Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/22c93c-9000-4e73-a1c5-c03f3fddd4ac/1/GE7qVYrvUTanfFjwEFLghIhpr30.roa
File: GE7qVYrvUTanfFjwEFLghIhpr30.roa (raw, json)
Hash identifier: A89pb+0QXVu3srcozfA0SaStBINcpokqSc0btnjkJ2M=
Subject key identifier: 18:4E:EA:55:8A:EF:51:36:A7:7C:58:F0:10:52:E0:84:88:69:AF:7D
Certificate issuer: /CN=4081f85602b1168925d83eb3ca61609f357956a6
Certificate serial: 0187E5E32B232F4866BAC9CF205950AB1E6F
Authority key identifier: 40:81:F8:56:02:B1:16:89:25:D8:3E:B3:CA:61:60:9F:35:79:56:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QIH4VgKxFokl2D6zymFgnzV5VqY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/22c93c-9000-4e73-a1c5-c03f3fddd4ac/1/GE7qVYrvUTanfFjwEFLghIhpr30.roa
Signing time: Thu 04 May 2023 08:31:22 +0000
ROA not before: Thu 04 May 2023 08:31:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49100
IP address blocks: 31.130.190.0/24 maxlen: 24
31.130.191.0/24 maxlen: 24
31.130.188.0/24 maxlen: 24
31.130.189.0/24 maxlen: 24
31.130.187.0/24 maxlen: 24
31.130.176.0/22 maxlen: 22
31.130.176.0/24 maxlen: 24
31.130.177.0/24 maxlen: 24
31.130.178.0/24 maxlen: 24
31.130.179.0/24 maxlen: 24
31.130.184.0/24 maxlen: 24
31.130.184.0/21 maxlen: 21
31.130.185.0/24 maxlen: 24
31.130.186.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e5:e3:2b:23:2f:48:66:ba:c9:cf:20:59:50:ab:1e:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4081f85602b1168925d83eb3ca61609f357956a6
Validity
Not Before: May 4 08:31:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=184eea558aef5136a77c58f01052e0848869af7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:5a:66:e5:ad:96:7b:80:c5:d6:46:c3:01:2f:
31:bc:50:bf:d2:4f:33:e5:64:8f:00:05:00:dc:cf:
4b:85:2c:92:66:b7:77:d5:33:05:70:46:23:11:7b:
eb:ea:7e:bb:5a:e1:2c:18:df:e3:13:59:2b:8c:60:
f0:ff:7a:b6:2a:43:5d:6a:8f:bb:09:ef:57:11:9d:
f8:0e:e9:22:61:c0:24:5f:02:4b:d1:0f:f7:6c:5e:
af:81:fb:4a:bf:51:24:d2:7f:65:bc:fb:1b:18:9f:
be:ba:42:d0:80:d7:72:8c:a0:8b:2a:2e:15:21:35:
99:8d:36:ff:74:79:70:fd:e6:83:cf:2f:db:6b:ce:
88:c3:0e:42:d9:bb:ba:8c:f6:90:a9:3e:84:02:6e:
ec:e2:d4:ba:44:58:a8:1c:f6:45:d6:ca:93:14:36:
04:08:94:f7:6d:e6:19:c1:4b:a9:c3:e6:b0:0c:37:
f5:3b:66:63:77:d4:08:0d:87:b3:1d:29:19:5e:f3:
99:aa:1f:78:56:6c:e6:bd:b2:64:90:60:c5:68:96:
59:a4:e2:65:3d:4f:c6:fe:5e:b4:97:57:0b:ff:70:
41:7e:18:7c:45:d1:66:b9:21:27:b0:cd:91:68:6d:
8f:f4:df:ed:87:23:90:37:9d:ff:5c:2b:36:26:9d:
45:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:4E:EA:55:8A:EF:51:36:A7:7C:58:F0:10:52:E0:84:88:69:AF:7D
X509v3 Authority Key Identifier:
keyid:40:81:F8:56:02:B1:16:89:25:D8:3E:B3:CA:61:60:9F:35:79:56:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIH4VgKxFokl2D6zymFgnzV5VqY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/22c93c-9000-4e73-a1c5-c03f3fddd4ac/1/GE7qVYrvUTanfFjwEFLghIhpr30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/22c93c-9000-4e73-a1c5-c03f3fddd4ac/1/QIH4VgKxFokl2D6zymFgnzV5VqY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.130.176.0/22
31.130.184.0/21
Signature Algorithm: sha256WithRSAEncryption
57:50:3e:98:14:0d:bc:98:97:ad:08:3d:53:49:25:a6:de:91:
1b:fb:ff:cc:5d:99:86:4c:22:43:fb:af:4f:e8:b7:ab:5e:d5:
37:75:24:69:6d:11:2f:6d:49:72:dd:ec:4e:f6:e4:8a:e7:5a:
b1:96:92:68:e0:6d:d9:e1:8c:6b:10:59:bb:5c:f0:09:53:59:
6b:1a:a0:d8:9d:d0:ab:3b:72:19:a0:67:8a:22:13:58:e4:82:
07:01:73:e8:ca:11:d0:d5:92:8c:bb:06:93:8c:bc:53:e6:4a:
51:df:95:c3:74:b3:25:07:96:5f:c1:e6:f5:ee:3d:be:ec:9b:
32:e3:80:af:1f:82:de:66:79:8d:0e:40:9d:03:be:46:0b:ac:
0b:3f:4b:14:09:2c:e2:51:11:6c:8e:80:42:64:e9:2d:ab:c2:
35:81:94:39:28:8d:2e:4f:63:7c:8b:47:79:8c:d7:b1:50:b2:
aa:f1:90:72:25:86:b7:92:21:d2:7b:7e:a4:dd:49:b9:09:b2:
ae:6f:13:0d:70:32:41:ea:81:39:c7:28:21:13:04:2d:8d:2a:
fc:d0:c5:5b:14:4a:4f:e2:96:0f:0b:9c:15:2f:a0:9a:e5:b2:
9a:d4:c1:c8:d9:52:11:67:85:ad:f3:76:bb:57:31:f8:8c:1a:
ee:e4:7c:dd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYfl4ysjL0hmusnPIFlQqx5vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwODFmODU2MDJiMTE2ODkyNWQ4M2ViM2NhNjE2MDlmMzU3
OTU2YTYwHhcNMjMwNTA0MDgzMTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODRlZWE1NThhZWY1MTM2YTc3YzU4ZjAxMDUyZTA4NDg4NjlhZjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVpm5a2We4DF1kbDAS8xvFC/0k8z
5WSPAAUA3M9LhSySZrd31TMFcEYjEXvr6n67WuEsGN/jE1krjGDw/3q2KkNdao+7
Ce9XEZ34DukiYcAkXwJL0Q/3bF6vgftKv1Ek0n9lvPsbGJ++ukLQgNdyjKCLKi4V
ITWZjTb/dHlw/eaDzy/ba86Iww5C2bu6jPaQqT6EAm7s4tS6RFioHPZF1sqTFDYE
CJT3beYZwUupw+awDDf1O2Zjd9QIDYezHSkZXvOZqh94VmzmvbJkkGDFaJZZpOJl
PU/G/l60l1cL/3BBfhh8RdFmuSEnsM2RaG2P9N/thyOQN53/XCs2Jp1FfwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBhO6lWK71E2p3xY8BBS4ISIaa99MB8GA1UdIwQY
MBaAFECB+FYCsRaJJdg+s8phYJ81eVamMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUlINFZnS3hGb2tsMkQ2enltRmduelY1VnFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yMmM5M2MtOTAwMC00ZTczLWExYzUt
YzAzZjNmZGRkNGFjLzEvR0U3cVZZcnZVVGFuZkZqd0VGTGdoSWhwcjMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yMmM5M2MtOTAwMC00ZTczLWExYzUtYzAzZjNmZGRkNGFj
LzEvUUlINFZnS3hGb2tsMkQ2enltRmduelY1VnFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCH4KwAwQD
H4K4MA0GCSqGSIb3DQEBCwUAA4IBAQBXUD6YFA28mJetCD1TSSWm3pEb+//MXZmG
TCJD+69P6LerXtU3dSRpbREvbUly3exO9uSK51qxlpJo4G3Z4YxrEFm7XPAJU1lr
GqDYndCrO3IZoGeKIhNY5IIHAXPoyhHQ1ZKMuwaTjLxT5kpR35XDdLMlB5Zfweb1
7j2+7Jsy44CvH4LeZnmNDkCdA75GC6wLP0sUCSziURFsjoBCZOktq8I1gZQ5KI0u
T2N8i0d5jNexULKq8ZByJYa3kiHSe36k3Um5CbKubxMNcDJB6oE5xyghEwQtjSr8
0MVbFEpP4pYPC5wVL6Ca5bKa1MHI2VIRZ4Wt83a7VzH4jBru5Hzd
-----END CERTIFICATE-----
Generated at Mon Apr 28 15:04:35 2025 by rpki-client