Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/fIDzhUZLACAVLWEBhqOf1o87GI0.roa
File: fIDzhUZLACAVLWEBhqOf1o87GI0.roa (raw, json)
Hash identifier: CuZJvp63YV7rpgzp605OKTkCIQ2Gr5YtmIotr/A7TBE=
Subject key identifier: 7C:80:F3:85:46:4B:00:20:15:2D:61:01:86:A3:9F:D6:8F:3B:18:8D
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 288A8636
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/fIDzhUZLACAVLWEBhqOf1o87GI0.roa
Signing time: Fri 14 Jan 2022 09:36:47 +0000
ROA not before: Fri 14 Jan 2022 09:36:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43533
IP address blocks: 146.158.28.0/23 maxlen: 23
92.253.196.0/22 maxlen: 22
93.170.208.0/22 maxlen: 22
92.38.52.0/22 maxlen: 22
31.148.144.0/22 maxlen: 22
93.170.16.0/21 maxlen: 21
93.171.210.0/23 maxlen: 23
93.170.168.0/23 maxlen: 23
92.38.16.0/22 maxlen: 24
92.38.24.0/22 maxlen: 22
146.158.20.0/22 maxlen: 22
31.148.100.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 680166966 (0x288a8636)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 14 09:36:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7c80f385464b0020152d610186a39fd68f3b188d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:f5:f4:10:20:2c:d7:5f:75:b1:d9:1e:5d:a5:
ee:a2:9f:f0:40:cf:a2:c1:61:ce:e6:50:b1:3e:4b:
0e:b9:58:71:be:bc:ff:b6:97:7c:a7:eb:1c:25:28:
a8:47:e3:75:58:aa:3b:3b:48:25:a5:d6:dc:7e:53:
42:6e:ad:6f:d6:ca:de:08:42:ab:04:70:70:c2:98:
be:c3:4d:bf:75:55:42:c2:5c:e7:3a:22:3d:cf:ba:
66:af:4f:5f:8b:08:6e:a5:0b:12:17:a2:22:4a:da:
00:89:73:8d:28:57:97:53:e0:57:18:4f:72:f6:a7:
4a:ea:ab:09:c0:d0:05:ea:9d:41:57:05:5f:63:ef:
73:07:0f:97:ff:5c:bd:f6:f4:ab:44:4b:79:ab:68:
e3:cb:10:e4:71:eb:a4:01:bb:5d:d8:e2:2f:cd:52:
33:26:83:21:0e:46:1a:26:19:8f:15:af:af:9c:70:
8e:35:de:8a:af:8e:e9:7a:35:81:b9:3b:51:e6:62:
0c:dc:f5:ea:25:28:73:a5:93:16:47:66:ac:23:86:
24:4c:0a:93:68:b9:23:f7:4a:82:52:c2:28:25:74:
80:37:a8:60:fb:71:63:b3:e4:c3:a3:e4:46:b8:63:
86:c1:2c:a4:76:7c:4d:81:61:e3:d3:d7:18:c7:0a:
45:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:80:F3:85:46:4B:00:20:15:2D:61:01:86:A3:9F:D6:8F:3B:18:8D
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/fIDzhUZLACAVLWEBhqOf1o87GI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.100.0/22
31.148.144.0/22
92.38.16.0/22
92.38.24.0/22
92.38.52.0/22
92.253.196.0/22
93.170.16.0/21
93.170.168.0/23
93.170.208.0/22
93.171.210.0/23
146.158.20.0/22
146.158.28.0/23
Signature Algorithm: sha256WithRSAEncryption
98:97:4d:a7:18:d7:fc:44:51:bd:16:b1:ac:0b:d2:8c:e0:2a:
f7:da:a1:b0:13:3c:1c:35:32:e2:df:04:46:4e:fd:4a:66:b1:
16:6f:5e:8f:69:03:03:87:71:60:f2:db:8c:6d:20:e6:52:8e:
01:fa:c7:83:f8:92:91:c1:0d:53:e4:a3:1b:09:cf:cc:29:cb:
2a:54:59:4d:d5:34:e8:d3:ef:1f:28:a9:01:37:40:fc:cf:19:
f5:2f:86:87:04:be:fa:6a:cc:f1:55:82:51:50:6f:f7:f6:24:
61:59:c4:da:2f:1f:6d:0f:1a:19:d9:84:3b:d4:ed:a5:fd:67:
00:55:01:97:2b:65:78:63:a6:90:e6:32:d2:bb:76:d6:5f:64:
76:65:bf:2a:50:0e:01:0d:a6:21:5c:67:33:4a:d1:4d:88:96:
dc:a8:72:a3:6c:59:1e:54:bb:6b:fb:06:56:49:7b:0d:ec:06:
c0:06:17:93:3f:85:ea:80:ee:cd:c9:5d:d6:6e:df:f4:fb:40:
7a:75:67:c1:48:8e:da:ed:a0:9c:ba:49:b6:65:ed:16:65:90:
cf:31:a1:b2:65:7d:ad:52:61:33:57:ad:94:29:84:6b:39:df:
3e:34:c4:b5:05:45:09:d9:69:97:8c:f6:e3:b4:30:38:fa:bd:
4f:02:43:92
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIEKIqGNjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDkxMjJjMzU0MzhhNGViMjYyMzNmZGM2ZTRiYjFkZjJkYWFlZjQyMB4XDTIyMDEx
NDA5MzY0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2M4MGYzODU0NjRi
MDAyMDE1MmQ2MTAxODZhMzlmZDY4ZjNiMTg4ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMT19BAgLNdfdbHZHl2l7qKf8EDPosFhzuZQsT5LDrlYcb68
/7aXfKfrHCUoqEfjdViqOztIJaXW3H5TQm6tb9bK3ghCqwRwcMKYvsNNv3VVQsJc
5zoiPc+6Zq9PX4sIbqULEheiIkraAIlzjShXl1PgVxhPcvanSuqrCcDQBeqdQVcF
X2PvcwcPl/9cvfb0q0RLeato48sQ5HHrpAG7XdjiL81SMyaDIQ5GGiYZjxWvr5xw
jjXeiq+O6Xo1gbk7UeZiDNz16iUoc6WTFkdmrCOGJEwKk2i5I/dKglLCKCV0gDeo
YPtxY7Pkw6PkRrhjhsEspHZ8TYFh49PXGMcKRaUCAwEAAaOCAkswggJHMB0GA1Ud
DgQWBBR8gPOFRksAIBUtYQGGo5/WjzsYjTAfBgNVHSMEGDAWgBR0kSLDVDik6yYj
P9xuS7HfLarvQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8x
L2ZJRHpoVVpMQUNBVkxXRUJocU9mMW84N0dJMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
MThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8xL2RKRWl3MVE0cE9z
bUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBh
BggrBgEFBQcBBwEB/wRSMFAwTgQCAAEwSAMEAh+UZAMEAh+UkAMEAlwmEAMEAlwm
GAMEAlwmNAMEAlz9xAMEA12qEAMEAV2qqAMEAl2q0AMEAV2r0gMEApKeFAMEAZKe
HDANBgkqhkiG9w0BAQsFAAOCAQEAmJdNpxjX/ERRvRaxrAvSjOAq99qhsBM8HDUy
4t8ERk79SmaxFm9ej2kDA4dxYPLbjG0g5lKOAfrHg/iSkcENU+SjGwnPzCnLKlRZ
TdU06NPvHyipATdA/M8Z9S+GhwS++mrM8VWCUVBv9/YkYVnE2i8fbQ8aGdmEO9Tt
pf1nAFUBlytleGOmkOYy0rt21l9kdmW/KlAOAQ2mIVxnM0rRTYiW3Khyo2xZHlS7
a/sGVkl7DewGwAYXkz+F6oDuzcld1m7f9PtAenVnwUiO2u2gnLpJtmXtFmWQzzGh
smV9rVJhM1etlCmEaznfPjTEtQVFCdlpl4z247QwOPq9TwJDkg==
-----END CERTIFICATE-----
Generated at Fri Apr 11 23:57:51 2025 by rpki-client