Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/UrnLal09JBMX-WPOtQ9Y8ckCTTo.roa
File: UrnLal09JBMX-WPOtQ9Y8ckCTTo.roa (raw, json)
Hash identifier: uw0FfRaCHuX1CYgHjBbRtYrvgI7g2ThtbZeX0V1Wr2U=
Subject key identifier: 52:B9:CB:6A:5D:3D:24:13:17:F9:63:CE:B5:0F:58:F1:C9:02:4D:3A
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018570957DC2BCB6B80184A8C361BA5A9544
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/UrnLal09JBMX-WPOtQ9Y8ckCTTo.roa
Signing time: Mon 02 Jan 2023 03:45:23 +0000
ROA not before: Mon 02 Jan 2023 03:45:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62065
IP address blocks: 92.38.2.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:7d:c2:bc:b6:b8:01:84:a8:c3:61:ba:5a:95:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52b9cb6a5d3d241317f963ceb50f58f1c9024d3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:38:17:f3:dc:8b:52:d5:23:13:31:73:55:f0:
b0:e2:a4:73:0b:ce:c3:60:9e:41:1b:5c:a0:0f:8b:
80:44:5f:65:9d:b6:2c:15:d8:8b:f5:72:97:dc:9d:
69:eb:7e:d3:4a:a2:d7:32:b5:87:9b:1f:61:ed:1b:
e3:c8:a4:4c:2e:9b:a5:62:01:8a:f5:d8:8b:f4:09:
3f:4d:cd:c3:ba:80:bf:c0:a0:81:de:0d:b9:af:b2:
0e:3b:f2:e3:9b:93:45:5c:c4:71:b2:e0:10:ce:1e:
1d:4b:a3:00:9f:4b:56:0e:4a:f3:7c:4d:9f:55:a0:
f1:6f:e2:f2:fc:67:4f:c3:44:3a:eb:b6:02:0e:9f:
74:f2:60:47:f5:80:c1:f3:ba:32:b5:eb:1a:b8:34:
ea:ad:c2:74:96:79:73:11:a4:f8:46:5d:56:09:53:
e2:02:9d:cb:23:6b:84:4c:c4:ac:02:95:ce:f0:3e:
a0:f3:36:78:ec:97:99:4d:54:1a:94:89:f7:8f:a2:
92:c7:5f:15:4a:b5:6d:40:34:21:b8:38:5b:41:32:
7c:f1:22:40:c5:e5:07:da:a0:17:4a:59:f7:7b:85:
2c:aa:5b:a0:dd:3b:79:fb:c0:cb:6c:7d:7a:62:fb:
f4:d0:33:0f:ff:c2:6a:c4:a8:20:72:20:59:c2:73:
08:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:B9:CB:6A:5D:3D:24:13:17:F9:63:CE:B5:0F:58:F1:C9:02:4D:3A
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/UrnLal09JBMX-WPOtQ9Y8ckCTTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.38.2.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:09:f5:8d:33:b0:7a:7b:f0:e5:c9:8c:b7:8c:20:30:7e:f9:
db:5b:fe:19:64:92:fc:40:f1:7f:14:64:78:92:66:3b:66:1a:
01:96:18:52:96:bd:29:30:30:25:b8:0b:a5:af:dc:95:6d:72:
99:df:75:1b:bd:35:c6:4e:23:81:71:77:19:bc:6e:bf:15:92:
50:c5:6f:58:95:07:a2:ea:44:d1:9f:f0:f1:3f:33:a4:39:a1:
a2:81:73:83:06:99:69:fd:d9:36:3e:5b:92:23:70:1b:3d:ae:
17:68:7d:27:65:0c:43:93:b3:67:25:46:49:90:e0:c5:2a:c2:
d7:ef:89:ac:39:9a:9f:b1:9f:a4:2e:f3:8d:08:49:72:e5:05:
a8:7b:2a:c8:1b:89:e1:5c:35:45:c0:e8:b7:dc:e4:83:97:a8:
88:eb:94:7a:34:9a:75:46:73:ad:6f:e6:08:29:cd:06:e3:69:
c3:1c:da:f4:ec:ae:1e:02:ca:5c:73:52:e0:1b:62:23:30:d7:
6b:72:78:95:63:8e:53:78:5d:b8:14:48:16:e0:7e:fc:b4:89:
43:e3:1a:92:23:74:5d:62:fe:48:19:6c:8c:2b:3e:54:98:5a:
34:cb:c3:59:57:a5:35:8e:39:60:be:48:c6:b3:da:49:41:b1:
ff:b0:d1:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlX3CvLa4AYSow2G6WpVEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmI5Y2I2YTVkM2QyNDEzMTdmOTYzY2ViNTBmNThmMWM5MDI0ZDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDgX89yLUtUjEzFzVfCw4qRzC87D
YJ5BG1ygD4uARF9lnbYsFdiL9XKX3J1p637TSqLXMrWHmx9h7RvjyKRMLpulYgGK
9diL9Ak/Tc3DuoC/wKCB3g25r7IOO/Ljm5NFXMRxsuAQzh4dS6MAn0tWDkrzfE2f
VaDxb+Ly/GdPw0Q667YCDp908mBH9YDB87oytesauDTqrcJ0lnlzEaT4Rl1WCVPi
Ap3LI2uETMSsApXO8D6g8zZ47JeZTVQalIn3j6KSx18VSrVtQDQhuDhbQTJ88SJA
xeUH2qAXSln3e4Usqlug3Tt5+8DLbH16Yvv00DMP/8JqxKggciBZwnMIYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFK5y2pdPSQTF/ljzrUPWPHJAk06MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvVXJuTGFsMDlKQk1YLVdQT3RROVk4Y2tDVFRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXCYCMA0G
CSqGSIb3DQEBCwUAA4IBAQBaCfWNM7B6e/DlyYy3jCAwfvnbW/4ZZJL8QPF/FGR4
kmY7ZhoBlhhSlr0pMDAluAulr9yVbXKZ33UbvTXGTiOBcXcZvG6/FZJQxW9YlQei
6kTRn/DxPzOkOaGigXODBplp/dk2PluSI3AbPa4XaH0nZQxDk7NnJUZJkODFKsLX
74msOZqfsZ+kLvONCEly5QWoeyrIG4nhXDVFwOi33OSDl6iI65R6NJp1RnOtb+YI
Kc0G42nDHNr07K4eAspcc1LgG2IjMNdrcniVY45TeF24FEgW4H78tIlD4xqSI3Rd
Yv5IGWyMKz5UmFo0y8NZV6U1jjlgvkjGs9pJQbH/sNEV
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:03:29 2025 by rpki-client