Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/e0wr6qnDl3joQ2bwfoHEXMGh0-s.roa
File: e0wr6qnDl3joQ2bwfoHEXMGh0-s.roa (raw, json)
Hash identifier: nSeVsMePwnnJfxe5PTXlLXULLp3aKLMIkeqejqfvP4Y=
Subject key identifier: 7B:4C:2B:EA:A9:C3:97:78:E8:43:66:F0:7E:81:C4:5C:C1:A1:D3:EB
Certificate issuer: /CN=424feffb576e411de511871dc1e0bd7a20e2c4d7
Certificate serial: 01856F8B94ABCFEA1DB66E78A1F395C5E4CF
Authority key identifier: 42:4F:EF:FB:57:6E:41:1D:E5:11:87:1D:C1:E0:BD:7A:20:E2:C4:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qk_v-1duQR3lEYcdweC9eiDixNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/e0wr6qnDl3joQ2bwfoHEXMGh0-s.roa
Signing time: Sun 01 Jan 2023 22:54:56 +0000
ROA not before: Sun 01 Jan 2023 22:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399471
IP address blocks: 194.99.45.0/24 maxlen: 24
31.210.22.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:94:ab:cf:ea:1d:b6:6e:78:a1:f3:95:c5:e4:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=424feffb576e411de511871dc1e0bd7a20e2c4d7
Validity
Not Before: Jan 1 22:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7b4c2beaa9c39778e84366f07e81c45cc1a1d3eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:4a:5b:7e:20:61:e8:32:36:55:4d:8d:37:9f:
98:ab:0c:b3:3d:8a:5a:2a:ec:df:e3:de:78:71:04:
1a:fa:ce:63:8f:e1:d6:2d:52:0d:27:8a:18:34:c3:
17:58:d3:8d:18:1d:68:0d:06:eb:4e:95:70:e4:21:
37:fc:42:fa:5c:17:1d:70:a4:53:c9:da:d5:35:5a:
a6:26:53:6a:74:f5:4e:cd:cf:cd:f8:e0:9b:d6:a5:
c4:9c:01:5a:5a:de:b6:ce:d4:22:02:ee:8e:fa:41:
b4:eb:c6:fa:dd:ad:cc:ee:1f:f2:58:17:de:d7:19:
5b:b9:24:a4:f9:8b:42:8e:47:a0:ea:65:91:fd:41:
0f:e0:80:3a:98:00:1e:00:67:0b:a1:f7:1e:ca:55:
e4:3f:44:91:2e:a5:14:18:99:8c:11:c2:91:fd:33:
21:28:69:b9:1e:45:4b:72:36:4b:56:12:a0:ae:3b:
6b:df:b0:88:04:c1:03:5f:d8:03:4e:3f:3a:16:9b:
a3:ff:85:0d:15:ba:01:25:13:b5:89:20:a9:22:fb:
a0:cc:13:f4:e4:9c:7f:38:5e:29:78:28:38:52:1f:
1d:38:28:e5:68:d8:b6:98:72:ce:13:09:7a:a8:b3:
d0:38:83:ae:58:9a:27:ce:f8:a7:5d:aa:31:c1:6a:
53:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:4C:2B:EA:A9:C3:97:78:E8:43:66:F0:7E:81:C4:5C:C1:A1:D3:EB
X509v3 Authority Key Identifier:
keyid:42:4F:EF:FB:57:6E:41:1D:E5:11:87:1D:C1:E0:BD:7A:20:E2:C4:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qk_v-1duQR3lEYcdweC9eiDixNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/e0wr6qnDl3joQ2bwfoHEXMGh0-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/Qk_v-1duQR3lEYcdweC9eiDixNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.22.0/24
194.99.45.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:c3:ca:d3:6c:b6:dd:5d:fa:7c:f9:08:2e:59:c1:f8:06:08:
eb:36:19:fb:f3:1c:33:39:35:e0:14:08:3b:55:74:43:f6:4b:
59:85:8e:02:1a:6e:de:af:9e:ba:a4:08:78:4c:4d:b1:7e:87:
44:f9:94:fe:6d:b2:91:98:db:33:9a:f3:12:82:3d:06:8c:21:
0c:39:75:b2:9a:35:7a:5c:12:3b:80:55:e9:6d:00:0e:42:0b:
95:89:fc:c3:02:54:dc:eb:3e:e8:24:9c:44:0e:aa:28:f7:68:
45:03:df:58:61:f8:78:79:b3:57:08:3e:23:e4:2e:3a:1e:aa:
9c:67:72:48:2f:c9:73:dd:a0:bb:e4:f9:d7:34:93:4b:03:a0:
c6:f0:7d:b7:7f:ad:cb:e6:2d:28:81:11:b8:9a:77:98:06:dc:
a7:c5:e7:7a:8d:73:60:b9:23:9e:3c:8a:c8:f4:0d:cb:d7:76:
1e:93:97:3c:51:80:fe:eb:96:d7:3d:2f:a5:d8:7b:b7:c1:dc:
87:81:34:6a:e6:64:40:d1:8c:0b:43:34:68:42:2b:35:4c:49:
e3:1b:35:e4:65:0c:c2:b8:e3:da:e4:65:e9:52:04:6d:74:1b:
41:aa:47:dc:08:e2:01:70:66:45:83:e0:64:0d:79:68:68:8f:
4e:c8:8c:03
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvi5Srz+odtm54ofOVxeTPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyNGZlZmZiNTc2ZTQxMWRlNTExODcxZGMxZTBiZDdhMjBl
MmM0ZDcwHhcNMjMwMTAxMjI1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjRjMmJlYWE5YzM5Nzc4ZTg0MzY2ZjA3ZTgxYzQ1Y2MxYTFkM2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjEpbfiBh6DI2VU2NN5+YqwyzPYpa
Kuzf4954cQQa+s5jj+HWLVINJ4oYNMMXWNONGB1oDQbrTpVw5CE3/EL6XBcdcKRT
ydrVNVqmJlNqdPVOzc/N+OCb1qXEnAFaWt62ztQiAu6O+kG068b63a3M7h/yWBfe
1xlbuSSk+YtCjkeg6mWR/UEP4IA6mAAeAGcLofceylXkP0SRLqUUGJmMEcKR/TMh
KGm5HkVLcjZLVhKgrjtr37CIBMEDX9gDTj86Fpuj/4UNFboBJRO1iSCpIvugzBP0
5Jx/OF4peCg4Uh8dOCjlaNi2mHLOEwl6qLPQOIOuWJonzvinXaoxwWpTlwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHtMK+qpw5d46ENm8H6BxFzBodPrMB8GA1UdIwQY
MBaAFEJP7/tXbkEd5RGHHcHgvXog4sTXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWtfdi0xZHVRUjNsRVljZHdlQzllaURpeE5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy82MTM1MDgtMDgzMi00MWY2LWFjYjct
ODMxZjdlNmY1Y2NkLzEvZTB3cjZxbkRsM2pvUTJid2ZvSEVYTUdoMC1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy82MTM1MDgtMDgzMi00MWY2LWFjYjctODMxZjdlNmY1Y2Nk
LzEvUWtfdi0xZHVRUjNsRVljZHdlQzllaURpeE5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAH9IWAwQA
wmMtMA0GCSqGSIb3DQEBCwUAA4IBAQB+w8rTbLbdXfp8+QguWcH4BgjrNhn78xwz
OTXgFAg7VXRD9ktZhY4CGm7er566pAh4TE2xfodE+ZT+bbKRmNszmvMSgj0GjCEM
OXWymjV6XBI7gFXpbQAOQguVifzDAlTc6z7oJJxEDqoo92hFA99YYfh4ebNXCD4j
5C46HqqcZ3JIL8lz3aC75PnXNJNLA6DG8H23f63L5i0ogRG4mneYBtynxed6jXNg
uSOePIrI9A3L13Yek5c8UYD+65bXPS+l2Hu3wdyHgTRq5mRA0YwLQzRoQis1TEnj
GzXkZQzCuOPa5GXpUgRtdBtBqkfcCOIBcGZFg+BkDXloaI9OyIwD
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:42:15 2025 by rpki-client