Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/20c2I3QQOJEPegOQHaVCff_VC2A.roa
File: 20c2I3QQOJEPegOQHaVCff_VC2A.roa (raw, json)
Hash identifier: 2ShyJ3Acu1FadpWfQZRZXgoenuCVGKxsCXnhqCotc8M=
Subject key identifier: DB:47:36:23:74:10:38:91:0F:7A:03:90:1D:A5:42:7D:FF:D5:0B:60
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 283BC3B6
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/20c2I3QQOJEPegOQHaVCff_VC2A.roa
Signing time: Sat 01 Jan 2022 16:09:53 +0000
ROA not before: Sat 01 Jan 2022 16:09:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206326
IP address blocks: 95.47.104.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 675005366 (0x283bc3b6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 1 16:09:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=db473623741038910f7a03901da5427dffd50b60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:53:4e:bd:2a:b2:33:c0:b8:8a:bb:41:ae:22:
d0:c7:9a:51:9f:55:bf:38:52:11:35:3a:1f:1e:a4:
a4:9f:9e:35:03:77:20:4a:92:96:de:40:09:73:3c:
cd:dc:cf:f7:2f:1f:cd:5c:64:53:e6:86:3c:a6:07:
a3:f5:0c:ca:8d:f6:89:21:17:1f:af:ec:c6:25:ec:
85:5e:70:5e:8d:77:b0:49:0f:71:1a:5e:f8:ec:a6:
06:b5:a5:3a:db:ca:72:c5:b8:ca:e2:62:ed:76:fe:
eb:a8:76:d2:e9:33:ee:e6:82:43:35:ca:a5:ba:6d:
bc:8c:08:1f:47:95:d7:98:58:39:91:53:ab:6a:8e:
89:03:10:6c:98:07:79:a4:30:0b:76:10:12:6f:ee:
e9:bc:8b:d4:19:97:ac:9f:81:f2:43:f9:73:6c:87:
7e:39:ca:cf:01:d7:74:4f:62:25:39:f8:cb:ac:71:
4b:db:c4:fb:e7:96:ad:fa:3f:21:02:d8:33:92:fd:
5c:47:56:74:11:b0:e1:52:9c:3b:ae:56:94:6b:18:
81:95:ec:de:12:6b:e4:09:2b:24:a4:d5:2d:36:6a:
66:7e:9a:a5:7f:cc:81:0c:9c:bc:54:16:9b:ca:e3:
17:b3:ca:42:8b:4d:02:23:d7:f6:db:36:56:e7:78:
ee:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:47:36:23:74:10:38:91:0F:7A:03:90:1D:A5:42:7D:FF:D5:0B:60
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/20c2I3QQOJEPegOQHaVCff_VC2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.47.104.0/22
Signature Algorithm: sha256WithRSAEncryption
2d:bf:f0:9a:6e:67:f4:4d:96:d8:ae:be:40:f8:95:20:42:dc:
b1:43:4b:4c:df:24:97:42:03:e5:a5:3e:70:ae:b4:4f:79:24:
36:78:ce:f9:9b:87:d6:8c:bb:81:81:cf:e8:cc:6c:5e:39:60:
89:b9:d2:d5:1c:7b:6f:8a:96:67:d1:5b:70:59:b2:c1:ee:fb:
86:11:0f:3e:45:9a:ed:d4:4f:d4:a3:66:b6:5c:c4:01:c3:e9:
12:c2:0f:86:8e:06:e3:b2:1a:a2:a8:ac:db:69:28:00:48:12:
4d:01:ec:12:fe:99:cc:6a:cc:62:53:df:92:15:8c:8c:80:55:
a9:c7:55:da:05:8e:22:ab:c5:64:e3:9f:47:a0:14:24:73:0e:
bc:74:15:28:7b:5f:9e:a8:2e:47:48:1d:b5:04:24:ff:00:ba:
80:1b:eb:ba:8b:13:ce:a3:77:e2:31:e8:f1:4c:92:ca:81:e0:
cb:a8:42:b3:a5:ee:5b:3c:70:50:f5:a4:68:5c:34:a9:fb:da:
a8:25:9f:82:d8:81:fb:bf:8b:4f:32:ab:e4:a8:d5:4c:71:94:
1d:c6:91:b9:d8:4a:38:06:a7:13:d9:25:9e:9d:4c:96:0f:8c:
21:2b:3c:e9:42:ea:8a:6d:87:5d:e4:94:f2:d7:9f:0d:7d:9f:
d2:60:28:97
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEKDvDtjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDkxMjJjMzU0MzhhNGViMjYyMzNmZGM2ZTRiYjFkZjJkYWFlZjQyMB4XDTIyMDEw
MTE2MDk1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGI0NzM2MjM3NDEw
Mzg5MTBmN2EwMzkwMWRhNTQyN2RmZmQ1MGI2MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKRTTr0qsjPAuIq7Qa4i0MeaUZ9VvzhSETU6Hx6kpJ+eNQN3
IEqSlt5ACXM8zdzP9y8fzVxkU+aGPKYHo/UMyo32iSEXH6/sxiXshV5wXo13sEkP
cRpe+OymBrWlOtvKcsW4yuJi7Xb+66h20ukz7uaCQzXKpbptvIwIH0eV15hYOZFT
q2qOiQMQbJgHeaQwC3YQEm/u6byL1BmXrJ+B8kP5c2yHfjnKzwHXdE9iJTn4y6xx
S9vE++eWrfo/IQLYM5L9XEdWdBGw4VKcO65WlGsYgZXs3hJr5AkrJKTVLTZqZn6a
pX/MgQycvFQWm8rjF7PKQotNAiPX9ts2Vud47vUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTbRzYjdBA4kQ96A5AdpUJ9/9ULYDAfBgNVHSMEGDAWgBR0kSLDVDik6yYj
P9xuS7HfLarvQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8x
LzIwYzJJM1FRT0pFUGVnT1FIYVZDZmZfVkMyQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
MThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8xL2RKRWl3MVE0cE9z
bUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAl8vaDANBgkqhkiG9w0BAQsFAAOC
AQEALb/wmm5n9E2W2K6+QPiVIELcsUNLTN8kl0ID5aU+cK60T3kkNnjO+ZuH1oy7
gYHP6MxsXjlgibnS1Rx7b4qWZ9FbcFmywe77hhEPPkWa7dRP1KNmtlzEAcPpEsIP
ho4G47Iaoqis22koAEgSTQHsEv6ZzGrMYlPfkhWMjIBVqcdV2gWOIqvFZOOfR6AU
JHMOvHQVKHtfnqguR0gdtQQk/wC6gBvruosTzqN34jHo8UySyoHgy6hCs6XuWzxw
UPWkaFw0qfvaqCWfgtiB+7+LTzKr5KjVTHGUHcaRudhKOAanE9klnp1Mlg+MISs8
6ULqim2HXeSU8tefDX2f0mAolw==
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:27:13 2025 by rpki-client