Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/6hMXdAmfGjutlWiA1G9J_57Eea0.roa
File: 6hMXdAmfGjutlWiA1G9J_57Eea0.roa (raw, json)
Hash identifier: qEeZgI5u3TqeqmPZkwz4Kdj9jzxm0tbYuRtFf6TgB5w=
Subject key identifier: EA:13:17:74:09:9F:1A:3B:AD:95:68:80:D4:6F:49:FF:9E:C4:79:AD
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0185709561EBC464AB5F4E19C6587255130A
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/6hMXdAmfGjutlWiA1G9J_57Eea0.roa
Signing time: Mon 02 Jan 2023 03:45:16 +0000
ROA not before: Mon 02 Jan 2023 03:45:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59392
IP address blocks: 95.47.204.0/22 maxlen: 24
31.148.52.0/22 maxlen: 24
31.148.56.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:61:eb:c4:64:ab:5f:4e:19:c6:58:72:55:13:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ea131774099f1a3bad956880d46f49ff9ec479ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:15:c1:87:32:5e:ab:02:c0:60:53:fa:a1:82:
b9:03:4b:d6:96:de:99:26:ea:38:72:e5:83:1e:26:
93:9e:f8:18:ad:b2:32:a3:9a:8f:d0:7e:fa:6e:89:
49:8c:ff:3c:04:f2:79:11:31:8a:4a:a5:d7:3c:0f:
a6:2f:e7:3f:d3:a9:6d:73:b4:78:50:d7:2e:a5:1a:
e8:77:5b:56:49:e6:a8:66:a3:db:d9:6e:bc:32:40:
97:b9:da:e6:3f:65:52:3c:25:f7:72:de:e6:36:42:
ec:c0:ea:f3:a7:9b:b1:84:7e:43:05:dc:e4:12:d6:
aa:5d:fe:51:23:52:d4:19:fe:48:b1:7c:19:0d:28:
7d:39:19:12:9d:6d:dc:a9:21:55:87:ea:7b:e1:8e:
62:f1:c0:06:b4:0e:71:31:a2:56:d7:d5:3d:df:5c:
82:60:b7:06:98:4b:34:ac:75:f2:bc:5e:3c:f9:29:
33:ef:fe:e5:1d:0b:63:fc:4f:b2:49:17:d3:e4:a8:
7d:d0:7d:48:16:61:48:6e:f7:8c:8c:ed:87:58:da:
d9:44:e6:85:54:56:0e:4e:a0:1a:c1:90:a4:d8:3f:
f0:dd:d7:23:99:47:fd:e0:3d:83:58:c3:ba:e5:6d:
49:32:e2:9a:eb:45:a2:09:d1:74:30:d9:d5:f9:04:
dc:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:13:17:74:09:9F:1A:3B:AD:95:68:80:D4:6F:49:FF:9E:C4:79:AD
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/6hMXdAmfGjutlWiA1G9J_57Eea0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.52.0-31.148.63.255
95.47.204.0/22
Signature Algorithm: sha256WithRSAEncryption
02:7d:e9:a1:85:96:d1:87:82:d7:28:3a:a2:ef:35:39:c5:e8:
7a:4b:b7:93:52:eb:3f:00:7f:2b:c0:3f:b2:a0:d8:0d:b9:3c:
03:c6:7b:dd:76:1c:b9:25:85:63:07:b0:a7:6a:22:da:9f:c4:
80:b5:2d:bf:3a:44:90:e9:69:7c:7c:d4:7f:04:bb:54:5b:f6:
9b:ed:ee:a7:2d:93:d1:79:ed:b5:cc:50:f1:57:ef:3c:0a:c0:
47:a4:3b:1a:11:b8:77:74:f7:9f:17:65:9a:4f:6b:54:bd:73:
b2:0f:b5:57:d0:c1:55:e9:79:20:c3:36:28:01:b7:06:24:9c:
d6:a3:8e:97:48:7e:7c:db:9f:b3:2e:74:b7:48:e6:d3:79:ea:
19:3c:10:40:6b:10:c8:b2:95:d4:48:de:45:e6:3e:15:74:67:
89:57:e9:25:a8:6e:27:08:af:e6:f8:32:b1:c7:60:15:47:31:
a7:41:f3:d4:db:25:c6:45:96:3a:bf:f3:fe:6e:83:85:27:19:
73:e6:13:d1:99:a1:27:8d:3d:c7:d5:74:61:3c:4d:02:9f:f9:
fa:02:6b:64:07:7a:c2:2c:38:e0:f6:9c:19:2a:9a:41:87:35:
2f:0c:ea:6a:3f:29:49:81:05:be:6c:57:a4:f8:82:db:14:43:
2e:6c:8f:f7
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVwlWHrxGSrX04ZxlhyVRMKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTEzMTc3NDA5OWYxYTNiYWQ5NTY4ODBkNDZmNDlmZjllYzQ3OWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBXBhzJeqwLAYFP6oYK5A0vWlt6Z
Juo4cuWDHiaTnvgYrbIyo5qP0H76bolJjP88BPJ5ETGKSqXXPA+mL+c/06ltc7R4
UNcupRrod1tWSeaoZqPb2W68MkCXudrmP2VSPCX3ct7mNkLswOrzp5uxhH5DBdzk
EtaqXf5RI1LUGf5IsXwZDSh9ORkSnW3cqSFVh+p74Y5i8cAGtA5xMaJW19U931yC
YLcGmEs0rHXyvF48+Skz7/7lHQtj/E+ySRfT5Kh90H1IFmFIbveMjO2HWNrZROaF
VFYOTqAawZCk2D/w3dcjmUf94D2DWMO65W1JMuKa60WiCdF0MNnV+QTcwQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFOoTF3QJnxo7rZVogNRvSf+exHmtMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvNmhNWGRBbWZHanV0bFdpQTFHOUpfNTdFZWEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAIflDQD
BAYflAADBAJfL8wwDQYJKoZIhvcNAQELBQADggEBAAJ96aGFltGHgtcoOqLvNTnF
6HpLt5NS6z8AfyvAP7Kg2A25PAPGe912HLklhWMHsKdqItqfxIC1Lb86RJDpaXx8
1H8Eu1Rb9pvt7qctk9F57bXMUPFX7zwKwEekOxoRuHd0958XZZpPa1S9c7IPtVfQ
wVXpeSDDNigBtwYknNajjpdIfnzbn7MudLdI5tN56hk8EEBrEMiyldRI3kXmPhV0
Z4lX6SWobicIr+b4MrHHYBVHMadB89TbJcZFljq/8/5ug4UnGXPmE9GZoSeNPcfV
dGE8TQKf+foCa2QHesIsOOD2nBkqmkGHNS8M6mo/KUmBBb5sV6T4gtsUQy5sj/c=
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:53:25 2025 by rpki-client