Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/vqhzwSTj-UXk8_s73VArWUj_USo.roa
File: vqhzwSTj-UXk8_s73VArWUj_USo.roa (raw, json)
Hash identifier: 2MvHWWNyamsY47+S4ZuExeVyd5Fc9zQ0kLQq6H7zNDc=
Subject key identifier: BE:A8:73:C1:24:E3:F9:45:E4:F3:FB:3B:DD:50:2B:59:48:FF:51:2A
Certificate issuer: /CN=6fccdffda6a4c48914b5e8cde7da5d820b9c9718
Certificate serial: 018A9432EFD0A066E4483F30FF466AAEFF29
Authority key identifier: 6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/vqhzwSTj-UXk8_s73VArWUj_USo.roa
Signing time: Thu 14 Sep 2023 14:58:00 +0000
ROA not before: Thu 14 Sep 2023 14:58:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 396356
IP address blocks: 185.39.31.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:94:32:ef:d0:a0:66:e4:48:3f:30:ff:46:6a:ae:ff:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fccdffda6a4c48914b5e8cde7da5d820b9c9718
Validity
Not Before: Sep 14 14:58:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bea873c124e3f945e4f3fb3bdd502b5948ff512a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:f0:5a:f7:14:51:47:c5:6d:2d:7a:a4:e0:6a:
10:26:73:3c:1f:69:8e:d5:27:00:58:9f:a8:b9:78:
a8:3a:f4:1a:6f:88:23:7f:84:42:4b:af:06:80:05:
28:7a:75:36:0c:5b:74:e8:10:a9:79:80:a1:60:de:
66:05:b0:39:fb:fe:53:89:39:96:0d:57:fb:84:1b:
a8:ef:57:0d:8e:d4:0e:c8:c0:e1:c7:11:b1:9a:ad:
7d:52:cd:b7:b9:3d:2e:4b:8f:93:b1:99:b7:5f:0d:
0b:b9:34:9c:b4:d8:98:b9:25:0f:2b:49:70:aa:14:
14:cc:10:ac:e1:7d:73:b4:05:ed:ad:c9:e5:b7:86:
89:f1:89:50:f9:96:85:a3:08:aa:07:85:ee:b7:8d:
a2:00:b2:fc:2d:2b:af:99:c3:a0:e5:5e:87:82:37:
de:04:b9:87:99:40:ce:ad:4c:23:5e:5c:a5:e5:ec:
ed:3b:89:98:ff:eb:bc:46:16:4c:8a:30:cb:a7:df:
85:56:33:4e:03:5b:1c:0c:b0:fa:55:a1:b4:95:0a:
80:0c:33:5c:82:5b:72:30:e3:c6:85:34:71:1c:b7:
d1:a8:77:03:57:74:3d:9c:3f:8b:1c:69:fa:11:fd:
34:31:c4:08:3a:77:4e:f0:b1:f0:eb:96:d4:a3:00:
78:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:A8:73:C1:24:E3:F9:45:E4:F3:FB:3B:DD:50:2B:59:48:FF:51:2A
X509v3 Authority Key Identifier:
keyid:6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/vqhzwSTj-UXk8_s73VArWUj_USo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/b8zf_aakxIkUtejN59pdgguclxg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.39.31.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:87:77:86:97:4c:b5:7e:ba:ba:6e:1e:da:47:ea:ec:21:eb:
1f:2a:85:d4:98:df:ab:32:66:fa:20:bc:0b:65:31:07:66:91:
29:90:61:1c:fb:30:9e:86:97:8e:77:ed:b7:64:fa:4f:61:e9:
fb:d7:b8:2a:24:01:9b:ed:ec:83:a9:cd:ca:97:d1:aa:d3:c0:
63:1c:4f:28:f5:fb:4a:34:69:91:15:8f:30:fd:cc:34:a4:58:
a9:5b:91:af:a3:d1:3a:6f:9b:0f:1f:93:b6:32:19:08:23:f1:
54:ce:8f:0e:76:de:14:85:84:76:b2:43:28:5b:e7:fb:24:2d:
7b:b7:08:8a:63:1e:32:cc:c0:f4:3b:f8:b4:6f:a2:ed:38:05:
4f:74:48:dd:7d:84:6b:d8:c3:04:95:7d:e9:46:1b:d5:7a:f4:
d2:22:e0:50:7d:44:d9:9d:97:7f:03:fd:d7:c9:36:e5:0b:6c:
8a:b0:93:81:2a:78:08:51:46:cc:cf:be:e0:30:55:90:34:91:
6c:b1:0e:8f:4c:d9:25:f2:a5:b8:43:1f:b9:70:2c:4f:46:aa:
0b:67:cc:e9:67:8f:bf:05:62:6d:e9:f3:ae:18:20:05:26:10:
e8:20:46:69:85:ab:ca:6c:c2:07:c6:1f:05:19:e7:29:ee:83:
e3:e6:63:bf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqUMu/QoGbkSD8w/0Zqrv8pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmY2NkZmZkYTZhNGM0ODkxNGI1ZThjZGU3ZGE1ZDgyMGI5
Yzk3MTgwHhcNMjMwOTE0MTQ1ODAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWE4NzNjMTI0ZTNmOTQ1ZTRmM2ZiM2JkZDUwMmI1OTQ4ZmY1MTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjvBa9xRRR8VtLXqk4GoQJnM8H2mO
1ScAWJ+ouXioOvQab4gjf4RCS68GgAUoenU2DFt06BCpeYChYN5mBbA5+/5TiTmW
DVf7hBuo71cNjtQOyMDhxxGxmq19Us23uT0uS4+TsZm3Xw0LuTSctNiYuSUPK0lw
qhQUzBCs4X1ztAXtrcnlt4aJ8YlQ+ZaFowiqB4Xut42iALL8LSuvmcOg5V6Hgjfe
BLmHmUDOrUwjXlyl5eztO4mY/+u8RhZMijDLp9+FVjNOA1scDLD6VaG0lQqADDNc
gltyMOPGhTRxHLfRqHcDV3Q9nD+LHGn6Ef00McQIOndO8LHw65bUowB4WQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL6oc8Ek4/lF5PP7O91QK1lI/1EqMB8GA1UdIwQY
MBaAFG/M3/2mpMSJFLXozefaXYILnJcYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjh6Zl9hYWt4SWtVdGVqTjU5cGRnZ3VjbHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9jYjAxNTMtODAzYS00YmI2LWIxOWQt
YTc3NGU0MWQyNjRjLzEvdnFoendTVGotVVhrOF9zNzNWQXJXVWpfVVNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9jYjAxNTMtODAzYS00YmI2LWIxOWQtYTc3NGU0MWQyNjRj
LzEvYjh6Zl9hYWt4SWtVdGVqTjU5cGRnZ3VjbHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuScfMA0G
CSqGSIb3DQEBCwUAA4IBAQB6h3eGl0y1frq6bh7aR+rsIesfKoXUmN+rMmb6ILwL
ZTEHZpEpkGEc+zCehpeOd+23ZPpPYen717gqJAGb7eyDqc3Kl9Gq08BjHE8o9ftK
NGmRFY8w/cw0pFipW5Gvo9E6b5sPH5O2MhkII/FUzo8Odt4UhYR2skMoW+f7JC17
twiKYx4yzMD0O/i0b6LtOAVPdEjdfYRr2MMElX3pRhvVevTSIuBQfUTZnZd/A/3X
yTblC2yKsJOBKngIUUbMz77gMFWQNJFssQ6PTNkl8qW4Qx+5cCxPRqoLZ8zpZ4+/
BWJt6fOuGCAFJhDoIEZphavKbMIHxh8FGecp7oPj5mO/
-----END CERTIFICATE-----
Generated at Sun Apr 27 18:03:46 2025 by rpki-client