Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/NAi1LptFpD2EtucXZak_UvQ1FbM.roa
File: NAi1LptFpD2EtucXZak_UvQ1FbM.roa (raw, json)
Hash identifier: GYNDBu7NhO/+HadHPYxDw/GU6YywOkVEVfOS6hqHBQQ=
Subject key identifier: 34:08:B5:2E:9B:45:A4:3D:84:B6:E7:17:65:A9:3F:52:F4:35:15:B3
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0184AA3997658280F556B7B982DE3D629337
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/NAi1LptFpD2EtucXZak_UvQ1FbM.roa
Signing time: Thu 24 Nov 2022 15:20:11 +0000
ROA not before: Thu 24 Nov 2022 15:20:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209248
IP address blocks: 92.253.206.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:aa:39:97:65:82:80:f5:56:b7:b9:82:de:3d:62:93:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Nov 24 15:20:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3408b52e9b45a43d84b6e71765a93f52f43515b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:d0:57:32:30:32:c1:c8:09:26:7b:10:0d:02:
a0:7f:be:4e:cc:23:51:ee:7f:f8:56:4c:6d:96:d3:
8f:ab:1a:c5:a9:ff:48:31:32:03:dd:89:2e:5a:92:
3c:c3:60:85:e4:b6:fc:3e:65:dd:58:89:b6:54:e9:
57:25:9d:67:02:e9:89:84:bd:d5:19:81:28:34:0f:
ff:12:38:a9:4e:98:9d:ad:e6:9a:87:eb:d7:22:62:
31:5a:fd:dc:13:7e:c1:0e:68:e6:94:72:bd:28:88:
ba:22:1a:2d:4c:ef:75:8d:b3:f7:5b:68:86:cb:1f:
e9:d0:e9:e9:9f:cb:81:80:7b:0a:e7:f3:b3:ce:70:
e0:35:b9:05:81:4d:02:1d:5a:7a:d8:9b:22:6c:2d:
eb:7d:97:78:7c:f4:bc:f5:e7:32:37:39:b3:8b:2c:
c9:7d:f3:2f:58:7d:54:35:df:29:5e:34:ee:22:a9:
f5:a7:c8:31:6d:db:c2:a4:da:3f:1d:24:2e:b2:ee:
c6:14:9b:20:86:53:88:7f:03:03:42:fc:1f:cd:57:
d5:a7:0d:4d:f7:b5:ef:eb:33:ad:9d:56:6d:b1:aa:
0b:88:79:38:5f:20:3e:ee:b8:43:78:25:d9:4e:19:
87:44:ea:25:77:e3:67:b4:ce:8d:6b:9b:0f:c8:34:
8f:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:08:B5:2E:9B:45:A4:3D:84:B6:E7:17:65:A9:3F:52:F4:35:15:B3
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/NAi1LptFpD2EtucXZak_UvQ1FbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.253.206.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:5e:3f:13:30:fd:3d:3a:89:6f:90:fa:cf:a6:d3:ac:17:a6:
f1:d4:59:f1:0c:94:bb:65:54:9d:ac:4b:85:42:87:a5:a5:8f:
51:4e:a9:73:23:17:73:bf:fc:9b:c3:58:70:16:d4:29:20:55:
ce:3e:b0:73:ee:5b:d9:e1:af:25:1d:10:a4:9b:00:2f:9d:c4:
a6:66:a9:25:55:c6:40:ff:f4:39:a5:ae:03:f3:98:6e:b3:b3:
c4:19:05:58:0d:24:3b:42:f4:e6:8a:71:a5:7d:c9:14:94:81:
80:f6:19:82:16:f5:ba:a5:5d:83:5d:51:d1:3e:7a:64:2e:05:
7a:30:7c:5b:47:e9:63:ff:e4:ae:2d:1e:92:ff:0a:ef:bc:c4:
ef:bd:80:be:d1:3b:37:88:e4:cf:d3:41:10:95:03:c0:33:0c:
31:eb:2a:6a:05:a4:8a:e6:91:e8:5b:5f:cb:7a:99:f2:76:6b:
1a:83:f0:1b:db:0b:a1:f1:45:13:af:9c:96:29:d1:d4:a5:6a:
f2:4a:23:fa:21:6a:fd:79:35:c4:08:21:61:c9:de:fb:a1:31:
23:cd:ce:bd:47:5b:13:5e:06:41:04:83:4e:07:83:52:1d:82:
bc:30:45:09:f5:fb:59:f7:fe:21:d7:99:87:0b:1a:ea:9c:07:
11:d6:2d:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSqOZdlgoD1Vre5gt49YpM3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjIxMTI0MTUyMDExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDA4YjUyZTliNDVhNDNkODRiNmU3MTc2NWE5M2Y1MmY0MzUxNWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhdBXMjAywcgJJnsQDQKgf75OzCNR
7n/4VkxtltOPqxrFqf9IMTID3YkuWpI8w2CF5Lb8PmXdWIm2VOlXJZ1nAumJhL3V
GYEoNA//EjipTpidreaah+vXImIxWv3cE37BDmjmlHK9KIi6IhotTO91jbP3W2iG
yx/p0Onpn8uBgHsK5/OzznDgNbkFgU0CHVp62JsibC3rfZd4fPS89ecyNzmziyzJ
ffMvWH1UNd8pXjTuIqn1p8gxbdvCpNo/HSQusu7GFJsghlOIfwMDQvwfzVfVpw1N
97Xv6zOtnVZtsaoLiHk4XyA+7rhDeCXZThmHROold+NntM6Na5sPyDSPOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDQItS6bRaQ9hLbnF2WpP1L0NRWzMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvTkFpMUxwdEZwRDJFdHVjWFpha19VdlExRmJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXP3OMA0G
CSqGSIb3DQEBCwUAA4IBAQCaXj8TMP09OolvkPrPptOsF6bx1FnxDJS7ZVSdrEuF
QoelpY9RTqlzIxdzv/ybw1hwFtQpIFXOPrBz7lvZ4a8lHRCkmwAvncSmZqklVcZA
//Q5pa4D85hus7PEGQVYDSQ7QvTminGlfckUlIGA9hmCFvW6pV2DXVHRPnpkLgV6
MHxbR+lj/+SuLR6S/wrvvMTvvYC+0Ts3iOTP00EQlQPAMwwx6ypqBaSK5pHoW1/L
epnydmsag/Ab2wuh8UUTr5yWKdHUpWrySiP6IWr9eTXECCFhyd77oTEjzc69R1sT
XgZBBINOB4NSHYK8MEUJ9ftZ9/4h15mHCxrqnAcR1i1E
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:41:25 2025 by rpki-client