Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/75a6cb-5866-44a2-8bb0-a31ab64cfccb/1/Il_Hfi6Tj7Q1LqN1AB-Du9vZjzw.roa
File: Il_Hfi6Tj7Q1LqN1AB-Du9vZjzw.roa (raw, json)
Hash identifier: 5uXGKMN77Y1h73TzD16rNUqYc3M7EdutYqcTEoByZLo=
Subject key identifier: 22:5F:C7:7E:2E:93:8F:B4:35:2E:A3:75:00:1F:83:BB:DB:D9:8F:3C
Certificate issuer: /CN=1597b9d73480ca22cbf31faaf0bccbed30b2095e
Certificate serial: 018BAE0496D52ECCCA29E3023BCF85ED7691
Authority key identifier: 15:97:B9:D7:34:80:CA:22:CB:F3:1F:AA:F0:BC:CB:ED:30:B2:09:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FZe51zSAyiLL8x-q8LzL7TCyCV4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/75a6cb-5866-44a2-8bb0-a31ab64cfccb/1/Il_Hfi6Tj7Q1LqN1AB-Du9vZjzw.roa
Signing time: Wed 08 Nov 2023 08:20:18 +0000
ROA not before: Wed 08 Nov 2023 08:20:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216269
IP address blocks: 31.172.172.0/22 maxlen: 24
2a13:eac0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ae:04:96:d5:2e:cc:ca:29:e3:02:3b:cf:85:ed:76:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1597b9d73480ca22cbf31faaf0bccbed30b2095e
Validity
Not Before: Nov 8 08:20:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=225fc77e2e938fb4352ea375001f83bbdbd98f3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:66:bf:4e:51:3e:ff:54:04:a7:3c:0d:64:9a:
fe:47:03:c6:44:3c:0c:9c:c8:8a:ff:cd:25:c1:5b:
28:5d:26:cc:f2:36:cd:a1:9e:a7:41:16:13:d1:9e:
2c:7b:31:06:ed:30:7d:d2:82:a8:0a:3c:f6:05:40:
6a:fe:7d:69:f9:51:af:5d:47:c4:7b:1a:02:20:4d:
b7:97:57:a1:07:9a:2a:14:48:83:24:94:18:3b:c2:
ca:e4:60:5e:c2:33:f3:cf:62:86:06:ce:9d:dc:08:
3b:eb:c1:f4:6e:33:c3:89:0a:76:b2:e9:1b:64:5d:
4e:9d:b5:17:ab:7b:7d:78:44:f8:54:ab:64:d0:de:
b0:52:cc:13:1c:e8:51:3f:4f:23:cc:e0:ff:09:1f:
f8:b6:0b:79:5f:7d:95:88:29:e5:45:41:da:8e:c8:
f8:20:4e:4a:f9:b2:b7:de:33:b3:3f:17:07:af:fb:
f5:a6:15:54:b4:81:75:b6:48:4e:21:4f:84:00:93:
85:0b:c1:05:4e:24:07:08:ec:6f:6c:97:26:72:8a:
6b:cd:b6:00:64:dd:da:c5:54:a5:7d:00:1d:bb:54:
41:c7:cf:d2:ad:fd:8a:1c:7d:fb:d6:5b:32:a6:03:
e7:4d:33:49:76:94:cb:35:d2:59:12:db:12:e5:2c:
5c:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:5F:C7:7E:2E:93:8F:B4:35:2E:A3:75:00:1F:83:BB:DB:D9:8F:3C
X509v3 Authority Key Identifier:
keyid:15:97:B9:D7:34:80:CA:22:CB:F3:1F:AA:F0:BC:CB:ED:30:B2:09:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FZe51zSAyiLL8x-q8LzL7TCyCV4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/75a6cb-5866-44a2-8bb0-a31ab64cfccb/1/Il_Hfi6Tj7Q1LqN1AB-Du9vZjzw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/75a6cb-5866-44a2-8bb0-a31ab64cfccb/1/FZe51zSAyiLL8x-q8LzL7TCyCV4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.172.0/22
IPv6:
2a13:eac0::/29
Signature Algorithm: sha256WithRSAEncryption
b3:c0:43:fc:af:8b:a9:60:a9:d0:7b:5e:15:20:2c:9d:6d:2c:
b2:76:df:dc:43:24:a5:65:42:29:d6:2d:b5:22:cf:c2:ba:97:
ab:e1:05:08:ff:c2:c7:93:29:1f:db:28:36:5a:0c:63:f5:b6:
44:7b:79:35:48:1b:49:e4:d2:ab:09:80:95:e0:f4:e6:3c:bd:
47:77:2c:a6:c0:40:46:ec:f6:24:9e:0a:1b:6a:46:73:fd:16:
3e:c1:19:0f:d9:c6:8d:b4:68:53:1e:ec:af:1c:7a:db:a0:66:
4d:e4:7f:ce:cb:74:d2:59:72:1f:b1:1d:42:3a:12:56:f1:e7:
ef:67:3e:a8:8e:1e:0d:94:a4:f1:6c:f7:0d:81:dd:57:ad:e7:
79:c0:8e:92:64:f7:87:c1:86:ff:44:06:a1:d3:14:82:e1:98:
d5:7c:2d:e1:0e:7c:28:19:05:c8:e5:dc:b6:12:2e:62:d8:2a:
bc:b6:eb:5d:2c:8e:63:9e:10:fb:c6:1c:e1:ae:e3:f2:c4:53:
50:41:b9:cc:51:97:7d:6c:4d:68:e5:6b:78:bf:f9:81:12:98:
b7:9e:bb:9c:fb:99:c6:a4:4a:37:8b:09:a1:22:e8:9b:d5:bf:
56:31:dd:d9:ee:e2:32:25:a1:e2:3b:37:60:f5:3d:3e:40:d3:
41:9d:d5:6e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYuuBJbVLszKKeMCO8+F7XaRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1OTdiOWQ3MzQ4MGNhMjJjYmYzMWZhYWYwYmNjYmVkMzBi
MjA5NWUwHhcNMjMxMTA4MDgyMDE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjVmYzc3ZTJlOTM4ZmI0MzUyZWEzNzUwMDFmODNiYmRiZDk4ZjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvma/TlE+/1QEpzwNZJr+RwPGRDwM
nMiK/80lwVsoXSbM8jbNoZ6nQRYT0Z4sezEG7TB90oKoCjz2BUBq/n1p+VGvXUfE
exoCIE23l1ehB5oqFEiDJJQYO8LK5GBewjPzz2KGBs6d3Ag768H0bjPDiQp2sukb
ZF1OnbUXq3t9eET4VKtk0N6wUswTHOhRP08jzOD/CR/4tgt5X32ViCnlRUHajsj4
IE5K+bK33jOzPxcHr/v1phVUtIF1tkhOIU+EAJOFC8EFTiQHCOxvbJcmcoprzbYA
ZN3axVSlfQAdu1RBx8/Srf2KHH371lsypgPnTTNJdpTLNdJZEtsS5SxcswIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCJfx34uk4+0NS6jdQAfg7vb2Y88MB8GA1UdIwQY
MBaAFBWXudc0gMoiy/MfqvC8y+0wsgleMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlplNTF6U0F5aUxMOHgtcThMekw3VEN5Q1Y0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi83NWE2Y2ItNTg2Ni00NGEyLThiYjAt
YTMxYWI2NGNmY2NiLzEvSWxfSGZpNlRqN1ExTHFOMUFCLUR1OXZaanp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi83NWE2Y2ItNTg2Ni00NGEyLThiYjAtYTMxYWI2NGNmY2Ni
LzEvRlplNTF6U0F5aUxMOHgtcThMekw3VEN5Q1Y0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCH6ysMA0E
AgACMAcDBQMqE+rAMA0GCSqGSIb3DQEBCwUAA4IBAQCzwEP8r4upYKnQe14VICyd
bSyydt/cQySlZUIp1i21Is/Cuper4QUI/8LHkykf2yg2Wgxj9bZEe3k1SBtJ5NKr
CYCV4PTmPL1HdyymwEBG7PYkngobakZz/RY+wRkP2caNtGhTHuyvHHrboGZN5H/O
y3TSWXIfsR1COhJW8efvZz6ojh4NlKTxbPcNgd1Xred5wI6SZPeHwYb/RAah0xSC
4ZjVfC3hDnwoGQXI5dy2Ei5i2Cq8tutdLI5jnhD7xhzhruPyxFNQQbnMUZd9bE1o
5Wt4v/mBEpi3nruc+5nGpEo3iwmhIuib1b9WMd3Z7uIyJaHiOzdg9T0+QNNBndVu
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:38 2025 by rpki-client