Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Ar8Go_jrRXgJFypkkfgrktf8trI.roa
File: Ar8Go_jrRXgJFypkkfgrktf8trI.roa (raw, json)
Hash identifier: g9lw8QcrpQFGQoorWKZv1pQ+TEZmXyL2yqgob9n3M7A=
Subject key identifier: 02:BF:06:A3:F8:EB:45:78:09:17:2A:64:91:F8:2B:92:D7:FC:B6:B2
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 288AAE4D
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Ar8Go_jrRXgJFypkkfgrktf8trI.roa
Signing time: Fri 14 Jan 2022 09:37:13 +0000
ROA not before: Fri 14 Jan 2022 09:37:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210433
IP address blocks: 95.46.136.0/22 maxlen: 24
95.46.136.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 680177229 (0x288aae4d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 14 09:37:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=02bf06a3f8eb457809172a6491f82b92d7fcb6b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:3e:da:d1:ca:33:fe:eb:eb:05:bd:f2:00:bc:
01:6c:33:fc:40:fd:fd:e5:b7:7d:b1:8d:c1:03:8e:
e1:4b:9d:de:da:05:90:c6:d8:4b:b0:17:b7:cc:6e:
17:a2:5b:60:f6:ce:55:0e:6b:f5:a1:cc:d4:84:78:
99:8c:41:38:13:c1:80:d6:7b:81:8d:cf:03:3b:7b:
e8:3d:dc:a9:bf:00:83:95:cd:fe:98:df:54:1f:0f:
c1:55:30:e2:77:c7:a7:b3:a8:63:d3:13:a4:a2:e5:
5c:95:0c:68:ed:d1:cb:39:28:35:17:c8:f6:f6:d1:
28:d7:29:dc:6d:f5:97:ac:c4:ee:a2:df:6b:54:d0:
fb:3f:ec:3c:ea:61:d2:9c:ef:f7:a6:54:5a:5d:63:
c5:25:1b:b5:bb:0e:5c:f7:6d:de:a1:1e:80:fe:cf:
9a:28:fd:33:02:cf:41:a5:1c:8d:cc:9f:18:d7:da:
a5:aa:6c:37:bb:ba:de:1b:94:2e:4a:b8:6e:c8:9d:
b9:18:67:28:36:b3:74:e5:ca:16:1d:54:9d:e7:24:
2d:a8:a2:cc:e1:cf:9a:b7:49:f3:82:2c:4e:ff:99:
5c:a1:a0:f8:38:de:01:ba:fc:84:e7:1b:78:04:b4:
80:53:57:6f:45:18:a0:0a:e0:64:8c:2b:c5:98:85:
2f:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:BF:06:A3:F8:EB:45:78:09:17:2A:64:91:F8:2B:92:D7:FC:B6:B2
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Ar8Go_jrRXgJFypkkfgrktf8trI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.46.136.0/22
Signature Algorithm: sha256WithRSAEncryption
33:cc:f2:25:4c:29:bc:f4:49:9d:83:13:b2:7c:fd:d0:c1:d3:
97:04:c1:1e:7b:33:f9:12:a2:04:16:df:9a:1e:4d:2a:71:58:
e5:1e:f1:a2:ab:e2:97:31:85:e6:08:f1:d9:2a:0c:bb:d5:77:
2e:26:00:a0:19:30:5d:60:bf:8d:45:f0:49:d0:26:ac:e7:a2:
6a:4e:46:71:3d:67:5e:2f:a0:dc:06:1c:10:2d:4a:53:bf:2b:
a1:3e:78:ea:fa:2c:55:9d:e4:90:84:f1:dd:4f:b7:6d:20:aa:
a9:28:c1:25:29:5c:25:a1:9f:db:15:13:59:3c:97:7b:0b:3e:
d2:90:61:74:84:6d:82:4e:2c:a3:a7:b2:2c:e7:ae:bb:79:c4:
cd:1a:0a:a1:7b:38:d1:4b:6c:b1:40:b1:67:be:dd:cb:70:fb:
c4:24:f5:e5:c3:41:87:5b:fe:67:10:53:b9:f2:34:6f:67:16:
68:76:73:69:6f:96:ba:61:e7:1e:a0:82:33:ec:2a:27:3d:ff:
f4:7a:0a:4f:dc:f7:18:6e:1a:36:90:03:94:b9:39:7f:39:f8:
f4:f9:92:52:a5:f0:67:7e:c6:78:01:f4:17:93:50:6a:53:48:
f5:90:52:dc:80:93:ef:e4:be:29:df:a3:e1:82:f7:15:83:7b:
62:6d:08:74
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEKIquTTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDkxMjJjMzU0MzhhNGViMjYyMzNmZGM2ZTRiYjFkZjJkYWFlZjQyMB4XDTIyMDEx
NDA5MzcxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDJiZjA2YTNmOGVi
NDU3ODA5MTcyYTY0OTFmODJiOTJkN2ZjYjZiMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOQ+2tHKM/7r6wW98gC8AWwz/ED9/eW3fbGNwQOO4Uud3toF
kMbYS7AXt8xuF6JbYPbOVQ5r9aHM1IR4mYxBOBPBgNZ7gY3PAzt76D3cqb8Ag5XN
/pjfVB8PwVUw4nfHp7OoY9MTpKLlXJUMaO3RyzkoNRfI9vbRKNcp3G31l6zE7qLf
a1TQ+z/sPOph0pzv96ZUWl1jxSUbtbsOXPdt3qEegP7Pmij9MwLPQaUcjcyfGNfa
papsN7u63huULkq4bsiduRhnKDazdOXKFh1UneckLaiizOHPmrdJ84IsTv+ZXKGg
+DjeAbr8hOcbeAS0gFNXb0UYoArgZIwrxZiFL38CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQCvwaj+OtFeAkXKmSR+CuS1/y2sjAfBgNVHSMEGDAWgBR0kSLDVDik6yYj
P9xuS7HfLarvQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8x
L0FyOEdvX2pyUlhnSkZ5cGtrZmdya3RmOHRySS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
MThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8xL2RKRWl3MVE0cE9z
bUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAl8uiDANBgkqhkiG9w0BAQsFAAOC
AQEAM8zyJUwpvPRJnYMTsnz90MHTlwTBHnsz+RKiBBbfmh5NKnFY5R7xoqvilzGF
5gjx2SoMu9V3LiYAoBkwXWC/jUXwSdAmrOeiak5GcT1nXi+g3AYcEC1KU78roT54
6vosVZ3kkITx3U+3bSCqqSjBJSlcJaGf2xUTWTyXews+0pBhdIRtgk4so6eyLOeu
u3nEzRoKoXs40UtssUCxZ77dy3D7xCT15cNBh1v+ZxBTufI0b2cWaHZzaW+WumHn
HqCCM+wqJz3/9HoKT9z3GG4aNpADlLk5fzn49PmSUqXwZ37GeAH0F5NQalNI9ZBS
3ICT7+S+Kd+j4YL3FYN7Ym0IdA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:48:53 2025 by rpki-client