Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/0IQxi0oSLWX2AXOi_GFrB7_EvXQ.roa
File: 0IQxi0oSLWX2AXOi_GFrB7_EvXQ.roa (raw, json)
Hash identifier: cH8dgASIsH7yb0m9Yt9XbEAg+1GNheF4UmoZumMFUGY=
Subject key identifier: D0:84:31:8B:4A:12:2D:65:F6:01:73:A2:FC:61:6B:07:BF:C4:BD:74
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018570953B162BCD16B02E74C1FE522134CB
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/0IQxi0oSLWX2AXOi_GFrB7_EvXQ.roa
Signing time: Mon 02 Jan 2023 03:45:06 +0000
ROA not before: Mon 02 Jan 2023 03:45:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48511
IP address blocks: 95.46.196.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:3b:16:2b:cd:16:b0:2e:74:c1:fe:52:21:34:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d084318b4a122d65f60173a2fc616b07bfc4bd74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:01:ae:1c:72:94:61:af:40:c5:52:44:17:e5:
f7:1d:1c:ea:d5:8b:4b:67:68:74:2b:6b:38:e3:a5:
d3:98:fa:28:94:af:9a:e3:88:3e:c1:23:aa:9f:e7:
a0:4b:1e:d1:21:1e:b9:bc:e2:1b:b5:13:db:37:72:
e1:e1:f1:07:5a:77:64:e8:2f:5f:1d:5f:71:8d:be:
69:91:69:b9:d6:31:98:75:a6:9d:35:22:ce:d5:4f:
d4:80:63:db:f4:99:24:ca:56:60:6b:f2:5f:4b:4f:
c1:41:e0:fb:45:25:dd:3e:c0:68:5f:e4:de:ce:11:
4b:d6:ac:d8:fb:af:26:de:2c:91:12:b4:e7:e4:20:
04:a4:38:b6:a8:a4:8b:7e:e3:c2:9a:54:22:35:1d:
9b:86:d4:2f:7d:54:6c:8c:7c:d8:28:3c:64:ee:fb:
d2:77:94:54:47:57:4a:ad:51:4b:3d:49:7a:31:0b:
3a:2f:3a:95:e3:38:64:2a:74:5f:ff:2b:f0:a2:dd:
2c:9d:05:6e:0d:69:01:c8:53:15:22:17:db:d3:d7:
c0:ee:b0:ba:e9:10:a0:19:76:23:8f:bc:d3:c6:4b:
43:23:d7:83:6a:f9:ae:2f:cf:29:bf:92:43:22:5a:
b1:89:27:f2:c5:0f:6b:8a:fe:78:5e:b0:72:3c:e4:
1d:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:84:31:8B:4A:12:2D:65:F6:01:73:A2:FC:61:6B:07:BF:C4:BD:74
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/0IQxi0oSLWX2AXOi_GFrB7_EvXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.46.196.0/24
Signature Algorithm: sha256WithRSAEncryption
50:76:54:bc:e4:22:27:3d:14:12:a6:f6:19:4f:19:0d:be:8d:
c9:ae:3f:0a:0b:fb:85:fd:e0:05:70:7a:35:54:21:b9:ce:32:
8e:14:ee:7f:6f:41:1f:fc:6f:f8:27:23:ca:c4:a5:91:ed:b0:
c9:e3:84:c6:87:57:6c:f4:9e:e8:4c:b0:4d:9d:c2:3e:a2:43:
74:bd:a7:89:7e:34:eb:88:3a:e1:9e:a3:79:8a:22:86:29:a1:
97:52:61:74:e2:c7:4a:46:cf:be:06:e7:ec:89:6e:70:38:d7:
39:69:fb:47:9c:cf:b9:33:27:0e:96:61:7f:6f:f8:94:40:94:
0e:b5:0e:14:31:b1:ac:7c:d5:c3:6b:9e:7a:90:c8:a7:d9:42:
26:44:72:df:01:ce:fd:db:ff:7a:13:ac:17:e4:c8:86:45:0b:
7c:61:7f:21:76:09:e3:b4:8b:71:5d:ad:ed:50:e9:95:f4:5e:
1e:5e:de:f7:2d:61:a4:90:4f:28:36:79:0c:26:11:d0:fe:2c:
af:27:77:8b:37:f1:2c:4f:f3:0c:9a:6d:59:56:29:c5:60:67:
d2:a8:36:5f:8d:a4:ab:35:ba:9b:29:f6:2e:36:01:6f:6d:e0:
cd:8f:9a:1c:df:bd:82:eb:45:6a:f4:f8:b0:92:ca:cc:7e:89:
bc:1e:a4:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlTsWK80WsC50wf5SITTLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDg0MzE4YjRhMTIyZDY1ZjYwMTczYTJmYzYxNmIwN2JmYzRiZDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQGuHHKUYa9AxVJEF+X3HRzq1YtL
Z2h0K2s446XTmPoolK+a44g+wSOqn+egSx7RIR65vOIbtRPbN3Lh4fEHWndk6C9f
HV9xjb5pkWm51jGYdaadNSLO1U/UgGPb9JkkylZga/JfS0/BQeD7RSXdPsBoX+Te
zhFL1qzY+68m3iyRErTn5CAEpDi2qKSLfuPCmlQiNR2bhtQvfVRsjHzYKDxk7vvS
d5RUR1dKrVFLPUl6MQs6LzqV4zhkKnRf/yvwot0snQVuDWkByFMVIhfb09fA7rC6
6RCgGXYjj7zTxktDI9eDavmuL88pv5JDIlqxiSfyxQ9riv54XrByPOQduQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNCEMYtKEi1l9gFzovxhawe/xL10MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvMElReGkwb1NMV1gyQVhPaV9HRnJCN19FdlhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXy7EMA0G
CSqGSIb3DQEBCwUAA4IBAQBQdlS85CInPRQSpvYZTxkNvo3Jrj8KC/uF/eAFcHo1
VCG5zjKOFO5/b0Ef/G/4JyPKxKWR7bDJ44TGh1ds9J7oTLBNncI+okN0vaeJfjTr
iDrhnqN5iiKGKaGXUmF04sdKRs++BufsiW5wONc5aftHnM+5MycOlmF/b/iUQJQO
tQ4UMbGsfNXDa556kMin2UImRHLfAc792/96E6wX5MiGRQt8YX8hdgnjtItxXa3t
UOmV9F4eXt73LWGkkE8oNnkMJhHQ/iyvJ3eLN/EsT/MMmm1ZVinFYGfSqDZfjaSr
NbqbKfYuNgFvbeDNj5oc372C60Vq9PiwksrMfom8HqRr
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:56:12 2025 by rpki-client