Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/9d3f15-47d0-4069-b596-51a0f6bde4f6/1/g0NIIp00bXc-Dnc4VPhGCHFFqhs.roa
File: g0NIIp00bXc-Dnc4VPhGCHFFqhs.roa (raw, json)
Hash identifier: mNaWLsCcgT9F85RFExaLYr7JKINURSfXy0YNz7juMrI=
Subject key identifier: 83:43:48:22:9D:34:6D:77:3E:0E:77:38:54:F8:46:08:71:45:AA:1B
Certificate issuer: /CN=515585aca423697c62236e2b5f91b41e4be7ae58
Certificate serial: 0184BFC616355F6142233D16D231DD66E800
Authority key identifier: 51:55:85:AC:A4:23:69:7C:62:23:6E:2B:5F:91:B4:1E:4B:E7:AE:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UVWFrKQjaXxiI24rX5G0Hkvnrlg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/9d3f15-47d0-4069-b596-51a0f6bde4f6/1/g0NIIp00bXc-Dnc4VPhGCHFFqhs.roa
Signing time: Mon 28 Nov 2022 19:45:40 +0000
ROA not before: Mon 28 Nov 2022 19:45:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56546
IP address blocks: 31.41.20.0/22 maxlen: 22
31.41.21.0/24 maxlen: 24
31.41.22.0/24 maxlen: 24
31.41.23.0/24 maxlen: 24
31.41.20.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:bf:c6:16:35:5f:61:42:23:3d:16:d2:31:dd:66:e8:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=515585aca423697c62236e2b5f91b41e4be7ae58
Validity
Not Before: Nov 28 19:45:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=834348229d346d773e0e773854f846087145aa1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:2d:5e:5e:56:34:44:19:c5:af:74:1e:7e:a0:
99:c8:ce:48:10:74:42:8a:66:60:60:f6:60:b3:90:
58:28:7b:e7:26:f1:c4:31:f4:70:f3:fe:99:ae:97:
4a:63:19:09:d5:45:27:3a:a8:3f:16:7c:5b:c7:30:
3c:ee:02:fb:28:9a:ff:c4:b5:d9:42:25:49:fe:5d:
a4:f4:96:a8:41:27:45:cd:de:64:be:ef:ed:4a:c6:
f3:21:9b:1c:71:db:fe:c5:1e:cb:6d:1f:d0:6e:5f:
a5:11:16:32:73:cf:18:c5:b4:b1:c8:89:7d:5a:e0:
98:2e:d0:01:d1:f6:bd:a1:f3:9a:4e:1e:91:be:75:
11:87:b2:2e:99:00:0a:bd:41:b6:d4:72:9f:67:0b:
f8:38:9c:3b:d0:ee:59:f2:62:71:ea:2d:7d:34:b4:
e1:1b:83:78:1a:91:62:5c:72:23:28:0d:37:06:57:
46:07:ae:e1:f4:7f:f4:31:83:67:4c:21:2a:7d:6c:
74:d1:fd:43:de:aa:6f:86:57:f8:8c:13:19:08:1d:
7f:b0:66:81:e1:17:08:e5:3b:1f:ea:30:5e:3a:ca:
07:16:4e:28:b7:f5:c0:81:d7:da:7a:6d:7f:35:fb:
b2:d9:a2:fd:70:80:98:d7:1d:41:5f:67:b7:eb:27:
76:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:43:48:22:9D:34:6D:77:3E:0E:77:38:54:F8:46:08:71:45:AA:1B
X509v3 Authority Key Identifier:
keyid:51:55:85:AC:A4:23:69:7C:62:23:6E:2B:5F:91:B4:1E:4B:E7:AE:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UVWFrKQjaXxiI24rX5G0Hkvnrlg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/9d3f15-47d0-4069-b596-51a0f6bde4f6/1/g0NIIp00bXc-Dnc4VPhGCHFFqhs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/9d3f15-47d0-4069-b596-51a0f6bde4f6/1/UVWFrKQjaXxiI24rX5G0Hkvnrlg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.20.0/22
Signature Algorithm: sha256WithRSAEncryption
57:46:e5:e4:f7:e1:bb:93:e8:a3:df:68:35:ff:34:bc:12:29:
a7:a8:2f:b6:00:5c:59:eb:51:c9:2b:8a:70:e2:30:37:8d:68:
e6:50:3a:8a:42:b4:3d:05:e1:21:8a:86:e0:c1:fd:0b:c0:b9:
7a:2b:00:5b:76:40:44:42:b3:a5:b5:05:3d:dc:d3:04:0d:88:
90:ac:88:ab:16:66:e6:40:cf:8c:61:85:f6:55:21:0b:e0:af:
9f:b5:7c:c2:01:c4:24:a9:fe:1b:46:41:e9:92:ef:97:70:30:
da:81:4d:e6:a2:bf:f2:f7:2b:b3:89:42:99:99:70:30:2f:71:
43:d5:c6:e4:61:74:e0:8a:11:ab:71:80:05:1f:f9:c2:04:9d:
3e:f2:a0:13:a6:f0:ae:8a:98:7f:45:00:46:ba:0d:29:c8:33:
9c:82:2f:b6:5f:b4:8e:51:36:7a:e5:e4:06:b4:2c:ab:1f:b0:
af:26:9e:f8:e6:50:ee:5b:d0:94:e5:64:37:0b:bc:75:5a:48:
61:13:a7:03:7d:6a:aa:22:09:bc:9a:02:23:99:a9:36:a3:53:
1e:05:7c:0f:9f:8a:65:b0:05:e5:29:87:db:37:ed:c0:ef:95:
43:66:dc:a6:88:8e:a1:9a:db:47:5a:80:dc:86:16:e1:da:0a:
9b:81:dd:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYS/xhY1X2FCIz0W0jHdZugAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxNTU4NWFjYTQyMzY5N2M2MjIzNmUyYjVmOTFiNDFlNGJl
N2FlNTgwHhcNMjIxMTI4MTk0NTQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzQzNDgyMjlkMzQ2ZDc3M2UwZTc3Mzg1NGY4NDYwODcxNDVhYTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtS1eXlY0RBnFr3QefqCZyM5IEHRC
imZgYPZgs5BYKHvnJvHEMfRw8/6ZrpdKYxkJ1UUnOqg/FnxbxzA87gL7KJr/xLXZ
QiVJ/l2k9JaoQSdFzd5kvu/tSsbzIZsccdv+xR7LbR/Qbl+lERYyc88YxbSxyIl9
WuCYLtAB0fa9ofOaTh6RvnURh7IumQAKvUG21HKfZwv4OJw70O5Z8mJx6i19NLTh
G4N4GpFiXHIjKA03BldGB67h9H/0MYNnTCEqfWx00f1D3qpvhlf4jBMZCB1/sGaB
4RcI5Tsf6jBeOsoHFk4ot/XAgdfaem1/Nfuy2aL9cICY1x1BX2e36yd2oQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFINDSCKdNG13Pg53OFT4RghxRaobMB8GA1UdIwQY
MBaAFFFVhaykI2l8YiNuK1+RtB5L565YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVZXRnJLUWphWHhpSTI0clg1RzBIa3ZucmxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS85ZDNmMTUtNDdkMC00MDY5LWI1OTYt
NTFhMGY2YmRlNGY2LzEvZzBOSUlwMDBiWGMtRG5jNFZQaEdDSEZGcWhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS85ZDNmMTUtNDdkMC00MDY5LWI1OTYtNTFhMGY2YmRlNGY2
LzEvVVZXRnJLUWphWHhpSTI0clg1RzBIa3ZucmxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCHykUMA0G
CSqGSIb3DQEBCwUAA4IBAQBXRuXk9+G7k+ij32g1/zS8EimnqC+2AFxZ61HJK4pw
4jA3jWjmUDqKQrQ9BeEhiobgwf0LwLl6KwBbdkBEQrOltQU93NMEDYiQrIirFmbm
QM+MYYX2VSEL4K+ftXzCAcQkqf4bRkHpku+XcDDagU3mor/y9yuziUKZmXAwL3FD
1cbkYXTgihGrcYAFH/nCBJ0+8qATpvCuiph/RQBGug0pyDOcgi+2X7SOUTZ65eQG
tCyrH7CvJp745lDuW9CU5WQ3C7x1WkhhE6cDfWqqIgm8mgIjmak2o1MeBXwPn4pl
sAXlKYfbN+3A75VDZtymiI6hmttHWoDchhbh2gqbgd0I
-----END CERTIFICATE-----
Generated at Tue May 6 06:43:02 2025 by rpki-client