Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/pyDMgCms4B6nRdQUMFwmLBZGaZo.roa
File: pyDMgCms4B6nRdQUMFwmLBZGaZo.roa (raw, json)
Hash identifier: W+yjhpHXEif65mViWwPIjUSGEagZpLe8yU9yReez8cw=
Subject key identifier: A7:20:CC:80:29:AC:E0:1E:A7:45:D4:14:30:5C:26:2C:16:46:69:9A
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018ADAF9A2323DBE9AFDD3265DA70C3342D6
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/pyDMgCms4B6nRdQUMFwmLBZGaZo.roa
Signing time: Thu 28 Sep 2023 08:48:27 +0000
ROA not before: Thu 28 Sep 2023 08:48:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210519
IP address blocks: 92.38.50.0/23 maxlen: 24
31.148.196.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:da:f9:a2:32:3d:be:9a:fd:d3:26:5d:a7:0c:33:42:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Sep 28 08:48:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a720cc8029ace01ea745d414305c262c1646699a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:7a:34:9e:bf:75:05:08:ac:bf:49:9f:20:cf:
fa:d8:7b:78:de:5f:4e:42:a4:a7:2a:47:64:4d:d0:
c8:9d:50:02:1a:e7:a1:3b:79:d5:38:c5:c0:9e:e2:
16:dc:6e:5b:28:99:63:61:53:01:52:a5:bb:24:38:
aa:df:36:21:c2:42:59:2e:23:45:c3:5e:e0:f6:e6:
ab:b6:ca:4d:c8:fc:a3:50:f5:1a:3f:95:58:c2:ad:
ec:f2:d9:e6:8f:70:88:2f:36:23:0d:d0:c8:2e:f9:
32:71:5b:55:ec:72:fc:09:85:d4:fc:ee:c2:6b:d3:
b3:bf:a5:29:5b:dc:d8:8b:98:7a:af:73:fe:26:61:
f4:13:83:36:5b:e6:88:04:38:c6:a8:16:82:8d:02:
31:3c:55:a1:f5:77:fd:f7:54:3f:4a:31:eb:a7:93:
0b:d8:fa:80:aa:11:44:1b:9c:d9:fb:3e:d5:4b:76:
3b:72:21:0e:39:62:58:27:9d:a6:47:ba:40:9a:61:
c3:ef:c2:0b:03:c4:23:6f:a1:79:c8:a1:61:b4:bd:
e6:5f:97:52:4a:c6:a2:59:88:14:34:93:3c:e9:74:
8f:74:d7:6a:32:33:df:f4:74:6b:44:b2:b7:d7:be:
f8:60:a6:7b:68:be:a4:00:d6:44:1a:dd:4a:3a:fd:
31:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:20:CC:80:29:AC:E0:1E:A7:45:D4:14:30:5C:26:2C:16:46:69:9A
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/pyDMgCms4B6nRdQUMFwmLBZGaZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.196.0/22
92.38.50.0/23
Signature Algorithm: sha256WithRSAEncryption
3e:37:c4:5d:6d:26:c6:a3:fb:0f:a1:6d:c9:4e:dc:90:74:c8:
db:bb:8e:f6:23:30:4f:ee:9e:da:e4:fa:8c:ca:ca:a4:88:b3:
ac:79:b5:1f:4a:72:b9:5a:39:93:02:68:52:9c:88:dc:c5:0c:
d1:53:e3:67:d1:50:14:17:f7:37:52:e9:84:bc:fd:01:bd:0f:
6a:08:16:b3:dc:46:c3:a0:bf:f7:c6:12:8f:13:11:15:04:61:
f4:3f:9d:a8:42:9f:c7:8f:b4:fa:d6:2f:36:57:2f:bb:6a:fb:
2c:ad:f6:b9:e3:92:8a:91:ac:3b:72:b3:7e:83:d5:65:89:a9:
e6:cb:c2:9e:4c:f9:da:a2:37:57:d9:98:6b:6f:e7:6f:0d:27:
77:21:1d:fd:96:f4:9f:7a:7b:14:67:67:14:e6:86:8b:d8:33:
27:6d:36:d4:29:16:3b:78:57:80:35:ea:2d:e3:cf:1d:33:1b:
9e:d5:9b:ca:d9:8c:46:f2:1f:8e:50:8e:f2:3e:16:4d:39:4e:
80:12:5a:23:00:3c:da:2b:c8:74:5d:39:af:94:97:d3:d6:77:
ba:d3:d1:79:c7:aa:7b:32:a4:8b:b3:f6:6f:a8:84:61:a5:e3:
29:41:e7:a5:5b:68:d8:b0:2e:b7:a2:1b:8d:cb:df:a9:42:18:
67:bf:cf:af
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYra+aIyPb6a/dMmXacMM0LWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwOTI4MDg0ODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzIwY2M4MDI5YWNlMDFlYTc0NWQ0MTQzMDVjMjYyYzE2NDY2OTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Xo0nr91BQisv0mfIM/62Ht43l9O
QqSnKkdkTdDInVACGuehO3nVOMXAnuIW3G5bKJljYVMBUqW7JDiq3zYhwkJZLiNF
w17g9uartspNyPyjUPUaP5VYwq3s8tnmj3CILzYjDdDILvkycVtV7HL8CYXU/O7C
a9Ozv6UpW9zYi5h6r3P+JmH0E4M2W+aIBDjGqBaCjQIxPFWh9Xf991Q/SjHrp5ML
2PqAqhFEG5zZ+z7VS3Y7ciEOOWJYJ52mR7pAmmHD78ILA8Qjb6F5yKFhtL3mX5dS
SsaiWYgUNJM86XSPdNdqMjPf9HRrRLK31774YKZ7aL6kANZEGt1KOv0xHwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKcgzIAprOAep0XUFDBcJiwWRmmaMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvcHlETWdDbXM0QjZuUmRRVU1Gd21MQlpHYVpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCH5TEAwQB
XCYyMA0GCSqGSIb3DQEBCwUAA4IBAQA+N8RdbSbGo/sPoW3JTtyQdMjbu472IzBP
7p7a5PqMysqkiLOsebUfSnK5WjmTAmhSnIjcxQzRU+Nn0VAUF/c3UumEvP0BvQ9q
CBaz3EbDoL/3xhKPExEVBGH0P52oQp/Hj7T61i82Vy+7avssrfa545KKkaw7crN+
g9Vlianmy8KeTPnaojdX2Zhrb+dvDSd3IR39lvSfensUZ2cU5oaL2DMnbTbUKRY7
eFeANeot488dMxue1ZvK2YxG8h+OUI7yPhZNOU6AElojADzaK8h0XTmvlJfT1ne6
09F5x6p7MqSLs/ZvqIRhpeMpQeelW2jYsC63ohuNy9+pQhhnv8+v
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:31:54 2025 by rpki-client