Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/uKnF3kPztXkjlyR8h8rY8qhTo1g.roa
File: uKnF3kPztXkjlyR8h8rY8qhTo1g.roa (raw, json)
Hash identifier: fyUu1zjDtDqEIs0dWdzmIPjc9+LTlEfQKMCUV1QQuts=
Subject key identifier: B8:A9:C5:DE:43:F3:B5:79:23:97:24:7C:87:CA:D8:F2:A8:53:A3:58
Certificate issuer: /CN=8fe02b7eedffc38ab5eab4416172e7d88e9ad1e2
Certificate serial: 018A5A63
Authority key identifier: 8F:E0:2B:7E:ED:FF:C3:8A:B5:EA:B4:41:61:72:E7:D8:8E:9A:D1:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j-Arfu3_w4q16rRBYXLn2I6a0eI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/uKnF3kPztXkjlyR8h8rY8qhTo1g.roa
Signing time: Thu 03 Feb 2022 13:23:17 +0000
ROA not before: Thu 03 Feb 2022 13:23:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60025
IP address blocks: 31.40.3.0/24 maxlen: 24
31.40.4.0/24 maxlen: 24
31.40.2.0/24 maxlen: 24
31.40.5.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25844323 (0x18a5a63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8fe02b7eedffc38ab5eab4416172e7d88e9ad1e2
Validity
Not Before: Feb 3 13:23:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b8a9c5de43f3b5792397247c87cad8f2a853a358
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:00:25:06:43:75:1c:61:80:9c:e9:b4:a3:6f:
9a:c0:3f:15:03:38:a0:85:ed:53:c2:19:92:7c:2a:
5e:a4:fa:ee:21:8b:25:49:1b:1f:fe:a4:97:6d:19:
b5:e0:ec:2a:23:c6:4e:a9:49:c5:8b:57:2d:30:af:
1c:4c:6b:8b:5f:d7:98:f4:a7:82:51:41:10:40:b4:
44:c4:bb:35:26:8d:08:bd:e7:d3:4e:50:a3:2e:cf:
0a:c9:35:49:eb:d1:0d:a4:f2:9e:ad:ca:49:7a:32:
27:a9:8e:eb:1c:c4:1d:36:7a:30:c4:ec:23:7a:28:
c8:d1:d0:a7:5e:d5:c7:19:33:ca:2d:02:c0:fe:7b:
7d:b7:d7:9a:22:97:57:c4:3c:5f:7f:5d:23:40:f6:
d1:8d:8a:7f:fd:5d:09:26:c5:c3:e5:7a:49:92:31:
0a:02:98:cf:af:1d:59:6d:fe:fd:64:9c:7a:46:ec:
3a:28:b7:bb:26:91:8c:e5:24:cf:4b:25:d3:c0:44:
0e:d8:56:fe:9c:48:56:b5:4e:68:ab:6b:f4:50:66:
2a:37:bb:8b:71:81:33:02:26:65:54:5b:d7:aa:d9:
0c:7a:95:33:d9:7b:83:ad:b4:ee:82:dd:fc:b5:fd:
ea:ea:e9:63:50:57:23:d2:b2:8b:28:95:0d:c4:73:
fa:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:A9:C5:DE:43:F3:B5:79:23:97:24:7C:87:CA:D8:F2:A8:53:A3:58
X509v3 Authority Key Identifier:
keyid:8F:E0:2B:7E:ED:FF:C3:8A:B5:EA:B4:41:61:72:E7:D8:8E:9A:D1:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j-Arfu3_w4q16rRBYXLn2I6a0eI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/uKnF3kPztXkjlyR8h8rY8qhTo1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/j-Arfu3_w4q16rRBYXLn2I6a0eI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.2.0-31.40.5.255
Signature Algorithm: sha256WithRSAEncryption
78:c4:97:64:09:a9:cb:11:bd:f9:91:85:77:ec:6d:f6:a3:42:
76:3c:bf:cd:54:2f:d6:32:e7:28:83:65:d0:48:bc:a3:da:51:
df:67:17:a3:e0:40:69:01:b5:4a:a8:82:71:9d:a9:e2:9a:a6:
a4:6c:3f:df:97:85:5d:92:cf:7b:0c:81:53:fa:25:22:e7:5e:
28:d5:60:dc:74:a5:72:63:6b:14:3d:fc:53:10:05:69:70:64:
58:61:a8:88:29:0c:0d:f7:d6:e4:d6:19:43:11:a0:1c:cb:6f:
f7:d0:c8:16:54:2f:87:4a:18:24:3a:a3:5c:a7:bc:f9:a8:3b:
69:e3:79:d6:ea:6f:65:6e:9c:8a:a5:a0:0a:bd:14:c3:eb:63:
1d:3a:f3:b7:10:1f:ca:c4:f8:d5:d2:58:cd:e1:0e:44:e1:f8:
33:0b:99:df:3d:6c:7d:be:ab:d6:e3:15:83:85:32:47:50:66:
a5:12:15:ff:c8:12:fb:26:96:e0:b7:04:0d:03:48:e3:9c:28:
4b:c1:4a:34:b0:dd:9b:0c:b2:dc:a6:e9:ad:51:44:7e:59:1e:
5a:d6:cf:03:0f:4b:e6:50:ca:8d:a5:ac:43:95:18:a3:95:7a:
b1:dd:55:a0:c1:c2:3e:dc:4f:73:02:69:19:4a:4f:67:69:d4:
50:14:b3:30
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEAYpaYzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZmUwMmI3ZWVkZmZjMzhhYjVlYWI0NDE2MTcyZTdkODhlOWFkMWUyMB4XDTIyMDIw
MzEzMjMxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjhhOWM1ZGU0M2Yz
YjU3OTIzOTcyNDdjODdjYWQ4ZjJhODUzYTM1ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN4AJQZDdRxhgJzptKNvmsA/FQM4oIXtU8IZknwqXqT67iGL
JUkbH/6kl20ZteDsKiPGTqlJxYtXLTCvHExri1/XmPSnglFBEEC0RMS7NSaNCL3n
005Qoy7PCsk1SevRDaTynq3KSXoyJ6mO6xzEHTZ6MMTsI3ooyNHQp17Vxxkzyi0C
wP57fbfXmiKXV8Q8X39dI0D20Y2Kf/1dCSbFw+V6SZIxCgKYz68dWW3+/WScekbs
Oii3uyaRjOUkz0sl08BEDthW/pxIVrVOaKtr9FBmKje7i3GBMwImZVRb16rZDHqV
M9l7g6207oLd/LX96urpY1BXI9KyiyiVDcRz+v0CAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBS4qcXeQ/O1eSOXJHyHytjyqFOjWDAfBgNVHSMEGDAWgBSP4Ct+7f/DirXq
tEFhcufYjprR4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2otQXJmdTNfdzRxMTZyUkJZWExuMkk2YTBlSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGUvZDJjMjM1LWExZjUtNDk4NC1hYWRmLTUxNDZmMTNiNzFhMS8x
L3VLbkYza1B6dFhramx5UjhoOHJZOHFoVG8xZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGUv
ZDJjMjM1LWExZjUtNDk4NC1hYWRmLTUxNDZmMTNiNzFhMS8xL2otQXJmdTNfdzRx
MTZyUkJZWExuMkk2YTBlSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQBHygCAwQBHygEMA0GCSqGSIb3
DQEBCwUAA4IBAQB4xJdkCanLEb35kYV37G32o0J2PL/NVC/WMucog2XQSLyj2lHf
Zxej4EBpAbVKqIJxnanimqakbD/fl4Vdks97DIFT+iUi514o1WDcdKVyY2sUPfxT
EAVpcGRYYaiIKQwN99bk1hlDEaAcy2/30MgWVC+HShgkOqNcp7z5qDtp43nW6m9l
bpyKpaAKvRTD62MdOvO3EB/KxPjV0ljN4Q5E4fgzC5nfPWx9vqvW4xWDhTJHUGal
EhX/yBL7JpbgtwQNA0jjnChLwUo0sN2bDLLcpumtUUR+WR5a1s8DD0vmUMqNpaxD
lRijlXqx3VWgwcI+3E9zAmkZSk9nadRQFLMw
-----END CERTIFICATE-----
Generated at Sun Apr 27 23:10:32 2025 by rpki-client