Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/408e83-530d-4462-b1c9-df324c4c6eed/1/2atbPV9V_nJ7g5G1zWYsDPu-R8I.roa
File: 2atbPV9V_nJ7g5G1zWYsDPu-R8I.roa (raw, json)
Hash identifier: Ww7ueRBdh3G1YDYxNSCFoVj8teLS3dXhtUG8pluXFsA=
Subject key identifier: D9:AB:5B:3D:5F:55:FE:72:7B:83:91:B5:CD:66:2C:0C:FB:BE:47:C2
Certificate issuer: /CN=a2cbe9aba1ff7564d913ed78672e3371b7f35824
Certificate serial: 01856BB7E0E8EFECEEF58526509B31B09E2E
Authority key identifier: A2:CB:E9:AB:A1:FF:75:64:D9:13:ED:78:67:2E:33:71:B7:F3:58:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/osvpq6H_dWTZE-14Zy4zcbfzWCQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/408e83-530d-4462-b1c9-df324c4c6eed/1/2atbPV9V_nJ7g5G1zWYsDPu-R8I.roa
Signing time: Sun 01 Jan 2023 05:04:50 +0000
ROA not before: Sun 01 Jan 2023 05:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39741
IP address blocks: 31.25.240.0/21 maxlen: 24
185.234.116.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:b7:e0:e8:ef:ec:ee:f5:85:26:50:9b:31:b0:9e:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2cbe9aba1ff7564d913ed78672e3371b7f35824
Validity
Not Before: Jan 1 05:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d9ab5b3d5f55fe727b8391b5cd662c0cfbbe47c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:50:f3:0a:0d:e0:30:99:a2:78:06:92:31:e7:
cf:07:36:ba:fe:b9:73:80:c4:f3:2c:fc:b1:c4:a3:
db:4c:05:f6:53:a5:5e:f1:b2:09:cf:ea:52:5d:8e:
8c:32:c3:50:7a:45:92:68:c0:7f:80:17:ed:7f:02:
ea:9c:91:b7:c5:83:a2:1b:ab:e5:6b:7d:19:70:dd:
5a:44:e5:4c:a3:7c:52:e1:96:18:43:d8:f4:a4:5c:
d5:d9:eb:4d:45:62:17:62:5f:c5:8f:ae:ff:11:5f:
74:8b:a0:e8:8f:53:02:0c:33:f8:cf:28:6d:74:84:
dd:82:79:f6:5a:55:2f:4e:06:21:55:f0:b4:45:aa:
15:f4:18:4c:12:e4:f2:31:f4:ba:8e:bb:2a:b6:13:
49:64:d0:74:34:6d:44:b1:32:53:4c:1c:7a:67:07:
3c:ca:6a:a4:0f:25:49:26:f3:3b:e6:fb:f1:e3:e9:
55:d2:9f:43:88:c0:4b:dd:3b:31:aa:90:d6:46:5f:
6e:3b:9f:e9:d2:eb:c6:f7:40:a1:83:63:15:fb:b9:
1f:75:7a:d8:f4:c2:93:7e:e7:a4:eb:b1:9a:80:7a:
fe:d9:f9:d1:6b:69:8e:29:93:51:f1:99:52:2c:ba:
2b:48:95:99:6d:59:1d:87:1c:87:6e:78:aa:04:2c:
e0:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:AB:5B:3D:5F:55:FE:72:7B:83:91:B5:CD:66:2C:0C:FB:BE:47:C2
X509v3 Authority Key Identifier:
keyid:A2:CB:E9:AB:A1:FF:75:64:D9:13:ED:78:67:2E:33:71:B7:F3:58:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/osvpq6H_dWTZE-14Zy4zcbfzWCQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/408e83-530d-4462-b1c9-df324c4c6eed/1/2atbPV9V_nJ7g5G1zWYsDPu-R8I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/408e83-530d-4462-b1c9-df324c4c6eed/1/osvpq6H_dWTZE-14Zy4zcbfzWCQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.240.0/21
185.234.116.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:ae:7f:52:ae:cd:0d:1d:63:4b:9a:28:eb:9a:62:ac:4c:d7:
39:e2:2f:b9:33:ab:76:c1:7c:9c:ea:1b:7a:be:72:83:99:4e:
7d:94:ef:0e:52:67:32:3d:d7:23:8c:72:78:92:04:18:bc:c3:
e4:34:27:54:07:75:71:8e:0b:a1:7d:21:40:c5:2e:9c:f0:f0:
bf:6b:68:bd:90:5d:dd:d4:4b:11:ce:9d:7c:8b:2f:e7:96:2d:
ec:ec:62:bb:bc:5d:de:88:d2:a0:c6:e6:fe:10:5c:31:c5:41:
d6:ff:cc:06:91:b4:2c:07:79:17:7d:f7:3c:a2:83:6a:38:a2:
fc:46:2d:ad:37:ed:18:08:18:48:58:46:e0:b2:b3:7e:2b:11:
2b:29:ec:c5:c8:a6:03:25:d8:ee:04:ef:29:28:a7:f5:ef:ce:
a2:c0:de:8e:83:97:40:5d:5d:28:5b:7c:01:55:a8:22:de:85:
94:87:43:46:2e:2e:24:0a:57:fa:bf:36:84:6f:70:df:ea:17:
37:6e:76:d0:b4:a6:f6:1f:6e:c0:88:a2:2e:60:6d:cc:a0:d8:
eb:85:74:34:7c:a3:5f:b4:a4:cb:98:a8:96:95:b5:8e:5f:f2:
9e:ee:b4:7d:2c:d0:d7:8e:79:f3:ed:cf:77:d4:9b:71:fa:15:
2f:32:19:4c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVrt+Do7+zu9YUmUJsxsJ4uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyY2JlOWFiYTFmZjc1NjRkOTEzZWQ3ODY3MmUzMzcxYjdm
MzU4MjQwHhcNMjMwMTAxMDUwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWFiNWIzZDVmNTVmZTcyN2I4MzkxYjVjZDY2MmMwY2ZiYmU0N2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1DzCg3gMJmieAaSMefPBza6/rlz
gMTzLPyxxKPbTAX2U6Ve8bIJz+pSXY6MMsNQekWSaMB/gBftfwLqnJG3xYOiG6vl
a30ZcN1aROVMo3xS4ZYYQ9j0pFzV2etNRWIXYl/Fj67/EV90i6Doj1MCDDP4zyht
dITdgnn2WlUvTgYhVfC0RaoV9BhMEuTyMfS6jrsqthNJZNB0NG1EsTJTTBx6Zwc8
ymqkDyVJJvM75vvx4+lV0p9DiMBL3TsxqpDWRl9uO5/p0uvG90Chg2MV+7kfdXrY
9MKTfuek67GagHr+2fnRa2mOKZNR8ZlSLLorSJWZbVkdhxyHbniqBCzgRwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNmrWz1fVf5ye4ORtc1mLAz7vkfCMB8GA1UdIwQY
MBaAFKLL6auh/3Vk2RPteGcuM3G381gkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3N2cHE2SF9kV1RaRS0xNFp5NHpjYmZ6V0NRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS80MDhlODMtNTMwZC00NDYyLWIxYzkt
ZGYzMjRjNGM2ZWVkLzEvMmF0YlBWOVZfbko3ZzVHMXpXWXNEUHUtUjhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS80MDhlODMtNTMwZC00NDYyLWIxYzktZGYzMjRjNGM2ZWVk
LzEvb3N2cHE2SF9kV1RaRS0xNFp5NHpjYmZ6V0NRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDHxnwAwQA
uep0MA0GCSqGSIb3DQEBCwUAA4IBAQCNrn9Srs0NHWNLmijrmmKsTNc54i+5M6t2
wXyc6ht6vnKDmU59lO8OUmcyPdcjjHJ4kgQYvMPkNCdUB3VxjguhfSFAxS6c8PC/
a2i9kF3d1EsRzp18iy/nli3s7GK7vF3eiNKgxub+EFwxxUHW/8wGkbQsB3kXffc8
ooNqOKL8Ri2tN+0YCBhIWEbgsrN+KxErKezFyKYDJdjuBO8pKKf1786iwN6Og5dA
XV0oW3wBVagi3oWUh0NGLi4kClf6vzaEb3Df6hc3bnbQtKb2H27AiKIuYG3MoNjr
hXQ0fKNftKTLmKiWlbWOX/Ke7rR9LNDXjnnz7c931Jtx+hUvMhlM
-----END CERTIFICATE-----
Generated at Sun May 11 15:52:30 2025 by rpki-client