Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/41e90c-61cc-470c-a388-6d1c9b153cf0/1/hfXIfo_suXB0B5FtbaO66BK3mnc.roa
File: hfXIfo_suXB0B5FtbaO66BK3mnc.roa (raw, json)
Hash identifier: 22/CRixHJK04Z1mR1qgESOg8tYwqnbGEUKbdaKe1I04=
Subject key identifier: 85:F5:C8:7E:8F:EC:B9:70:74:07:91:6D:6D:A3:BA:E8:12:B7:9A:77
Certificate issuer: /CN=0007534eb77caa836f8f118630164e0236e5fe86
Certificate serial: 01837544D493BDC9DEDE7183F09DA2DD1FE2
Authority key identifier: 00:07:53:4E:B7:7C:AA:83:6F:8F:11:86:30:16:4E:02:36:E5:FE:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AAdTTrd8qoNvjxGGMBZOAjbl_oY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/41e90c-61cc-470c-a388-6d1c9b153cf0/1/hfXIfo_suXB0B5FtbaO66BK3mnc.roa
Signing time: Sun 25 Sep 2022 15:29:48 +0000
ROA not before: Sun 25 Sep 2022 15:29:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41932
IP address blocks: 31.135.180.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:75:44:d4:93:bd:c9:de:de:71:83:f0:9d:a2:dd:1f:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0007534eb77caa836f8f118630164e0236e5fe86
Validity
Not Before: Sep 25 15:29:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=85f5c87e8fecb9707407916d6da3bae812b79a77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:90:ac:e5:d2:00:3f:06:ff:2a:ac:e0:61:76:
65:3a:f3:9d:0a:af:d3:4e:2d:50:45:9a:79:62:49:
8d:b4:7e:df:81:06:0e:0a:99:74:cb:61:ee:cf:ce:
2c:34:46:e0:c4:5c:28:5d:49:5e:e2:53:98:ca:2c:
df:ac:1f:8d:29:83:a9:a6:fd:d4:d1:9a:94:20:03:
6e:98:76:b4:5a:0a:b3:44:31:ac:80:ee:47:6b:14:
54:f8:c1:33:d5:f0:82:f2:67:02:32:b8:d7:85:44:
9d:70:78:8c:3d:90:b1:61:b2:86:5c:48:11:30:f9:
b2:ea:ad:da:60:c2:18:c1:ed:bd:16:a1:e0:93:0e:
59:95:a5:b4:30:ae:37:63:5d:6d:08:73:b3:e0:11:
f2:3a:40:d2:00:19:97:1d:bf:46:4a:3a:06:6c:70:
9c:79:3e:a5:92:08:6b:54:f3:9c:e3:5b:b0:b6:0f:
34:a9:26:e1:95:3d:d2:e6:e9:89:ec:8d:3e:70:22:
a4:4e:ab:5c:7e:47:18:22:92:75:6e:44:b2:10:78:
0c:13:ad:33:dc:73:88:cd:f2:af:8c:c9:55:f5:68:
51:23:9f:13:e1:51:1c:3e:85:9d:03:60:8e:8d:93:
1d:05:96:a4:b8:34:4d:07:6b:88:08:2d:51:3a:d8:
41:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:F5:C8:7E:8F:EC:B9:70:74:07:91:6D:6D:A3:BA:E8:12:B7:9A:77
X509v3 Authority Key Identifier:
keyid:00:07:53:4E:B7:7C:AA:83:6F:8F:11:86:30:16:4E:02:36:E5:FE:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AAdTTrd8qoNvjxGGMBZOAjbl_oY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/41e90c-61cc-470c-a388-6d1c9b153cf0/1/hfXIfo_suXB0B5FtbaO66BK3mnc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/41e90c-61cc-470c-a388-6d1c9b153cf0/1/AAdTTrd8qoNvjxGGMBZOAjbl_oY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.135.180.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:1f:c1:e7:01:64:92:7e:a9:b0:75:11:da:08:14:f2:53:fe:
07:2b:13:7d:83:7f:b5:ec:65:01:10:cc:21:22:3a:35:83:2e:
cf:d8:4e:1e:be:e7:08:e9:10:1f:93:4b:b9:21:57:fd:04:66:
59:b7:be:b9:21:3c:47:f1:a5:d7:f5:26:43:60:48:04:77:8b:
24:ff:ba:ab:0c:d4:89:fd:16:d4:2f:be:40:fc:d0:81:2a:d3:
4c:69:82:71:20:c9:1d:92:54:f5:83:3b:94:18:1e:e8:ca:55:
f2:96:30:0b:9c:6f:36:21:cb:7e:f3:70:74:06:03:b2:7c:99:
36:33:07:97:a4:b6:57:f4:a1:49:da:64:af:51:89:ef:b0:4e:
1b:ee:1a:4d:33:70:2b:4b:52:4d:b9:f8:40:4d:b0:d2:0f:bb:
f6:a0:b8:4f:60:bb:cb:72:60:00:23:47:3f:50:fb:08:6b:6d:
de:77:4c:b4:38:cd:cc:ff:f1:ab:a1:2d:80:11:8c:de:7b:bb:
4f:85:9f:5f:b5:02:82:e7:41:3a:c4:d9:81:80:e7:a8:d4:03:
47:fb:93:00:bc:cc:f1:99:4e:8f:dc:33:f3:ee:a6:20:4d:4f:
16:cc:b4:84:0d:61:50:3f:6b:9d:bc:a0:e6:d6:54:89:64:6b:
4d:ff:a5:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYN1RNSTvcne3nGD8J2i3R/iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMDc1MzRlYjc3Y2FhODM2ZjhmMTE4NjMwMTY0ZTAyMzZl
NWZlODYwHhcNMjIwOTI1MTUyOTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWY1Yzg3ZThmZWNiOTcwNzQwNzkxNmQ2ZGEzYmFlODEyYjc5YTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppCs5dIAPwb/KqzgYXZlOvOdCq/T
Ti1QRZp5YkmNtH7fgQYOCpl0y2Huz84sNEbgxFwoXUle4lOYyizfrB+NKYOppv3U
0ZqUIANumHa0WgqzRDGsgO5HaxRU+MEz1fCC8mcCMrjXhUSdcHiMPZCxYbKGXEgR
MPmy6q3aYMIYwe29FqHgkw5ZlaW0MK43Y11tCHOz4BHyOkDSABmXHb9GSjoGbHCc
eT6lkghrVPOc41uwtg80qSbhlT3S5umJ7I0+cCKkTqtcfkcYIpJ1bkSyEHgME60z
3HOIzfKvjMlV9WhRI58T4VEcPoWdA2COjZMdBZakuDRNB2uICC1ROthBewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIX1yH6P7LlwdAeRbW2juugSt5p3MB8GA1UdIwQY
MBaAFAAHU063fKqDb48RhjAWTgI25f6GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUFkVFRyZDhxb052anhHR01CWk9BamJsX29ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi80MWU5MGMtNjFjYy00NzBjLWEzODgt
NmQxYzliMTUzY2YwLzEvaGZYSWZvX3N1WEIwQjVGdGJhTzY2QkszbW5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi80MWU5MGMtNjFjYy00NzBjLWEzODgtNmQxYzliMTUzY2Yw
LzEvQUFkVFRyZDhxb052anhHR01CWk9BamJsX29ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBH4e0MA0G
CSqGSIb3DQEBCwUAA4IBAQBcH8HnAWSSfqmwdRHaCBTyU/4HKxN9g3+17GUBEMwh
Ijo1gy7P2E4evucI6RAfk0u5IVf9BGZZt765ITxH8aXX9SZDYEgEd4sk/7qrDNSJ
/RbUL75A/NCBKtNMaYJxIMkdklT1gzuUGB7oylXyljALnG82Ict+83B0BgOyfJk2
MweXpLZX9KFJ2mSvUYnvsE4b7hpNM3ArS1JNufhATbDSD7v2oLhPYLvLcmAAI0c/
UPsIa23ed0y0OM3M//GroS2AEYzee7tPhZ9ftQKC50E6xNmBgOeo1ANH+5MAvMzx
mU6P3DPz7qYgTU8WzLSEDWFQP2udvKDm1lSJZGtN/6WI
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:50 2025 by rpki-client