Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/c80d48-830c-4cc3-ae52-e6812dab6999/1/ur2ZED3yq6r8JirdxJU2pDATUac.roa
File: ur2ZED3yq6r8JirdxJU2pDATUac.roa (raw, json)
Hash identifier: ui9Ez0iTMMxNNNFvRshabPF/yyZq6CTKerNZhn28hNs=
Subject key identifier: BA:BD:99:10:3D:F2:AB:AA:FC:26:2A:DD:C4:95:36:A4:30:13:51:A7
Certificate issuer: /CN=e43baafc64b33e43db78dc7aed605ef70406d9af
Certificate serial: 018BCD2D43170C9BD7C0A1644F032BE2EE96
Authority key identifier: E4:3B:AA:FC:64:B3:3E:43:DB:78:DC:7A:ED:60:5E:F7:04:06:D9:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5Duq_GSzPkPbeNx67WBe9wQG2a8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/c80d48-830c-4cc3-ae52-e6812dab6999/1/ur2ZED3yq6r8JirdxJU2pDATUac.roa
Signing time: Tue 14 Nov 2023 09:32:57 +0000
ROA not before: Tue 14 Nov 2023 09:32:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31334
IP address blocks: 31.16.0.0/14 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:cd:2d:43:17:0c:9b:d7:c0:a1:64:4f:03:2b:e2:ee:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e43baafc64b33e43db78dc7aed605ef70406d9af
Validity
Not Before: Nov 14 09:32:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=babd99103df2abaafc262addc49536a4301351a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:7d:66:ff:a3:0f:ad:83:5f:ae:2f:d0:28:a3:
47:23:c5:da:d4:cf:fc:31:dc:74:f3:39:15:b1:9f:
1e:21:c9:2b:02:c5:6f:61:b6:e4:b3:07:33:13:a1:
d7:6f:15:6a:6f:bd:67:62:04:d9:21:1b:9b:89:c2:
26:84:ef:c5:a3:4f:ca:7c:9f:b4:17:db:09:85:c7:
e5:59:de:84:1c:ca:d0:cf:53:61:e6:26:6d:98:a1:
52:36:70:25:76:76:18:03:94:1d:bd:5c:cb:52:8d:
0f:5b:16:cc:33:03:79:d9:e3:ec:7f:03:73:67:e2:
20:74:3f:89:3b:36:0d:82:c1:03:22:5b:65:8f:78:
c5:79:42:9c:cd:4e:c6:1c:66:00:ed:6e:f8:2c:76:
f3:c6:b7:64:25:d8:8e:85:31:af:e3:fb:0e:9f:7e:
88:b4:3b:ae:3c:db:5e:2c:4f:19:e0:a9:be:9e:d4:
9b:82:d6:41:98:eb:81:59:8d:ba:36:97:32:74:73:
1d:63:9e:83:00:dc:dd:3c:31:cc:8e:54:a4:7d:a7:
c5:09:d1:b2:6a:03:ef:ee:6a:94:2c:07:2e:65:95:
99:db:17:f0:fb:38:4e:87:03:6b:e4:72:3a:95:1c:
03:d6:d2:61:c6:eb:05:59:d4:5d:60:d8:79:11:27:
ee:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:BD:99:10:3D:F2:AB:AA:FC:26:2A:DD:C4:95:36:A4:30:13:51:A7
X509v3 Authority Key Identifier:
keyid:E4:3B:AA:FC:64:B3:3E:43:DB:78:DC:7A:ED:60:5E:F7:04:06:D9:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Duq_GSzPkPbeNx67WBe9wQG2a8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/c80d48-830c-4cc3-ae52-e6812dab6999/1/ur2ZED3yq6r8JirdxJU2pDATUac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/c80d48-830c-4cc3-ae52-e6812dab6999/1/5Duq_GSzPkPbeNx67WBe9wQG2a8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.16.0.0/14
Signature Algorithm: sha256WithRSAEncryption
27:4a:db:1b:19:a4:87:1e:d5:15:3b:55:f8:04:a5:64:c1:cd:
94:b3:97:c4:c1:0d:97:6d:1e:90:b7:f2:45:33:22:7d:21:b3:
e9:a8:0d:ae:4a:77:92:c3:07:e1:b9:7c:5a:1c:d4:3b:a3:93:
6b:cf:ff:fd:28:fe:09:77:c6:d9:06:34:68:25:a0:8a:fa:83:
85:64:cd:eb:ed:6e:5a:f9:59:bf:75:65:e8:55:bc:59:64:ed:
26:5a:26:0d:92:83:74:d5:5d:d6:13:ae:5b:5a:a2:b7:44:98:
b1:83:41:88:ba:d5:1c:90:38:a5:d8:b0:4c:f6:a9:ac:d6:d6:
19:58:51:a4:41:ab:b7:b9:72:15:0b:24:6a:87:0a:44:0b:f9:
ea:39:00:fa:8a:e2:b2:25:91:9d:4e:b0:17:c7:1d:44:3c:6a:
c0:72:a1:68:ef:f4:3c:03:f3:38:a1:96:7a:8b:fb:13:33:33:
a4:8d:8e:d5:55:69:a8:3c:2c:e5:c8:ae:26:c5:49:7d:0f:bc:
8f:97:47:83:74:aa:c6:ac:f9:f2:42:c2:3f:2c:62:d8:20:0d:
6d:68:dd:fe:4c:5a:5d:7f:6a:23:b3:da:06:a6:b9:66:2b:68:
c9:85:96:74:a1:8a:7e:70:5b:1d:3e:f1:b7:7f:dd:20:d6:86:
7e:48:c9:35
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYvNLUMXDJvXwKFkTwMr4u6WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0M2JhYWZjNjRiMzNlNDNkYjc4ZGM3YWVkNjA1ZWY3MDQw
NmQ5YWYwHhcNMjMxMTE0MDkzMjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWJkOTkxMDNkZjJhYmFhZmMyNjJhZGRjNDk1MzZhNDMwMTM1MWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlX1m/6MPrYNfri/QKKNHI8Xa1M/8
Mdx08zkVsZ8eIckrAsVvYbbkswczE6HXbxVqb71nYgTZIRubicImhO/Fo0/KfJ+0
F9sJhcflWd6EHMrQz1Nh5iZtmKFSNnAldnYYA5QdvVzLUo0PWxbMMwN52ePsfwNz
Z+IgdD+JOzYNgsEDIltlj3jFeUKczU7GHGYA7W74LHbzxrdkJdiOhTGv4/sOn36I
tDuuPNteLE8Z4Km+ntSbgtZBmOuBWY26NpcydHMdY56DANzdPDHMjlSkfafFCdGy
agPv7mqULAcuZZWZ2xfw+zhOhwNr5HI6lRwD1tJhxusFWdRdYNh5ESfu8QIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFLq9mRA98quq/CYq3cSVNqQwE1GnMB8GA1UdIwQY
MBaAFOQ7qvxksz5D23jceu1gXvcEBtmvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUR1cV9HU3pQa1BiZU54NjdXQmU5d1FHMmE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9jODBkNDgtODMwYy00Y2MzLWFlNTIt
ZTY4MTJkYWI2OTk5LzEvdXIyWkVEM3lxNnI4SmlyZHhKVTJwREFUVWFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9jODBkNDgtODMwYy00Y2MzLWFlNTItZTY4MTJkYWI2OTk5
LzEvNUR1cV9HU3pQa1BiZU54NjdXQmU5d1FHMmE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMCHxAwDQYJ
KoZIhvcNAQELBQADggEBACdK2xsZpIce1RU7VfgEpWTBzZSzl8TBDZdtHpC38kUz
In0hs+moDa5Kd5LDB+G5fFoc1Dujk2vP//0o/gl3xtkGNGgloIr6g4Vkzevtblr5
Wb91ZehVvFlk7SZaJg2Sg3TVXdYTrltaordEmLGDQYi61RyQOKXYsEz2qazW1hlY
UaRBq7e5chULJGqHCkQL+eo5APqK4rIlkZ1OsBfHHUQ8asByoWjv9DwD8zihlnqL
+xMzM6SNjtVVaag8LOXIribFSX0PvI+XR4N0qsas+fJCwj8sYtggDW1o3f5MWl1/
aiOz2gamuWYraMmFlnShin5wWx0+8bd/3SDWhn5IyTU=
-----END CERTIFICATE-----
Generated at Thu May 1 11:38:42 2025 by rpki-client