Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/D1llKM6bTgEFHs4DNAljNN-yNjY.roa
File: D1llKM6bTgEFHs4DNAljNN-yNjY.roa (raw, json)
Hash identifier: k9suJcmRKtE8sKq03BIemJKaccmR9GEDbpXfIfseXJ4=
Subject key identifier: 0F:59:65:28:CE:9B:4E:01:05:1E:CE:03:34:09:63:34:DF:B2:36:36
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 27608C15
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/D1llKM6bTgEFHs4DNAljNN-yNjY.roa
Signing time: Sat 01 Jan 2022 16:07:53 +0000
ROA not before: Sat 01 Jan 2022 16:07:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20688
IP address blocks: 93.171.184.0/24 maxlen: 24
146.120.116.0/22 maxlen: 24
93.171.143.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 660638741 (0x27608c15)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 1 16:07:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0f596528ce9b4e01051ece0334096334dfb23636
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:64:4a:46:71:d5:48:32:2d:2c:90:09:93:8d:
e2:ad:70:e6:a0:bd:1a:8d:f7:7a:0d:10:7d:2d:dd:
5c:b4:a8:6e:75:57:78:2c:87:77:6c:1e:e9:ea:e6:
6a:6e:d0:21:ba:fd:98:7a:b4:05:9f:d8:03:5f:cc:
ad:fc:b7:01:5a:3c:6e:13:f7:88:7a:3c:8a:d5:6a:
c8:0d:4a:31:f2:c8:4e:2b:e0:28:fa:82:d2:f8:bc:
cb:08:65:f5:14:3e:f3:a7:b4:17:f9:ba:4e:0b:60:
14:8c:7a:52:57:81:f1:b0:10:ed:0b:0b:be:80:5c:
1e:59:07:e7:55:89:e4:79:83:a8:3a:9b:6a:fe:8f:
bf:b7:e2:04:17:53:21:76:ed:72:f5:33:7e:bd:63:
e4:da:53:08:ba:f8:9f:88:38:5c:8a:39:0e:22:75:
f3:97:e5:d9:f1:c7:e7:cd:6d:e8:ed:30:6a:9f:b1:
0f:d4:36:20:f2:78:24:79:77:29:61:3d:21:4a:48:
1a:a5:89:b1:5c:a0:56:da:2d:4f:86:85:bd:26:4c:
c7:91:f4:b1:e8:cc:ec:c5:66:74:9f:60:af:b0:39:
8d:90:fb:65:c8:3f:b6:17:17:df:da:d5:96:87:bf:
d6:b9:fc:67:54:7e:1e:6c:2b:f3:8a:e8:32:0b:0e:
35:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:59:65:28:CE:9B:4E:01:05:1E:CE:03:34:09:63:34:DF:B2:36:36
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/D1llKM6bTgEFHs4DNAljNN-yNjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.171.143.0/24
93.171.184.0/24
146.120.116.0/22
Signature Algorithm: sha256WithRSAEncryption
78:e5:dd:88:fe:62:70:f1:ee:4d:dd:92:b2:ea:ea:e5:6f:16:
1c:43:4b:20:22:0a:b9:78:24:71:f2:a5:73:4d:79:93:4b:4d:
f1:f6:f1:e0:80:1e:6f:c2:6a:44:54:a6:e2:d5:bc:19:82:21:
b7:ef:56:39:48:0d:c8:e1:45:6f:71:c1:75:36:12:90:68:7f:
b0:0b:dd:5b:de:31:7b:89:d3:a4:e8:92:6f:94:df:c1:77:83:
03:6b:9e:28:be:20:17:25:68:b4:c1:f7:76:dd:bd:d9:18:0f:
2c:b6:c3:a9:c6:20:d9:4d:3c:0f:84:56:a7:e7:81:0c:8c:ec:
0d:46:49:2a:f3:db:1a:5c:a5:a4:5b:d4:6a:3c:18:a3:05:de:
6c:57:74:93:e7:03:41:33:3c:ab:3e:64:4f:e5:f4:e5:44:b3:
67:e6:25:1d:f2:2b:92:5b:5b:d2:d1:2f:27:43:7a:eb:1c:2a:
50:df:a5:2b:f8:ce:77:ee:4b:0c:cb:53:fd:6d:2c:12:c5:a5:
8b:5b:03:f4:d6:ec:d6:3f:bc:6c:39:0b:68:35:3a:7a:ea:f2:
8e:54:93:02:20:6d:82:d4:d7:81:97:57:1f:a9:9d:93:ce:60:
b8:c5:d0:11:55:5b:ea:32:59:59:c6:5b:48:6f:57:1a:df:fc:
c0:40:00:5f
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEJ2CMFTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDkxMjJjMzU0MzhhNGViMjYyMzNmZGM2ZTRiYjFkZjJkYWFlZjQyMB4XDTIyMDEw
MTE2MDc1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGY1OTY1MjhjZTli
NGUwMTA1MWVjZTAzMzQwOTYzMzRkZmIyMzYzNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALlkSkZx1UgyLSyQCZON4q1w5qC9Go33eg0QfS3dXLSobnVX
eCyHd2we6ermam7QIbr9mHq0BZ/YA1/Mrfy3AVo8bhP3iHo8itVqyA1KMfLITivg
KPqC0vi8ywhl9RQ+86e0F/m6TgtgFIx6UleB8bAQ7QsLvoBcHlkH51WJ5HmDqDqb
av6Pv7fiBBdTIXbtcvUzfr1j5NpTCLr4n4g4XIo5DiJ185fl2fHH581t6O0wap+x
D9Q2IPJ4JHl3KWE9IUpIGqWJsVygVtotT4aFvSZMx5H0sejM7MVmdJ9gr7A5jZD7
Zcg/thcX39rVloe/1rn8Z1R+Hmwr84roMgsONfUCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQPWWUozptOAQUezgM0CWM037I2NjAfBgNVHSMEGDAWgBR0kSLDVDik6yYj
P9xuS7HfLarvQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8x
L0QxbGxLTTZiVGdFRkhzNEROQWxqTk4teU5qWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
MThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8xL2RKRWl3MVE0cE9z
bUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAF2rjwMEAF2ruAMEApJ4dDANBgkq
hkiG9w0BAQsFAAOCAQEAeOXdiP5icPHuTd2Ssurq5W8WHENLICIKuXgkcfKlc015
k0tN8fbx4IAeb8JqRFSm4tW8GYIht+9WOUgNyOFFb3HBdTYSkGh/sAvdW94xe4nT
pOiSb5TfwXeDA2ueKL4gFyVotMH3dt292RgPLLbDqcYg2U08D4RWp+eBDIzsDUZJ
KvPbGlylpFvUajwYowXebFd0k+cDQTM8qz5kT+X05USzZ+YlHfIrkltb0tEvJ0N6
6xwqUN+lK/jOd+5LDMtT/W0sEsWli1sD9Nbs1j+8bDkLaDU6euryjlSTAiBtgtTX
gZdXH6mdk85guMXQEVVb6jJZWcZbSG9XGt/8wEAAXw==
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:44:12 2025 by rpki-client