Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/4T2fw5D7I0HCJycjP0BQrKrNPL4.roa
File: 4T2fw5D7I0HCJycjP0BQrKrNPL4.roa (raw, json)
Hash identifier: F+ATHtCYOSfv/KmrQm3U18FoH+L+PFVnVRUHL108N8c=
Subject key identifier: E1:3D:9F:C3:90:FB:23:41:C2:27:27:23:3F:40:50:AC:AA:CD:3C:BE
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01857095631B16AF75FFBC0758A399206C84
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/4T2fw5D7I0HCJycjP0BQrKrNPL4.roa
Signing time: Mon 02 Jan 2023 03:45:16 +0000
ROA not before: Mon 02 Jan 2023 03:45:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59475
IP address blocks: 31.148.26.0/23 maxlen: 24
92.38.0.0/23 maxlen: 24
95.46.112.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:63:1b:16:af:75:ff:bc:07:58:a3:99:20:6c:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e13d9fc390fb2341c22727233f4050acaacd3cbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:82:b0:66:5b:1b:f5:f1:5c:9b:ef:ff:54:4c:
f3:79:26:df:07:34:a7:ce:2b:b5:3a:b9:aa:22:b1:
31:0d:d7:74:08:cd:2d:30:a9:5a:3f:c0:0c:0c:c9:
69:f5:78:f3:d6:3f:1f:1b:80:48:8a:97:33:6c:19:
aa:24:87:4d:21:ac:00:7e:b6:ac:7e:bb:44:55:7d:
d5:ad:b7:24:29:7a:74:ee:16:96:7f:dd:2d:06:73:
e2:4e:8c:c0:44:d5:27:f2:73:c5:1f:a0:81:46:24:
92:56:8f:08:9e:17:ef:34:09:56:21:85:60:09:dd:
22:d1:2e:42:e3:51:4f:c6:b5:8f:99:7a:ec:5d:c7:
ca:6a:80:44:ce:e3:06:85:08:67:99:84:ce:a9:fc:
a8:6d:57:a4:85:c8:7d:8d:2b:46:50:94:93:ab:41:
cc:ff:be:4f:79:25:88:5d:13:68:fc:39:1d:a5:f4:
8a:43:ed:db:5c:38:e3:db:50:04:5c:63:0e:90:d6:
fe:82:cd:3b:d4:87:63:8c:84:f5:63:58:7d:3d:0a:
da:dc:29:b4:48:5c:63:44:f3:39:46:a2:77:37:18:
f1:f1:4b:76:53:b7:77:7e:63:a6:14:ac:6c:87:87:
30:ef:23:dd:7a:07:04:bc:1c:13:e0:ab:ac:07:21:
4b:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:3D:9F:C3:90:FB:23:41:C2:27:27:23:3F:40:50:AC:AA:CD:3C:BE
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/4T2fw5D7I0HCJycjP0BQrKrNPL4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.26.0/23
92.38.0.0/23
95.46.112.0/23
Signature Algorithm: sha256WithRSAEncryption
67:d8:27:72:40:54:bc:06:be:2d:b4:44:48:2c:f8:37:e2:34:
a5:d3:18:6d:61:9b:ac:24:44:66:59:93:93:2c:2f:a1:ed:3a:
dd:cb:d0:f6:b1:9a:04:2f:32:51:86:37:58:b7:9a:65:bc:0a:
8e:79:31:b0:e3:0f:b6:a4:bf:b9:1a:7d:6f:7e:df:bf:ba:dd:
fe:0d:0a:fb:bd:65:b3:b6:fb:df:ba:7e:df:c0:63:b0:18:3f:
56:ec:35:a5:ec:67:20:1d:37:3f:7f:46:44:58:6d:92:7d:79:
fb:3e:a3:aa:e8:21:3a:5f:8a:ac:18:86:ee:5b:22:8c:43:ab:
4b:96:28:27:ca:e4:81:b1:09:9a:b4:0d:4e:b7:c3:83:ce:09:
8e:52:cd:c2:97:55:26:78:5c:61:4d:0c:3b:7f:f0:f6:a3:3e:
9b:a1:2b:2f:26:cb:b3:5f:92:ed:c4:ac:a1:54:86:68:76:fc:
e1:01:a5:0c:13:79:c4:11:67:5a:f8:a2:38:fc:84:2b:bc:05:
80:12:fe:93:36:e4:63:1f:5a:5d:5b:a2:37:5d:80:96:ba:f3:
14:0e:b6:31:2c:0b:7e:d1:c5:98:9a:70:ae:63:ec:82:d6:c0:
0d:6b:cf:94:fc:0e:b0:e2:05:36:2b:aa:1c:31:87:98:d5:ea:
4c:39:d8:0a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVwlWMbFq91/7wHWKOZIGyEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTNkOWZjMzkwZmIyMzQxYzIyNzI3MjMzZjQwNTBhY2FhY2QzY2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA34KwZlsb9fFcm+//VEzzeSbfBzSn
ziu1OrmqIrExDdd0CM0tMKlaP8AMDMlp9Xjz1j8fG4BIipczbBmqJIdNIawAfras
frtEVX3VrbckKXp07haWf90tBnPiTozARNUn8nPFH6CBRiSSVo8InhfvNAlWIYVg
Cd0i0S5C41FPxrWPmXrsXcfKaoBEzuMGhQhnmYTOqfyobVekhch9jStGUJSTq0HM
/75PeSWIXRNo/DkdpfSKQ+3bXDjj21AEXGMOkNb+gs071IdjjIT1Y1h9PQra3Cm0
SFxjRPM5RqJ3Nxjx8Ut2U7d3fmOmFKxsh4cw7yPdegcEvBwT4KusByFLdQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOE9n8OQ+yNBwicnIz9AUKyqzTy+MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvNFQyZnc1RDdJMEhDSnljalAwQlFyS3JOUEw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBH5QaAwQB
XCYAAwQBXy5wMA0GCSqGSIb3DQEBCwUAA4IBAQBn2CdyQFS8Br4ttERILPg34jSl
0xhtYZusJERmWZOTLC+h7Trdy9D2sZoELzJRhjdYt5plvAqOeTGw4w+2pL+5Gn1v
ft+/ut3+DQr7vWWztvvfun7fwGOwGD9W7DWl7GcgHTc/f0ZEWG2SfXn7PqOq6CE6
X4qsGIbuWyKMQ6tLlignyuSBsQmatA1Ot8ODzgmOUs3Cl1UmeFxhTQw7f/D2oz6b
oSsvJsuzX5LtxKyhVIZodvzhAaUME3nEEWda+KI4/IQrvAWAEv6TNuRjH1pdW6I3
XYCWuvMUDrYxLAt+0cWYmnCuY+yC1sANa8+U/A6w4gU2K6ocMYeY1epMOdgK
-----END CERTIFICATE-----
Generated at Sun Apr 13 06:45:41 2025 by rpki-client