Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/CctL2F2nWkVa_Se6hYctShvhDtA.roa
File: CctL2F2nWkVa_Se6hYctShvhDtA.roa (raw, json)
Hash identifier: cl2Gey2HVdXLtZclTyJtvPxqKY+Qpaiv1tuDt0HUIU4=
Subject key identifier: 09:CB:4B:D8:5D:A7:5A:45:5A:FD:27:BA:85:87:2D:4A:1B:E1:0E:D0
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 284B54EC
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/CctL2F2nWkVa_Se6hYctShvhDtA.roa
Signing time: Sat 01 Jan 2022 16:10:07 +0000
ROA not before: Sat 01 Jan 2022 16:10:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209213
IP address blocks: 92.253.205.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 676025580 (0x284b54ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 1 16:10:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=09cb4bd85da75a455afd27ba85872d4a1be10ed0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:88:a3:67:7e:58:9d:28:c0:44:46:53:4a:b1:
1d:bf:7a:5b:ab:8e:3b:c0:5d:41:7f:b8:d9:1b:90:
e3:04:a8:b8:d7:f3:40:a0:91:21:a1:85:b0:1d:99:
66:da:0a:8c:5a:2c:29:67:29:47:98:61:e5:f8:eb:
1f:3a:4d:9e:dd:5b:52:0d:29:85:82:3a:5c:89:8f:
c8:3c:e3:d0:98:20:7d:11:a3:52:96:25:73:71:08:
0f:e6:f7:f0:48:3a:44:4e:9e:9c:df:a2:da:8c:d2:
4c:5b:5e:52:2a:58:a5:3b:19:de:d4:ee:69:84:4f:
1c:f6:71:7a:4c:e8:aa:5d:07:d1:83:5f:70:d8:fd:
29:2e:01:6c:4c:88:c0:1b:28:00:eb:56:61:ac:ca:
46:20:03:0a:b0:95:ef:bb:78:9e:e7:95:74:35:bd:
b5:91:2f:4c:84:ef:f8:69:a1:59:1a:1b:34:00:41:
d3:f9:56:a2:a0:c2:fa:3e:9c:1f:e6:0e:7b:17:8b:
96:d0:3a:a8:63:9e:82:6d:34:5c:bc:ad:95:7e:94:
d4:2d:e0:74:cb:28:07:a7:2b:aa:92:59:99:24:92:
5e:e6:87:f3:98:89:4b:1d:9e:18:a8:47:8a:8a:8c:
a1:59:d8:3f:bb:d2:f7:da:28:7e:bf:77:7d:4b:cc:
4d:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:CB:4B:D8:5D:A7:5A:45:5A:FD:27:BA:85:87:2D:4A:1B:E1:0E:D0
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/CctL2F2nWkVa_Se6hYctShvhDtA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.253.205.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:87:0e:a8:38:6b:f3:cf:65:91:1a:21:82:97:20:f0:b1:80:
41:44:f5:0b:61:66:7c:26:f8:9d:e2:c1:35:bb:10:0d:2e:ba:
76:12:02:55:1a:d2:c2:b6:0d:f5:47:97:a9:2d:e5:54:45:a1:
a8:12:5f:69:8d:80:72:aa:97:ef:1c:15:e0:af:a4:40:df:c9:
30:89:b6:fd:ff:24:d1:5f:41:da:cf:fc:08:5e:e3:5b:08:70:
b1:b2:f5:11:f6:17:0b:c2:6c:72:10:ba:d2:62:02:b1:38:c7:
a6:de:c7:a4:c0:64:e1:5c:90:fb:4c:c5:9d:f2:55:36:b8:17:
cd:e3:e6:52:22:24:eb:a1:fd:14:86:54:13:12:d5:44:2d:41:
a3:71:1b:38:20:2b:fe:9f:f0:63:54:0e:b1:98:ee:57:0c:3c:
cf:45:96:f2:74:d8:a8:83:50:16:28:cf:fd:6f:4d:6a:2b:60:
27:34:05:ec:48:b3:c1:34:3d:90:99:ae:f8:f9:2e:54:90:33:
ff:77:7f:82:56:ef:91:d1:e3:7a:05:c6:7a:bb:92:1d:16:56:
ed:d6:ab:22:d7:b2:79:92:f6:87:d3:e9:37:38:30:41:e4:be:
d8:13:51:23:c6:c1:6c:c8:26:32:73:5c:01:97:6f:9b:05:41:
4b:7e:2c:6a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEKEtU7DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDkxMjJjMzU0MzhhNGViMjYyMzNmZGM2ZTRiYjFkZjJkYWFlZjQyMB4XDTIyMDEw
MTE2MTAwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDljYjRiZDg1ZGE3
NWE0NTVhZmQyN2JhODU4NzJkNGExYmUxMGVkMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMGIo2d+WJ0owERGU0qxHb96W6uOO8BdQX+42RuQ4wSouNfz
QKCRIaGFsB2ZZtoKjFosKWcpR5hh5fjrHzpNnt1bUg0phYI6XImPyDzj0JggfRGj
UpYlc3EID+b38Eg6RE6enN+i2ozSTFteUipYpTsZ3tTuaYRPHPZxekzoql0H0YNf
cNj9KS4BbEyIwBsoAOtWYazKRiADCrCV77t4nueVdDW9tZEvTITv+GmhWRobNABB
0/lWoqDC+j6cH+YOexeLltA6qGOegm00XLytlX6U1C3gdMsoB6crqpJZmSSSXuaH
85iJSx2eGKhHioqMoVnYP7vS99oofr93fUvMTTcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQJy0vYXadaRVr9J7qFhy1KG+EO0DAfBgNVHSMEGDAWgBR0kSLDVDik6yYj
P9xuS7HfLarvQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8x
L0NjdEwyRjJuV2tWYV9TZTZoWWN0U2h2aER0QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
MThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8xL2RKRWl3MVE0cE9z
bUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFz9zTANBgkqhkiG9w0BAQsFAAOC
AQEAj4cOqDhr889lkRohgpcg8LGAQUT1C2FmfCb4neLBNbsQDS66dhICVRrSwrYN
9UeXqS3lVEWhqBJfaY2AcqqX7xwV4K+kQN/JMIm2/f8k0V9B2s/8CF7jWwhwsbL1
EfYXC8JschC60mICsTjHpt7HpMBk4VyQ+0zFnfJVNrgXzePmUiIk66H9FIZUExLV
RC1Bo3EbOCAr/p/wY1QOsZjuVww8z0WW8nTYqINQFijP/W9NaitgJzQF7EizwTQ9
kJmu+PkuVJAz/3d/glbvkdHjegXGeruSHRZW7darIteyeZL2h9PpNzgwQeS+2BNR
I8bBbMgmMnNcAZdvmwVBS34sag==
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:41:33 2025 by rpki-client