Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/tKnrqRScyletE2Ka85uX81z7D98.roa
File: tKnrqRScyletE2Ka85uX81z7D98.roa (raw, json)
Hash identifier: vl64qpTApWTku4fO7ZSe8d0ABNoxOy5CxAMrT3z9/40=
Subject key identifier: B4:A9:EB:A9:14:9C:CA:57:AD:13:62:9A:F3:9B:97:F3:5C:FB:0F:DF
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 27DB12B4
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/tKnrqRScyletE2Ka85uX81z7D98.roa
Signing time: Sat 01 Jan 2022 16:08:59 +0000
ROA not before: Sat 01 Jan 2022 16:08:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58254
IP address blocks: 95.47.153.0/24 maxlen: 24
146.120.16.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 668668596 (0x27db12b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 1 16:08:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b4a9eba9149cca57ad13629af39b97f35cfb0fdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:a7:c9:3d:a6:67:e0:d5:ea:ab:83:44:21:63:
3e:f4:89:1d:1e:80:f5:28:91:10:80:29:c4:61:fb:
23:6e:4e:5d:9d:21:a5:ce:12:35:41:d1:73:69:c8:
b6:93:23:1f:44:52:be:7b:cd:6b:fc:91:69:19:62:
3b:1d:cf:c8:f2:1a:f8:2e:67:b5:07:39:55:75:d1:
cb:98:74:8f:d8:a1:d0:8f:e1:8d:b7:e9:07:3b:b0:
3a:21:1e:14:d1:90:06:e9:09:a9:bd:6a:99:19:67:
77:11:90:9d:8e:61:e6:cc:f7:88:0d:c5:1b:93:26:
f3:90:40:d1:45:bd:0b:e6:19:19:f7:35:4e:1c:34:
8e:4a:b0:19:20:7b:f7:3d:0d:ff:0a:77:ec:39:a0:
69:0f:1a:a0:6d:ea:e1:62:e2:80:54:e2:88:a5:b6:
99:4c:b6:d5:ed:c1:5a:a9:b1:f1:1b:b6:15:3e:91:
7d:4f:37:46:d8:a2:ea:1a:7e:05:bd:eb:19:02:2b:
00:04:7d:63:f5:51:89:ac:71:56:1d:c6:53:9d:ba:
51:d5:c1:e4:2f:c9:7b:1a:ae:78:04:dc:1f:09:c3:
e2:c7:29:ac:5c:56:88:6e:e6:02:d4:a8:ab:7b:ac:
c6:14:ae:14:1b:fa:3a:43:d7:5b:28:f7:53:8c:db:
4c:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:A9:EB:A9:14:9C:CA:57:AD:13:62:9A:F3:9B:97:F3:5C:FB:0F:DF
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/tKnrqRScyletE2Ka85uX81z7D98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.47.153.0/24
146.120.16.0/22
Signature Algorithm: sha256WithRSAEncryption
34:fd:28:76:80:61:8f:fe:38:e8:ca:97:ca:1e:ff:86:a9:94:
a0:ed:72:2d:14:b5:58:6a:52:38:90:27:d6:6a:b4:b1:2d:10:
5f:80:c9:fd:2f:8d:73:1b:5b:a6:24:99:bf:36:5d:0b:d4:3e:
39:b8:6d:8f:3b:d2:40:06:02:cf:e2:a1:d0:3c:5b:a6:09:f7:
dc:bc:d1:91:97:42:e1:95:00:88:9d:5c:68:d0:95:2e:0d:f5:
1b:48:14:3b:1d:e0:a8:3d:6c:ab:ae:03:a3:9a:6f:ee:27:5c:
0a:30:85:c9:a2:b3:05:1e:f6:b9:60:45:a3:d2:57:ac:5c:8a:
1e:f7:e4:15:a3:a9:8a:7a:2e:d4:a7:9f:2c:8f:59:19:f1:9f:
39:09:80:e9:c2:26:4f:28:f0:bc:63:c5:8b:28:f5:09:ec:50:
50:7d:b5:3b:46:13:ff:a9:cc:6d:ce:6a:7b:7a:38:72:1c:eb:
8a:17:7c:eb:34:27:1f:df:c4:e0:ea:54:e2:85:84:09:d0:d6:
f0:02:27:a3:60:57:73:e3:7b:d3:2f:e3:4d:4f:a3:42:b4:34:
1d:b8:3f:7e:63:17:fa:d1:70:0b:25:8e:f1:0a:99:9a:ec:eb:
09:26:34:9b:99:99:a2:be:0e:83:87:37:38:56:b5:ff:d2:15:
36:d6:7f:a0
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEJ9sStDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDkxMjJjMzU0MzhhNGViMjYyMzNmZGM2ZTRiYjFkZjJkYWFlZjQyMB4XDTIyMDEw
MTE2MDg1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjRhOWViYTkxNDlj
Y2E1N2FkMTM2MjlhZjM5Yjk3ZjM1Y2ZiMGZkZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANmnyT2mZ+DV6quDRCFjPvSJHR6A9SiREIApxGH7I25OXZ0h
pc4SNUHRc2nItpMjH0RSvnvNa/yRaRliOx3PyPIa+C5ntQc5VXXRy5h0j9ih0I/h
jbfpBzuwOiEeFNGQBukJqb1qmRlndxGQnY5h5sz3iA3FG5Mm85BA0UW9C+YZGfc1
Thw0jkqwGSB79z0N/wp37DmgaQ8aoG3q4WLigFTiiKW2mUy21e3BWqmx8Ru2FT6R
fU83Rtii6hp+Bb3rGQIrAAR9Y/VRiaxxVh3GU526UdXB5C/JexqueATcHwnD4scp
rFxWiG7mAtSoq3usxhSuFBv6OkPXWyj3U4zbTFUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBS0qeupFJzKV60TYprzm5fzXPsP3zAfBgNVHSMEGDAWgBR0kSLDVDik6yYj
P9xuS7HfLarvQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8x
L3RLbnJxUlNjeWxldEUyS2E4NXVYODF6N0Q5OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
MThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8xL2RKRWl3MVE0cE9z
bUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAF8vmQMEApJ4EDANBgkqhkiG9w0B
AQsFAAOCAQEANP0odoBhj/446MqXyh7/hqmUoO1yLRS1WGpSOJAn1mq0sS0QX4DJ
/S+NcxtbpiSZvzZdC9Q+ObhtjzvSQAYCz+Kh0Dxbpgn33LzRkZdC4ZUAiJ1caNCV
Lg31G0gUOx3gqD1sq64Do5pv7idcCjCFyaKzBR72uWBFo9JXrFyKHvfkFaOpinou
1KefLI9ZGfGfOQmA6cImTyjwvGPFiyj1CexQUH21O0YT/6nMbc5qe3o4chzrihd8
6zQnH9/E4OpU4oWECdDW8AIno2BXc+N70y/jTU+jQrQ0Hbg/fmMX+tFwCyWO8QqZ
muzrCSY0m5mZor4Og4c3OFa1/9IVNtZ/oA==
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:27:18 2025 by rpki-client