Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/DJp6P5aIElpKsvaOS5DQ2LQMS5g.roa
File: DJp6P5aIElpKsvaOS5DQ2LQMS5g.roa (raw, json)
Hash identifier: SRSUzGTUOns0/jKByUfjgUvyFSmGPH6qfIMUwPfrFIc=
Subject key identifier: 0C:9A:7A:3F:96:88:12:5A:4A:B2:F6:8E:4B:90:D0:D8:B4:0C:4B:98
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0186EE5930DE40E07650D11C43A3792DBF90
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/DJp6P5aIElpKsvaOS5DQ2LQMS5g.roa
Signing time: Fri 17 Mar 2023 06:54:27 +0000
ROA not before: Fri 17 Mar 2023 06:54:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50576
IP address blocks: 31.148.175.0/24 maxlen: 24
146.120.240.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ee:59:30:de:40:e0:76:50:d1:1c:43:a3:79:2d:bf:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Mar 17 06:54:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c9a7a3f9688125a4ab2f68e4b90d0d8b40c4b98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:f0:5f:62:93:4a:22:68:e6:c0:2a:60:60:1a:
09:3f:86:20:9d:73:6f:e8:7c:d3:cc:77:41:d7:a9:
1d:92:8a:99:94:cc:81:b9:29:df:fe:b8:98:c9:28:
34:97:38:10:d9:5b:55:e3:70:33:71:cb:90:ae:e5:
08:e4:79:ee:fe:c5:3d:46:f6:05:3e:ee:74:9a:af:
4e:a3:d9:ae:47:29:9c:0b:56:00:8e:1b:51:a5:e8:
a0:35:c2:e1:b6:20:d7:f6:fc:84:be:41:9d:65:67:
63:57:2e:1e:b5:13:72:3b:95:85:9a:10:27:85:97:
77:d5:98:62:ec:a2:40:f8:61:fe:f5:8a:46:ce:75:
49:29:ae:54:19:be:1f:9c:28:02:87:3e:5c:8e:62:
31:04:c1:4b:f8:56:5b:d2:66:20:1a:02:6e:37:31:
fc:25:43:4e:d8:48:c8:8a:27:3b:1f:51:2f:0d:4d:
6c:cf:9f:37:a1:c8:57:e2:9a:e8:b0:b9:f9:9e:88:
af:9f:30:95:d5:f9:04:0c:bb:12:4f:48:8e:80:0a:
2b:6c:9e:ac:5d:4c:e6:95:b5:3e:b3:be:7b:66:a7:
3a:46:35:41:28:0e:66:fa:fb:91:9a:c1:43:f0:8b:
a2:01:fa:0a:67:69:93:47:a8:4b:3a:b0:74:da:01:
a6:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:9A:7A:3F:96:88:12:5A:4A:B2:F6:8E:4B:90:D0:D8:B4:0C:4B:98
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/DJp6P5aIElpKsvaOS5DQ2LQMS5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.175.0/24
146.120.240.0/24
Signature Algorithm: sha256WithRSAEncryption
95:10:5d:89:a2:ea:79:3a:9d:16:8f:80:be:49:3f:36:49:45:
84:92:dd:37:a2:dd:2e:f2:aa:3e:08:bf:d0:55:bd:71:84:98:
3e:42:eb:2a:d7:10:8e:82:0c:a2:a3:ea:3b:fb:ff:c9:e1:20:
3b:58:85:c5:85:fb:8c:ef:de:67:00:ea:1f:84:75:dd:df:02:
3a:8d:fa:32:9c:c7:6c:9b:0d:14:fd:7e:16:aa:72:3a:be:85:
e5:58:14:65:27:ab:72:80:d9:d2:dc:f0:b8:c2:81:64:38:4e:
bc:98:16:ae:bf:8e:28:0e:35:bc:b0:bc:1e:7a:ba:ff:1b:5f:
dd:cd:43:6e:ba:56:28:9b:05:c4:d9:cb:78:5c:04:60:57:06:
96:86:e5:e0:7e:88:23:52:1d:27:41:06:59:05:df:f3:9e:5c:
9c:56:2e:98:0e:5e:7f:7e:3d:89:a0:87:76:24:34:1d:e0:b2:
22:b1:ee:40:7d:c2:95:8c:42:ac:c0:fc:21:c3:f7:9e:ba:85:
9e:3f:93:e8:25:e0:01:74:93:02:ac:a9:eb:e1:de:61:6b:e4:
68:2b:1b:70:d8:fc:81:08:ed:f5:d3:b1:8d:c3:a0:4c:53:ce:
e6:7d:00:c2:c6:9e:2b:53:87:fa:b5:84:6c:33:e5:da:44:f5:
2f:cf:30:98
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYbuWTDeQOB2UNEcQ6N5Lb+QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMzE3MDY1NDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzlhN2EzZjk2ODgxMjVhNGFiMmY2OGU0YjkwZDBkOGI0MGM0Yjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/BfYpNKImjmwCpgYBoJP4YgnXNv
6HzTzHdB16kdkoqZlMyBuSnf/riYySg0lzgQ2VtV43AzccuQruUI5Hnu/sU9RvYF
Pu50mq9Oo9muRymcC1YAjhtRpeigNcLhtiDX9vyEvkGdZWdjVy4etRNyO5WFmhAn
hZd31Zhi7KJA+GH+9YpGznVJKa5UGb4fnCgChz5cjmIxBMFL+FZb0mYgGgJuNzH8
JUNO2EjIiic7H1EvDU1sz583ochX4prosLn5noivnzCV1fkEDLsST0iOgAorbJ6s
XUzmlbU+s757Zqc6RjVBKA5m+vuRmsFD8IuiAfoKZ2mTR6hLOrB02gGmjwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAyaej+WiBJaSrL2jkuQ0Ni0DEuYMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvREpwNlA1YUlFbHBLc3ZhT1M1RFEyTFFNUzVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAH5SvAwQA
knjwMA0GCSqGSIb3DQEBCwUAA4IBAQCVEF2Joup5Op0Wj4C+ST82SUWEkt03ot0u
8qo+CL/QVb1xhJg+Qusq1xCOggyio+o7+//J4SA7WIXFhfuM795nAOofhHXd3wI6
jfoynMdsmw0U/X4WqnI6voXlWBRlJ6tygNnS3PC4woFkOE68mBauv44oDjW8sLwe
err/G1/dzUNuulYomwXE2ct4XARgVwaWhuXgfogjUh0nQQZZBd/znlycVi6YDl5/
fj2JoId2JDQd4LIise5AfcKVjEKswPwhw/eeuoWeP5PoJeABdJMCrKnr4d5ha+Ro
Kxtw2PyBCO3107GNw6BMU87mfQDCxp4rU4f6tYRsM+XaRPUvzzCY
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:34:18 2025 by rpki-client