Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/NVQgdo2ACZSOhmDgyMn3NSg2T_0.roa
File: NVQgdo2ACZSOhmDgyMn3NSg2T_0.roa (raw, json)
Hash identifier: bdNy1EaeOGmaqVS2UFA4pYwMNNQXWY4gU5d5exHFBbs=
Subject key identifier: 35:54:20:76:8D:80:09:94:8E:86:60:E0:C8:C9:F7:35:28:36:4F:FD
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018570958A98931CB7F450A055C6065B2419
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/NVQgdo2ACZSOhmDgyMn3NSg2T_0.roa
Signing time: Mon 02 Jan 2023 03:45:26 +0000
ROA not before: Mon 02 Jan 2023 03:45:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197520
IP address blocks: 93.170.114.0/23 maxlen: 24
93.171.78.0/23 maxlen: 24
95.47.164.0/24 maxlen: 24
95.46.11.0/24 maxlen: 24
93.170.77.0/24 maxlen: 24
92.38.22.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:8a:98:93:1c:b7:f4:50:a0:55:c6:06:5b:24:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=355420768d8009948e8660e0c8c9f73528364ffd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:d1:ff:23:93:72:3b:65:25:16:62:1c:2c:a2:
84:4e:ef:9e:67:08:51:3a:e2:98:a5:87:97:4c:01:
8e:0a:32:ad:b8:ff:13:92:fb:17:ea:f8:40:07:ef:
b4:1a:e4:9a:c1:72:11:04:53:38:39:79:e1:e6:09:
68:8e:db:a6:e4:68:a5:83:da:e1:cd:87:ee:b2:0f:
ea:66:3e:71:de:37:d3:9f:46:25:06:8e:cb:5f:94:
5f:55:6d:9d:32:56:36:91:8d:2c:77:d6:37:7b:8d:
13:28:bc:39:43:db:99:d3:ed:7e:a5:5c:25:32:f3:
02:a3:d8:c0:ab:d9:4f:0b:fb:58:f9:9d:06:0e:f5:
39:56:06:49:be:86:e8:49:4c:23:4b:73:88:6f:06:
92:03:f4:21:c9:6c:46:b7:03:b6:08:5f:79:80:57:
03:ed:40:2e:c0:60:28:e9:77:ae:74:b3:bb:26:72:
1a:c3:58:9f:3a:ac:b5:5f:df:d3:2a:b6:5d:6e:94:
03:8c:28:59:ef:a2:f6:98:e4:46:5d:e9:31:9d:13:
bf:76:9f:b4:06:55:ff:bf:6d:18:71:2f:6d:b3:68:
27:72:27:85:a9:cd:a5:b9:d3:ec:1b:ec:b7:f7:64:
00:59:c4:8b:fd:93:8d:71:cc:a7:48:de:21:bb:b5:
59:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:54:20:76:8D:80:09:94:8E:86:60:E0:C8:C9:F7:35:28:36:4F:FD
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/NVQgdo2ACZSOhmDgyMn3NSg2T_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.38.22.0/23
93.170.77.0/24
93.170.114.0/23
93.171.78.0/23
95.46.11.0/24
95.47.164.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:56:05:75:04:16:78:35:b1:4e:20:2f:72:fe:66:8f:a8:bb:
71:a6:69:9e:d1:fd:4d:20:f2:d0:e1:2d:a3:0e:61:c5:e2:c9:
02:ea:30:47:45:e7:83:09:a5:da:78:32:1e:62:a6:90:a7:dc:
5d:1a:f5:3c:00:d0:33:1f:d0:e8:04:5b:37:46:d6:d9:86:36:
19:77:a0:9b:c4:89:f8:09:1b:e3:2b:a2:fb:a3:0e:65:78:7d:
56:c3:22:57:cd:b4:35:61:63:10:c8:51:c9:09:c4:70:83:93:
37:af:17:5b:fb:9c:cf:49:a7:56:76:0c:9b:80:e7:20:ce:6c:
09:78:40:3e:fc:bd:f3:cf:51:c7:92:56:6b:47:67:3b:44:7e:
b8:f3:01:87:1c:d8:19:6c:bb:11:8f:bd:e9:78:a8:6e:92:b5:
31:81:84:34:c9:4c:1f:eb:df:8c:9b:c2:76:92:21:17:21:bf:
07:f3:77:60:4a:eb:53:6b:c9:0d:db:fe:ad:68:15:35:be:96:
aa:26:89:5d:12:50:64:e3:f0:91:44:16:0a:90:52:47:76:93:
9c:83:81:1c:3e:c9:dc:31:69:46:8b:9d:53:8b:75:48:13:43:
5f:6a:93:4d:8e:ab:4c:70:16:8a:16:2c:c8:8c:70:9d:82:0a:
59:f0:8c:14
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVwlYqYkxy39FCgVcYGWyQZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTU0MjA3NjhkODAwOTk0OGU4NjYwZTBjOGM5ZjczNTI4MzY0ZmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2NH/I5NyO2UlFmIcLKKETu+eZwhR
OuKYpYeXTAGOCjKtuP8TkvsX6vhAB++0GuSawXIRBFM4OXnh5glojtum5Gilg9rh
zYfusg/qZj5x3jfTn0YlBo7LX5RfVW2dMlY2kY0sd9Y3e40TKLw5Q9uZ0+1+pVwl
MvMCo9jAq9lPC/tY+Z0GDvU5VgZJvoboSUwjS3OIbwaSA/QhyWxGtwO2CF95gFcD
7UAuwGAo6XeudLO7JnIaw1ifOqy1X9/TKrZdbpQDjChZ76L2mORGXekxnRO/dp+0
BlX/v20YcS9ts2gncieFqc2ludPsG+y392QAWcSL/ZONccynSN4hu7VZMQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDVUIHaNgAmUjoZg4MjJ9zUoNk/9MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvTlZRZ2RvMkFDWlNPaG1EZ3lNbjNOU2cyVF8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBXCYWAwQA
XapNAwQBXapyAwQBXatOAwQAXy4LAwQAXy+kMA0GCSqGSIb3DQEBCwUAA4IBAQBc
VgV1BBZ4NbFOIC9y/maPqLtxpmme0f1NIPLQ4S2jDmHF4skC6jBHReeDCaXaeDIe
YqaQp9xdGvU8ANAzH9DoBFs3RtbZhjYZd6CbxIn4CRvjK6L7ow5leH1WwyJXzbQ1
YWMQyFHJCcRwg5M3rxdb+5zPSadWdgybgOcgzmwJeEA+/L3zz1HHklZrR2c7RH64
8wGHHNgZbLsRj73peKhukrUxgYQ0yUwf69+Mm8J2kiEXIb8H83dgSutTa8kN2/6t
aBU1vpaqJoldElBk4/CRRBYKkFJHdpOcg4EcPsncMWlGi51Ti3VIE0NfapNNjqtM
cBaKFizIjHCdggpZ8IwU
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:58:17 2025 by rpki-client