Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/m9u21Cg0SBykq6gw8K_OagqI_qA.roa
File: m9u21Cg0SBykq6gw8K_OagqI_qA.roa (raw, json)
Hash identifier: SzLSRRK/08EWA0Bd9g+uAv5ewgWO8MC02yxOECTuShI=
Subject key identifier: 9B:DB:B6:D4:28:34:48:1C:A4:AB:A8:30:F0:AF:CE:6A:0A:88:FE:A0
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 2863E5C1
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/m9u21Cg0SBykq6gw8K_OagqI_qA.roa
Signing time: Sat 01 Jan 2022 16:10:24 +0000
ROA not before: Sat 01 Jan 2022 16:10:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212913
IP address blocks: 93.170.123.0/24 maxlen: 24
95.46.114.0/24 maxlen: 24
95.46.8.0/24 maxlen: 24
31.148.99.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 677635521 (0x2863e5c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 1 16:10:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9bdbb6d42834481ca4aba830f0afce6a0a88fea0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:69:fb:09:43:dc:5b:bd:62:e7:69:8b:47:87:
b0:e0:94:78:ca:dd:e9:cf:c0:a7:d6:77:9c:ee:fe:
b3:b8:09:ca:19:2b:eb:46:b6:ee:82:b7:fe:02:8e:
f4:a0:60:b5:c1:18:56:c7:9c:bb:5b:ec:ff:dc:d2:
e7:06:0d:61:45:c5:2a:40:49:8c:6a:f7:18:6d:9e:
b7:70:56:96:c8:37:45:e0:f5:e5:10:fa:88:e7:cd:
08:d3:9b:48:a9:94:68:84:a1:1b:9e:eb:d2:49:75:
46:e5:57:5d:fb:6e:6a:1c:1e:70:c8:ef:64:d6:e6:
cd:95:d1:15:9f:c6:0b:0c:73:d7:24:78:ab:ae:c1:
c6:6c:65:3d:bc:55:da:fd:fd:ca:ca:98:5c:ec:98:
14:ab:74:fe:31:c2:bd:be:a8:0b:8a:b0:23:ab:3d:
d9:b4:93:1b:56:9c:dc:82:9f:7c:07:62:0d:cb:7d:
aa:a3:20:fa:69:dd:1b:1e:0b:73:85:dd:3d:13:45:
5b:67:da:d0:93:aa:0f:d0:f2:ce:0d:12:e0:43:2b:
11:e9:61:d8:1b:7f:77:1b:1d:ee:2e:17:06:92:d8:
d1:ca:f0:08:7e:05:7e:a4:23:b9:39:c6:6f:6f:d4:
a2:65:d4:7a:ad:be:07:5e:b3:c2:17:21:a8:bf:b9:
af:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:DB:B6:D4:28:34:48:1C:A4:AB:A8:30:F0:AF:CE:6A:0A:88:FE:A0
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/m9u21Cg0SBykq6gw8K_OagqI_qA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.99.0/24
93.170.123.0/24
95.46.8.0/24
95.46.114.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:eb:ed:80:c9:0d:a3:0b:c1:10:c6:46:ed:fd:4c:6e:4f:28:
4a:81:8a:1a:eb:63:e7:59:f2:9c:38:73:2b:fd:3f:1d:f7:b6:
77:7c:a0:e5:a5:f2:11:6d:de:aa:b2:2d:9f:ce:fd:fa:cd:d1:
ad:ec:1f:1a:8b:cb:e9:77:4c:42:50:6a:51:6e:40:b3:87:fd:
3e:0c:f7:cd:11:e3:b4:3d:da:ea:21:73:c5:20:da:b5:66:6c:
eb:a5:d9:1c:60:f9:03:b1:b0:60:02:0e:46:92:ad:01:83:bd:
f1:9b:8c:ed:12:81:ab:3e:12:de:a0:45:af:5a:e5:76:d4:9a:
fd:0e:23:04:5a:3a:28:28:ea:0c:04:29:e0:ea:68:b4:ce:a4:
d6:12:dd:db:7c:a7:42:69:98:43:05:0d:1a:38:c8:c1:11:a1:
0f:eb:34:a2:8a:d9:a5:ca:95:65:14:c2:79:17:62:26:ff:7d:
fa:e2:b4:86:1b:b7:4c:c5:a8:98:7f:a6:78:f4:3e:02:1c:f7:
ec:ac:3b:c7:35:30:43:f0:7d:f9:1a:2c:a9:cc:49:6e:f8:a9:
8c:27:56:9a:19:a1:1b:dc:9b:f6:8f:72:ce:51:c7:dc:e4:24:
eb:8e:86:28:15:c6:fe:b2:25:fc:ea:b4:a0:b0:f3:37:52:ac:
02:8f:9a:2f
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEKGPlwTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDkxMjJjMzU0MzhhNGViMjYyMzNmZGM2ZTRiYjFkZjJkYWFlZjQyMB4XDTIyMDEw
MTE2MTAyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWJkYmI2ZDQyODM0
NDgxY2E0YWJhODMwZjBhZmNlNmEwYTg4ZmVhMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK9p+wlD3Fu9Yudpi0eHsOCUeMrd6c/Ap9Z3nO7+s7gJyhkr
60a27oK3/gKO9KBgtcEYVsecu1vs/9zS5wYNYUXFKkBJjGr3GG2et3BWlsg3ReD1
5RD6iOfNCNObSKmUaIShG57r0kl1RuVXXftuahwecMjvZNbmzZXRFZ/GCwxz1yR4
q67BxmxlPbxV2v39ysqYXOyYFKt0/jHCvb6oC4qwI6s92bSTG1ac3IKffAdiDct9
qqMg+mndGx4Lc4XdPRNFW2fa0JOqD9Dyzg0S4EMrEelh2Bt/dxsd7i4XBpLY0crw
CH4FfqQjuTnGb2/UomXUeq2+B16zwhchqL+5r+cCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBSb27bUKDRIHKSrqDDwr85qCoj+oDAfBgNVHSMEGDAWgBR0kSLDVDik6yYj
P9xuS7HfLarvQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8x
L205dTIxQ2cwU0J5a3E2Z3c4S19PYWdxSV9xQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
MThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8xL2RKRWl3MVE0cE9z
bUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAB+UYwMEAF2qewMEAF8uCAMEAF8u
cjANBgkqhkiG9w0BAQsFAAOCAQEAWuvtgMkNowvBEMZG7f1Mbk8oSoGKGutj51ny
nDhzK/0/Hfe2d3yg5aXyEW3eqrItn879+s3RrewfGovL6XdMQlBqUW5As4f9Pgz3
zRHjtD3a6iFzxSDatWZs66XZHGD5A7GwYAIORpKtAYO98ZuM7RKBqz4S3qBFr1rl
dtSa/Q4jBFo6KCjqDAQp4OpotM6k1hLd23ynQmmYQwUNGjjIwRGhD+s0oorZpcqV
ZRTCeRdiJv99+uK0hhu3TMWomH+mePQ+Ahz37Kw7xzUwQ/B9+RosqcxJbvipjCdW
mhmhG9yb9o9yzlHH3OQk646GKBXG/rIl/Oq0oLDzN1KsAo+aLw==
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:22:50 2025 by rpki-client