Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/K3GwNQNGP9x2i4dEOGTkKnJDuso.roa
File: K3GwNQNGP9x2i4dEOGTkKnJDuso.roa (raw, json)
Hash identifier: +InOS5/JsqUtLCTkFyEdL/z6UOwvfdpXRzUc8W/TJvs=
Subject key identifier: 2B:71:B0:35:03:46:3F:DC:76:8B:87:44:38:64:E4:2A:72:43:BA:CA
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 277B47B7
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/K3GwNQNGP9x2i4dEOGTkKnJDuso.roa
Signing time: Sat 01 Jan 2022 16:08:09 +0000
ROA not before: Sat 01 Jan 2022 16:08:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41967
IP address blocks: 95.47.148.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 662390711 (0x277b47b7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 1 16:08:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2b71b03503463fdc768b87443864e42a7243baca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:db:92:9b:83:5f:60:b7:38:63:09:f3:88:d1:
6b:d8:1a:9d:cb:e1:85:af:ab:20:59:64:d6:df:4f:
f1:f4:a1:83:8a:33:a4:75:6d:59:52:ca:07:e6:6f:
0c:ad:d8:d8:28:45:1b:d3:72:f3:a9:80:c6:80:77:
03:ca:bb:3e:28:02:3d:5b:89:11:20:48:81:78:d9:
48:87:49:9d:bf:72:4e:1c:f4:d3:f6:ff:fa:b3:31:
6a:81:ce:35:c1:69:fd:6c:33:c7:f0:85:74:fd:b0:
c1:29:f0:2d:a8:0b:1e:20:dc:22:6e:61:ca:94:21:
dc:4b:78:a8:77:ba:57:db:cf:6a:7d:0a:f9:94:3a:
86:4a:43:d4:a0:79:82:82:35:59:08:77:01:c1:b6:
ed:be:4c:b2:63:5f:39:24:f9:2f:1a:91:e4:9e:9d:
76:e5:7e:36:17:0d:69:da:49:e7:e1:6a:ab:ff:6a:
cb:73:c1:6e:0c:92:41:3e:f2:e4:26:84:ac:7a:f9:
0e:05:a8:3e:3c:79:31:66:c6:94:3f:e5:2b:e6:16:
11:31:87:0b:58:70:fb:d6:45:b6:70:08:b9:76:c9:
f2:3f:2f:72:75:f2:74:17:75:fb:14:f9:22:9b:79:
3e:9e:e1:ee:8c:de:b5:07:8d:b5:50:9d:07:89:63:
a8:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:71:B0:35:03:46:3F:DC:76:8B:87:44:38:64:E4:2A:72:43:BA:CA
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/K3GwNQNGP9x2i4dEOGTkKnJDuso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.47.148.0/22
Signature Algorithm: sha256WithRSAEncryption
77:b3:2a:78:90:7b:b7:a0:9d:6e:9a:43:65:69:1b:19:54:40:
62:db:16:cc:4a:8d:6f:05:df:e3:34:8d:7e:65:1b:d9:04:01:
28:73:bf:d1:32:2f:2e:ad:70:f2:91:ee:b7:fa:02:05:0b:d9:
9b:c9:84:2a:38:9f:42:e7:67:6f:17:7d:aa:ca:5b:cf:e9:a3:
db:c7:3a:27:fb:7e:f1:d8:a8:c4:e7:13:cf:3f:b9:6c:5c:33:
ce:b5:31:f8:49:d2:f9:c2:95:c9:40:88:91:91:52:a7:0f:f1:
df:a2:bc:ac:17:35:30:9c:7f:e3:f0:43:9c:5c:fd:bc:8e:24:
7a:f4:72:b9:63:3f:1a:de:c1:92:8c:72:a5:83:19:36:a1:15:
73:ef:97:f9:eb:3a:de:56:c5:04:9e:1c:ed:6a:4a:87:61:b8:
f0:59:28:a0:67:e2:ba:e5:ca:fc:e2:4e:fc:10:5f:d5:e0:fb:
63:8b:05:09:93:0b:ee:d3:dc:8c:7a:ee:a0:ed:b6:42:55:69:
6a:6a:01:29:10:b0:d0:03:1c:08:ba:a0:03:be:86:c4:39:3e:
20:b3:75:c8:e0:2d:b2:c7:c5:16:44:7d:bc:19:24:72:47:20:
88:d5:a9:ca:84:51:89:51:75:6e:81:52:06:04:3f:6f:b5:ce:
73:8a:59:d6
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEJ3tHtzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDkxMjJjMzU0MzhhNGViMjYyMzNmZGM2ZTRiYjFkZjJkYWFlZjQyMB4XDTIyMDEw
MTE2MDgwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmI3MWIwMzUwMzQ2
M2ZkYzc2OGI4NzQ0Mzg2NGU0MmE3MjQzYmFjYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ/bkpuDX2C3OGMJ84jRa9gancvhha+rIFlk1t9P8fShg4oz
pHVtWVLKB+ZvDK3Y2ChFG9Ny86mAxoB3A8q7PigCPVuJESBIgXjZSIdJnb9yThz0
0/b/+rMxaoHONcFp/Wwzx/CFdP2wwSnwLagLHiDcIm5hypQh3Et4qHe6V9vPan0K
+ZQ6hkpD1KB5goI1WQh3AcG27b5MsmNfOST5LxqR5J6dduV+NhcNadpJ5+Fqq/9q
y3PBbgySQT7y5CaErHr5DgWoPjx5MWbGlD/lK+YWETGHC1hw+9ZFtnAIuXbJ8j8v
cnXydBd1+xT5Ipt5Pp7h7ozetQeNtVCdB4ljqIUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQrcbA1A0Y/3HaLh0Q4ZOQqckO6yjAfBgNVHSMEGDAWgBR0kSLDVDik6yYj
P9xuS7HfLarvQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8x
L0szR3dOUU5HUDl4Mmk0ZEVPR1RrS25KRHVzby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
MThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8xL2RKRWl3MVE0cE9z
bUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAl8vlDANBgkqhkiG9w0BAQsFAAOC
AQEAd7MqeJB7t6CdbppDZWkbGVRAYtsWzEqNbwXf4zSNfmUb2QQBKHO/0TIvLq1w
8pHut/oCBQvZm8mEKjifQudnbxd9qspbz+mj28c6J/t+8dioxOcTzz+5bFwzzrUx
+EnS+cKVyUCIkZFSpw/x36K8rBc1MJx/4/BDnFz9vI4kevRyuWM/Gt7BkoxypYMZ
NqEVc++X+es63lbFBJ4c7WpKh2G48FkooGfiuuXK/OJO/BBf1eD7Y4sFCZML7tPc
jHruoO22QlVpamoBKRCw0AMcCLqgA76GxDk+ILN1yOAtssfFFkR9vBkkckcgiNWp
yoRRiVF1boFSBgQ/b7XOc4pZ1g==
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:48:39 2025 by rpki-client