Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/AtI3DZt52CUyW-8jWL2x-5lz-Ds.roa
File: AtI3DZt52CUyW-8jWL2x-5lz-Ds.roa (raw, json)
Hash identifier: zhqbRZs9s1kykh2jW3ATWwKHI+TU0yhQsBrXFqjmq2w=
Subject key identifier: 02:D2:37:0D:9B:79:D8:25:32:5B:EF:23:58:BD:B1:FB:99:73:F8:3B
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 27BB545D
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/AtI3DZt52CUyW-8jWL2x-5lz-Ds.roa
Signing time: Sat 01 Jan 2022 16:08:42 +0000
ROA not before: Sat 01 Jan 2022 16:08:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50685
IP address blocks: 93.171.160.0/23 maxlen: 24
93.170.236.0/22 maxlen: 24
146.120.14.0/23 maxlen: 24
146.120.13.0/24 maxlen: 24
95.47.60.0/23 maxlen: 24
2a02:128:9::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 666588253 (0x27bb545d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 1 16:08:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=02d2370d9b79d825325bef2358bdb1fb9973f83b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:8a:ce:fc:d3:60:42:11:2f:f5:ef:68:c0:d8:
88:5e:ab:85:2b:9c:4b:4e:c4:8a:00:1c:19:1b:5e:
2d:96:50:87:77:41:3d:92:29:c1:df:ba:97:99:db:
8f:0e:9b:1a:15:80:6b:7e:65:c9:a0:34:bc:de:40:
0f:3d:69:4c:8b:02:4a:e9:dc:41:d2:75:33:ba:9a:
60:42:c2:e8:b1:35:6f:50:91:93:65:ad:2f:ec:c2:
38:04:13:39:79:c7:94:80:3c:08:49:34:63:93:41:
27:4a:20:c4:4f:9e:97:5d:a1:d4:90:fa:35:ae:93:
9b:65:b2:c9:25:de:27:3e:84:07:0e:d5:9c:40:ca:
75:2d:a1:0f:c7:6b:b9:3a:38:e0:d6:52:93:78:da:
16:dc:11:b8:4b:c0:1b:1d:9d:13:5a:16:73:91:82:
1b:2a:44:07:c7:23:36:bc:06:b7:53:41:90:64:9b:
9f:5a:01:37:62:dd:9a:00:71:13:05:09:26:21:e7:
9f:07:e8:19:b1:51:3f:bb:5d:08:20:41:91:9e:a1:
63:6a:4d:5f:77:56:bf:63:53:00:e9:e6:ec:1d:f9:
22:00:0a:05:f5:87:d7:d4:a9:03:15:27:ef:94:9a:
5d:04:1f:a9:6b:f8:c3:fb:34:07:d5:bb:e5:08:62:
58:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:D2:37:0D:9B:79:D8:25:32:5B:EF:23:58:BD:B1:FB:99:73:F8:3B
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/AtI3DZt52CUyW-8jWL2x-5lz-Ds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.170.236.0/22
93.171.160.0/23
95.47.60.0/23
146.120.13.0-146.120.15.255
IPv6:
2a02:128:9::/48
Signature Algorithm: sha256WithRSAEncryption
7b:3f:c8:38:f5:0d:9a:c3:01:d3:cb:12:14:6c:41:00:a9:06:
c5:02:8b:79:8a:4f:7d:f0:eb:73:be:fc:22:22:78:ae:57:9d:
c8:91:20:64:76:95:b4:6e:7e:98:4d:63:c4:e4:d8:b7:b6:df:
83:8d:2a:c5:2f:04:dd:7b:06:97:80:c6:08:39:e2:be:ce:33:
85:1c:41:60:41:df:61:78:22:7c:5c:05:e6:30:ce:c8:81:7d:
3b:7c:2f:a3:c8:8f:a8:99:03:7b:84:76:4d:a9:d5:bc:9a:7b:
fd:34:2a:91:28:b2:39:4c:1a:42:47:bb:b6:1e:51:29:87:1b:
47:07:7c:10:6f:49:1c:69:ac:40:ba:4e:97:99:fd:70:7c:97:
20:93:9c:a4:f3:e4:ae:cf:14:de:df:67:12:34:be:00:13:db:
23:80:42:47:64:bf:21:5d:34:85:88:bf:7a:0c:d5:b8:60:1b:
97:fa:95:58:68:a1:5d:7c:ae:95:78:bc:a2:fd:ff:98:65:d9:
1e:c0:0f:2b:43:aa:a8:eb:75:6c:51:f9:87:27:81:9f:1d:37:
ee:19:42:b2:41:39:c7:9b:75:5d:0e:0a:aa:62:e7:93:98:59:
fc:d6:98:62:27:7f:fe:36:96:06:91:e6:8a:4f:f9:80:99:b4:
50:99:16:f5
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgIEJ7tUXTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDkxMjJjMzU0MzhhNGViMjYyMzNmZGM2ZTRiYjFkZjJkYWFlZjQyMB4XDTIyMDEw
MTE2MDg0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDJkMjM3MGQ5Yjc5
ZDgyNTMyNWJlZjIzNThiZGIxZmI5OTczZjgzYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK+KzvzTYEIRL/XvaMDYiF6rhSucS07EigAcGRteLZZQh3dB
PZIpwd+6l5nbjw6bGhWAa35lyaA0vN5ADz1pTIsCSuncQdJ1M7qaYELC6LE1b1CR
k2WtL+zCOAQTOXnHlIA8CEk0Y5NBJ0ogxE+el12h1JD6Na6Tm2WyySXeJz6EBw7V
nEDKdS2hD8druTo44NZSk3jaFtwRuEvAGx2dE1oWc5GCGypEB8cjNrwGt1NBkGSb
n1oBN2LdmgBxEwUJJiHnnwfoGbFRP7tdCCBBkZ6hY2pNX3dWv2NTAOnm7B35IgAK
BfWH19SpAxUn75SaXQQfqWv4w/s0B9W75QhiWIECAwEAAaOCAjQwggIwMB0GA1Ud
DgQWBBQC0jcNm3nYJTJb7yNYvbH7mXP4OzAfBgNVHSMEGDAWgBR0kSLDVDik6yYj
P9xuS7HfLarvQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8x
L0F0STNEWnQ1MkNVeVctOGpXTDJ4LTVsei1Ecy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
MThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8xL2RKRWl3MVE0cE9z
bUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBK
BggrBgEFBQcBBwEB/wQ7MDkwJgQCAAEwIAMEAl2q7AMEAV2roAMEAV8vPDAMAwQA
kngNAwQEkngAMA8EAgACMAkDBwAqAgEoAAkwDQYJKoZIhvcNAQELBQADggEBAHs/
yDj1DZrDAdPLEhRsQQCpBsUCi3mKT33w63O+/CIieK5XnciRIGR2lbRufphNY8Tk
2Le234ONKsUvBN17BpeAxgg54r7OM4UcQWBB32F4InxcBeYwzsiBfTt8L6PIj6iZ
A3uEdk2p1byae/00KpEosjlMGkJHu7YeUSmHG0cHfBBvSRxprEC6TpeZ/XB8lyCT
nKTz5K7PFN7fZxI0vgAT2yOAQkdkvyFdNIWIv3oM1bhgG5f6lVhooV18rpV4vKL9
/5hl2R7ADytDqqjrdWxR+YcngZ8dN+4ZQrJBOcebdV0OCqpi55OYWfzWmGInf/42
lgaR5opP+YCZtFCZFvU=
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:46:20 2025 by rpki-client