Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/82AEwGzJufJqMV1oa9Ss9j1wLfo.roa
File: 82AEwGzJufJqMV1oa9Ss9j1wLfo.roa (raw, json)
Hash identifier: LExz2QGlrH954FNeiG6Bf/9+Sfp2B4YDJldXn1NPG+8=
Subject key identifier: F3:60:04:C0:6C:C9:B9:F2:6A:31:5D:68:6B:D4:AC:F6:3D:70:2D:FA
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0189D593A5708ACD9F0FC67CF85E352C3D38
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/82AEwGzJufJqMV1oa9Ss9j1wLfo.roa
Signing time: Tue 08 Aug 2023 14:36:10 +0000
ROA not before: Tue 08 Aug 2023 14:36:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43533
IP address blocks: 146.158.28.0/23 maxlen: 24
92.253.196.0/22 maxlen: 24
93.170.208.0/22 maxlen: 24
92.38.52.0/22 maxlen: 24
31.148.144.0/22 maxlen: 24
93.170.16.0/21 maxlen: 24
93.171.210.0/23 maxlen: 24
93.170.168.0/23 maxlen: 24
92.38.16.0/22 maxlen: 24
92.38.24.0/22 maxlen: 24
146.158.20.0/22 maxlen: 24
31.148.100.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d5:93:a5:70:8a:cd:9f:0f:c6:7c:f8:5e:35:2c:3d:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Aug 8 14:36:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f36004c06cc9b9f26a315d686bd4acf63d702dfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:f7:db:19:77:86:ce:6c:a9:ac:8e:9e:49:0c:
5d:ec:c3:36:f9:99:ae:3a:4e:6f:75:1f:59:d9:87:
88:ad:a8:1a:a9:0f:14:87:75:b0:01:a2:29:04:9e:
03:c6:57:77:50:9c:91:53:26:39:14:68:c9:79:b0:
98:4f:97:a9:30:aa:68:3e:d2:fd:74:57:c7:16:b5:
d7:b4:0d:ff:40:78:78:41:13:d7:a4:26:4f:be:83:
4c:c9:a0:ce:1b:01:79:25:51:5c:4b:da:1b:5f:e6:
1d:41:ce:26:4a:fa:f9:d9:9b:7e:8a:47:f0:94:46:
80:a6:f7:44:8f:d1:8f:b7:6a:cb:bd:70:4a:3d:52:
59:8c:d0:65:18:00:7a:b2:ff:c4:e6:12:8a:b2:99:
31:b0:f2:e5:c2:ab:b2:ba:3b:c4:ed:5d:8f:a9:a9:
49:ee:e9:5b:06:93:65:82:e0:3d:92:80:27:a5:24:
ce:01:11:18:b8:b9:76:c7:b9:cc:04:43:09:fd:5b:
52:57:d3:26:e1:ef:1f:a2:c1:f2:e7:b8:3d:b3:c2:
d2:7d:fb:30:a3:42:f3:61:2e:d2:09:09:d2:e6:b5:
fb:10:66:04:28:d8:24:65:1e:ba:62:70:27:42:16:
e7:22:f4:f3:96:14:9f:3a:73:25:df:00:e2:d9:aa:
ad:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:60:04:C0:6C:C9:B9:F2:6A:31:5D:68:6B:D4:AC:F6:3D:70:2D:FA
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/82AEwGzJufJqMV1oa9Ss9j1wLfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.100.0/22
31.148.144.0/22
92.38.16.0/22
92.38.24.0/22
92.38.52.0/22
92.253.196.0/22
93.170.16.0/21
93.170.168.0/23
93.170.208.0/22
93.171.210.0/23
146.158.20.0/22
146.158.28.0/23
Signature Algorithm: sha256WithRSAEncryption
6f:98:98:d4:5a:0b:f2:b6:ef:06:40:05:13:13:3a:ce:a0:39:
ed:af:e1:0a:ab:bc:44:8a:cf:29:bc:6b:09:a8:3f:a0:c3:b1:
20:fe:a2:66:62:cc:84:a6:6b:6b:dd:6e:df:93:63:b6:ca:dc:
00:4a:a3:06:03:61:0f:c5:3c:60:68:99:38:b0:8f:22:7b:64:
cc:b3:10:e4:69:92:bf:49:e4:d0:46:1c:24:e3:55:97:a5:7f:
7d:0d:54:a1:cc:8f:9b:f7:e6:ae:13:99:38:f5:8e:e7:e5:69:
d0:df:06:31:a1:41:9d:f1:f6:86:6b:d3:db:25:74:ab:a1:e3:
d4:8a:2c:79:10:e4:ba:ff:2f:76:b8:02:11:be:47:b3:26:92:
70:ee:21:31:2b:f4:8b:f7:db:40:3d:cc:d3:b4:1b:9b:f2:f7:
cc:80:4b:cd:a8:4c:87:20:f2:1f:88:2f:8d:f4:aa:77:c5:3d:
88:22:9c:1c:8b:14:a9:b2:e5:c5:74:29:63:f9:99:9d:76:34:
14:9a:ac:90:0f:b0:a7:c3:c9:fa:f9:c2:cf:a5:c4:01:99:1d:
6c:26:d0:7b:27:ac:91:28:1c:03:72:f3:1c:e2:32:6f:1e:82:
20:24:1e:33:cc:46:3d:29:33:f4:56:e2:1e:01:ae:8c:bc:1f:
31:c9:0a:61
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYnVk6Vwis2fD8Z8+F41LD04MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwODA4MTQzNjEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzYwMDRjMDZjYzliOWYyNmEzMTVkNjg2YmQ0YWNmNjNkNzAyZGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgPfbGXeGzmyprI6eSQxd7MM2+Zmu
Ok5vdR9Z2YeIragaqQ8Uh3WwAaIpBJ4Dxld3UJyRUyY5FGjJebCYT5epMKpoPtL9
dFfHFrXXtA3/QHh4QRPXpCZPvoNMyaDOGwF5JVFcS9obX+YdQc4mSvr52Zt+ikfw
lEaApvdEj9GPt2rLvXBKPVJZjNBlGAB6sv/E5hKKspkxsPLlwquyujvE7V2PqalJ
7ulbBpNlguA9koAnpSTOAREYuLl2x7nMBEMJ/VtSV9Mm4e8fosHy57g9s8LSffsw
o0LzYS7SCQnS5rX7EGYEKNgkZR66YnAnQhbnIvTzlhSfOnMl3wDi2aqtDwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFPNgBMBsybnyajFdaGvUrPY9cC36MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvODJBRXdHekp1ZkpxTVYxb2E5U3M5ajF3TGZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQCH5RkAwQC
H5SQAwQCXCYQAwQCXCYYAwQCXCY0AwQCXP3EAwQDXaoQAwQBXaqoAwQCXarQAwQB
XavSAwQCkp4UAwQBkp4cMA0GCSqGSIb3DQEBCwUAA4IBAQBvmJjUWgvytu8GQAUT
EzrOoDntr+EKq7xEis8pvGsJqD+gw7Eg/qJmYsyEpmtr3W7fk2O2ytwASqMGA2EP
xTxgaJk4sI8ie2TMsxDkaZK/SeTQRhwk41WXpX99DVShzI+b9+auE5k49Y7n5WnQ
3wYxoUGd8faGa9PbJXSroePUiix5EOS6/y92uAIRvkezJpJw7iExK/SL99tAPczT
tBub8vfMgEvNqEyHIPIfiC+N9Kp3xT2IIpwcixSpsuXFdClj+ZmddjQUmqyQD7Cn
w8n6+cLPpcQBmR1sJtB7J6yRKBwDcvMc4jJvHoIgJB4zzEY9KTP0VuIeAa6MvB8x
yQph
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:56:04 2025 by rpki-client