Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/973047-8914-41c6-a1e0-0ac7b7ede42b/1/g3Bqa9uBxgYz7Q7TNuuRXGRHao8.roa
File: g3Bqa9uBxgYz7Q7TNuuRXGRHao8.roa (raw, json)
Hash identifier: S13//uvi7cQ18eNfdxgqztxFTtDkdGUGnudAZzIK7QA=
Subject key identifier: 83:70:6A:6B:DB:81:C6:06:33:ED:0E:D3:36:EB:91:5C:64:47:6A:8F
Certificate issuer: /CN=a5b9df7e98f6f39fe2ba4022da277d2819828021
Certificate serial: 018B000681B296DE6F6F68F6349CC746C628
Authority key identifier: A5:B9:DF:7E:98:F6:F3:9F:E2:BA:40:22:DA:27:7D:28:19:82:80:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pbnffpj285_iukAi2id9KBmCgCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/973047-8914-41c6-a1e0-0ac7b7ede42b/1/g3Bqa9uBxgYz7Q7TNuuRXGRHao8.roa
Signing time: Thu 05 Oct 2023 13:28:28 +0000
ROA not before: Thu 05 Oct 2023 13:28:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197019
IP address blocks: 37.157.192.0/21 maxlen: 24
89.221.208.0/20 maxlen: 24
185.8.236.0/22 maxlen: 24
31.31.72.0/21 maxlen: 24
46.28.104.0/21 maxlen: 24
2a02:2b88::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:00:06:81:b2:96:de:6f:6f:68:f6:34:9c:c7:46:c6:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5b9df7e98f6f39fe2ba4022da277d2819828021
Validity
Not Before: Oct 5 13:28:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=83706a6bdb81c60633ed0ed336eb915c64476a8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:86:bb:52:0a:2d:d8:c7:4c:c4:fe:76:37:62:
c7:c0:44:5f:4e:6a:d1:9f:22:0e:29:5a:e1:bc:ad:
b1:6b:74:93:69:98:ef:79:17:da:4d:23:18:96:bc:
6a:4d:95:4a:28:82:05:25:fd:ed:48:00:69:7f:87:
e9:cf:5a:cb:89:64:8d:b1:b7:7b:b5:7d:44:e3:11:
e3:fd:0c:17:02:03:2b:4a:cd:ba:0c:b8:e2:43:4c:
34:8b:dd:df:21:74:db:fc:68:82:82:7c:1f:a4:bc:
46:c3:5c:7a:2b:e4:ac:b5:a7:38:d0:7e:fc:dd:5a:
7c:b6:cc:dd:f0:81:6e:c5:a5:56:de:d7:46:59:2b:
d5:02:1d:d1:4b:3c:5d:08:97:fb:35:ed:03:c6:97:
e7:0c:08:97:87:de:11:44:f4:4a:dc:f5:39:5f:5a:
7e:25:20:27:f5:24:75:e5:ea:d1:37:02:b9:9f:90:
01:15:53:3d:62:e7:ae:bb:10:30:98:01:56:8c:74:
4f:66:43:cb:9b:0d:f0:41:94:f8:54:c1:8c:c7:9c:
0e:36:76:0e:20:21:5f:5a:67:5e:68:db:32:0a:6b:
86:6d:03:7d:c8:6c:7c:46:87:37:62:e5:55:a3:fc:
fc:29:5f:a9:82:84:c3:49:e1:86:45:bc:ff:35:3c:
74:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:70:6A:6B:DB:81:C6:06:33:ED:0E:D3:36:EB:91:5C:64:47:6A:8F
X509v3 Authority Key Identifier:
keyid:A5:B9:DF:7E:98:F6:F3:9F:E2:BA:40:22:DA:27:7D:28:19:82:80:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pbnffpj285_iukAi2id9KBmCgCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/973047-8914-41c6-a1e0-0ac7b7ede42b/1/g3Bqa9uBxgYz7Q7TNuuRXGRHao8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/973047-8914-41c6-a1e0-0ac7b7ede42b/1/pbnffpj285_iukAi2id9KBmCgCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.31.72.0/21
37.157.192.0/21
46.28.104.0/21
89.221.208.0/20
185.8.236.0/22
IPv6:
2a02:2b88::/32
Signature Algorithm: sha256WithRSAEncryption
23:7a:c1:40:4d:27:45:7a:ec:9f:89:d5:1b:b9:13:bb:7c:8e:
c3:da:bb:17:68:45:de:94:a8:b1:3f:d8:1f:4d:7d:cc:29:46:
9a:c2:3c:b5:ef:3b:3f:30:a3:d3:5d:6f:a8:d1:e2:9e:a9:3a:
3d:11:8a:d0:8d:4a:ba:98:19:d3:80:e0:7c:de:a3:f4:4f:93:
96:55:c9:d7:1f:f2:5e:5f:86:92:c2:8c:db:8f:f4:fe:03:2c:
ce:e7:56:29:2a:59:0e:35:c2:16:08:87:83:ae:44:1e:02:3f:
69:c9:16:85:bb:2d:08:cd:e3:10:71:ee:f7:89:97:34:97:b3:
51:0b:b1:f6:dc:84:9a:e6:d0:c0:a1:49:c7:39:3c:02:0b:c1:
a8:6b:e9:c2:3b:0e:d7:e9:89:59:ce:83:bf:77:e7:2b:0f:99:
2d:07:94:2c:4a:c1:29:14:07:f4:b3:b7:b2:98:bc:b7:c2:6c:
7d:44:9b:86:82:94:62:4f:50:d2:73:aa:05:20:eb:e4:66:ed:
32:5d:a1:d5:87:c2:bd:c4:72:c6:b4:1d:ad:f0:15:b5:59:ce:
d3:fd:47:f8:e6:0b:aa:9e:02:ab:d8:b7:4c:a7:1a:aa:f6:1a:
86:60:00:5a:8e:f8:04:04:da:c3:f2:62:02:2b:5b:f7:5a:21:
9c:82:22:29
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYsABoGylt5vb2j2NJzHRsYoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YjlkZjdlOThmNmYzOWZlMmJhNDAyMmRhMjc3ZDI4MTk4
MjgwMjEwHhcNMjMxMDA1MTMyODI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzcwNmE2YmRiODFjNjA2MzNlZDBlZDMzNmViOTE1YzY0NDc2YThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYa7Ugot2MdMxP52N2LHwERfTmrR
nyIOKVrhvK2xa3STaZjveRfaTSMYlrxqTZVKKIIFJf3tSABpf4fpz1rLiWSNsbd7
tX1E4xHj/QwXAgMrSs26DLjiQ0w0i93fIXTb/GiCgnwfpLxGw1x6K+Sstac40H78
3Vp8tszd8IFuxaVW3tdGWSvVAh3RSzxdCJf7Ne0DxpfnDAiXh94RRPRK3PU5X1p+
JSAn9SR15erRNwK5n5ABFVM9YueuuxAwmAFWjHRPZkPLmw3wQZT4VMGMx5wONnYO
ICFfWmdeaNsyCmuGbQN9yGx8Roc3YuVVo/z8KV+pgoTDSeGGRbz/NTx0UQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFINwamvbgcYGM+0O0zbrkVxkR2qPMB8GA1UdIwQY
MBaAFKW5336Y9vOf4rpAItonfSgZgoAhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGJuZmZwajI4NV9pdWtBaTJpZDlLQm1DZ0NFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC85NzMwNDctODkxNC00MWM2LWExZTAt
MGFjN2I3ZWRlNDJiLzEvZzNCcWE5dUJ4Z1l6N1E3VE51dVJYR1JIYW84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC85NzMwNDctODkxNC00MWM2LWExZTAtMGFjN2I3ZWRlNDJi
LzEvcGJuZmZwajI4NV9pdWtBaTJpZDlLQm1DZ0NFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDHx9IAwQD
JZ3AAwQDLhxoAwQEWd3QAwQCuQjsMA0EAgACMAcDBQAqAiuIMA0GCSqGSIb3DQEB
CwUAA4IBAQAjesFATSdFeuyfidUbuRO7fI7D2rsXaEXelKixP9gfTX3MKUaawjy1
7zs/MKPTXW+o0eKeqTo9EYrQjUq6mBnTgOB83qP0T5OWVcnXH/JeX4aSwozbj/T+
AyzO51YpKlkONcIWCIeDrkQeAj9pyRaFuy0IzeMQce73iZc0l7NRC7H23ISa5tDA
oUnHOTwCC8Goa+nCOw7X6YlZzoO/d+crD5ktB5QsSsEpFAf0s7eymLy3wmx9RJuG
gpRiT1DSc6oFIOvkZu0yXaHVh8K9xHLGtB2t8BW1Wc7T/Uf45guqngKr2LdMpxqq
9hqGYABajvgEBNrD8mICK1v3WiGcgiIp
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:21:07 2025 by rpki-client