Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/UDqFLinLzT3jzchNulC8yL4zHKs.roa
File: UDqFLinLzT3jzchNulC8yL4zHKs.roa (raw, json)
Hash identifier: 1Nt/1pX0fZduvwMEnSlZotlsLIpBH504ptgoQ4UxPvs=
Subject key identifier: 50:3A:85:2E:29:CB:CD:3D:E3:CD:C8:4D:BA:50:BC:C8:BE:33:1C:AB
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 2A1798BB
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/UDqFLinLzT3jzchNulC8yL4zHKs.roa
Signing time: Wed 01 Jun 2022 09:32:25 +0000
ROA not before: Wed 01 Jun 2022 09:32:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58347
IP address blocks: 95.46.159.0/24 maxlen: 24
95.47.234.0/23 maxlen: 24
93.170.5.0/24 maxlen: 24
31.148.248.0/23 maxlen: 24
95.47.36.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 706189499 (0x2a1798bb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jun 1 09:32:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=503a852e29cbcd3de3cdc84dba50bcc8be331cab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:9e:b8:55:ce:9d:5c:b6:68:ee:2c:2a:b9:09:
ae:d9:57:21:d2:5c:19:3c:0d:73:28:fc:18:29:d7:
c5:54:0d:1a:fb:2e:8f:43:17:78:52:22:64:49:1d:
e1:44:81:92:58:a3:f1:bd:1d:b1:7b:ae:50:b7:ba:
71:9a:f2:b8:cd:d7:fd:43:94:5c:7c:a9:fa:55:b0:
29:85:84:b8:a0:d4:86:79:87:be:a2:ea:a0:97:5c:
07:da:ef:2a:0b:9a:3d:fd:18:0b:85:7a:43:be:40:
21:a0:8c:0d:c2:e7:52:10:f6:1c:2a:00:70:d7:71:
ac:ba:a3:25:37:27:ca:e7:b5:9c:64:b9:93:f3:ae:
cd:5f:51:cd:84:fd:6d:6f:78:41:81:50:73:04:54:
b6:ea:18:81:0a:b7:70:54:32:9e:f7:2c:03:d6:09:
b8:86:87:ab:f5:05:87:bb:2b:40:ff:67:c8:64:06:
75:d9:25:36:22:35:65:4b:4a:ff:6d:d4:6a:6e:e3:
f6:77:d5:b7:84:9f:43:d5:27:cf:a2:0d:a8:44:39:
91:07:dd:54:11:4b:f6:45:2c:25:ca:a8:d0:ef:c6:
7a:52:f3:64:c0:b6:30:b6:70:f9:13:fd:ce:9f:03:
9c:e1:85:38:36:d0:69:a2:f2:bf:30:17:a9:20:e5:
05:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:3A:85:2E:29:CB:CD:3D:E3:CD:C8:4D:BA:50:BC:C8:BE:33:1C:AB
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/UDqFLinLzT3jzchNulC8yL4zHKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.248.0/23
93.170.5.0/24
95.46.159.0/24
95.47.36.0/22
95.47.234.0/23
Signature Algorithm: sha256WithRSAEncryption
43:bf:2f:6f:76:51:ac:08:5e:7f:e9:f3:72:6b:3e:d7:4b:20:
03:ac:b4:ba:61:dc:a7:51:f5:38:61:34:bc:96:c0:e8:e4:43:
e3:48:77:3b:90:e8:ff:c7:07:cc:5d:e5:5c:a8:f4:60:8d:1e:
6c:e6:31:73:dc:ef:2e:80:86:79:9c:98:02:08:bc:c5:42:bf:
73:6d:1f:3e:6d:3b:68:8a:66:3d:2b:57:a9:0d:54:8c:c9:f4:
4b:18:e2:e8:3e:7a:f4:19:df:0e:49:a4:2b:5c:ae:39:d9:ec:
b5:2c:55:18:32:10:ea:51:40:bd:9b:85:56:30:18:2e:cf:05:
bc:4a:b0:a2:5f:3b:5a:ab:fb:90:6e:a7:34:33:26:65:d3:de:
f7:d5:9c:29:86:4e:82:78:f8:4f:fc:f9:c3:a6:05:8a:4b:28:
6f:e3:a7:cb:50:78:28:50:90:11:96:94:8a:2a:d0:7f:8f:ab:
23:6e:d3:90:a5:64:65:bc:4c:01:d8:b7:aa:a8:c1:b0:c5:19:
e5:87:d2:91:38:06:1d:48:7b:fb:d2:59:46:39:74:d4:18:ff:
df:40:89:3c:48:cb:59:47:af:96:72:41:64:de:86:e1:a6:54:
73:ce:f6:bf:b3:fa:41:23:60:ed:36:4a:00:af:89:eb:23:a1:
20:f5:fc:39
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEKheYuzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDkxMjJjMzU0MzhhNGViMjYyMzNmZGM2ZTRiYjFkZjJkYWFlZjQyMB4XDTIyMDYw
MTA5MzIyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTAzYTg1MmUyOWNi
Y2QzZGUzY2RjODRkYmE1MGJjYzhiZTMzMWNhYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMOeuFXOnVy2aO4sKrkJrtlXIdJcGTwNcyj8GCnXxVQNGvsu
j0MXeFIiZEkd4USBklij8b0dsXuuULe6cZryuM3X/UOUXHyp+lWwKYWEuKDUhnmH
vqLqoJdcB9rvKguaPf0YC4V6Q75AIaCMDcLnUhD2HCoAcNdxrLqjJTcnyue1nGS5
k/OuzV9RzYT9bW94QYFQcwRUtuoYgQq3cFQynvcsA9YJuIaHq/UFh7srQP9nyGQG
ddklNiI1ZUtK/23Uam7j9nfVt4SfQ9Unz6INqEQ5kQfdVBFL9kUsJcqo0O/GelLz
ZMC2MLZw+RP9zp8DnOGFODbQaaLyvzAXqSDlBSsCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBRQOoUuKcvNPePNyE26ULzIvjMcqzAfBgNVHSMEGDAWgBR0kSLDVDik6yYj
P9xuS7HfLarvQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8x
L1VEcUZMaW5MelQzanpjaE51bEM4eUw0ekhLcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
MThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8xL2RKRWl3MVE0cE9z
bUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAR+U+AMEAF2qBQMEAF8unwMEAl8v
JAMEAV8v6jANBgkqhkiG9w0BAQsFAAOCAQEAQ78vb3ZRrAhef+nzcms+10sgA6y0
umHcp1H1OGE0vJbA6ORD40h3O5Do/8cHzF3lXKj0YI0ebOYxc9zvLoCGeZyYAgi8
xUK/c20fPm07aIpmPStXqQ1UjMn0Sxji6D569BnfDkmkK1yuOdnstSxVGDIQ6lFA
vZuFVjAYLs8FvEqwol87Wqv7kG6nNDMmZdPe99WcKYZOgnj4T/z5w6YFiksob+On
y1B4KFCQEZaUiirQf4+rI27TkKVkZbxMAdi3qqjBsMUZ5YfSkTgGHUh7+9JZRjl0
1Bj/30CJPEjLWUevlnJBZN6G4aZUc872v7P6QSNg7TZKAK+J6yOhIPX8OQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:32:00 2025 by rpki-client