Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/78e5eb-c2af-4462-b859-898996c861df/1/vOcPmB1s3GoQiwUNfmUdu8C6y1w.roa
File: vOcPmB1s3GoQiwUNfmUdu8C6y1w.roa (raw, json)
Hash identifier: JBkXhMMjtvpyJ2JEYu0BwiVypQi2fuaxQcxNn15xLb4=
Subject key identifier: BC:E7:0F:98:1D:6C:DC:6A:10:8B:05:0D:7E:65:1D:BB:C0:BA:CB:5C
Certificate issuer: /CN=5673fa6842973edf62d579b4efec2fa64fdbf8c8
Certificate serial: 01856F6FFC2F46154CD4417AAB9D0E5C3A1B
Authority key identifier: 56:73:FA:68:42:97:3E:DF:62:D5:79:B4:EF:EC:2F:A6:4F:DB:F8:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VnP6aEKXPt9i1Xm07-wvpk_b-Mg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/78e5eb-c2af-4462-b859-898996c861df/1/vOcPmB1s3GoQiwUNfmUdu8C6y1w.roa
Signing time: Sun 01 Jan 2023 22:24:47 +0000
ROA not before: Sun 01 Jan 2023 22:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48737
IP address blocks: 31.210.62.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:6f:fc:2f:46:15:4c:d4:41:7a:ab:9d:0e:5c:3a:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5673fa6842973edf62d579b4efec2fa64fdbf8c8
Validity
Not Before: Jan 1 22:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bce70f981d6cdc6a108b050d7e651dbbc0bacb5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e2:f0:07:19:6e:22:fa:43:26:82:4e:af:29:
4b:a8:b5:9c:73:4c:f7:cd:aa:b5:14:7b:25:b5:33:
0b:af:11:3e:d5:c9:8c:8e:0b:b7:e2:c8:95:ac:b4:
59:9d:63:cc:3b:c7:ac:60:82:4b:15:47:2b:9e:dc:
79:94:85:3f:d3:46:1e:29:8b:02:93:5b:26:eb:7d:
c0:66:5f:76:e6:ec:1a:44:25:d9:ab:e0:a5:c4:2c:
6f:f5:bc:3c:56:76:7d:4f:b3:58:e4:95:41:62:b4:
e2:d4:4a:61:1b:39:8c:5f:38:48:d9:af:37:f0:14:
b8:94:22:98:44:32:41:b7:7b:e8:6f:98:a3:b8:89:
04:e3:e5:0e:ca:74:51:51:9b:15:47:de:f7:e3:cf:
e1:72:44:b5:10:33:83:d3:b9:04:ca:31:37:41:fc:
7c:b8:79:93:45:56:3e:c4:e1:c4:ed:64:3d:6f:5e:
83:aa:ef:61:bf:60:80:4b:f7:ff:9c:5c:4f:e6:0b:
45:f2:88:4f:b2:b1:15:f8:3a:69:24:ea:94:73:10:
42:11:3e:7c:f4:49:84:b2:31:af:af:06:ae:a8:8a:
16:71:af:68:58:61:de:f5:20:59:f1:0c:ae:d2:d5:
c8:76:bc:28:ec:82:97:36:1d:fc:71:7f:a9:78:96:
c3:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:E7:0F:98:1D:6C:DC:6A:10:8B:05:0D:7E:65:1D:BB:C0:BA:CB:5C
X509v3 Authority Key Identifier:
keyid:56:73:FA:68:42:97:3E:DF:62:D5:79:B4:EF:EC:2F:A6:4F:DB:F8:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VnP6aEKXPt9i1Xm07-wvpk_b-Mg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/78e5eb-c2af-4462-b859-898996c861df/1/vOcPmB1s3GoQiwUNfmUdu8C6y1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/78e5eb-c2af-4462-b859-898996c861df/1/VnP6aEKXPt9i1Xm07-wvpk_b-Mg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.62.0/23
Signature Algorithm: sha256WithRSAEncryption
31:2e:db:fa:33:fd:66:3f:63:a1:88:fd:05:71:d9:3d:10:a3:
7f:3f:e2:0d:0a:df:e4:d2:d5:ad:f6:20:b2:da:61:fe:fe:73:
d9:0d:84:55:a8:41:5f:c0:f5:52:68:8a:a9:9a:e9:19:c4:c7:
d8:2e:88:57:ff:be:92:0d:b7:d0:e3:f1:e9:60:29:fc:92:7d:
77:16:a7:5b:65:bd:80:30:1e:5e:64:02:7f:55:e4:0b:fa:b5:
79:39:ef:b3:30:5c:d9:e6:70:48:3b:9a:7e:7c:b4:ed:20:cf:
57:b9:ee:1c:79:de:dc:05:cd:f2:c1:fa:f1:3a:b8:ac:25:8b:
5a:b4:bb:fe:41:aa:d6:99:97:7f:ca:74:c5:5a:46:01:76:42:
01:be:43:77:ca:c2:3c:fc:b7:e1:f0:a2:09:5e:11:ba:e9:18:
f3:8d:b2:7f:c2:88:8a:98:c9:8d:5b:0e:8a:6d:29:b2:75:8e:
ae:35:ee:ff:24:90:52:35:12:00:5a:73:da:94:ae:75:63:6b:
15:61:3e:34:26:fa:48:fd:cf:02:56:f9:2d:74:84:c0:b1:92:
2d:c7:3a:a6:d8:e5:e9:64:36:ed:a5:21:30:70:0c:70:f1:ef:
a1:a4:32:e9:62:b5:f1:ee:f9:6e:94:6e:10:95:d6:35:fa:72:
f2:14:e8:07
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvb/wvRhVM1EF6q50OXDobMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2NzNmYTY4NDI5NzNlZGY2MmQ1NzliNGVmZWMyZmE2NGZk
YmY4YzgwHhcNMjMwMTAxMjIyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2U3MGY5ODFkNmNkYzZhMTA4YjA1MGQ3ZTY1MWRiYmMwYmFjYjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+LwBxluIvpDJoJOrylLqLWcc0z3
zaq1FHsltTMLrxE+1cmMjgu34siVrLRZnWPMO8esYIJLFUcrntx5lIU/00YeKYsC
k1sm633AZl925uwaRCXZq+ClxCxv9bw8VnZ9T7NY5JVBYrTi1EphGzmMXzhI2a83
8BS4lCKYRDJBt3vob5ijuIkE4+UOynRRUZsVR97348/hckS1EDOD07kEyjE3Qfx8
uHmTRVY+xOHE7WQ9b16Dqu9hv2CAS/f/nFxP5gtF8ohPsrEV+DppJOqUcxBCET58
9EmEsjGvrwauqIoWca9oWGHe9SBZ8Qyu0tXIdrwo7IKXNh38cX+peJbDPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLznD5gdbNxqEIsFDX5lHbvAustcMB8GA1UdIwQY
MBaAFFZz+mhClz7fYtV5tO/sL6ZP2/jIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm5QNmFFS1hQdDlpMVhtMDctd3Zwa19iLU1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy83OGU1ZWItYzJhZi00NDYyLWI4NTkt
ODk4OTk2Yzg2MWRmLzEvdk9jUG1CMXMzR29RaXdVTmZtVWR1OEM2eTF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy83OGU1ZWItYzJhZi00NDYyLWI4NTktODk4OTk2Yzg2MWRm
LzEvVm5QNmFFS1hQdDlpMVhtMDctd3Zwa19iLU1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBH9I+MA0G
CSqGSIb3DQEBCwUAA4IBAQAxLtv6M/1mP2OhiP0Fcdk9EKN/P+INCt/k0tWt9iCy
2mH+/nPZDYRVqEFfwPVSaIqpmukZxMfYLohX/76SDbfQ4/HpYCn8kn13FqdbZb2A
MB5eZAJ/VeQL+rV5Oe+zMFzZ5nBIO5p+fLTtIM9Xue4ced7cBc3ywfrxOrisJYta
tLv+QarWmZd/ynTFWkYBdkIBvkN3ysI8/Lfh8KIJXhG66RjzjbJ/woiKmMmNWw6K
bSmydY6uNe7/JJBSNRIAWnPalK51Y2sVYT40JvpI/c8CVvktdITAsZItxzqm2OXp
ZDbtpSEwcAxw8e+hpDLpYrXx7vlulG4QldY1+nLyFOgH
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:18:04 2025 by rpki-client