Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/6c5aa1-5880-4651-85a4-afd3bf6bc58c/1/yGRqBaTu_1VeamN-a8LHkw40WWE.roa
File: yGRqBaTu_1VeamN-a8LHkw40WWE.roa (raw, json)
Hash identifier: t8wi31Ai9CfGflp/BZSIeu85TWmS5iAqCuBwpMrgAG4=
Subject key identifier: C8:64:6A:05:A4:EE:FF:55:5E:6A:63:7E:6B:C2:C7:93:0E:34:59:61
Certificate issuer: /CN=0632542221caef6448cc545214e000071bd56b86
Certificate serial: 0182F75B7E35EF9908FB01BF912F4B718152
Authority key identifier: 06:32:54:22:21:CA:EF:64:48:CC:54:52:14:E0:00:07:1B:D5:6B:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BjJUIiHK72RIzFRSFOAABxvVa4Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/6c5aa1-5880-4651-85a4-afd3bf6bc58c/1/yGRqBaTu_1VeamN-a8LHkw40WWE.roa
Signing time: Thu 01 Sep 2022 04:42:24 +0000
ROA not before: Thu 01 Sep 2022 04:42:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47286
IP address blocks: 31.129.192.0/19 maxlen: 24
31.129.192.0/23 maxlen: 23
31.129.196.0/22 maxlen: 22
31.129.200.0/21 maxlen: 21
31.129.212.0/22 maxlen: 22
31.129.208.0/22 maxlen: 22
31.129.216.0/22 maxlen: 22
31.129.220.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:f7:5b:7e:35:ef:99:08:fb:01:bf:91:2f:4b:71:81:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0632542221caef6448cc545214e000071bd56b86
Validity
Not Before: Sep 1 04:42:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c8646a05a4eeff555e6a637e6bc2c7930e345961
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:c7:46:2e:ba:18:dd:4e:f3:f0:bb:38:8c:ee:
da:7d:2d:bd:03:14:c2:81:af:53:4b:cc:15:98:1f:
58:46:e0:19:46:6c:d8:d9:d6:17:22:58:da:63:ed:
2b:16:76:e7:27:2d:c8:85:98:f4:33:a3:ba:4d:6b:
9d:be:c6:e6:e5:f3:ed:2b:07:eb:e5:3d:1b:47:fc:
32:f6:7f:9f:57:dc:54:d2:ea:d7:f2:18:da:aa:40:
d2:8c:29:dc:07:c9:fb:e0:2f:00:bb:98:ac:bd:49:
61:53:13:ad:68:e8:60:35:46:32:59:2a:e1:c4:8e:
f3:ac:5a:62:a8:59:03:72:2e:ae:b1:c1:c4:4e:38:
f9:ce:aa:d2:97:64:4a:eb:37:71:b7:50:9d:e3:a8:
0d:c1:3d:30:45:a2:a2:5d:a0:82:25:b1:75:8c:83:
5d:a0:35:1c:35:e9:86:4f:16:05:3f:ce:40:1e:d0:
a7:f0:d8:12:e0:ee:d6:31:4f:e1:9a:d6:79:13:90:
ab:ea:25:06:95:75:5a:d8:28:d5:cc:76:5e:d1:cc:
d5:78:76:2c:b8:d4:d1:f3:d8:fc:cd:25:8a:37:7f:
82:d3:5e:9e:ad:53:b3:ba:2a:78:a4:65:28:4c:dd:
df:42:b3:c4:34:7a:c0:1a:f1:34:3e:2a:2c:b9:7b:
e1:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:64:6A:05:A4:EE:FF:55:5E:6A:63:7E:6B:C2:C7:93:0E:34:59:61
X509v3 Authority Key Identifier:
keyid:06:32:54:22:21:CA:EF:64:48:CC:54:52:14:E0:00:07:1B:D5:6B:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BjJUIiHK72RIzFRSFOAABxvVa4Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/6c5aa1-5880-4651-85a4-afd3bf6bc58c/1/yGRqBaTu_1VeamN-a8LHkw40WWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/6c5aa1-5880-4651-85a4-afd3bf6bc58c/1/BjJUIiHK72RIzFRSFOAABxvVa4Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.192.0/19
Signature Algorithm: sha256WithRSAEncryption
6c:e3:80:a1:6f:61:70:a4:48:72:c9:31:20:e4:a2:16:48:b4:
c8:ae:e7:0d:fd:b6:d0:76:37:e3:d0:6e:0b:69:42:f2:ea:c8:
7c:58:a7:b8:33:d4:98:d9:e0:c4:68:02:9c:0a:fc:f9:3d:d2:
1b:26:e4:a0:3d:88:cd:78:a2:61:a1:f7:a8:da:08:30:c7:79:
1b:5c:30:59:6a:47:cf:b4:ee:f4:0c:37:1c:94:e0:39:92:54:
b2:0a:8c:0d:78:11:70:7f:d3:60:78:04:eb:a1:3c:47:f2:25:
bf:7e:63:ba:4b:24:30:50:37:4f:a2:a0:4b:06:c1:cd:89:55:
cb:7c:93:62:05:03:3c:1f:14:1c:c1:9a:1d:23:2e:eb:e1:a9:
75:cc:80:57:b3:71:35:06:6e:f6:bc:90:72:57:9a:55:86:ba:
05:b8:30:63:c5:f0:d5:5c:b7:2b:98:b5:e0:87:11:8f:2f:e0:
80:0c:97:b9:5e:2c:ee:8b:f8:ba:73:bf:37:95:d8:8b:b6:4c:
2f:da:f5:14:86:97:58:a8:33:92:96:b6:92:6b:a0:39:f8:07:
7e:be:0f:b7:04:ca:be:1d:f5:0b:0f:d6:7a:7a:cc:df:8d:86:
ac:2a:2b:bf:75:b2:b9:65:57:41:d0:b9:5e:16:15:e4:61:7d:
b6:9d:cd:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYL3W34175kI+wG/kS9LcYFSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2MzI1NDIyMjFjYWVmNjQ0OGNjNTQ1MjE0ZTAwMDA3MWJk
NTZiODYwHhcNMjIwOTAxMDQ0MjI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODY0NmEwNWE0ZWVmZjU1NWU2YTYzN2U2YmMyYzc5MzBlMzQ1OTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3MdGLroY3U7z8Ls4jO7afS29AxTC
ga9TS8wVmB9YRuAZRmzY2dYXIljaY+0rFnbnJy3IhZj0M6O6TWudvsbm5fPtKwfr
5T0bR/wy9n+fV9xU0urX8hjaqkDSjCncB8n74C8Au5isvUlhUxOtaOhgNUYyWSrh
xI7zrFpiqFkDci6uscHETjj5zqrSl2RK6zdxt1Cd46gNwT0wRaKiXaCCJbF1jINd
oDUcNemGTxYFP85AHtCn8NgS4O7WMU/hmtZ5E5Cr6iUGlXVa2CjVzHZe0czVeHYs
uNTR89j8zSWKN3+C016erVOzuip4pGUoTN3fQrPENHrAGvE0PiosuXvh2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMhkagWk7v9VXmpjfmvCx5MONFlhMB8GA1UdIwQY
MBaAFAYyVCIhyu9kSMxUUhTgAAcb1WuGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmpKVUlpSEs3MlJJekZSU0ZPQUFCeHZWYTRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy82YzVhYTEtNTg4MC00NjUxLTg1YTQt
YWZkM2JmNmJjNThjLzEveUdScUJhVHVfMVZlYW1OLWE4TEhrdzQwV1dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy82YzVhYTEtNTg4MC00NjUxLTg1YTQtYWZkM2JmNmJjNThj
LzEvQmpKVUlpSEs3MlJJekZSU0ZPQUFCeHZWYTRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFH4HAMA0G
CSqGSIb3DQEBCwUAA4IBAQBs44Chb2FwpEhyyTEg5KIWSLTIrucN/bbQdjfj0G4L
aULy6sh8WKe4M9SY2eDEaAKcCvz5PdIbJuSgPYjNeKJhofeo2ggwx3kbXDBZakfP
tO70DDcclOA5klSyCowNeBFwf9NgeATroTxH8iW/fmO6SyQwUDdPoqBLBsHNiVXL
fJNiBQM8HxQcwZodIy7r4al1zIBXs3E1Bm72vJByV5pVhroFuDBjxfDVXLcrmLXg
hxGPL+CADJe5Xizui/i6c783ldiLtkwv2vUUhpdYqDOSlraSa6A5+Ad+vg+3BMq+
HfULD9Z6eszfjYasKiu/dbK5ZVdB0LleFhXkYX22nc2+
-----END CERTIFICATE-----
Generated at Tue May 13 10:03:21 2025 by rpki-client