H+ZKN9X7/U=
Subject key identifier: A1:9B:9D:B4:93:A6:03:2F:39:F8:5F:7C:91:46:8D:14:C5:29:21:30
Certificate issuer: /CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Certificate serial: 43AEE75F
Authority key identifier: 5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/oZudtJOmAy85-F98kUaNFMUpITA.roa
Signing time: Sat 01 Jan 2022 14:01:00 +0000
ROA not before: Sat 01 Jan 2022 14:01:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211421
IP address blocks: 31.7.64.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1135535967 (0x43aee75f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Validity
Not Before: Jan 1 14:01:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a19b9db493a6032f39f85f7c91468d14c5292130
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b3:a8:9b:77:20:eb:29:87:9b:1c:2a:f1:c4:
1a:4a:b2:8b:6a:bf:6f:2c:4b:cc:fa:6b:34:ec:46:
bd:e2:1f:c0:68:94:36:50:9a:ba:9f:b3:85:10:45:
36:44:d0:d8:29:92:6e:07:08:47:8c:34:3c:7f:35:
d0:65:ec:a4:d6:a1:f1:c2:1e:d3:ab:b7:fa:9c:2a:
c2:1b:19:7d:36:14:3c:e6:a2:ee:3b:10:60:f5:d3:
c4:aa:5b:e9:93:9a:77:c7:54:5d:aa:9f:f5:6e:f1:
c8:b9:c6:41:79:21:8e:db:95:f7:a3:b8:77:a1:35:
10:ae:2b:46:ef:7f:19:d1:fa:39:ba:91:e8:53:c2:
86:72:96:62:c7:1f:63:be:fe:4f:8e:ef:25:57:b6:
f0:4f:d8:99:ea:c2:44:4a:cf:ff:18:37:61:3d:39:
93:9d:56:bd:b3:50:ec:7c:33:76:69:28:8e:48:a0:
80:d4:fb:50:fd:d6:d0:a5:17:77:ad:49:40:a9:67:
83:fd:9a:cf:a0:cc:40:14:f3:a2:a8:21:69:70:33:
83:f6:2b:7b:12:03:58:94:d9:39:3b:dc:ea:5f:9c:
02:c2:ae:7a:a5:73:6e:62:5d:10:94:db:16:19:40:
ff:09:d2:6e:bf:ea:cc:51:4c:b0:a0:8f:81:c2:db:
36:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:9B:9D:B4:93:A6:03:2F:39:F8:5F:7C:91:46:8D:14:C5:29:21:30
X509v3 Authority Key Identifier:
keyid:5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/oZudtJOmAy85-F98kUaNFMUpITA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/W1JjSi6wP4VlteM9wrn0kEH3z7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.7.64.0/24
Signature Algorithm: sha256WithRSAEncryption
47:3e:18:d3:2f:58:f5:48:67:6a:a5:b5:19:fb:1f:d2:9d:d5:
a7:19:b3:a5:27:e9:cb:a3:ee:f6:93:4d:02:39:58:5a:4d:2c:
a3:c5:65:1a:92:fe:80:78:03:10:bf:4f:b0:b2:da:9c:4f:9c:
c5:a2:c3:40:3d:3c:da:b9:48:79:e5:75:a3:18:94:e7:25:4b:
21:88:b3:10:ac:bc:75:c4:a7:f5:a3:62:2c:22:f0:dc:1e:c6:
2c:da:ea:7b:90:ff:2e:31:7a:e5:50:24:b0:ed:43:75:54:fa:
97:30:87:db:b5:0f:df:4f:1f:60:92:be:96:ef:02:ae:36:4b:
13:e2:2d:ab:e0:a9:1d:f3:7b:2d:c2:62:bf:83:f3:bc:40:96:
b2:67:2e:58:df:4f:c6:f8:dd:44:f8:ff:0e:4a:76:98:0d:41:
1d:ab:35:c1:d5:93:c3:e2:f2:3c:f3:97:05:37:f5:28:ae:51:
a1:cb:db:99:ef:e2:29:86:fe:c4:f4:69:26:b0:04:9d:a3:a2:
6b:c1:a3:33:54:c1:40:20:7f:86:41:bb:34:9d:dc:3f:4f:eb:
6d:6e:90:45:25:49:0c:a0:18:4e:0e:4a:76:5d:79:66:b7:89:
a4:24:b2:4a:9f:90:47:d0:57:34:e2:6c:08:f2:75:c6:c9:23:
cb:c3:42:d9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEQ67nXzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YjUyNjM0YTJlYjAzZjg1NjViNWUzM2RjMmI5ZjQ5MDQxZjdjZmIwMB4XDTIyMDEw
MTE0MDEwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTE5YjlkYjQ5M2E2
MDMyZjM5Zjg1ZjdjOTE0NjhkMTRjNTI5MjEzMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALOzqJt3IOsph5scKvHEGkqyi2q/byxLzPprNOxGveIfwGiU
NlCaup+zhRBFNkTQ2CmSbgcIR4w0PH810GXspNah8cIe06u3+pwqwhsZfTYUPOai
7jsQYPXTxKpb6ZOad8dUXaqf9W7xyLnGQXkhjtuV96O4d6E1EK4rRu9/GdH6ObqR
6FPChnKWYscfY77+T47vJVe28E/YmerCRErP/xg3YT05k51WvbNQ7Hwzdmkojkig
gNT7UP3W0KUXd61JQKlng/2az6DMQBTzoqghaXAzg/YrexIDWJTZOTvc6l+cAsKu
eqVzbmJdEJTbFhlA/wnSbr/qzFFMsKCPgcLbNm8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBShm520k6YDLzn4X3yRRo0UxSkhMDAfBgNVHSMEGDAWgBRbUmNKLrA/hWW1
4z3CufSQQffPsDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1cxSmpTaTZ3UDRWbHRlTTl3cm4wa0VIM3o3QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvN2E1YjQ0LTZiMTgtNDJkMy1hOGQ1LWRjNjU1NGZkMTIzNS8x
L29adWR0Sk9tQXk4NS1GOThrVWFORk1VcElUQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
N2E1YjQ0LTZiMTgtNDJkMy1hOGQ1LWRjNjU1NGZkMTIzNS8xL1cxSmpTaTZ3UDRW
bHRlTTl3cm4wa0VIM3o3QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAB8HQDANBgkqhkiG9w0BAQsFAAOC
AQEARz4Y0y9Y9UhnaqW1Gfsf0p3VpxmzpSfpy6Pu9pNNAjlYWk0so8VlGpL+gHgD
EL9PsLLanE+cxaLDQD082rlIeeV1oxiU5yVLIYizEKy8dcSn9aNiLCLw3B7GLNrq
e5D/LjF65VAksO1DdVT6lzCH27UP308fYJK+lu8CrjZLE+Itq+CpHfN7LcJiv4Pz
vECWsmcuWN9PxvjdRPj/Dkp2mA1BHas1wdWTw+LyPPOXBTf1KK5Rocvbme/iKYb+
xPRpJrAEnaOia8GjM1TBQCB/hkG7NJ3cP0/rbW6QRSVJDKAYTg5Kdl15ZreJpCSy
Sp+QR9BXNOJsCPJ1xskjy8NC2Q==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:08 2025 by rpki-client