Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/g3aUxlGtwUdixQrhweHzP9St5i0.roa
File: g3aUxlGtwUdixQrhweHzP9St5i0.roa (raw, json)
Hash identifier: IDwlu1BhFVYn4IEUZyLEdgeA+pyaxlGw7Wc+aEzg4G8=
Subject key identifier: 83:76:94:C6:51:AD:C1:47:62:C5:0A:E1:C1:E1:F3:3F:D4:AD:E6:2D
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018506171C87D5F8E2E86A9B626328DEEF2A
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/g3aUxlGtwUdixQrhweHzP9St5i0.roa
Signing time: Mon 12 Dec 2022 11:27:35 +0000
ROA not before: Mon 12 Dec 2022 11:27:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35298
IP address blocks: 31.173.176.0/20 maxlen: 20
37.29.76.0/22 maxlen: 22
78.41.100.0/22 maxlen: 22
178.176.154.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:06:17:1c:87:d5:f8:e2:e8:6a:9b:62:63:28:de:ef:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 11:27:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=837694c651adc14762c50ae1c1e1f33fd4ade62d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:b7:fb:83:37:f8:3c:30:89:5f:97:f4:86:76:
9d:ba:71:44:17:ce:38:a3:bc:0f:28:15:23:b9:a7:
06:03:19:e4:ab:0d:e2:75:c5:d5:3a:ef:ec:ca:22:
98:d3:86:be:b5:88:e8:5f:e8:78:78:1f:1d:83:76:
0d:f7:59:6d:6c:b2:be:d7:1f:18:ae:c5:da:f3:91:
d7:eb:53:1e:ca:44:71:92:97:cc:48:58:ed:eb:10:
c7:cd:a6:de:f7:58:45:34:1d:0f:50:ce:34:e5:47:
15:19:a9:0c:e7:ca:c8:11:55:22:b7:11:8d:92:1e:
b1:86:6f:8e:43:d8:b6:fe:72:86:76:01:36:79:e3:
e1:b5:f7:6f:7f:a4:35:ed:66:08:13:f9:86:7f:c7:
c4:df:c4:90:39:fc:93:04:3d:c1:82:93:8c:63:2c:
de:0f:55:f4:4f:ae:7a:4f:79:ca:e4:8c:ab:e7:f1:
d8:14:3e:a5:ca:a8:2d:7a:5a:32:5f:1f:ff:ed:50:
07:94:02:1e:56:fe:59:6a:63:57:a5:f5:41:73:50:
77:19:d4:15:9f:2b:76:45:67:4c:d6:5b:35:86:44:
a9:e7:40:c2:c8:07:14:9c:c6:0d:a5:50:ca:f6:ee:
8f:c3:e4:e0:22:13:3f:ba:12:6b:1b:65:8d:c6:78:
13:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:76:94:C6:51:AD:C1:47:62:C5:0A:E1:C1:E1:F3:3F:D4:AD:E6:2D
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/g3aUxlGtwUdixQrhweHzP9St5i0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.176.0/20
37.29.76.0/22
78.41.100.0/22
178.176.154.0/23
Signature Algorithm: sha256WithRSAEncryption
a1:63:9e:09:63:25:e4:34:9e:d2:9a:00:41:86:e7:4e:3c:34:
31:87:48:3e:0f:2a:06:db:dd:02:4a:2d:a3:be:2d:1b:60:0a:
c8:57:05:7b:05:a3:90:43:bc:bd:0d:9b:82:89:df:57:c2:98:
4c:41:f6:3e:39:97:1c:df:cd:0a:36:f5:84:e8:00:37:61:22:
16:b5:3c:74:fe:92:66:eb:49:82:56:7a:fd:5a:29:4f:f7:6e:
9e:2f:ea:42:dd:d1:e5:5a:08:56:7b:b7:40:e4:7e:2a:86:bf:
b8:14:b0:d3:e5:60:da:91:ff:04:a2:73:57:91:a5:3c:cd:f7:
2b:ab:50:cf:17:47:29:50:db:2a:bc:20:f9:62:4c:01:12:a1:
4a:c9:e2:e4:b1:c9:e7:19:59:39:1f:cd:3c:97:20:b4:d7:ff:
f0:16:ba:94:da:9a:ef:05:a7:70:45:f4:7b:b0:57:5c:14:fd:
fc:98:24:0a:96:76:ab:ff:11:f5:1f:16:08:f4:a1:58:b9:54:
15:e1:40:af:81:4b:b5:34:cc:43:66:25:40:d3:60:ce:b5:17:
28:59:25:6a:ff:95:35:79:05:59:5e:c5:fc:cf:91:c4:90:23:
ce:60:3d:a2:42:c8:66:54:10:71:62:dd:42:6f:2a:ae:72:85:
13:99:3d:4d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYUGFxyH1fji6GqbYmMo3u8qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMTEyNzM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Mzc2OTRjNjUxYWRjMTQ3NjJjNTBhZTFjMWUxZjMzZmQ0YWRlNjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgbf7gzf4PDCJX5f0hnadunFEF844
o7wPKBUjuacGAxnkqw3idcXVOu/syiKY04a+tYjoX+h4eB8dg3YN91ltbLK+1x8Y
rsXa85HX61MeykRxkpfMSFjt6xDHzabe91hFNB0PUM405UcVGakM58rIEVUitxGN
kh6xhm+OQ9i2/nKGdgE2eePhtfdvf6Q17WYIE/mGf8fE38SQOfyTBD3BgpOMYyze
D1X0T656T3nK5Iyr5/HYFD6lyqgteloyXx//7VAHlAIeVv5ZamNXpfVBc1B3GdQV
nyt2RWdM1ls1hkSp50DCyAcUnMYNpVDK9u6Pw+TgIhM/uhJrG2WNxngTPQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIN2lMZRrcFHYsUK4cHh8z/UreYtMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvZzNhVXhsR3R3VWRpeFFyaHdlSHpQOVN0NWkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEH62wAwQC
JR1MAwQCTilkAwQBsrCaMA0GCSqGSIb3DQEBCwUAA4IBAQChY54JYyXkNJ7SmgBB
hudOPDQxh0g+DyoG290CSi2jvi0bYArIVwV7BaOQQ7y9DZuCid9XwphMQfY+OZcc
380KNvWE6AA3YSIWtTx0/pJm60mCVnr9WilP926eL+pC3dHlWghWe7dA5H4qhr+4
FLDT5WDakf8EonNXkaU8zfcrq1DPF0cpUNsqvCD5YkwBEqFKyeLkscnnGVk5H808
lyC01//wFrqU2prvBadwRfR7sFdcFP38mCQKlnar/xH1HxYI9KFYuVQV4UCvgUu1
NMxDZiVA02DOtRcoWSVq/5U1eQVZXsX8z5HEkCPOYD2iQshmVBBxYt1CbyqucoUT
mT1N
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:43:37 2025 by rpki-client