Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/0Df6xL9H_eWyVdMUcHzBQGcxt2s.roa
File: 0Df6xL9H_eWyVdMUcHzBQGcxt2s.roa (raw, json)
Hash identifier: HGoE3EZJX47g9KdFf0myI5FsMW7sKvK/iom8uHCIDxw=
Subject key identifier: D0:37:FA:C4:BF:47:FD:E5:B2:55:D3:14:70:7C:C1:40:67:31:B7:6B
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 27ED56F9
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/0Df6xL9H_eWyVdMUcHzBQGcxt2s.roa
Signing time: Sat 01 Jan 2022 16:09:09 +0000
ROA not before: Sat 01 Jan 2022 16:09:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60245
IP address blocks: 95.46.148.0/24 maxlen: 24
31.148.172.0/23 maxlen: 24
95.46.98.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 669865721 (0x27ed56f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 1 16:09:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d037fac4bf47fde5b255d314707cc1406731b76b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:b4:59:39:50:66:af:2f:92:27:05:7c:2d:ba:
3f:8a:52:f9:c1:4a:84:ac:f3:08:db:96:e1:92:9d:
3e:6a:9d:c0:03:38:2d:c7:3f:d3:35:f8:8b:72:cb:
77:83:48:e8:ab:ed:92:12:5b:ef:b5:c2:67:00:64:
cb:67:ca:2a:67:9b:a3:d9:7f:2c:0b:2e:6e:c1:ea:
dd:7f:e9:54:e7:f3:2e:9b:62:64:4c:a4:13:5f:6b:
b0:30:1c:a0:58:cd:fe:47:07:de:a5:a3:07:94:10:
23:78:77:0a:38:bb:2d:d5:1e:b8:01:48:91:b7:56:
cd:a2:41:6e:65:93:02:1e:a0:63:1b:da:02:a8:e4:
9a:1c:0b:b8:56:84:5c:fa:6f:50:95:91:82:2b:17:
a7:5a:1c:8c:08:6f:2f:21:99:41:f3:63:6b:0e:06:
0f:0a:53:34:f4:6c:aa:1c:c1:3d:29:e3:74:eb:03:
4a:5b:20:9e:d4:a9:2d:b4:e6:fb:dd:04:b4:4a:cd:
b2:23:f0:ea:4f:45:15:02:01:82:a7:98:1c:b2:97:
46:14:2b:2f:79:e9:b9:78:1b:53:a0:a7:39:d0:cb:
fb:ca:9c:ee:3f:f1:db:ed:6d:51:a0:f6:9e:a8:15:
a1:b1:f7:7d:18:b0:b4:6e:7a:7a:68:e2:c7:b7:62:
a8:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:37:FA:C4:BF:47:FD:E5:B2:55:D3:14:70:7C:C1:40:67:31:B7:6B
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/0Df6xL9H_eWyVdMUcHzBQGcxt2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.172.0/23
95.46.98.0/23
95.46.148.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:e0:d6:80:8b:c8:68:39:38:e4:ac:5a:a2:ee:81:0d:5c:b5:
86:a8:21:22:f0:56:14:5b:92:e3:49:ae:21:eb:ab:48:01:ad:
53:72:4b:32:e2:05:88:16:f2:96:04:6f:d1:59:98:ba:17:f1:
f2:dc:c9:a1:4b:34:c1:ba:43:e9:98:cb:fa:a1:f4:ce:37:48:
ad:90:06:55:9b:17:ed:96:65:eb:fa:ef:d7:52:cd:21:31:55:
2e:19:65:89:c2:cf:64:3e:6f:9f:32:c7:68:2d:70:63:06:c9:
e8:e8:df:46:30:ea:03:c1:05:32:7e:b2:3c:d6:26:aa:b7:b9:
ec:17:5f:af:df:ec:46:9a:b6:7f:a1:f0:8b:84:75:fc:55:e7:
3d:df:4b:82:58:3e:e8:41:a4:9f:f2:35:1c:53:7a:a8:a3:a3:
7d:bb:f0:f1:24:19:eb:41:5d:72:9d:0b:fc:a3:07:e8:65:0b:
93:b5:18:d1:db:99:d3:c9:77:f8:11:51:a3:c5:29:d4:ae:fa:
84:1e:c7:20:d0:a4:2c:48:1b:e9:cf:ac:3d:b1:97:69:42:fd:
89:92:f5:6b:5f:c3:49:f4:a9:1b:20:e5:16:3d:da:87:82:39:
17:5e:92:2c:a5:34:c4:aa:91:ba:a1:25:02:8c:3f:0e:82:49:
0a:26:c6:40
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEJ+1W+TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDkxMjJjMzU0MzhhNGViMjYyMzNmZGM2ZTRiYjFkZjJkYWFlZjQyMB4XDTIyMDEw
MTE2MDkwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDAzN2ZhYzRiZjQ3
ZmRlNWIyNTVkMzE0NzA3Y2MxNDA2NzMxYjc2YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOG0WTlQZq8vkicFfC26P4pS+cFKhKzzCNuW4ZKdPmqdwAM4
Lcc/0zX4i3LLd4NI6KvtkhJb77XCZwBky2fKKmebo9l/LAsubsHq3X/pVOfzLpti
ZEykE19rsDAcoFjN/kcH3qWjB5QQI3h3Cji7LdUeuAFIkbdWzaJBbmWTAh6gYxva
AqjkmhwLuFaEXPpvUJWRgisXp1ocjAhvLyGZQfNjaw4GDwpTNPRsqhzBPSnjdOsD
SlsgntSpLbTm+90EtErNsiPw6k9FFQIBgqeYHLKXRhQrL3npuXgbU6CnOdDL+8qc
7j/x2+1tUaD2nqgVobH3fRiwtG56emjix7diqN0CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBTQN/rEv0f95bJV0xRwfMFAZzG3azAfBgNVHSMEGDAWgBR0kSLDVDik6yYj
P9xuS7HfLarvQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8x
LzBEZjZ4TDlIX2VXeVZkTVVjSHpCUUdjeHQycy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
MThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8xL2RKRWl3MVE0cE9z
bUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAR+UrAMEAV8uYgMEAF8ulDANBgkq
hkiG9w0BAQsFAAOCAQEAH+DWgIvIaDk45Kxaou6BDVy1hqghIvBWFFuS40muIeur
SAGtU3JLMuIFiBbylgRv0VmYuhfx8tzJoUs0wbpD6ZjL+qH0zjdIrZAGVZsX7ZZl
6/rv11LNITFVLhllicLPZD5vnzLHaC1wYwbJ6OjfRjDqA8EFMn6yPNYmqre57Bdf
r9/sRpq2f6Hwi4R1/FXnPd9Lglg+6EGkn/I1HFN6qKOjfbvw8SQZ60Fdcp0L/KMH
6GULk7UY0duZ08l3+BFRo8Up1K76hB7HINCkLEgb6c+sPbGXaUL9iZL1a1/DSfSp
GyDlFj3ah4I5F16SLKU0xKqRuqElAow/DoJJCibGQA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:34:21 2025 by rpki-client