Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/VN88PmO78XzQoleF5IoDLbY9k9E.roa
File: VN88PmO78XzQoleF5IoDLbY9k9E.roa (raw, json)
Hash identifier: 42UGbGdiMgTb47vpWfDcyLfeLZg/uLUUffFoB/9MueU=
Subject key identifier: 54:DF:3C:3E:63:BB:F1:7C:D0:A2:57:85:E4:8A:03:2D:B6:3D:93:D1
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 28DD7E68
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/VN88PmO78XzQoleF5IoDLbY9k9E.roa
Signing time: Mon 14 Feb 2022 19:00:56 +0000
ROA not before: Mon 14 Feb 2022 19:00:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43060
IP address blocks: 92.38.28.0/22 maxlen: 24
31.148.220.0/24 maxlen: 24
95.46.36.0/23 maxlen: 24
95.47.108.0/22 maxlen: 24
92.253.192.0/22 maxlen: 24
93.171.72.0/22 maxlen: 24
31.148.192.0/22 maxlen: 24
93.171.128.0/22 maxlen: 24
95.47.192.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 685604456 (0x28dd7e68)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Feb 14 19:00:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=54df3c3e63bbf17cd0a25785e48a032db63d93d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:08:fe:00:03:e2:3a:3d:63:dd:b3:96:f0:73:
96:70:ec:a8:b1:5f:29:61:e8:67:a1:d9:19:b5:0b:
15:93:7c:af:83:69:01:4b:84:86:f6:42:1b:ac:76:
20:f6:24:33:43:b4:f3:27:26:79:e0:e6:0a:53:58:
c9:30:60:41:e6:62:97:fd:8c:6e:41:b1:37:15:a3:
63:42:e6:fe:02:da:78:aa:67:1c:bd:c1:d6:3b:44:
66:69:4c:58:0a:5d:3f:68:75:8b:8d:35:41:27:80:
59:fd:18:7a:82:91:00:98:3a:4f:53:63:5c:e0:dd:
80:22:83:8b:36:ed:d5:41:4a:22:84:fd:ae:d1:8e:
c6:7d:20:e4:a2:f1:05:fa:4a:32:da:fb:ad:c9:ca:
16:26:83:80:29:64:aa:f4:c9:63:52:9b:9c:36:68:
4b:b1:4d:13:8e:55:8c:6e:53:d9:16:bd:0b:62:ff:
93:13:e2:9e:fd:49:5f:e8:0c:4b:fd:8d:d6:bf:5c:
39:66:c6:42:05:2b:b4:55:8f:bb:b4:25:05:6b:90:
cf:05:1c:c0:d0:b3:d3:41:8f:03:88:f7:34:4f:0d:
45:97:f1:ee:28:bc:91:40:fd:23:8a:43:6a:2b:a3:
67:50:e4:4b:c1:4c:12:3c:94:4b:bd:96:d4:71:60:
69:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:DF:3C:3E:63:BB:F1:7C:D0:A2:57:85:E4:8A:03:2D:B6:3D:93:D1
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/VN88PmO78XzQoleF5IoDLbY9k9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.192.0/22
31.148.220.0/24
92.38.28.0/22
92.253.192.0/22
93.171.72.0/22
93.171.128.0/22
95.46.36.0/23
95.47.108.0/22
95.47.192.0/22
Signature Algorithm: sha256WithRSAEncryption
95:e1:ee:4a:86:66:42:1a:cc:fc:81:de:d0:02:4f:47:61:af:
3b:78:11:27:0d:72:1c:6f:6c:48:b0:a0:18:21:9b:ae:ae:b8:
1f:70:87:12:0d:c7:78:35:d9:06:04:4e:0f:f5:57:ec:9c:50:
2c:cc:b5:2e:53:73:10:dc:30:5b:b6:79:56:6b:72:01:1a:ce:
ab:21:76:b1:99:9f:7c:1e:b0:41:08:c3:2e:3b:86:56:11:3a:
3b:d7:f8:0c:97:86:77:41:b2:86:50:c1:8d:d6:50:46:b0:7f:
d0:91:cf:48:86:ce:9c:fe:5d:0d:96:13:fc:6e:e1:94:7a:3d:
8a:e6:35:e0:ed:a8:95:e0:2c:d7:d4:59:6c:ce:b3:c4:9f:ae:
13:94:dc:42:bc:53:c5:54:3d:0a:23:4c:29:72:3b:0a:6a:63:
ed:1e:5a:d5:57:2b:ee:91:bd:8f:82:f4:76:a5:9a:e0:0f:e7:
aa:ce:12:f5:b3:45:9e:ea:84:b4:c2:92:cc:eb:87:1d:b0:53:
5c:32:38:ab:0e:8b:29:f2:be:c2:f5:b0:f2:f7:48:14:09:72:
24:a3:41:b8:ac:e0:6f:22:7f:4f:6b:2b:4e:e4:a4:65:71:10:
67:6e:f0:b0:f7:f3:8a:1e:da:2a:6a:f8:4c:bd:f8:d9:81:09:
cb:51:53:70
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEKN1+aDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDkxMjJjMzU0MzhhNGViMjYyMzNmZGM2ZTRiYjFkZjJkYWFlZjQyMB4XDTIyMDIx
NDE5MDA1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTRkZjNjM2U2M2Ji
ZjE3Y2QwYTI1Nzg1ZTQ4YTAzMmRiNjNkOTNkMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALsI/gAD4jo9Y92zlvBzlnDsqLFfKWHoZ6HZGbULFZN8r4Np
AUuEhvZCG6x2IPYkM0O08ycmeeDmClNYyTBgQeZil/2MbkGxNxWjY0Lm/gLaeKpn
HL3B1jtEZmlMWApdP2h1i401QSeAWf0YeoKRAJg6T1NjXODdgCKDizbt1UFKIoT9
rtGOxn0g5KLxBfpKMtr7rcnKFiaDgClkqvTJY1KbnDZoS7FNE45VjG5T2Ra9C2L/
kxPinv1JX+gMS/2N1r9cOWbGQgUrtFWPu7QlBWuQzwUcwNCz00GPA4j3NE8NRZfx
7ii8kUD9I4pDaiujZ1DkS8FMEjyUS72W1HFgac0CAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBRU3zw+Y7vxfNCiV4XkigMttj2T0TAfBgNVHSMEGDAWgBR0kSLDVDik6yYj
P9xuS7HfLarvQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8x
L1ZOODhQbU83OFh6UW9sZUY1SW9ETGJZOWs5RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
MThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8xL2RKRWl3MVE0cE9z
bUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAh+UwAMEAB+U3AMEAlwmHAMEAlz9
wAMEAl2rSAMEAl2rgAMEAV8uJAMEAl8vbAMEAl8vwDANBgkqhkiG9w0BAQsFAAOC
AQEAleHuSoZmQhrM/IHe0AJPR2GvO3gRJw1yHG9sSLCgGCGbrq64H3CHEg3HeDXZ
BgROD/VX7JxQLMy1LlNzENwwW7Z5VmtyARrOqyF2sZmffB6wQQjDLjuGVhE6O9f4
DJeGd0GyhlDBjdZQRrB/0JHPSIbOnP5dDZYT/G7hlHo9iuY14O2oleAs19RZbM6z
xJ+uE5TcQrxTxVQ9CiNMKXI7Cmpj7R5a1Vcr7pG9j4L0dqWa4A/nqs4S9bNFnuqE
tMKSzOuHHbBTXDI4qw6LKfK+wvWw8vdIFAlyJKNBuKzgbyJ/T2srTuSkZXEQZ27w
sPfzih7aKmr4TL342YEJy1FTcA==
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:10:55 2025 by rpki-client