Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/649b17-039d-42da-90f6-3e10d1ab7408/1/rLmD6HPuqZsnOixtAwHVHG6jMUg.roa
File: rLmD6HPuqZsnOixtAwHVHG6jMUg.roa (raw, json)
Hash identifier: MT/q9OJV1mbonxyRj/vY1oxvLICjnjzYRnd2o8EyoQQ=
Subject key identifier: AC:B9:83:E8:73:EE:A9:9B:27:3A:2C:6D:03:01:D5:1C:6E:A3:31:48
Certificate issuer: /CN=eed9578e49825c42f3c131b94cb0fdde5c79ad77
Certificate serial: 01856F7978C7D32462C93FC6AD84D86A59B2
Authority key identifier: EE:D9:57:8E:49:82:5C:42:F3:C1:31:B9:4C:B0:FD:DE:5C:79:AD:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7tlXjkmCXELzwTG5TLD93lx5rXc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/649b17-039d-42da-90f6-3e10d1ab7408/1/rLmD6HPuqZsnOixtAwHVHG6jMUg.roa
Signing time: Sun 01 Jan 2023 22:35:09 +0000
ROA not before: Sun 01 Jan 2023 22:35:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202284
IP address blocks: 31.13.184.0/22 maxlen: 24
2a04:bb00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:78:c7:d3:24:62:c9:3f:c6:ad:84:d8:6a:59:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eed9578e49825c42f3c131b94cb0fdde5c79ad77
Validity
Not Before: Jan 1 22:35:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=acb983e873eea99b273a2c6d0301d51c6ea33148
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:de:4a:ab:43:fa:a2:99:8b:7d:99:78:04:50:
c3:49:44:54:68:cf:07:af:f5:0a:fd:2b:17:37:41:
fb:77:c3:6b:8f:17:15:d0:e5:e8:39:47:aa:e1:47:
81:d7:3f:96:b9:bc:b9:04:23:65:db:12:66:5c:53:
fe:fb:f2:b1:25:fe:59:20:31:b7:48:cf:b4:7d:1d:
e7:dc:33:29:32:7f:8b:a8:0c:7b:a6:2f:14:c0:a4:
5b:93:30:2a:4b:d3:27:a5:aa:20:f7:34:e4:bd:62:
9b:82:8f:c7:05:47:dc:a5:ea:ca:48:ef:42:89:72:
63:bc:05:5a:1b:21:e5:23:bd:7a:ef:0c:f5:3c:3d:
e7:69:29:7c:9b:44:36:c5:89:cb:67:83:89:6f:3e:
15:a1:4f:46:72:d9:7d:60:32:eb:ea:68:c3:cc:1e:
cf:5c:3f:46:28:5f:49:4e:0f:1e:44:bb:8b:8f:44:
95:90:79:19:78:5f:97:be:23:71:b7:89:f8:84:f2:
eb:12:44:86:29:d3:ff:5e:b6:d0:fa:f0:11:3c:b2:
86:2e:01:20:9e:d3:e2:b8:36:9a:35:f0:28:6b:a7:
38:ca:fe:7e:ef:da:b0:b5:ff:56:dd:57:6b:08:eb:
50:a6:25:ec:d4:45:5a:4a:07:b7:18:6e:51:72:3d:
23:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:B9:83:E8:73:EE:A9:9B:27:3A:2C:6D:03:01:D5:1C:6E:A3:31:48
X509v3 Authority Key Identifier:
keyid:EE:D9:57:8E:49:82:5C:42:F3:C1:31:B9:4C:B0:FD:DE:5C:79:AD:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7tlXjkmCXELzwTG5TLD93lx5rXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/649b17-039d-42da-90f6-3e10d1ab7408/1/rLmD6HPuqZsnOixtAwHVHG6jMUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/649b17-039d-42da-90f6-3e10d1ab7408/1/7tlXjkmCXELzwTG5TLD93lx5rXc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.184.0/22
IPv6:
2a04:bb00::/29
Signature Algorithm: sha256WithRSAEncryption
6a:81:98:3f:6a:a2:93:78:8e:b9:24:70:6f:3f:dc:5a:aa:86:
17:5a:bb:f2:4d:b3:85:24:57:34:6c:1d:77:0b:98:b1:3d:5e:
23:3e:0c:81:9d:79:af:a5:cf:b4:15:ae:3f:52:2a:0e:85:31:
ac:64:ee:a9:59:b3:e5:44:f2:73:2a:90:38:42:58:cb:23:b6:
a2:d2:fd:a7:ae:ad:67:3a:35:fe:9b:92:50:ff:3e:bc:ad:22:
ff:8f:0a:e2:6b:d4:26:e5:02:30:20:46:fc:39:a1:d9:17:fe:
31:41:1a:5b:d8:a8:20:d4:82:ed:5e:b8:8a:b4:bb:c2:b9:4e:
e9:78:c5:05:83:8f:94:59:ce:90:dd:7b:66:dc:18:78:e6:34:
0b:27:11:4c:49:06:d7:73:87:ea:30:ca:d3:5b:de:ff:67:8c:
ea:46:fa:5d:8a:5e:45:8b:ae:ed:d1:ac:c1:f4:8f:cb:70:11:
df:96:b4:20:5c:73:c9:21:34:8b:22:9e:02:45:94:ba:ce:44:
6a:74:b7:aa:ec:3b:2d:de:f7:48:32:d1:0d:f8:3f:11:b8:06:
a1:7b:3d:49:21:b9:5a:32:3a:67:9a:6e:9b:e9:fe:20:0c:c8:
0b:60:9b:eb:45:42:d2:8a:7b:92:1d:83:db:30:65:93:83:b4:
05:df:47:89
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVveXjH0yRiyT/GrYTYalmyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlZDk1NzhlNDk4MjVjNDJmM2MxMzFiOTRjYjBmZGRlNWM3
OWFkNzcwHhcNMjMwMTAxMjIzNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2I5ODNlODczZWVhOTliMjczYTJjNmQwMzAxZDUxYzZlYTMzMTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiN5Kq0P6opmLfZl4BFDDSURUaM8H
r/UK/SsXN0H7d8NrjxcV0OXoOUeq4UeB1z+Wuby5BCNl2xJmXFP++/KxJf5ZIDG3
SM+0fR3n3DMpMn+LqAx7pi8UwKRbkzAqS9Mnpaog9zTkvWKbgo/HBUfcperKSO9C
iXJjvAVaGyHlI7167wz1PD3naSl8m0Q2xYnLZ4OJbz4VoU9Gctl9YDLr6mjDzB7P
XD9GKF9JTg8eRLuLj0SVkHkZeF+XviNxt4n4hPLrEkSGKdP/XrbQ+vARPLKGLgEg
ntPiuDaaNfAoa6c4yv5+79qwtf9W3VdrCOtQpiXs1EVaSge3GG5Rcj0j9QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKy5g+hz7qmbJzosbQMB1RxuozFIMB8GA1UdIwQY
MBaAFO7ZV45JglxC88ExuUyw/d5cea13MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3RsWGprbUNYRUx6d1RHNVRMRDkzbHg1clhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy82NDliMTctMDM5ZC00MmRhLTkwZjYt
M2UxMGQxYWI3NDA4LzEvckxtRDZIUHVxWnNuT2l4dEF3SFZIRzZqTVVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy82NDliMTctMDM5ZC00MmRhLTkwZjYtM2UxMGQxYWI3NDA4
LzEvN3RsWGprbUNYRUx6d1RHNVRMRDkzbHg1clhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCHw24MA0E
AgACMAcDBQMqBLsAMA0GCSqGSIb3DQEBCwUAA4IBAQBqgZg/aqKTeI65JHBvP9xa
qoYXWrvyTbOFJFc0bB13C5ixPV4jPgyBnXmvpc+0Fa4/UioOhTGsZO6pWbPlRPJz
KpA4QljLI7ai0v2nrq1nOjX+m5JQ/z68rSL/jwria9Qm5QIwIEb8OaHZF/4xQRpb
2Kgg1ILtXriKtLvCuU7peMUFg4+UWc6Q3Xtm3Bh45jQLJxFMSQbXc4fqMMrTW97/
Z4zqRvpdil5Fi67t0azB9I/LcBHflrQgXHPJITSLIp4CRZS6zkRqdLeq7Dst3vdI
MtEN+D8RuAahez1JIblaMjpnmm6b6f4gDMgLYJvrRULSinuSHYPbMGWTg7QF30eJ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:46 2025 by rpki-client