Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1dD1MEmz4QNMmZVGJDX9IOyLcNA.roa
File: 1dD1MEmz4QNMmZVGJDX9IOyLcNA.roa (raw, json)
Hash identifier: b6EagoSjQNB/bSr7NPk0yV37/mNvUiq12vPtachhYpU=
Subject key identifier: D5:D0:F5:30:49:B3:E1:03:4C:99:95:46:24:35:FD:20:EC:8B:70:D0
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018B89DD7DF5870D7825E9B9311AD932B64C
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1dD1MEmz4QNMmZVGJDX9IOyLcNA.roa
Signing time: Wed 01 Nov 2023 07:51:16 +0000
ROA not before: Wed 01 Nov 2023 07:51:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207676
IP address blocks: 92.253.218.0/23 maxlen: 24
146.120.110.0/24 maxlen: 24
92.253.235.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:89:dd:7d:f5:87:0d:78:25:e9:b9:31:1a:d9:32:b6:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Nov 1 07:51:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d5d0f53049b3e1034c9995462435fd20ec8b70d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:35:a4:65:a2:0f:46:49:b1:94:2a:62:ca:e7:
67:eb:12:7a:e7:61:90:06:a1:a2:cf:c6:f6:1b:3c:
e9:8b:31:4c:ac:48:24:5f:58:41:7d:f8:8b:30:64:
40:6f:1c:bf:44:34:5f:a4:fb:04:21:b3:c8:24:05:
15:99:0d:e8:96:e4:52:ce:64:c0:3c:95:2a:d8:70:
0c:72:d7:7e:af:16:3d:32:e8:70:3c:29:aa:ab:e1:
39:da:8d:66:f0:43:eb:eb:cd:eb:17:cb:84:30:e9:
2d:b6:85:56:c0:73:f1:03:5b:03:1e:bd:12:d0:0e:
c1:5f:b1:23:34:2f:a7:84:e8:e7:2e:f0:1e:79:b6:
ab:79:eb:98:15:3b:c6:4a:85:94:cc:52:ed:27:21:
4a:63:47:50:01:c9:fb:dc:99:60:f9:1c:d8:10:26:
e6:4c:10:63:92:b7:7c:d4:d1:32:8d:c5:c1:ce:24:
3f:6f:56:8c:90:d8:01:26:5b:d7:64:48:dc:5a:5d:
1f:32:bc:36:72:6e:55:38:72:2f:f5:bf:e2:9a:be:
3f:8a:8b:ed:35:fa:3a:54:46:6d:63:af:41:3f:fd:
14:2c:e9:e8:1d:8d:4d:27:da:69:8c:6f:ec:b5:70:
2f:3d:f5:0b:7b:be:91:6c:19:4c:73:52:dd:73:ac:
12:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:D0:F5:30:49:B3:E1:03:4C:99:95:46:24:35:FD:20:EC:8B:70:D0
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1dD1MEmz4QNMmZVGJDX9IOyLcNA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.253.218.0/23
92.253.235.0/24
146.120.110.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:26:ef:34:81:88:2f:af:e9:15:a2:f4:59:06:29:9d:f9:68:
a6:bc:20:7f:44:ba:71:96:09:ef:c4:96:52:56:8c:a7:e8:f1:
65:d8:e8:b7:a1:8a:33:e3:8e:28:93:02:1c:b6:5d:73:4e:51:
4c:a3:ae:d9:e5:ca:c6:87:6f:73:aa:e4:1d:43:79:76:0d:19:
94:c9:e4:02:53:72:c7:7d:86:d4:28:36:ab:53:2f:2b:0e:0f:
f6:34:db:a6:f9:78:d1:5c:bd:92:48:ed:16:54:10:0c:35:6e:
66:2b:7a:d9:e6:67:19:ed:f3:9e:21:aa:59:14:9f:1f:28:13:
f7:62:c6:ce:c6:ed:64:c3:13:15:05:3f:0a:8d:a4:69:e0:2b:
fe:03:06:03:d2:7b:e4:86:2d:92:61:a2:8a:9c:77:a9:31:54:
1b:60:47:65:ff:fb:4c:cc:6f:9d:ba:62:14:bc:6e:9d:90:c4:
6f:69:22:45:e9:9b:40:ce:92:81:38:43:dd:cc:0d:c2:ae:75:
02:77:4c:30:3b:73:d7:f4:1a:51:02:d9:73:be:7c:fb:c8:3c:
45:4e:68:43:c2:66:fe:b7:9e:9d:77:0e:37:7b:a9:0d:85:f8:
bc:c2:a4:e4:85:83:9b:0d:63:30:fc:07:85:c1:9c:1f:81:3c:
dd:0d:bc:08
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYuJ3X31hw14Jem5MRrZMrZMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMxMTAxMDc1MTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWQwZjUzMDQ5YjNlMTAzNGM5OTk1NDYyNDM1ZmQyMGVjOGI3MGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjWkZaIPRkmxlCpiyudn6xJ652GQ
BqGiz8b2GzzpizFMrEgkX1hBffiLMGRAbxy/RDRfpPsEIbPIJAUVmQ3oluRSzmTA
PJUq2HAMctd+rxY9MuhwPCmqq+E52o1m8EPr683rF8uEMOkttoVWwHPxA1sDHr0S
0A7BX7EjNC+nhOjnLvAeebareeuYFTvGSoWUzFLtJyFKY0dQAcn73Jlg+RzYECbm
TBBjkrd81NEyjcXBziQ/b1aMkNgBJlvXZEjcWl0fMrw2cm5VOHIv9b/imr4/iovt
Nfo6VEZtY69BP/0ULOnoHY1NJ9ppjG/stXAvPfULe76RbBlMc1Ldc6wS/QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNXQ9TBJs+EDTJmVRiQ1/SDsi3DQMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvMWREMU1FbXo0UU5NbVpWR0pEWDlJT3lMY05BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBXP3aAwQA
XP3rAwQAknhuMA0GCSqGSIb3DQEBCwUAA4IBAQCzJu80gYgvr+kVovRZBimd+Wim
vCB/RLpxlgnvxJZSVoyn6PFl2Oi3oYoz444okwIctl1zTlFMo67Z5crGh29zquQd
Q3l2DRmUyeQCU3LHfYbUKDarUy8rDg/2NNum+XjRXL2SSO0WVBAMNW5mK3rZ5mcZ
7fOeIapZFJ8fKBP3YsbOxu1kwxMVBT8KjaRp4Cv+AwYD0nvkhi2SYaKKnHepMVQb
YEdl//tMzG+dumIUvG6dkMRvaSJF6ZtAzpKBOEPdzA3CrnUCd0wwO3PX9BpRAtlz
vnz7yDxFTmhDwmb+t56ddw43e6kNhfi8wqTkhYObDWMw/AeFwZwfgTzdDbwI
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:32:08 2025 by rpki-client