Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/EYaOBmmDW-lvlKOEcQyk4TKMXn0.roa
File: EYaOBmmDW-lvlKOEcQyk4TKMXn0.roa (raw, json)
Hash identifier: PupSqSlKDvMQEcqXn031ijtomoDlUpa+aicsJGV2Ql0=
Subject key identifier: 11:86:8E:06:69:83:5B:E9:6F:94:A3:84:71:0C:A4:E1:32:8C:5E:7D
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018570950D7E066763E6C8AF715780D13236
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/EYaOBmmDW-lvlKOEcQyk4TKMXn0.roa
Signing time: Mon 02 Jan 2023 03:44:54 +0000
ROA not before: Mon 02 Jan 2023 03:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29256
IP address blocks: 31.148.152.0/21 maxlen: 21
92.253.224.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:0d:7e:06:67:63:e6:c8:af:71:57:80:d1:32:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=11868e0669835be96f94a384710ca4e1328c5e7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:d6:9d:d6:2f:ad:bd:01:c8:64:6c:ab:9c:26:
89:39:e4:a9:64:5a:34:b4:63:89:d7:38:b1:43:f1:
42:8a:8d:9d:bc:f2:15:11:80:e1:5d:e0:ac:ff:bf:
16:de:84:e5:00:4c:34:0c:5d:2a:e0:08:39:56:8b:
ab:48:56:ce:95:68:1a:32:d8:82:eb:b6:48:d5:79:
02:a0:c9:c9:5d:19:7c:9d:66:b5:47:0f:85:e8:ee:
cd:52:17:df:a7:c0:55:56:64:32:67:5b:46:ce:e8:
ed:79:42:68:38:2e:eb:3b:ee:25:cf:55:9c:22:1a:
c5:b7:3d:95:ed:ee:e1:24:e5:ac:89:ff:32:6c:78:
a4:da:91:6b:cd:49:b4:ca:12:0f:a5:ed:35:f8:b9:
10:cb:cc:a1:e0:d0:92:8b:e0:6c:2c:7b:0d:b5:35:
df:fc:d6:81:19:2a:72:94:ae:91:ac:93:82:74:bf:
f8:fb:d7:43:ba:a6:1d:f7:7d:d6:b9:2b:22:b0:0f:
f1:99:2b:23:a0:57:a6:80:c4:81:91:6e:9e:1f:7b:
15:34:e5:3d:08:b2:02:b5:f2:43:c0:e1:d9:8e:4b:
10:08:5c:91:5b:db:97:61:6a:2a:cc:0e:2b:18:d2:
7a:96:be:b2:47:d4:9c:63:37:c8:f9:8d:48:ca:42:
fa:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:86:8E:06:69:83:5B:E9:6F:94:A3:84:71:0C:A4:E1:32:8C:5E:7D
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/EYaOBmmDW-lvlKOEcQyk4TKMXn0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.152.0/21
92.253.224.0/21
Signature Algorithm: sha256WithRSAEncryption
27:f4:4c:d5:6b:b1:9e:1b:1c:4e:c8:3d:fa:97:4c:fc:75:7f:
e6:27:e9:81:e1:55:17:7b:a1:78:bc:4f:55:02:77:a1:09:44:
ae:03:16:00:cb:89:df:31:3c:7b:3c:75:c1:e7:b2:df:2d:76:
98:e6:f9:1a:cd:71:cd:0a:4e:4b:2f:fa:f0:15:e4:b7:51:7d:
bc:03:70:26:76:ae:84:81:33:fb:ee:72:5f:eb:3b:41:90:3d:
ac:ee:8e:36:d5:0e:66:98:23:50:aa:32:b6:a2:37:b3:80:00:
f1:66:4f:74:0a:7c:de:a5:b5:8e:60:28:42:d8:df:d4:7d:7b:
9c:ee:51:3a:ae:8a:fc:d6:a9:42:83:f6:4c:39:cc:70:36:ed:
de:cf:f4:ec:31:74:63:53:e1:37:df:08:49:15:b9:72:2d:1f:
f7:17:6c:64:5a:14:00:22:e5:b2:8d:b0:56:97:40:9c:21:fa:
7a:fe:0c:4a:3a:6c:9d:23:9f:e8:9c:5d:8a:e7:e3:7b:33:04:
7d:bd:d0:17:0b:63:8c:1f:93:51:04:ba:ef:af:66:b4:32:66:
bf:8d:ff:1f:6e:2d:a6:e9:00:85:6c:80:13:92:36:97:87:03:
06:99:6f:06:07:65:83:d8:b6:a1:73:69:51:d3:4a:6f:c1:f2:
65:52:1c:0a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwlQ1+Bmdj5sivcVeA0TI2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTg2OGUwNjY5ODM1YmU5NmY5NGEzODQ3MTBjYTRlMTMyOGM1ZTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAktad1i+tvQHIZGyrnCaJOeSpZFo0
tGOJ1zixQ/FCio2dvPIVEYDhXeCs/78W3oTlAEw0DF0q4Ag5VourSFbOlWgaMtiC
67ZI1XkCoMnJXRl8nWa1Rw+F6O7NUhffp8BVVmQyZ1tGzujteUJoOC7rO+4lz1Wc
IhrFtz2V7e7hJOWsif8ybHik2pFrzUm0yhIPpe01+LkQy8yh4NCSi+BsLHsNtTXf
/NaBGSpylK6RrJOCdL/4+9dDuqYd933WuSsisA/xmSsjoFemgMSBkW6eH3sVNOU9
CLICtfJDwOHZjksQCFyRW9uXYWoqzA4rGNJ6lr6yR9ScYzfI+Y1IykL6/QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBGGjgZpg1vpb5SjhHEMpOEyjF59MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvRVlhT0JtbURXLWx2bEtPRWNReWs0VEtNWG4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDH5SYAwQD
XP3gMA0GCSqGSIb3DQEBCwUAA4IBAQAn9EzVa7GeGxxOyD36l0z8dX/mJ+mB4VUX
e6F4vE9VAnehCUSuAxYAy4nfMTx7PHXB57LfLXaY5vkazXHNCk5LL/rwFeS3UX28
A3Amdq6EgTP77nJf6ztBkD2s7o421Q5mmCNQqjK2ojezgADxZk90CnzepbWOYChC
2N/UfXuc7lE6ror81qlCg/ZMOcxwNu3ez/TsMXRjU+E33whJFblyLR/3F2xkWhQA
IuWyjbBWl0CcIfp6/gxKOmydI5/onF2K5+N7MwR9vdAXC2OMH5NRBLrvr2a0Mma/
jf8fbi2m6QCFbIATkjaXhwMGmW8GB2WD2Lahc2lR00pvwfJlUhwK
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:58:29 2025 by rpki-client