Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/629f4d-3929-461e-a194-dd1028991ff3/1/fiutIdHS0s91VK1a-9Lxd7uRFck.roa
File: fiutIdHS0s91VK1a-9Lxd7uRFck.roa (raw, json)
Hash identifier: oqsJ2ZpSxg/WvZsg20fTb+kHWw1V5w7Nvwc1LCrY+Iw=
Subject key identifier: 7E:2B:AD:21:D1:D2:D2:CF:75:54:AD:5A:FB:D2:F1:77:BB:91:15:C9
Certificate issuer: /CN=e5e69068a8b1fb7fa0795baf9bb3ab86c94e46fc
Certificate serial: 0185719569D0009AB32429B048CB7C7D84C5
Authority key identifier: E5:E6:90:68:A8:B1:FB:7F:A0:79:5B:AF:9B:B3:AB:86:C9:4E:46:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5eaQaKix-3-geVuvm7OrhslORvw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/629f4d-3929-461e-a194-dd1028991ff3/1/fiutIdHS0s91VK1a-9Lxd7uRFck.roa
Signing time: Mon 02 Jan 2023 08:24:55 +0000
ROA not before: Mon 02 Jan 2023 08:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200043
IP address blocks: 31.3.172.0/22 maxlen: 24
31.3.168.0/22 maxlen: 24
31.3.176.0/20 maxlen: 24
185.98.8.0/22 maxlen: 24
185.63.168.0/23 maxlen: 24
62.220.80.0/21 maxlen: 24
62.220.88.0/21 maxlen: 24
109.238.124.0/23 maxlen: 24
109.238.126.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:69:d0:00:9a:b3:24:29:b0:48:cb:7c:7d:84:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5e69068a8b1fb7fa0795baf9bb3ab86c94e46fc
Validity
Not Before: Jan 2 08:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7e2bad21d1d2d2cf7554ad5afbd2f177bb9115c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:1d:63:74:1b:5d:e6:74:0e:1b:c6:eb:da:ea:
b8:61:d1:6a:44:12:5d:bf:5f:55:9a:36:bf:04:ec:
20:19:58:4a:b4:96:87:16:b8:b5:0a:85:08:28:fa:
05:0b:b0:c2:63:d2:de:be:83:1e:37:93:f7:8b:01:
21:7a:ad:46:1b:6f:74:42:40:8c:e5:0d:4e:65:7f:
86:b9:09:47:31:bd:d1:7f:69:8b:77:7e:77:22:74:
9e:12:50:f9:42:2e:aa:31:08:4e:58:52:3b:c7:0c:
3d:ba:77:5a:a0:f7:24:a9:1c:17:53:d4:d9:8c:73:
b6:28:b0:59:3f:a1:a1:84:fa:c3:ea:89:b8:02:06:
66:f7:bb:e1:0c:d3:15:df:17:18:8f:0f:9a:4b:19:
78:47:46:6c:15:fd:8f:53:eb:59:5c:75:62:29:c2:
7d:78:53:cc:3a:b0:79:df:8b:c3:77:f5:8f:9f:0b:
db:03:47:59:63:63:95:46:ae:0a:3b:aa:24:37:9b:
86:d4:52:22:7e:71:8d:55:d9:70:5d:6a:66:44:f9:
25:3c:d6:a9:95:b2:a4:f4:85:f7:fd:c2:76:45:da:
e0:09:bd:4a:8e:ea:08:7c:1c:63:d1:a8:24:1b:5f:
25:a7:4a:4e:23:86:28:ac:e3:f2:9a:e0:f3:aa:b2:
c2:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:2B:AD:21:D1:D2:D2:CF:75:54:AD:5A:FB:D2:F1:77:BB:91:15:C9
X509v3 Authority Key Identifier:
keyid:E5:E6:90:68:A8:B1:FB:7F:A0:79:5B:AF:9B:B3:AB:86:C9:4E:46:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5eaQaKix-3-geVuvm7OrhslORvw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/629f4d-3929-461e-a194-dd1028991ff3/1/fiutIdHS0s91VK1a-9Lxd7uRFck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/629f4d-3929-461e-a194-dd1028991ff3/1/5eaQaKix-3-geVuvm7OrhslORvw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.168.0-31.3.191.255
62.220.80.0/20
109.238.124.0/22
185.63.168.0/23
185.98.8.0/22
Signature Algorithm: sha256WithRSAEncryption
74:32:10:71:99:b0:6c:35:cc:5b:cc:6c:7e:dc:56:6a:8b:6a:
99:42:79:ae:43:1e:c4:87:51:13:06:0a:83:f3:a6:3c:8b:9d:
f1:6a:32:e0:2c:7b:3d:b1:72:93:2b:50:09:8d:0b:62:22:62:
57:28:5d:3f:66:bf:51:8d:17:c5:6c:c4:4d:d7:db:2c:69:79:
c4:aa:d5:83:48:c7:55:93:27:58:e7:45:38:6f:0c:a9:26:84:
92:07:b6:3a:45:d8:28:c7:92:97:fd:02:72:b6:ed:f9:ec:5a:
a5:44:eb:97:36:03:07:17:38:33:60:40:cc:3a:07:84:97:ee:
c3:74:71:bc:7f:8a:21:7d:80:f2:e7:dc:92:9a:21:97:d6:96:
cb:04:57:c8:0a:c9:b9:dc:55:61:71:68:1c:c5:ac:84:dc:68:
6a:e2:04:b9:37:9b:66:ee:8c:03:d4:c2:3c:8e:e8:1a:5d:31:
ba:15:51:c7:13:2f:c8:80:5a:e5:c4:72:7a:46:c1:26:9e:96:
1e:fe:95:75:4c:40:87:6c:85:93:d2:da:ea:d6:99:b1:05:64:
52:be:16:16:4a:31:b7:b3:4c:0b:49:de:1e:04:99:0a:bc:2c:
90:ee:a4:8a:e3:c4:35:89:29:05:a0:45:f9:32:a9:bb:d4:2e:
4f:a3:9e:f7
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVxlWnQAJqzJCmwSMt8fYTFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ZTY5MDY4YThiMWZiN2ZhMDc5NWJhZjliYjNhYjg2Yzk0
ZTQ2ZmMwHhcNMjMwMTAyMDgyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTJiYWQyMWQxZDJkMmNmNzU1NGFkNWFmYmQyZjE3N2JiOTExNWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmB1jdBtd5nQOG8br2uq4YdFqRBJd
v19Vmja/BOwgGVhKtJaHFri1CoUIKPoFC7DCY9LevoMeN5P3iwEheq1GG290QkCM
5Q1OZX+GuQlHMb3Rf2mLd353InSeElD5Qi6qMQhOWFI7xww9undaoPckqRwXU9TZ
jHO2KLBZP6GhhPrD6om4AgZm97vhDNMV3xcYjw+aSxl4R0ZsFf2PU+tZXHViKcJ9
eFPMOrB534vDd/WPnwvbA0dZY2OVRq4KO6okN5uG1FIifnGNVdlwXWpmRPklPNap
lbKk9IX3/cJ2RdrgCb1KjuoIfBxj0agkG18lp0pOI4YorOPymuDzqrLCwQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFH4rrSHR0tLPdVStWvvS8Xe7kRXJMB8GA1UdIwQY
MBaAFOXmkGiosft/oHlbr5uzq4bJTkb8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWVhUWFLaXgtMy1nZVZ1dm03T3Joc2xPUnZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS82MjlmNGQtMzkyOS00NjFlLWExOTQt
ZGQxMDI4OTkxZmYzLzEvZml1dElkSFMwczkxVksxYS05THhkN3VSRmNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS82MjlmNGQtMzkyOS00NjFlLWExOTQtZGQxMDI4OTkxZmYz
LzEvNWVhUWFLaXgtMy1nZVZ1dm03T3Joc2xPUnZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBAMfA6gD
BAYfA4ADBAQ+3FADBAJt7nwDBAG5P6gDBAK5YggwDQYJKoZIhvcNAQELBQADggEB
AHQyEHGZsGw1zFvMbH7cVmqLaplCea5DHsSHURMGCoPzpjyLnfFqMuAsez2xcpMr
UAmNC2IiYlcoXT9mv1GNF8VsxE3X2yxpecSq1YNIx1WTJ1jnRThvDKkmhJIHtjpF
2CjHkpf9AnK27fnsWqVE65c2AwcXODNgQMw6B4SX7sN0cbx/iiF9gPLn3JKaIZfW
lssEV8gKybncVWFxaBzFrITcaGriBLk3m2bujAPUwjyO6BpdMboVUccTL8iAWuXE
cnpGwSaelh7+lXVMQIdshZPS2urWmbEFZFK+FhZKMbezTAtJ3h4EmQq8LJDupIrj
xDWJKQWgRfkyqbvULk+jnvc=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:31:40 2025 by rpki-client