Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/22c93c-9000-4e73-a1c5-c03f3fddd4ac/1/4eKv-5O6pRvRjW8HwbcV5B73j48.roa
File: 4eKv-5O6pRvRjW8HwbcV5B73j48.roa (raw, json)
Hash identifier: yPcocXTqcM8GOxzvGADGknYHSAoLbJcSOEkhCYMQ7Gw=
Subject key identifier: E1:E2:AF:FB:93:BA:A5:1B:D1:8D:6F:07:C1:B7:15:E4:1E:F7:8F:8F
Certificate issuer: /CN=4081f85602b1168925d83eb3ca61609f357956a6
Certificate serial: EBAD41
Authority key identifier: 40:81:F8:56:02:B1:16:89:25:D8:3E:B3:CA:61:60:9F:35:79:56:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QIH4VgKxFokl2D6zymFgnzV5VqY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/22c93c-9000-4e73-a1c5-c03f3fddd4ac/1/4eKv-5O6pRvRjW8HwbcV5B73j48.roa
Signing time: Sat 26 Feb 2022 16:19:51 +0000
ROA not before: Sat 26 Feb 2022 16:19:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49100
IP address blocks: 31.130.190.0/24 maxlen: 24
31.130.191.0/24 maxlen: 24
31.130.188.0/24 maxlen: 24
31.130.189.0/24 maxlen: 24
31.130.187.0/24 maxlen: 24
31.130.176.0/22 maxlen: 22
31.130.176.0/24 maxlen: 24
31.130.177.0/24 maxlen: 24
31.130.178.0/24 maxlen: 24
31.130.179.0/24 maxlen: 24
31.130.184.0/24 maxlen: 24
31.130.184.0/21 maxlen: 21
31.130.185.0/24 maxlen: 24
31.130.186.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15445313 (0xebad41)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4081f85602b1168925d83eb3ca61609f357956a6
Validity
Not Before: Feb 26 16:19:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e1e2affb93baa51bd18d6f07c1b715e41ef78f8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ea:1a:40:ca:67:bb:49:af:0b:66:30:47:c7:
73:16:af:cc:02:4e:02:b5:47:d8:a6:88:d6:a4:98:
e3:b0:75:f1:f0:f0:33:99:41:75:e7:66:ea:f9:aa:
da:62:fa:d5:7c:f9:d1:5b:c7:60:16:e4:3c:e7:47:
8a:e1:22:c4:ea:71:d0:00:b4:14:bd:6f:62:15:f5:
a4:36:e8:42:34:bb:98:88:ed:c0:45:26:40:78:33:
bb:f4:83:e8:63:12:04:bc:f3:98:56:a5:1c:be:76:
c6:9f:36:ca:72:5f:8f:1e:a6:47:fa:f0:fe:32:80:
a2:a5:79:99:c9:d5:2e:84:b0:21:fd:5e:00:9e:8a:
c2:77:0c:e5:70:1f:2b:58:a8:c1:01:c6:68:a5:de:
70:e7:23:b7:49:6f:f8:77:03:21:9d:8b:2e:1f:28:
e6:b2:25:70:73:6c:e3:e9:0e:c6:b1:5b:fc:3e:b0:
d7:cd:98:b4:93:eb:ef:75:34:b5:b2:24:d8:19:3b:
d4:9b:41:d9:8f:da:b6:de:e2:25:8a:b1:86:00:dd:
9b:2a:62:62:93:aa:7e:45:ef:8f:6b:b2:6e:a9:37:
56:93:7c:10:5d:43:3e:b2:65:5e:7a:2a:46:36:df:
25:64:38:ea:05:2d:94:ba:20:ce:10:e7:5b:5d:70:
2f:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:E2:AF:FB:93:BA:A5:1B:D1:8D:6F:07:C1:B7:15:E4:1E:F7:8F:8F
X509v3 Authority Key Identifier:
keyid:40:81:F8:56:02:B1:16:89:25:D8:3E:B3:CA:61:60:9F:35:79:56:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIH4VgKxFokl2D6zymFgnzV5VqY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/22c93c-9000-4e73-a1c5-c03f3fddd4ac/1/4eKv-5O6pRvRjW8HwbcV5B73j48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/22c93c-9000-4e73-a1c5-c03f3fddd4ac/1/QIH4VgKxFokl2D6zymFgnzV5VqY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.130.176.0/22
31.130.184.0/21
Signature Algorithm: sha256WithRSAEncryption
30:68:c2:88:60:2c:41:77:0f:6c:1e:f7:d9:cb:9e:a5:b5:b8:
6f:64:6c:b9:f5:d4:72:d8:61:55:f2:92:e1:16:ec:1a:0d:88:
f3:2f:1d:56:26:38:cd:f2:02:11:dd:a6:bf:af:39:5a:f4:c6:
e8:f0:a5:ec:5f:41:83:81:3d:90:bb:ad:9a:e1:cd:c7:ca:c0:
56:c9:fc:0d:93:61:8b:2b:e8:e7:5a:25:12:8b:8b:8f:b4:b3:
91:84:1e:00:52:72:af:a4:ad:9a:d3:52:44:f3:73:80:77:37:
da:24:69:11:6c:7c:27:54:bf:74:41:c0:a8:d4:7d:31:f2:63:
93:98:a5:2f:52:3c:64:5b:54:c0:0e:31:56:79:d7:f1:c1:78:
82:6e:b4:d7:68:d8:84:e0:ee:0c:3d:50:d5:e1:e4:03:14:77:
0e:fa:b0:3f:39:99:41:b4:1d:02:d1:6a:03:b5:34:21:6b:0d:
f6:26:cc:6a:46:58:b6:bf:94:b1:a8:07:9e:91:d5:cb:6e:99:
1c:4b:00:a5:78:51:b8:f9:60:73:3e:4b:d7:7f:c2:c8:40:41:
82:aa:d3:e9:a7:d5:8b:74:09:b3:38:43:75:2d:0c:42:ee:99:
37:ca:3b:cb:cb:4d:3a:7d:ed:b9:bf:4d:e0:c0:80:c8:d3:4a:
25:e4:d7:04
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAOutQTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MDgxZjg1NjAyYjExNjg5MjVkODNlYjNjYTYxNjA5ZjM1Nzk1NmE2MB4XDTIyMDIy
NjE2MTk1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTFlMmFmZmI5M2Jh
YTUxYmQxOGQ2ZjA3YzFiNzE1ZTQxZWY3OGY4ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMLqGkDKZ7tJrwtmMEfHcxavzAJOArVH2KaI1qSY47B18fDw
M5lBdedm6vmq2mL61Xz50VvHYBbkPOdHiuEixOpx0AC0FL1vYhX1pDboQjS7mIjt
wEUmQHgzu/SD6GMSBLzzmFalHL52xp82ynJfjx6mR/rw/jKAoqV5mcnVLoSwIf1e
AJ6KwncM5XAfK1iowQHGaKXecOcjt0lv+HcDIZ2LLh8o5rIlcHNs4+kOxrFb/D6w
182YtJPr73U0tbIk2Bk71JtB2Y/att7iJYqxhgDdmypiYpOqfkXvj2uybqk3VpN8
EF1DPrJlXnoqRjbfJWQ46gUtlLogzhDnW11wL+8CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTh4q/7k7qlG9GNbwfBtxXkHvePjzAfBgNVHSMEGDAWgBRAgfhWArEWiSXY
PrPKYWCfNXlWpjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FJSDRWZ0t4Rm9rbDJENnp5bUZnbnpWNVZxWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvMjJjOTNjLTkwMDAtNGU3My1hMWM1LWMwM2YzZmRkZDRhYy8x
LzRlS3YtNU82cFJ2UmpXOEh3YmNWNUI3M2o0OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
MjJjOTNjLTkwMDAtNGU3My1hMWM1LWMwM2YzZmRkZDRhYy8xL1FJSDRWZ0t4Rm9r
bDJENnp5bUZnbnpWNVZxWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAh+CsAMEAx+CuDANBgkqhkiG9w0B
AQsFAAOCAQEAMGjCiGAsQXcPbB732cuepbW4b2RsufXUcthhVfKS4RbsGg2I8y8d
ViY4zfICEd2mv685WvTG6PCl7F9Bg4E9kLutmuHNx8rAVsn8DZNhiyvo51olEouL
j7SzkYQeAFJyr6StmtNSRPNzgHc32iRpEWx8J1S/dEHAqNR9MfJjk5ilL1I8ZFtU
wA4xVnnX8cF4gm6012jYhODuDD1Q1eHkAxR3DvqwPzmZQbQdAtFqA7U0IWsN9ibM
akZYtr+UsagHnpHVy26ZHEsApXhRuPlgcz5L13/CyEBBgqrT6afVi3QJszhDdS0M
Qu6ZN8o7y8tNOn3tub9N4MCAyNNKJeTXBA==
-----END CERTIFICATE-----
Generated at Mon Apr 28 10:49:53 2025 by rpki-client