Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/d815fd-cfab-4a4a-9595-4166b75b08af/1/OizZ3HTyqjbjmxbA1PdEtOcmZtM.roa
File: OizZ3HTyqjbjmxbA1PdEtOcmZtM.roa (raw, json)
Hash identifier: /oAJWkVmSd9E41SvGo0kR5P7GcJg31fMt8rXvN8J+as=
Subject key identifier: 3A:2C:D9:DC:74:F2:AA:36:E3:9B:16:C0:D4:F7:44:B4:E7:26:66:D3
Certificate issuer: /CN=e122e2b58233a193d1f72778565d6c98d76163a7
Certificate serial: 0185737A780DCC412AB91A6925B1E673C880
Authority key identifier: E1:22:E2:B5:82:33:A1:93:D1:F7:27:78:56:5D:6C:98:D7:61:63:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4SLitYIzoZPR9yd4Vl1smNdhY6c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/d815fd-cfab-4a4a-9595-4166b75b08af/1/OizZ3HTyqjbjmxbA1PdEtOcmZtM.roa
Signing time: Mon 02 Jan 2023 17:14:43 +0000
ROA not before: Mon 02 Jan 2023 17:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60068
IP address blocks: 31.43.172.0/24 maxlen: 24
31.43.172.0/23 maxlen: 24
31.43.173.0/24 maxlen: 24
185.242.186.0/24 maxlen: 24
2a10:9840:1::/48 maxlen: 48
2a10:9840::/29 maxlen: 48
2a10:9840:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:7a:78:0d:cc:41:2a:b9:1a:69:25:b1:e6:73:c8:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e122e2b58233a193d1f72778565d6c98d76163a7
Validity
Not Before: Jan 2 17:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a2cd9dc74f2aa36e39b16c0d4f744b4e72666d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:cf:5e:80:48:55:bc:f4:72:14:83:74:63:fc:
93:2d:89:0e:92:c9:8d:6e:cd:6e:05:61:b4:b9:23:
61:ea:ca:cc:d1:1f:93:6c:2b:c0:d5:47:fb:d6:69:
6c:61:af:28:36:f6:73:4e:f7:c0:a8:85:f8:09:27:
21:d1:5b:65:23:65:c4:ed:f8:82:6d:f3:ff:38:6a:
a8:01:6c:60:5c:f6:4e:4d:b9:7d:47:9c:c1:93:46:
13:49:6d:41:b8:cc:6b:f5:69:d4:8a:a5:8b:ff:00:
01:71:c0:87:c4:04:71:5f:e9:8f:fe:3b:7a:f2:eb:
12:07:bb:2f:2f:91:74:24:33:e5:0e:79:0c:14:6f:
14:a0:64:91:85:2f:35:d0:b7:c9:f4:53:b5:32:79:
95:01:db:9f:27:e9:ef:bd:b6:a6:a8:af:5d:e4:4c:
50:9d:69:ab:2c:f9:01:23:e8:8a:43:bc:2b:b3:ed:
32:58:62:2e:fc:8f:00:36:43:2d:66:a9:2d:e6:de:
10:38:99:f8:fe:74:09:0e:84:8c:8a:bf:fd:6e:87:
92:fe:6c:26:27:c2:eb:75:c0:d7:4b:d5:63:76:ea:
83:ca:9a:51:4b:9a:41:23:01:d9:cc:65:01:f3:52:
ea:af:9a:d0:51:c0:b2:1e:a8:4b:9f:e2:de:e5:2f:
9f:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:2C:D9:DC:74:F2:AA:36:E3:9B:16:C0:D4:F7:44:B4:E7:26:66:D3
X509v3 Authority Key Identifier:
keyid:E1:22:E2:B5:82:33:A1:93:D1:F7:27:78:56:5D:6C:98:D7:61:63:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4SLitYIzoZPR9yd4Vl1smNdhY6c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d815fd-cfab-4a4a-9595-4166b75b08af/1/OizZ3HTyqjbjmxbA1PdEtOcmZtM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d815fd-cfab-4a4a-9595-4166b75b08af/1/4SLitYIzoZPR9yd4Vl1smNdhY6c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.43.172.0/23
185.242.186.0/24
IPv6:
2a10:9840::/29
Signature Algorithm: sha256WithRSAEncryption
8f:ca:41:ac:33:e3:eb:5c:a2:e2:c4:3e:16:ab:d7:c0:bc:71:
23:f7:0c:86:66:5f:df:1c:f7:49:1c:ef:db:18:73:d0:66:0d:
99:f6:05:a4:ea:50:ea:34:48:95:de:7e:49:d2:2c:a7:ce:30:
78:c2:81:94:e2:d7:57:fc:3a:31:15:c8:6f:86:5b:fc:e0:64:
33:35:06:02:ef:92:57:a3:6f:4a:e2:ee:3a:12:b8:cf:39:4f:
23:ea:e0:9a:17:c3:73:ec:83:2e:eb:40:5b:0f:24:75:0c:85:
01:d1:be:d6:c4:8b:3e:96:ed:4d:00:e8:e1:6d:13:cb:2c:67:
87:5c:4a:05:43:cf:4c:eb:cc:67:af:b7:d4:c2:f6:3c:43:db:
cc:04:dd:dc:31:dc:13:11:7f:d4:a1:79:09:ec:9f:0f:4b:2d:
87:95:af:d0:9f:71:2f:5b:70:ee:f2:48:e0:22:49:41:a9:8d:
6d:6d:e5:74:a1:71:8c:fe:4f:4b:58:ef:e8:33:8a:bd:ba:83:
44:36:07:06:09:13:f0:36:fa:21:3b:c0:01:c2:2c:64:0b:2a:
6b:4e:38:96:c3:9b:25:f4:08:4a:54:20:1c:f3:5c:d1:73:e2:
40:5c:75:cc:65:e0:87:30:a2:7b:2d:9f:62:22:05:79:18:af:
00:de:04:e3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVzengNzEEquRppJbHmc8iAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMjJlMmI1ODIzM2ExOTNkMWY3Mjc3ODU2NWQ2Yzk4ZDc2
MTYzYTcwHhcNMjMwMTAyMTcxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTJjZDlkYzc0ZjJhYTM2ZTM5YjE2YzBkNGY3NDRiNGU3MjY2NmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl89egEhVvPRyFIN0Y/yTLYkOksmN
bs1uBWG0uSNh6srM0R+TbCvA1Uf71mlsYa8oNvZzTvfAqIX4CSch0VtlI2XE7fiC
bfP/OGqoAWxgXPZOTbl9R5zBk0YTSW1BuMxr9WnUiqWL/wABccCHxARxX+mP/jt6
8usSB7svL5F0JDPlDnkMFG8UoGSRhS810LfJ9FO1MnmVAdufJ+nvvbamqK9d5ExQ
nWmrLPkBI+iKQ7wrs+0yWGIu/I8ANkMtZqkt5t4QOJn4/nQJDoSMir/9boeS/mwm
J8LrdcDXS9VjduqDyppRS5pBIwHZzGUB81Lqr5rQUcCyHqhLn+Le5S+fyQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDos2dx08qo245sWwNT3RLTnJmbTMB8GA1UdIwQY
MBaAFOEi4rWCM6GT0fcneFZdbJjXYWOnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFNMaXRZSXpvWlBSOXlkNFZsMXNtTmRoWTZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9kODE1ZmQtY2ZhYi00YTRhLTk1OTUt
NDE2NmI3NWIwOGFmLzEvT2l6WjNIVHlxamJqbXhiQTFQZEV0T2NtWnRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9kODE1ZmQtY2ZhYi00YTRhLTk1OTUtNDE2NmI3NWIwOGFm
LzEvNFNMaXRZSXpvWlBSOXlkNFZsMXNtTmRoWTZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBHyusAwQA
ufK6MA0EAgACMAcDBQMqEJhAMA0GCSqGSIb3DQEBCwUAA4IBAQCPykGsM+PrXKLi
xD4Wq9fAvHEj9wyGZl/fHPdJHO/bGHPQZg2Z9gWk6lDqNEiV3n5J0iynzjB4woGU
4tdX/DoxFchvhlv84GQzNQYC75JXo29K4u46ErjPOU8j6uCaF8Nz7IMu60BbDyR1
DIUB0b7WxIs+lu1NAOjhbRPLLGeHXEoFQ89M68xnr7fUwvY8Q9vMBN3cMdwTEX/U
oXkJ7J8PSy2Hla/Qn3EvW3Du8kjgIklBqY1tbeV0oXGM/k9LWO/oM4q9uoNENgcG
CRPwNvohO8ABwixkCyprTjiWw5sl9AhKVCAc81zRc+JAXHXMZeCHMKJ7LZ9iIgV5
GK8A3gTj
-----END CERTIFICATE-----
Generated at Tue Apr 22 11:50:53 2025 by rpki-client