Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/wlOYh98P69K1DLfXwADXQVpQugU.roa
File: wlOYh98P69K1DLfXwADXQVpQugU.roa (raw, json)
Hash identifier: xorjZ20cozxBxj+bpF3OP8wrTv8TxfB0mXqbziyYiWk=
Subject key identifier: C2:53:98:87:DF:0F:EB:D2:B5:0C:B7:D7:C0:00:D7:41:5A:50:BA:05
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018B1952750840C8F468CD920107B5645220
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/wlOYh98P69K1DLfXwADXQVpQugU.roa
Signing time: Tue 10 Oct 2023 11:21:56 +0000
ROA not before: Tue 10 Oct 2023 11:21:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61390
IP address blocks: 93.171.40.0/22 maxlen: 24
92.38.33.0/24 maxlen: 24
93.170.108.0/22 maxlen: 24
146.158.60.0/22 maxlen: 24
93.171.182.0/23 maxlen: 24
93.170.232.0/22 maxlen: 24
146.120.120.0/22 maxlen: 24
146.120.236.0/22 maxlen: 24
95.46.116.0/22 maxlen: 24
93.170.180.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:19:52:75:08:40:c8:f4:68:cd:92:01:07:b5:64:52:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Oct 10 11:21:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c2539887df0febd2b50cb7d7c000d7415a50ba05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:ce:16:84:39:9f:d2:8a:ce:ea:80:5c:ff:64:
6d:02:48:d6:fe:07:d7:83:6f:51:48:89:d7:23:72:
d7:6f:e1:be:ea:76:c2:f5:f0:dd:8f:38:6f:f1:93:
12:7d:91:00:6d:34:37:df:2d:ed:83:0d:4e:e4:cf:
6a:ea:1c:81:97:22:c1:78:20:56:af:33:00:4e:04:
58:a0:03:99:b0:d9:44:31:34:ae:ef:72:10:63:74:
97:98:8d:a3:41:42:b3:bc:88:1c:ac:56:38:14:17:
e3:cd:cf:49:37:c8:8e:78:79:ce:be:e4:58:0e:0b:
b9:b2:23:d8:f6:d2:70:30:18:41:e1:18:64:c5:77:
f6:b2:c0:68:8c:fe:c6:c5:9d:c8:93:4c:11:eb:fb:
29:90:2c:8c:41:f4:0f:94:d5:6b:83:bd:8e:83:2a:
4c:cf:3b:c3:81:69:78:50:92:cb:ed:87:92:ac:bc:
1c:ff:33:3e:b5:9b:95:ba:1b:e4:21:f1:48:04:b1:
db:19:16:8b:80:84:04:a7:8c:da:d4:c3:54:da:97:
b2:49:dc:62:14:81:ff:b1:fe:06:55:31:b3:30:fb:
a3:7c:fe:b2:39:35:a2:67:a7:1e:41:dd:9d:75:d1:
01:8e:f7:61:4c:fb:04:b7:5e:a6:f2:b1:a7:26:a9:
a0:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:53:98:87:DF:0F:EB:D2:B5:0C:B7:D7:C0:00:D7:41:5A:50:BA:05
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/wlOYh98P69K1DLfXwADXQVpQugU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.38.33.0/24
93.170.108.0/22
93.170.180.0/22
93.170.232.0/22
93.171.40.0/22
93.171.182.0/23
95.46.116.0/22
146.120.120.0/22
146.120.236.0/22
146.158.60.0/22
Signature Algorithm: sha256WithRSAEncryption
ac:de:03:8b:b7:b9:06:a9:7a:f2:b1:81:93:e5:e6:1d:9a:e1:
00:cf:29:07:3a:53:6a:88:b0:d5:3c:b3:e8:d9:c3:8f:95:cd:
f3:7d:57:77:9f:fe:a3:e2:6e:29:ac:27:64:af:8e:9e:41:45:
a4:76:6d:d0:a5:c6:98:30:d0:0d:14:e5:3d:d5:1c:2c:97:71:
73:fb:de:0b:d1:29:74:aa:50:d8:c6:47:e1:1e:8d:01:97:b1:
af:ad:69:bb:af:e8:91:3b:5e:32:7f:5d:63:9c:dd:46:63:7e:
e6:ff:a8:fd:bf:9c:f3:66:56:cb:87:4f:f0:ff:b1:0f:73:e8:
da:f3:6a:fc:57:ba:cf:df:5d:bc:b8:ee:75:8f:6a:2d:8e:f6:
48:f9:16:05:31:01:2a:62:92:25:b4:11:a9:bf:46:ae:3f:a1:
a2:05:e9:88:42:6f:40:32:ac:03:42:b3:43:59:e7:40:31:40:
70:6f:96:18:a9:63:f6:5d:7b:27:d5:fd:54:a3:f0:a5:9f:1d:
b2:25:9d:49:5e:54:ce:6e:ae:7b:da:3d:24:0c:7d:87:06:d0:
18:7f:6e:b7:4c:f6:23:ca:ef:32:23:75:b2:74:1d:d9:6e:11:
a6:1a:7d:3d:0a:e6:45:d5:82:3c:01:a9:4d:bd:9e:cd:a2:36:
6c:7a:a1:52
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYsZUnUIQMj0aM2SAQe1ZFIgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMxMDEwMTEyMTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjUzOTg4N2RmMGZlYmQyYjUwY2I3ZDdjMDAwZDc0MTVhNTBiYTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0s4WhDmf0orO6oBc/2RtAkjW/gfX
g29RSInXI3LXb+G+6nbC9fDdjzhv8ZMSfZEAbTQ33y3tgw1O5M9q6hyBlyLBeCBW
rzMATgRYoAOZsNlEMTSu73IQY3SXmI2jQUKzvIgcrFY4FBfjzc9JN8iOeHnOvuRY
Dgu5siPY9tJwMBhB4RhkxXf2ssBojP7GxZ3Ik0wR6/spkCyMQfQPlNVrg72OgypM
zzvDgWl4UJLL7YeSrLwc/zM+tZuVuhvkIfFIBLHbGRaLgIQEp4za1MNU2peySdxi
FIH/sf4GVTGzMPujfP6yOTWiZ6ceQd2dddEBjvdhTPsEt16m8rGnJqmgvwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFMJTmIffD+vStQy318AA10FaULoFMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvd2xPWWg5OFA2OUsxRExmWHdBRFhRVnBRdWdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAXCYhAwQC
XapsAwQCXaq0AwQCXaroAwQCXasoAwQBXau2AwQCXy50AwQCknh4AwQCknjsAwQC
kp48MA0GCSqGSIb3DQEBCwUAA4IBAQCs3gOLt7kGqXrysYGT5eYdmuEAzykHOlNq
iLDVPLPo2cOPlc3zfVd3n/6j4m4prCdkr46eQUWkdm3QpcaYMNANFOU91Rwsl3Fz
+94L0Sl0qlDYxkfhHo0Bl7GvrWm7r+iRO14yf11jnN1GY37m/6j9v5zzZlbLh0/w
/7EPc+ja82r8V7rP3128uO51j2otjvZI+RYFMQEqYpIltBGpv0auP6GiBemIQm9A
MqwDQrNDWedAMUBwb5YYqWP2XXsn1f1Uo/Clnx2yJZ1JXlTObq572j0kDH2HBtAY
f263TPYjyu8yI3WydB3ZbhGmGn09CuZF1YI8AalNvZ7NojZseqFS
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:48:38 2025 by rpki-client