Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/avD8DqFNQAOg6axwTlEMe4mvWsc.roa
File: avD8DqFNQAOg6axwTlEMe4mvWsc.roa (raw, json)
Hash identifier: fKy/OVb2kZeNW5ib9Cmaj886zObANvjDGxORTLOXqVs=
Subject key identifier: 6A:F0:FC:0E:A1:4D:40:03:A0:E9:AC:70:4E:51:0C:7B:89:AF:5A:C7
Certificate issuer: /CN=424feffb576e411de511871dc1e0bd7a20e2c4d7
Certificate serial: 0183F9F5B1FF7D4084FC38FE19E6A71EA7BD
Authority key identifier: 42:4F:EF:FB:57:6E:41:1D:E5:11:87:1D:C1:E0:BD:7A:20:E2:C4:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qk_v-1duQR3lEYcdweC9eiDixNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/avD8DqFNQAOg6axwTlEMe4mvWsc.roa
Signing time: Fri 21 Oct 2022 09:52:52 +0000
ROA not before: Fri 21 Oct 2022 09:52:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211252
IP address blocks: 194.31.96.0/24 maxlen: 24
194.99.44.0/24 maxlen: 24
194.99.46.0/24 maxlen: 24
31.210.21.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f9:f5:b1:ff:7d:40:84:fc:38:fe:19:e6:a7:1e:a7:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=424feffb576e411de511871dc1e0bd7a20e2c4d7
Validity
Not Before: Oct 21 09:52:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6af0fc0ea14d4003a0e9ac704e510c7b89af5ac7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:97:5c:df:f6:44:8f:a0:3f:ed:6a:68:5a:eb:
4f:49:60:ef:14:2c:e9:64:0f:73:fc:0e:85:74:75:
de:42:f9:d8:7d:10:f1:ba:e0:9d:c1:2c:81:c8:7c:
6c:4a:a3:92:4b:39:c1:1e:8e:f1:54:da:3c:ae:7d:
ae:c8:4f:7a:99:3a:1a:5f:7b:e3:5a:7d:36:84:fa:
da:ef:cf:26:13:75:16:67:32:9d:26:46:db:55:b3:
ca:9e:17:f5:09:be:e5:15:f9:ab:29:31:42:5c:3b:
96:39:83:c1:63:d2:77:fd:03:58:f0:2b:dc:29:a2:
65:38:b0:4c:84:82:b1:61:25:e9:f3:f7:38:ad:93:
7d:93:93:18:d1:8c:2f:20:b8:44:11:0f:11:43:bc:
9f:2c:cd:47:b9:84:c8:55:45:be:80:ad:5c:72:a2:
56:83:ee:86:1f:9a:a9:61:38:4a:1f:57:9d:0b:6f:
8e:7a:80:bc:1b:23:f9:47:a0:59:f2:eb:c1:d6:3f:
6e:22:93:3a:d5:32:3d:97:de:83:2f:7d:cf:59:8d:
ff:10:8c:c9:30:c7:21:27:85:34:36:78:c6:96:5e:
b9:8a:bd:f1:46:04:47:1d:1e:0d:5e:b6:a9:08:79:
d4:02:12:11:ce:d7:84:a2:34:0b:3f:42:3d:28:00:
52:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:F0:FC:0E:A1:4D:40:03:A0:E9:AC:70:4E:51:0C:7B:89:AF:5A:C7
X509v3 Authority Key Identifier:
keyid:42:4F:EF:FB:57:6E:41:1D:E5:11:87:1D:C1:E0:BD:7A:20:E2:C4:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qk_v-1duQR3lEYcdweC9eiDixNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/avD8DqFNQAOg6axwTlEMe4mvWsc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/Qk_v-1duQR3lEYcdweC9eiDixNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.21.0/24
194.31.96.0/24
194.99.44.0/24
194.99.46.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:b9:6c:97:13:1d:96:f5:db:a3:34:a2:19:66:c3:91:c3:69:
92:2b:ef:93:18:78:21:8c:93:1c:f4:62:4f:6c:db:ba:34:50:
ce:92:1a:e4:dc:37:b7:77:29:68:71:91:53:46:80:a9:a6:63:
02:c4:82:bc:70:d4:3f:25:30:05:67:41:33:da:fc:3c:a0:e9:
8f:1a:8c:7b:49:13:dd:20:8e:c3:b6:85:d1:cb:b6:23:01:1c:
be:e1:b1:f7:a4:87:92:67:f5:98:d6:a3:25:93:e0:6b:18:30:
ef:b5:fc:fd:23:ed:34:34:1e:f0:6e:f5:04:c2:d6:7e:69:84:
6a:81:65:7e:f2:4e:d3:f1:57:d3:4c:64:e4:94:d2:c9:2f:53:
c3:4e:4c:f9:9c:2f:e1:c5:00:1c:97:1c:71:8e:46:01:01:b9:
6c:34:1b:dc:08:c7:fd:bf:8e:61:67:53:d3:bf:31:2d:9a:e3:
aa:41:e2:97:79:aa:ed:78:1b:59:b9:39:81:0a:15:24:00:fc:
3f:10:a2:21:4f:c5:2b:92:00:64:2c:86:de:c2:d9:14:4e:08:
fe:df:43:43:db:93:18:f3:25:2b:8b:cd:34:34:3a:56:60:a7:
d0:e0:3b:5d:50:74:f7:9d:13:84:a8:97:a3:fe:34:cd:b2:a7:
13:d8:aa:69
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYP59bH/fUCE/Dj+GeanHqe9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyNGZlZmZiNTc2ZTQxMWRlNTExODcxZGMxZTBiZDdhMjBl
MmM0ZDcwHhcNMjIxMDIxMDk1MjUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWYwZmMwZWExNGQ0MDAzYTBlOWFjNzA0ZTUxMGM3Yjg5YWY1YWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1pdc3/ZEj6A/7WpoWutPSWDvFCzp
ZA9z/A6FdHXeQvnYfRDxuuCdwSyByHxsSqOSSznBHo7xVNo8rn2uyE96mToaX3vj
Wn02hPra788mE3UWZzKdJkbbVbPKnhf1Cb7lFfmrKTFCXDuWOYPBY9J3/QNY8Cvc
KaJlOLBMhIKxYSXp8/c4rZN9k5MY0YwvILhEEQ8RQ7yfLM1HuYTIVUW+gK1ccqJW
g+6GH5qpYThKH1edC2+OeoC8GyP5R6BZ8uvB1j9uIpM61TI9l96DL33PWY3/EIzJ
MMchJ4U0NnjGll65ir3xRgRHHR4NXrapCHnUAhIRzteEojQLP0I9KABS0QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGrw/A6hTUADoOmscE5RDHuJr1rHMB8GA1UdIwQY
MBaAFEJP7/tXbkEd5RGHHcHgvXog4sTXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWtfdi0xZHVRUjNsRVljZHdlQzllaURpeE5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy82MTM1MDgtMDgzMi00MWY2LWFjYjct
ODMxZjdlNmY1Y2NkLzEvYXZEOERxRk5RQU9nNmF4d1RsRU1lNG12V3NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy82MTM1MDgtMDgzMi00MWY2LWFjYjctODMxZjdlNmY1Y2Nk
LzEvUWtfdi0xZHVRUjNsRVljZHdlQzllaURpeE5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAH9IVAwQA
wh9gAwQAwmMsAwQAwmMuMA0GCSqGSIb3DQEBCwUAA4IBAQB9uWyXEx2W9dujNKIZ
ZsORw2mSK++TGHghjJMc9GJPbNu6NFDOkhrk3De3dylocZFTRoCppmMCxIK8cNQ/
JTAFZ0Ez2vw8oOmPGox7SRPdII7DtoXRy7YjARy+4bH3pIeSZ/WY1qMlk+BrGDDv
tfz9I+00NB7wbvUEwtZ+aYRqgWV+8k7T8VfTTGTklNLJL1PDTkz5nC/hxQAclxxx
jkYBAblsNBvcCMf9v45hZ1PTvzEtmuOqQeKXearteBtZuTmBChUkAPw/EKIhT8Ur
kgBkLIbewtkUTgj+30ND25MY8yUri800NDpWYKfQ4DtdUHT3nROEqJej/jTNsqcT
2Kpp
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:10 2025 by rpki-client