Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1CxRVNSnvLCUfEDy533hImeB7vU.roa
File: 1CxRVNSnvLCUfEDy533hImeB7vU.roa (raw, json)
Hash identifier: twqJqsKzMIMcBaMQ1QJTYFlvksf8MusDxY1vTNhsy90=
Subject key identifier: D4:2C:51:54:D4:A7:BC:B0:94:7C:40:F2:E7:7D:E1:22:67:81:EE:F5
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01857095580E9F1741D81FCE9EE64967B39A
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1CxRVNSnvLCUfEDy533hImeB7vU.roa
Signing time: Mon 02 Jan 2023 03:45:13 +0000
ROA not before: Mon 02 Jan 2023 03:45:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56465
IP address blocks: 95.47.116.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:58:0e:9f:17:41:d8:1f:ce:9e:e6:49:67:b3:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d42c5154d4a7bcb0947c40f2e77de1226781eef5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:c6:3b:af:95:48:fb:a4:1b:60:3a:6c:a2:b4:
76:6e:bc:38:b4:2a:27:ec:41:f7:4f:d4:d2:e2:af:
d6:a6:af:53:4c:db:90:bf:ba:d0:ff:a1:a1:00:12:
7e:5b:41:0f:da:10:5e:c0:84:a2:ac:f5:71:f1:88:
ea:b5:a0:31:32:50:a2:21:f0:88:f8:eb:14:78:24:
6b:76:3b:e4:92:a2:ce:14:d8:94:54:d7:29:db:f5:
76:2c:19:5a:3a:eb:7a:47:bc:b6:00:b3:d3:7b:cd:
27:bc:90:47:b3:3b:e3:62:11:3d:fb:80:3e:c7:16:
09:eb:b9:fd:48:2d:b6:23:09:8b:33:02:b6:42:6f:
d3:a4:44:e9:c1:70:e3:06:54:ef:08:f6:95:a6:16:
4c:a9:08:e2:a7:e4:17:6a:2e:e7:c5:9d:41:c7:da:
6a:7d:f7:72:be:c3:9d:cd:bb:26:2e:a5:9e:42:63:
e6:a8:c4:db:44:cc:f6:f4:8c:1f:41:ab:3a:53:47:
53:ba:78:07:e7:af:a6:86:78:dd:8b:f7:98:58:0f:
e1:07:b6:e2:f9:a2:35:a6:af:62:fa:87:04:f9:ba:
76:24:1b:db:7d:3f:31:76:e7:c2:9f:ce:a9:99:11:
17:33:93:7e:92:2c:76:0e:8d:89:42:f3:b0:cb:8a:
f4:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:2C:51:54:D4:A7:BC:B0:94:7C:40:F2:E7:7D:E1:22:67:81:EE:F5
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1CxRVNSnvLCUfEDy533hImeB7vU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.47.116.0/24
Signature Algorithm: sha256WithRSAEncryption
27:9d:6e:c0:3e:70:7b:10:9d:de:48:6a:8f:4b:c0:f6:bc:b6:
e0:8d:b5:27:6c:f3:82:da:2e:84:df:14:ab:8f:78:12:18:fa:
20:48:e9:57:08:81:94:2f:66:c3:48:63:b7:00:aa:31:c6:c8:
f1:d1:ab:5c:67:b3:af:8e:a9:70:e6:34:10:17:6a:f0:11:bf:
5c:97:99:30:11:7b:f7:35:14:d7:5f:35:4b:cc:72:73:f3:53:
a3:16:6a:cc:7e:7a:79:bf:7b:b3:ff:f1:06:a3:b1:73:fa:b2:
32:fe:8f:ea:d2:88:6e:88:3b:70:95:db:6a:dc:3e:2e:8e:1d:
8d:b1:d0:1e:81:bb:53:02:30:02:72:86:be:c4:eb:8d:6f:90:
a5:0c:91:0b:38:41:89:28:4f:b9:52:33:a8:74:8e:e3:ef:b9:
fb:d0:ac:3c:32:8e:77:6a:d2:79:f9:97:6f:de:4a:f3:35:70:
72:ed:ac:f1:c3:2b:2d:63:86:75:37:01:9a:ab:fa:10:21:59:
c3:70:ab:fb:99:18:6a:2b:90:de:af:04:80:7b:95:83:6c:4c:
be:cc:76:53:0f:42:c7:34:88:28:d2:59:06:c4:f7:51:08:12:
63:52:db:c1:dc:3b:16:83:64:a5:f4:b8:4d:df:8a:72:00:da:
d0:2d:03:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlVgOnxdB2B/OnuZJZ7OaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDJjNTE1NGQ0YTdiY2IwOTQ3YzQwZjJlNzdkZTEyMjY3ODFlZWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyMY7r5VI+6QbYDpsorR2brw4tCon
7EH3T9TS4q/Wpq9TTNuQv7rQ/6GhABJ+W0EP2hBewISirPVx8YjqtaAxMlCiIfCI
+OsUeCRrdjvkkqLOFNiUVNcp2/V2LBlaOut6R7y2ALPTe80nvJBHszvjYhE9+4A+
xxYJ67n9SC22IwmLMwK2Qm/TpETpwXDjBlTvCPaVphZMqQjip+QXai7nxZ1Bx9pq
ffdyvsOdzbsmLqWeQmPmqMTbRMz29IwfQas6U0dTungH56+mhnjdi/eYWA/hB7bi
+aI1pq9i+ocE+bp2JBvbfT8xdufCn86pmREXM5N+kix2Do2JQvOwy4r0nQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNQsUVTUp7ywlHxA8ud94SJnge71MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvMUN4UlZOU252TENVZkVEeTUzM2hJbWVCN3ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXy90MA0G
CSqGSIb3DQEBCwUAA4IBAQAnnW7APnB7EJ3eSGqPS8D2vLbgjbUnbPOC2i6E3xSr
j3gSGPogSOlXCIGUL2bDSGO3AKoxxsjx0atcZ7Ovjqlw5jQQF2rwEb9cl5kwEXv3
NRTXXzVLzHJz81OjFmrMfnp5v3uz//EGo7Fz+rIy/o/q0ohuiDtwldtq3D4ujh2N
sdAegbtTAjACcoa+xOuNb5ClDJELOEGJKE+5UjOodI7j77n70Kw8Mo53atJ5+Zdv
3krzNXBy7azxwystY4Z1NwGaq/oQIVnDcKv7mRhqK5DerwSAe5WDbEy+zHZTD0LH
NIgo0lkGxPdRCBJjUtvB3DsWg2Sl9LhN34pyANrQLQMP
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:08:15 2025 by rpki-client