Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/SmtMl1sM854fKY-A0FR7wcMnfBE.roa
File: SmtMl1sM854fKY-A0FR7wcMnfBE.roa (raw, json)
Hash identifier: dfwzcGVrtdPPQXvZcNeGs/+FS4XrCqPobqO9WnKYz5g=
Subject key identifier: 4A:6B:4C:97:5B:0C:F3:9E:1F:29:8F:80:D0:54:7B:C1:C3:27:7C:11
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018570956CF585FF32538B7F7FB69F7AD99A
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/SmtMl1sM854fKY-A0FR7wcMnfBE.roa
Signing time: Mon 02 Jan 2023 03:45:19 +0000
ROA not before: Mon 02 Jan 2023 03:45:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60612
IP address blocks: 95.46.164.0/23 maxlen: 24
93.170.7.0/24 maxlen: 24
95.47.175.0/24 maxlen: 24
95.46.125.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:6c:f5:85:ff:32:53:8b:7f:7f:b6:9f:7a:d9:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a6b4c975b0cf39e1f298f80d0547bc1c3277c11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ec:d7:01:c1:ae:e1:c6:52:09:8e:50:53:ca:
f6:b2:7d:e6:9d:a3:50:81:90:b4:06:79:24:a8:39:
b1:6b:8a:af:c2:aa:87:ac:b8:12:58:2b:29:ed:b2:
6a:86:70:de:96:d7:b4:e4:28:53:fc:0a:53:9e:a8:
4e:64:e0:de:71:dd:5b:6d:f6:bc:44:c1:08:c1:b7:
31:af:b1:44:72:77:5f:dd:68:40:0e:b0:5f:d3:6d:
89:43:b8:10:ff:e0:cf:f4:c1:a7:96:8d:06:d4:01:
81:cb:82:b0:d5:2f:15:b3:74:8b:f3:10:8b:c6:ac:
bf:77:4c:12:c7:9a:ea:aa:4a:d7:41:f6:0c:a3:2d:
98:3a:d8:be:54:b0:97:8b:74:2c:c7:67:10:14:0e:
2c:b5:9b:77:92:3f:86:86:4b:db:3f:3b:38:cf:5f:
f6:9c:06:2e:76:0b:41:36:8c:2a:37:a9:6f:13:50:
c6:9c:f2:d7:29:ca:4e:28:1c:d4:df:18:fc:c4:c6:
49:1d:8a:0b:38:43:b8:3a:cb:9c:cb:cc:e2:14:a3:
30:6c:de:9d:64:c3:e9:5c:84:3f:ed:ca:23:9e:e4:
ac:e9:8c:ee:45:b6:d5:74:5d:fd:cf:30:ca:f8:6b:
8f:36:dc:8b:b2:aa:72:ac:f0:33:ef:15:11:bb:74:
f6:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:6B:4C:97:5B:0C:F3:9E:1F:29:8F:80:D0:54:7B:C1:C3:27:7C:11
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/SmtMl1sM854fKY-A0FR7wcMnfBE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.170.7.0/24
95.46.125.0/24
95.46.164.0/23
95.47.175.0/24
Signature Algorithm: sha256WithRSAEncryption
06:0b:a0:51:37:98:0f:72:e8:3b:41:a3:51:49:08:11:b8:5d:
d0:8b:ae:89:84:1f:d8:6e:2e:c4:fd:e5:80:8e:ea:a6:15:2b:
28:51:2b:aa:54:1b:e7:29:8c:8a:12:18:18:dc:b3:47:e6:4b:
cb:6c:63:0a:47:37:8c:bb:fc:16:b3:e3:75:2f:b1:57:1e:45:
60:2c:d4:71:ff:94:9f:c9:4c:8e:76:1a:6b:1c:b4:1d:50:f3:
6b:23:be:50:dc:6b:f8:e4:61:ce:a3:44:87:d4:d1:b3:65:28:
b0:02:fd:26:09:5c:d2:61:dc:a1:9f:84:b1:73:d2:ee:ef:da:
e9:06:55:ce:7e:99:9a:e1:f1:42:a4:6d:ca:0d:fc:a2:03:c9:
9f:46:ce:73:a5:e9:0c:cb:9d:f4:47:bd:ab:9f:fb:0a:fb:66:
8b:c0:fd:b0:cd:0a:6d:0b:53:9c:10:ee:2f:75:04:49:5f:30:
d4:e5:74:f2:b7:af:f3:b0:7c:b3:18:1c:17:1c:2a:61:bb:0d:
9a:9f:d4:ce:8e:87:af:a6:4a:d5:6b:aa:c6:7b:ec:61:21:31:
dd:12:0a:6c:c3:5c:4a:b1:46:62:a6:8b:ec:72:a9:c8:d9:c4:
76:c2:a3:bf:dd:72:f8:f5:1d:96:70:1e:b1:a9:56:5b:e7:1c:
be:3b:e8:27
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVwlWz1hf8yU4t/f7afetmaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTZiNGM5NzViMGNmMzllMWYyOThmODBkMDU0N2JjMWMzMjc3YzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOzXAcGu4cZSCY5QU8r2sn3mnaNQ
gZC0BnkkqDmxa4qvwqqHrLgSWCsp7bJqhnDelte05ChT/ApTnqhOZODecd1bbfa8
RMEIwbcxr7FEcndf3WhADrBf022JQ7gQ/+DP9MGnlo0G1AGBy4Kw1S8Vs3SL8xCL
xqy/d0wSx5rqqkrXQfYMoy2YOti+VLCXi3Qsx2cQFA4stZt3kj+GhkvbPzs4z1/2
nAYudgtBNowqN6lvE1DGnPLXKcpOKBzU3xj8xMZJHYoLOEO4Osucy8ziFKMwbN6d
ZMPpXIQ/7cojnuSs6YzuRbbVdF39zzDK+GuPNtyLsqpyrPAz7xURu3T25wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEprTJdbDPOeHymPgNBUe8HDJ3wRMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvU210TWwxc004NTRmS1ktQTBGUjd3Y01uZkJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAXaoHAwQA
Xy59AwQBXy6kAwQAXy+vMA0GCSqGSIb3DQEBCwUAA4IBAQAGC6BRN5gPcug7QaNR
SQgRuF3Qi66JhB/Ybi7E/eWAjuqmFSsoUSuqVBvnKYyKEhgY3LNH5kvLbGMKRzeM
u/wWs+N1L7FXHkVgLNRx/5SfyUyOdhprHLQdUPNrI75Q3Gv45GHOo0SH1NGzZSiw
Av0mCVzSYdyhn4Sxc9Lu79rpBlXOfpma4fFCpG3KDfyiA8mfRs5zpekMy530R72r
n/sK+2aLwP2wzQptC1OcEO4vdQRJXzDU5XTyt6/zsHyzGBwXHCphuw2an9TOjoev
pkrVa6rGe+xhITHdEgpsw1xKsUZipovscqnI2cR2wqO/3XL49R2WcB6xqVZb5xy+
O+gn
-----END CERTIFICATE-----
Generated at Sat Apr 12 10:21:27 2025 by rpki-client