Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/up0a5kb-vvDB57lEewXBfmYSCP0.roa
File: up0a5kb-vvDB57lEewXBfmYSCP0.roa (raw, json)
Hash identifier: gJTSkbOiRO1mUPIDCg2utFUKvZRBQ9/rk1H2yiXuRmg=
Subject key identifier: BA:9D:1A:E6:46:FE:BE:F0:C1:E7:B9:44:7B:05:C1:7E:66:12:08:FD
Certificate issuer: /CN=dff24726df3e77f6f4c8e0436613b35110eeaf38
Certificate serial: 0181CE10A40D7BC6DF1A3749315C91A2F9C1
Authority key identifier: DF:F2:47:26:DF:3E:77:F6:F4:C8:E0:43:66:13:B3:51:10:EE:AF:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3_JHJt8-d_b0yOBDZhOzURDurzg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/up0a5kb-vvDB57lEewXBfmYSCP0.roa
Signing time: Tue 05 Jul 2022 11:13:25 +0000
ROA not before: Tue 05 Jul 2022 11:13:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211237
IP address blocks: 31.43.164.0/24 maxlen: 24
185.255.6.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:ce:10:a4:0d:7b:c6:df:1a:37:49:31:5c:91:a2:f9:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dff24726df3e77f6f4c8e0436613b35110eeaf38
Validity
Not Before: Jul 5 11:13:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ba9d1ae646febef0c1e7b9447b05c17e661208fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:a9:a2:dd:6d:ab:6e:7a:af:17:a2:6a:6c:9a:
81:a3:26:67:3f:a3:b5:94:56:fc:8a:42:b4:93:49:
94:2b:c9:e5:77:e1:fd:01:32:f2:d0:e7:6d:cb:b8:
d6:69:95:72:69:20:01:45:36:c6:2a:4c:df:44:59:
09:87:44:63:25:4c:31:de:4c:b4:f6:a0:e2:b3:d3:
c7:55:49:ff:a5:8c:85:32:58:66:fa:17:2a:be:cb:
27:62:9e:4f:20:a7:2d:7d:69:a8:09:fa:38:24:fe:
3c:93:d7:4d:c1:24:90:1b:5d:24:4a:16:05:24:27:
b2:22:a5:ab:86:25:dd:48:f8:27:6a:cc:d5:3a:15:
c4:07:b8:d0:3f:f3:e1:f5:98:89:41:d5:17:3f:96:
a1:39:a6:2f:1a:49:4d:29:b0:c3:3c:ae:3f:e0:8d:
02:c8:1b:56:11:99:1d:30:75:29:44:87:54:52:f6:
76:1d:42:20:c8:af:8b:25:da:a8:f8:20:0d:d5:f9:
f5:e9:1e:ee:52:7f:80:af:19:98:31:2a:9f:8f:b0:
f4:9f:8c:cf:7e:05:ff:af:cb:93:ca:62:2f:d3:7a:
0c:89:c8:66:2b:e2:e5:e7:51:8f:51:a8:2f:2a:f9:
25:e8:62:29:a6:58:76:9a:12:1a:7f:8c:63:8e:d1:
2c:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:9D:1A:E6:46:FE:BE:F0:C1:E7:B9:44:7B:05:C1:7E:66:12:08:FD
X509v3 Authority Key Identifier:
keyid:DF:F2:47:26:DF:3E:77:F6:F4:C8:E0:43:66:13:B3:51:10:EE:AF:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3_JHJt8-d_b0yOBDZhOzURDurzg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/up0a5kb-vvDB57lEewXBfmYSCP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/3_JHJt8-d_b0yOBDZhOzURDurzg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.43.164.0/24
185.255.6.0/24
Signature Algorithm: sha256WithRSAEncryption
69:f1:d1:06:83:98:82:08:38:2a:25:e6:22:b3:21:3c:83:90:
a8:99:34:b7:77:65:b1:3f:9f:f9:18:13:69:4a:be:05:a2:d1:
51:23:3b:6e:05:9b:cf:6e:20:00:42:f8:66:3f:d1:48:38:fe:
9c:3a:e7:ab:86:17:89:d9:bf:fd:11:5e:d4:66:58:b7:63:00:
61:e9:0d:bf:1e:6e:af:cc:9f:37:f3:41:97:66:61:1c:a2:06:
cd:ea:a8:16:a7:e6:e4:f6:dc:ba:94:80:05:2d:96:41:fc:66:
d0:39:d9:d1:da:0e:fc:cb:e0:5a:66:7f:1c:74:65:d6:2c:eb:
26:4e:81:6c:a8:1f:08:63:5d:55:7f:c9:c2:db:54:38:8f:ae:
2b:c4:4b:e4:0d:43:15:5a:f3:61:55:51:32:fd:80:bd:1e:3e:
a0:4d:0c:cf:89:51:b5:22:f6:62:97:84:2c:a2:1d:2d:18:03:
5c:69:5a:7e:fe:cc:59:74:ef:b6:90:15:28:10:ef:39:08:a0:
da:b1:16:a4:8c:25:f8:37:31:8c:59:47:f9:51:96:01:f5:30:
44:30:78:d0:86:77:51:bb:21:9f:90:c4:aa:81:eb:ba:d3:a1:
a2:e1:82:7c:15:18:87:c0:37:97:9a:1b:3e:f4:99:06:fd:13:
dd:53:96:2b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYHOEKQNe8bfGjdJMVyRovnBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZjI0NzI2ZGYzZTc3ZjZmNGM4ZTA0MzY2MTNiMzUxMTBl
ZWFmMzgwHhcNMjIwNzA1MTExMzI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTlkMWFlNjQ2ZmViZWYwYzFlN2I5NDQ3YjA1YzE3ZTY2MTIwOGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqmi3W2rbnqvF6JqbJqBoyZnP6O1
lFb8ikK0k0mUK8nld+H9ATLy0Odty7jWaZVyaSABRTbGKkzfRFkJh0RjJUwx3ky0
9qDis9PHVUn/pYyFMlhm+hcqvssnYp5PIKctfWmoCfo4JP48k9dNwSSQG10kShYF
JCeyIqWrhiXdSPgnaszVOhXEB7jQP/Ph9ZiJQdUXP5ahOaYvGklNKbDDPK4/4I0C
yBtWEZkdMHUpRIdUUvZ2HUIgyK+LJdqo+CAN1fn16R7uUn+ArxmYMSqfj7D0n4zP
fgX/r8uTymIv03oMichmK+Ll51GPUagvKvkl6GIpplh2mhIaf4xjjtEsSQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLqdGuZG/r7wwee5RHsFwX5mEgj9MB8GA1UdIwQY
MBaAFN/yRybfPnf29MjgQ2YTs1EQ7q84MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM19KSEp0OC1kX2IweU9CRFpoT3pVUkR1cnpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOTYwMjQtNjU1NS00ZThkLWFmMzct
NjJiYjZkNjNlNTlkLzEvdXAwYTVrYi12dkRCNTdsRWV3WEJmbVlTQ1AwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOTYwMjQtNjU1NS00ZThkLWFmMzctNjJiYjZkNjNlNTlk
LzEvM19KSEp0OC1kX2IweU9CRFpoT3pVUkR1cnpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAHyukAwQA
uf8GMA0GCSqGSIb3DQEBCwUAA4IBAQBp8dEGg5iCCDgqJeYisyE8g5ComTS3d2Wx
P5/5GBNpSr4FotFRIztuBZvPbiAAQvhmP9FIOP6cOuerhheJ2b/9EV7UZli3YwBh
6Q2/Hm6vzJ8380GXZmEcogbN6qgWp+bk9ty6lIAFLZZB/GbQOdnR2g78y+BaZn8c
dGXWLOsmToFsqB8IY11Vf8nC21Q4j64rxEvkDUMVWvNhVVEy/YC9Hj6gTQzPiVG1
IvZil4Qsoh0tGANcaVp+/sxZdO+2kBUoEO85CKDasRakjCX4NzGMWUf5UZYB9TBE
MHjQhndRuyGfkMSqgeu606Gi4YJ8FRiHwDeXmhs+9JkG/RPdU5Yr
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:44 2023 by rpki-client on console-ams.rpki-client.org