Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/0X00_ZvhFJYIaeVlHYR-gLngSoI.roa
File: 0X00_ZvhFJYIaeVlHYR-gLngSoI.roa (raw, json)
Hash identifier: 2aRrPkEDVzmtG85jGvSLfjwrriJUbFncuOZaIr5BJBo=
Subject key identifier: D1:7D:34:FD:9B:E1:14:96:08:69:E5:65:1D:84:7E:80:B9:E0:4A:82
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01857095A5D77929C207A38791F4C9CC8611
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/0X00_ZvhFJYIaeVlHYR-gLngSoI.roa
Signing time: Mon 02 Jan 2023 03:45:33 +0000
ROA not before: Mon 02 Jan 2023 03:45:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208067
IP address blocks: 93.171.252.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:a5:d7:79:29:c2:07:a3:87:91:f4:c9:cc:86:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d17d34fd9be114960869e5651d847e80b9e04a82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:7a:f7:ae:55:23:87:90:7e:a7:81:ed:f5:bb:
84:31:b7:9a:1d:db:e7:c9:65:3b:18:02:35:f3:59:
ea:c6:b7:9d:d6:49:b6:9e:da:1e:72:57:8c:82:07:
2e:a9:d5:5b:5a:52:b8:0f:51:cf:6f:d3:55:33:8d:
4c:57:1d:79:b1:47:be:9d:fb:fd:68:48:bf:ed:06:
ff:10:ab:68:8d:03:21:f7:91:46:b5:a6:6f:d7:0e:
e4:c1:0f:fd:7c:61:88:40:ae:f0:b7:c9:86:93:dd:
a9:f1:61:ad:79:8a:a4:8b:45:90:b3:ac:fc:ba:02:
60:4c:d7:36:e3:80:e2:bd:6a:08:c4:aa:c3:16:d6:
c7:5c:ee:74:62:ac:3c:e4:12:6d:53:c6:81:ea:b1:
5c:a1:a8:ec:cd:42:ff:88:fc:a5:88:a5:02:fa:d4:
28:f3:69:be:63:4a:ab:4b:e2:09:d6:86:d3:44:c6:
e1:b7:ae:30:8e:7a:6e:ae:d6:43:62:84:ef:8e:7c:
4b:12:a1:e9:3a:6a:a9:72:a7:14:b8:a4:84:6a:7f:
a8:3e:d3:7c:ca:6c:1c:b4:1f:71:17:bf:6b:91:2e:
a4:41:a7:84:49:c3:86:0b:b9:3d:39:0f:11:fd:3f:
e1:8e:b9:46:8f:f0:1e:0d:c3:c2:93:36:30:4c:2b:
c4:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:7D:34:FD:9B:E1:14:96:08:69:E5:65:1D:84:7E:80:B9:E0:4A:82
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/0X00_ZvhFJYIaeVlHYR-gLngSoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.171.252.0/22
Signature Algorithm: sha256WithRSAEncryption
33:28:d3:80:16:fd:ea:5d:d5:35:b4:d1:ac:86:6e:7d:c9:17:
1f:7c:03:3b:50:d7:8e:a1:0d:7f:4e:53:61:30:9b:b5:c3:1b:
89:d1:6d:18:c8:28:bb:f7:3a:e9:50:88:1f:e2:8a:d4:55:b9:
f6:f7:ac:29:07:26:da:b6:af:cb:90:ed:a1:8a:46:11:35:ba:
52:63:c2:50:a6:31:8f:d6:b8:32:4a:5e:e7:df:71:4c:81:6d:
f4:a2:7b:6e:2c:a6:e2:d7:d8:a2:cb:f2:4f:4c:6c:84:59:b6:
b9:29:4f:8a:be:15:1c:ce:6e:f8:41:4b:4c:98:83:f9:23:3d:
aa:40:38:58:29:e9:76:9c:e4:fb:34:49:b7:2d:bf:8b:12:18:
8a:81:fe:30:78:ae:59:18:66:d1:b7:4b:29:ab:06:74:da:ab:
54:4c:47:c8:69:f6:a9:9b:7a:03:07:ba:0b:c3:e0:c3:0b:e9:
29:1b:e9:16:98:c8:26:f7:47:bb:a6:b2:29:a4:22:34:71:e1:
b5:e8:09:32:e7:cd:3e:10:81:ff:b8:bb:5d:5b:69:f3:59:37:
ce:dd:2e:af:d1:03:ba:83:6d:fb:ad:6c:5a:c8:6c:b7:ba:e1:
97:e7:dd:1d:26:93:b1:15:bd:26:6a:29:26:cb:b4:6d:f3:55:
ed:b0:8c:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlaXXeSnCB6OHkfTJzIYRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTdkMzRmZDliZTExNDk2MDg2OWU1NjUxZDg0N2U4MGI5ZTA0YTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxnr3rlUjh5B+p4Ht9buEMbeaHdvn
yWU7GAI181nqxred1km2ntoecleMggcuqdVbWlK4D1HPb9NVM41MVx15sUe+nfv9
aEi/7Qb/EKtojQMh95FGtaZv1w7kwQ/9fGGIQK7wt8mGk92p8WGteYqki0WQs6z8
ugJgTNc244DivWoIxKrDFtbHXO50Yqw85BJtU8aB6rFcoajszUL/iPyliKUC+tQo
82m+Y0qrS+IJ1obTRMbht64wjnpurtZDYoTvjnxLEqHpOmqpcqcUuKSEan+oPtN8
ymwctB9xF79rkS6kQaeEScOGC7k9OQ8R/T/hjrlGj/AeDcPCkzYwTCvEdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNF9NP2b4RSWCGnlZR2EfoC54EqCMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvMFgwMF9admhGSllJYWVWbEhZUi1nTG5nU29JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXav8MA0G
CSqGSIb3DQEBCwUAA4IBAQAzKNOAFv3qXdU1tNGshm59yRcffAM7UNeOoQ1/TlNh
MJu1wxuJ0W0YyCi79zrpUIgf4orUVbn296wpBybatq/LkO2hikYRNbpSY8JQpjGP
1rgySl7n33FMgW30ontuLKbi19iiy/JPTGyEWba5KU+KvhUczm74QUtMmIP5Iz2q
QDhYKel2nOT7NEm3Lb+LEhiKgf4weK5ZGGbRt0spqwZ02qtUTEfIafapm3oDB7oL
w+DDC+kpG+kWmMgm90e7prIppCI0ceG16Aky580+EIH/uLtdW2nzWTfO3S6v0QO6
g237rWxayGy3uuGX590dJpOxFb0maikmy7Rt81XtsIwJ
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:58:18 2025 by rpki-client