Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/vKQTqnP6-6an_Ed66p0SM0m_W7I.roa
File: vKQTqnP6-6an_Ed66p0SM0m_W7I.roa (raw, json)
Hash identifier: zvSG2m3hUGBmu4FD9/IKSGW6HT2V0Z5G4ZEOy8qwz88=
Subject key identifier: BC:A4:13:AA:73:FA:FB:A6:A7:FC:47:7A:EA:9D:12:33:49:BF:5B:B2
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 28ADED51
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/vKQTqnP6-6an_Ed66p0SM0m_W7I.roa
Signing time: Thu 27 Jan 2022 15:44:15 +0000
ROA not before: Thu 27 Jan 2022 15:44:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43060
IP address blocks: 92.38.28.0/22 maxlen: 24
31.148.220.0/24 maxlen: 24
95.46.36.0/23 maxlen: 24
95.47.108.0/22 maxlen: 24
92.253.192.0/22 maxlen: 24
146.120.188.0/22 maxlen: 24
93.171.72.0/22 maxlen: 24
31.148.192.0/22 maxlen: 24
93.171.128.0/22 maxlen: 24
95.47.192.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 682487121 (0x28aded51)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 27 15:44:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bca413aa73fafba6a7fc477aea9d123349bf5bb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:07:7a:fc:c8:74:0e:61:6b:ce:d4:f2:f6:c6:
7c:cd:79:9a:15:d1:b8:28:7a:51:24:04:7f:71:f5:
b4:7c:c4:10:cc:b0:d9:29:44:89:9d:bc:d7:68:d1:
65:7d:e2:e3:16:69:e0:6f:83:69:8e:ba:78:33:6f:
b3:76:40:f6:6c:bd:99:f1:35:bc:12:aa:b1:0d:f4:
33:2c:d8:c4:ba:03:85:a1:03:d6:7b:72:f9:e5:2a:
83:73:6b:3d:2a:b3:6f:fb:12:28:d1:84:99:cf:82:
76:67:38:4b:46:68:c3:0d:8b:67:c7:14:e2:0f:56:
e2:86:65:f6:aa:aa:0b:56:e0:0c:17:f7:a1:36:b7:
30:9c:be:5e:f6:63:f2:06:7e:30:a1:2b:d7:24:22:
fa:ee:07:31:5b:f4:06:0a:7a:24:c0:8f:88:3d:c7:
1d:d5:2b:10:e5:31:a5:96:c6:2e:26:80:e3:f2:51:
da:d2:54:83:e6:e1:bf:41:f7:b7:47:de:23:a5:93:
19:da:f5:96:4e:9f:4d:ba:c4:ae:4e:4a:41:e4:f1:
81:ed:b8:11:4f:c3:81:07:e8:ef:48:4c:6b:b7:e6:
c7:b7:10:4c:15:df:34:6c:a8:92:46:30:f1:cb:51:
35:53:e8:9a:85:91:66:f9:e1:c4:3a:a6:89:17:14:
b7:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:A4:13:AA:73:FA:FB:A6:A7:FC:47:7A:EA:9D:12:33:49:BF:5B:B2
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/vKQTqnP6-6an_Ed66p0SM0m_W7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.192.0/22
31.148.220.0/24
92.38.28.0/22
92.253.192.0/22
93.171.72.0/22
93.171.128.0/22
95.46.36.0/23
95.47.108.0/22
95.47.192.0/22
146.120.188.0/22
Signature Algorithm: sha256WithRSAEncryption
48:61:aa:cf:d4:77:5d:35:8b:f7:c2:db:53:ea:57:32:1f:c8:
6c:00:d3:48:ca:f8:6e:2a:88:2a:ce:7d:b4:7d:16:1f:14:f9:
19:11:36:f8:02:dd:8e:7c:84:94:1d:71:a8:66:4d:ce:29:9b:
39:df:84:f6:88:eb:d8:9a:05:74:f0:f1:ba:84:42:3b:f5:53:
22:9b:7e:dd:65:2e:c0:61:90:d1:e9:e5:76:e2:47:0b:6c:37:
39:49:8b:bd:d5:33:c7:6c:9c:d8:08:d2:d0:82:78:be:b8:ac:
97:f2:8c:05:e4:1a:3f:b0:1d:2f:5d:8e:63:74:58:5c:43:09:
42:5b:c6:5e:17:67:e5:74:62:d1:2d:dd:67:ba:11:f5:ed:cc:
33:4d:f9:3b:78:ad:73:d8:b3:c0:18:b6:4a:53:4e:e5:fa:3b:
5c:36:05:20:09:c0:ae:77:a7:5c:7c:38:ac:69:47:51:b9:53:
4d:1d:54:ab:d4:8c:94:81:c2:2e:3e:9a:02:08:dd:42:a8:f8:
cb:8c:69:00:e2:5e:f6:94:f9:76:60:7a:38:a9:9d:ae:d0:fb:
91:ab:e5:d8:86:e3:a5:4a:8c:f7:f2:70:2b:b5:f0:15:73:0b:
d3:b1:41:b5:5e:1a:e6:cb:c2:ff:d9:f6:e6:76:92:7f:b0:1e:
53:7c:48:60
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgIEKK3tUTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDkxMjJjMzU0MzhhNGViMjYyMzNmZGM2ZTRiYjFkZjJkYWFlZjQyMB4XDTIyMDEy
NzE1NDQxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmNhNDEzYWE3M2Zh
ZmJhNmE3ZmM0NzdhZWE5ZDEyMzM0OWJmNWJiMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJIHevzIdA5ha87U8vbGfM15mhXRuCh6USQEf3H1tHzEEMyw
2SlEiZ2812jRZX3i4xZp4G+DaY66eDNvs3ZA9my9mfE1vBKqsQ30MyzYxLoDhaED
1nty+eUqg3NrPSqzb/sSKNGEmc+Cdmc4S0Zoww2LZ8cU4g9W4oZl9qqqC1bgDBf3
oTa3MJy+XvZj8gZ+MKEr1yQi+u4HMVv0Bgp6JMCPiD3HHdUrEOUxpZbGLiaA4/JR
2tJUg+bhv0H3t0feI6WTGdr1lk6fTbrErk5KQeTxge24EU/DgQfo70hMa7fmx7cQ
TBXfNGyokkYw8ctRNVPomoWRZvnhxDqmiRcUt68CAwEAAaOCAj8wggI7MB0GA1Ud
DgQWBBS8pBOqc/r7pqf8R3rqnRIzSb9bsjAfBgNVHSMEGDAWgBR0kSLDVDik6yYj
P9xuS7HfLarvQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8x
L3ZLUVRxblA2LTZhbl9FZDY2cDBTTTBtX1c3SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
MThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8xL2RKRWl3MVE0cE9z
bUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBV
BggrBgEFBQcBBwEB/wRGMEQwQgQCAAEwPAMEAh+UwAMEAB+U3AMEAlwmHAMEAlz9
wAMEAl2rSAMEAl2rgAMEAV8uJAMEAl8vbAMEAl8vwAMEApJ4vDANBgkqhkiG9w0B
AQsFAAOCAQEASGGqz9R3XTWL98LbU+pXMh/IbADTSMr4biqIKs59tH0WHxT5GRE2
+ALdjnyElB1xqGZNzimbOd+E9ojr2JoFdPDxuoRCO/VTIpt+3WUuwGGQ0enlduJH
C2w3OUmLvdUzx2yc2AjS0IJ4vrisl/KMBeQaP7AdL12OY3RYXEMJQlvGXhdn5XRi
0S3dZ7oR9e3MM035O3itc9izwBi2SlNO5fo7XDYFIAnArnenXHw4rGlHUblTTR1U
q9SMlIHCLj6aAgjdQqj4y4xpAOJe9pT5dmB6OKmdrtD7kavl2IbjpUqM9/JwK7Xw
FXML07FBtV4a5svC/9n25naSf7AeU3xIYA==
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:10:35 2025 by rpki-client