Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/xFzWDABaQQrQsc3QWMu-Fi-woJs.roa
File: xFzWDABaQQrQsc3QWMu-Fi-woJs.roa (raw, json)
Hash identifier: Fl0sq9acmhINhhxL1mADAjCMp7BLEJKVklJEr89ZRgo=
Subject key identifier: C4:5C:D6:0C:00:5A:41:0A:D0:B1:CD:D0:58:CB:BE:16:2F:B0:A0:9B
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0185709525ECCB84C8B29A76E665597F96BA
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/xFzWDABaQQrQsc3QWMu-Fi-woJs.roa
Signing time: Mon 02 Jan 2023 03:45:00 +0000
ROA not before: Mon 02 Jan 2023 03:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43533
IP address blocks: 146.158.28.0/23 maxlen: 23
92.253.196.0/22 maxlen: 22
93.170.208.0/22 maxlen: 22
92.38.52.0/22 maxlen: 22
31.148.144.0/22 maxlen: 22
93.170.16.0/21 maxlen: 21
93.171.210.0/23 maxlen: 23
93.170.168.0/23 maxlen: 23
92.38.16.0/22 maxlen: 24
92.38.24.0/22 maxlen: 22
146.158.20.0/22 maxlen: 22
31.148.100.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:25:ec:cb:84:c8:b2:9a:76:e6:65:59:7f:96:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c45cd60c005a410ad0b1cdd058cbbe162fb0a09b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:85:18:6b:f6:7e:22:c6:0d:1b:bd:dc:b6:d0:
7e:8e:d4:1d:d8:60:8b:d5:84:6e:46:43:4b:a7:75:
57:9a:75:94:4f:74:bc:44:d3:13:6d:32:0b:0c:e5:
30:ee:72:a7:9e:07:4e:c1:02:ec:21:ab:7c:83:89:
e5:c4:c9:9a:02:46:c5:aa:ff:64:f7:00:51:3a:1e:
9e:1e:47:94:92:2f:51:9e:88:2d:78:b7:ad:62:ba:
f3:e4:56:8a:f2:c4:4a:a4:7f:66:1d:55:84:33:96:
24:73:ab:18:fb:2d:48:09:d5:7b:0e:4e:ba:5a:76:
c4:cd:1d:db:75:aa:6e:a9:63:9a:6a:bd:9e:35:9d:
67:0f:72:78:0b:45:b0:be:4f:28:ec:45:d9:23:86:
3e:6c:c0:6a:89:a2:09:dc:e4:c3:95:18:43:ca:9a:
36:7e:be:86:58:f3:fd:a0:d5:25:85:bd:9b:59:e4:
de:69:1a:ff:d7:4d:23:c3:17:0f:dc:85:24:53:4d:
d8:5d:26:2c:1a:8b:cc:f4:d8:ea:d0:94:56:51:3d:
c6:3e:15:53:46:9e:78:c6:8d:47:ff:81:cd:1e:32:
13:6e:03:d1:96:84:a8:8f:65:c1:8f:99:8c:ef:b2:
84:9a:96:3d:79:34:a3:df:d2:51:8a:02:4f:6c:e2:
01:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:5C:D6:0C:00:5A:41:0A:D0:B1:CD:D0:58:CB:BE:16:2F:B0:A0:9B
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/xFzWDABaQQrQsc3QWMu-Fi-woJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.100.0/22
31.148.144.0/22
92.38.16.0/22
92.38.24.0/22
92.38.52.0/22
92.253.196.0/22
93.170.16.0/21
93.170.168.0/23
93.170.208.0/22
93.171.210.0/23
146.158.20.0/22
146.158.28.0/23
Signature Algorithm: sha256WithRSAEncryption
58:b3:2c:18:bc:2a:4f:71:ea:7d:ce:44:70:ea:e9:46:92:e4:
c9:a8:fe:47:52:bf:c9:d1:d8:59:7d:0b:05:b4:d3:34:43:83:
7e:d7:93:2e:0a:7f:37:7e:0a:f5:21:8d:7d:47:f9:1f:cb:b6:
10:c8:3d:c2:f7:2c:3c:ad:9c:9a:88:fe:a8:66:e2:40:71:f6:
7b:16:02:c3:6f:6f:c2:aa:24:7c:c6:3c:de:f0:ef:b7:8c:cd:
48:be:52:25:06:74:cd:51:a4:4d:0d:55:da:7d:f8:c5:45:af:
26:69:11:86:89:39:dd:4e:6e:f5:0c:c3:68:3d:a5:da:7d:a9:
8e:35:4b:89:5f:3c:f9:ea:ba:4a:40:06:98:5a:35:75:3c:8b:
38:31:ce:e9:72:9c:f7:a4:83:6b:ed:f7:d0:06:cf:d1:52:b5:
68:5c:f8:fa:b5:88:90:58:5c:85:3a:7d:db:53:be:7b:e0:e9:
90:47:3b:d3:94:61:9c:0b:22:82:72:c3:e1:59:d7:6a:2f:95:
21:0a:04:56:a2:66:6a:06:da:c2:f6:fb:e3:ac:0b:50:d8:04:
fd:91:55:ad:f0:80:ea:42:4c:58:16:d2:38:e4:69:c4:73:27:
77:6b:88:69:8c:6a:88:68:a6:cb:9f:20:a4:46:35:40:cc:6a:
27:bf:f9:98
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYVwlSXsy4TIspp25mVZf5a6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDVjZDYwYzAwNWE0MTBhZDBiMWNkZDA1OGNiYmUxNjJmYjBhMDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIUYa/Z+IsYNG73cttB+jtQd2GCL
1YRuRkNLp3VXmnWUT3S8RNMTbTILDOUw7nKnngdOwQLsIat8g4nlxMmaAkbFqv9k
9wBROh6eHkeUki9RnogteLetYrrz5FaK8sRKpH9mHVWEM5Ykc6sY+y1ICdV7Dk66
WnbEzR3bdapuqWOaar2eNZ1nD3J4C0Wwvk8o7EXZI4Y+bMBqiaIJ3OTDlRhDypo2
fr6GWPP9oNUlhb2bWeTeaRr/100jwxcP3IUkU03YXSYsGovM9Njq0JRWUT3GPhVT
Rp54xo1H/4HNHjITbgPRloSoj2XBj5mM77KEmpY9eTSj39JRigJPbOIBzQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFMRc1gwAWkEK0LHN0FjLvhYvsKCbMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEveEZ6V0RBQmFRUXJRc2MzUVdNdS1GaS13b0pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQCH5RkAwQC
H5SQAwQCXCYQAwQCXCYYAwQCXCY0AwQCXP3EAwQDXaoQAwQBXaqoAwQCXarQAwQB
XavSAwQCkp4UAwQBkp4cMA0GCSqGSIb3DQEBCwUAA4IBAQBYsywYvCpPcep9zkRw
6ulGkuTJqP5HUr/J0dhZfQsFtNM0Q4N+15MuCn83fgr1IY19R/kfy7YQyD3C9yw8
rZyaiP6oZuJAcfZ7FgLDb2/CqiR8xjze8O+3jM1IvlIlBnTNUaRNDVXaffjFRa8m
aRGGiTndTm71DMNoPaXafamONUuJXzz56rpKQAaYWjV1PIs4Mc7pcpz3pINr7ffQ
Bs/RUrVoXPj6tYiQWFyFOn3bU7574OmQRzvTlGGcCyKCcsPhWddqL5UhCgRWomZq
BtrC9vvjrAtQ2AT9kVWt8IDqQkxYFtI45GnEcyd3a4hpjGqIaKbLnyCkRjVAzGon
v/mY
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:29:41 2025 by rpki-client