Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/EWSoLYqpTq8mGxVnbN67tIqDVjk.roa
File: EWSoLYqpTq8mGxVnbN67tIqDVjk.roa (raw, json)
Hash identifier: en49lilDtUa1+AZmIIjRNCiJLlX3awMLUPPvIg0hWD8=
Subject key identifier: 11:64:A8:2D:8A:A9:4E:AF:26:1B:15:67:6C:DE:BB:B4:8A:83:56:39
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 280A42A7
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/EWSoLYqpTq8mGxVnbN67tIqDVjk.roa
Signing time: Sat 01 Jan 2022 16:09:28 +0000
ROA not before: Sat 01 Jan 2022 16:09:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62069
IP address blocks: 31.148.5.0/24 maxlen: 24
92.38.3.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 671761063 (0x280a42a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 1 16:09:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1164a82d8aa94eaf261b15676cdebbb48a835639
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:36:8b:bd:1a:7d:76:d3:23:a1:01:58:f4:28:
86:71:67:5d:03:b9:a5:51:5a:e6:99:f8:f3:96:a1:
28:84:a1:36:8c:0a:d8:93:18:7c:ff:39:e0:4e:6d:
ec:ca:27:e8:c0:b9:39:4e:56:7c:45:31:16:17:47:
14:b6:ed:a5:d3:a0:a1:d9:8e:f3:8a:03:89:30:1d:
7d:c3:ab:eb:42:d4:4c:bb:c8:4c:e0:77:bc:45:f3:
ce:05:1d:82:9c:02:35:43:53:f7:d1:b1:9d:95:40:
33:e5:b5:c9:70:0f:88:b9:d6:df:a0:ca:ed:e1:97:
b9:37:d6:9a:42:ff:d7:f5:cc:be:f7:7f:50:86:59:
0d:4d:c8:83:bc:d9:ed:2e:75:ea:5e:71:bb:44:1f:
93:cf:05:f1:8d:09:40:a4:17:37:b9:5e:73:89:16:
25:b0:1b:ad:4a:60:ee:e9:83:e5:3d:08:6d:f8:b5:
3a:de:10:ad:c6:8c:98:3f:ca:24:43:e8:01:da:9d:
02:d4:41:e5:63:32:60:ed:52:55:f5:92:62:f5:ce:
bf:92:eb:4b:8f:cb:3e:63:7a:60:fa:9e:45:cc:bb:
db:80:a4:83:8f:df:34:b8:dc:d7:dc:e1:f9:a8:93:
a9:d7:57:2b:4b:16:eb:4a:bb:cc:e8:bf:30:fd:2a:
ea:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:64:A8:2D:8A:A9:4E:AF:26:1B:15:67:6C:DE:BB:B4:8A:83:56:39
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/EWSoLYqpTq8mGxVnbN67tIqDVjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.5.0/24
92.38.3.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:fa:c9:51:19:bf:33:78:b7:32:7f:09:0c:e8:e0:40:d2:3c:
e2:3d:35:5e:ee:8f:5b:93:71:fe:21:c0:33:ec:a3:08:9d:2c:
6b:7c:24:fd:0e:80:6b:5c:d7:f3:96:7a:7d:20:2e:b9:3e:09:
e4:2f:3f:6a:ab:0e:01:32:5c:51:b9:27:00:26:15:73:77:56:
ce:82:53:78:cb:04:7d:fd:e5:34:d9:61:70:dd:b9:fa:b0:eb:
32:5e:ff:7c:ca:75:40:94:ec:6a:9a:28:50:45:93:eb:b4:62:
34:eb:fd:c8:a2:95:4f:ed:5b:cb:06:79:e1:7a:6e:97:f7:4d:
95:68:8e:22:5c:ea:29:9d:d5:53:78:9d:34:22:e2:57:59:0a:
3a:d6:64:e0:66:c4:0c:0c:8c:f2:70:3b:ce:08:e8:b3:a4:39:
f8:6a:d4:a6:15:97:75:58:81:70:8f:2d:f4:07:04:2b:fa:9a:
82:68:10:f3:ae:74:e3:a6:c0:28:19:e6:9b:82:02:8b:4a:01:
c2:f5:9e:8b:f5:58:0b:dc:7a:db:58:9c:64:db:88:06:3f:03:
1b:2a:7b:4b:16:c4:ae:9e:f1:0b:b5:72:52:07:04:05:b6:8d:
c7:45:49:b4:ed:1b:a4:6b:cc:cf:9c:43:e0:ac:ca:e2:08:8c:
11:31:88:8f
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEKApCpzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDkxMjJjMzU0MzhhNGViMjYyMzNmZGM2ZTRiYjFkZjJkYWFlZjQyMB4XDTIyMDEw
MTE2MDkyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTE2NGE4MmQ4YWE5
NGVhZjI2MWIxNTY3NmNkZWJiYjQ4YTgzNTYzOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKA2i70afXbTI6EBWPQohnFnXQO5pVFa5pn485ahKIShNowK
2JMYfP854E5t7Mon6MC5OU5WfEUxFhdHFLbtpdOgodmO84oDiTAdfcOr60LUTLvI
TOB3vEXzzgUdgpwCNUNT99GxnZVAM+W1yXAPiLnW36DK7eGXuTfWmkL/1/XMvvd/
UIZZDU3Ig7zZ7S516l5xu0Qfk88F8Y0JQKQXN7lec4kWJbAbrUpg7umD5T0Ibfi1
Ot4QrcaMmD/KJEPoAdqdAtRB5WMyYO1SVfWSYvXOv5LrS4/LPmN6YPqeRcy724Ck
g4/fNLjc19zh+aiTqddXK0sW60q7zOi/MP0q6nECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQRZKgtiqlOryYbFWds3ru0ioNWOTAfBgNVHSMEGDAWgBR0kSLDVDik6yYj
P9xuS7HfLarvQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8x
L0VXU29MWXFwVHE4bUd4Vm5iTjY3dElxRFZqay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
MThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8xL2RKRWl3MVE0cE9z
bUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAB+UBQMEAFwmAzANBgkqhkiG9w0B
AQsFAAOCAQEAevrJURm/M3i3Mn8JDOjgQNI84j01Xu6PW5Nx/iHAM+yjCJ0sa3wk
/Q6Aa1zX85Z6fSAuuT4J5C8/aqsOATJcUbknACYVc3dWzoJTeMsEff3lNNlhcN25
+rDrMl7/fMp1QJTsapooUEWT67RiNOv9yKKVT+1bywZ54Xpul/dNlWiOIlzqKZ3V
U3idNCLiV1kKOtZk4GbEDAyM8nA7zgjos6Q5+GrUphWXdViBcI8t9AcEK/qagmgQ
865046bAKBnmm4ICi0oBwvWei/VYC9x621icZNuIBj8DGyp7SxbErp7xC7VyUgcE
BbaNx0VJtO0bpGvMz5xD4KzK4giMETGIjw==
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:20:02 2025 by rpki-client