Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/2JhkffR9XFuQ9Tc7STmcdMJHGDw.roa
File: 2JhkffR9XFuQ9Tc7STmcdMJHGDw.roa (raw, json)
Hash identifier: wG6wEgIHwFOPut0g6wRDK6/UYOuTBz4jTLufK039M0k=
Subject key identifier: D8:98:64:7D:F4:7D:5C:5B:90:F5:37:3B:49:39:9C:74:C2:47:18:3C
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01857095A1169AF36A3006B14483EA650692
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/2JhkffR9XFuQ9Tc7STmcdMJHGDw.roa
Signing time: Mon 02 Jan 2023 03:45:32 +0000
ROA not before: Mon 02 Jan 2023 03:45:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207154
IP address blocks: 93.170.220.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:a1:16:9a:f3:6a:30:06:b1:44:83:ea:65:06:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d898647df47d5c5b90f5373b49399c74c247183c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:0e:08:56:40:43:1a:48:17:f8:72:07:c6:a3:
42:60:e8:3d:f9:6f:54:e1:d3:5e:74:0c:8f:27:c3:
84:57:82:91:97:69:3f:38:80:40:03:48:78:6f:31:
e3:bd:85:db:cb:39:a1:17:fd:9c:c0:07:21:d3:c4:
ec:12:74:b0:f7:91:f1:87:4d:da:6f:71:75:f6:d1:
6f:30:a0:2f:40:2e:6e:d5:67:8a:d2:ae:c9:d1:0b:
ef:22:69:30:04:1a:51:50:c7:45:c5:8d:6e:50:61:
27:30:ef:fe:48:9b:79:2b:05:db:c8:d8:89:80:45:
cf:45:f2:6d:e5:9c:48:d1:41:e0:cf:c0:08:93:aa:
30:7b:17:6b:f7:2b:7c:4f:f4:d2:e6:b1:7b:6f:ef:
ca:e5:d5:74:b1:76:aa:f7:68:fa:47:99:90:01:cf:
25:03:df:e7:6d:6e:20:29:e2:c1:bb:f6:c1:85:c9:
c8:be:59:bd:9e:ae:0e:dc:89:33:57:1f:48:77:cb:
68:c6:83:97:49:e1:81:0c:e9:98:39:35:6e:f5:ee:
ab:e9:05:72:3a:56:49:8c:1a:9f:86:a8:eb:dd:05:
ac:d9:4f:0b:4f:08:cb:af:e8:c4:d4:96:48:8e:3e:
86:81:ed:32:17:0f:6e:7b:d4:19:0f:7f:fa:88:8e:
e8:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:98:64:7D:F4:7D:5C:5B:90:F5:37:3B:49:39:9C:74:C2:47:18:3C
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/2JhkffR9XFuQ9Tc7STmcdMJHGDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.170.220.0/22
Signature Algorithm: sha256WithRSAEncryption
55:8c:66:db:31:bc:4f:5b:56:5b:78:bd:33:03:d8:d9:62:ef:
96:7b:17:b5:7c:55:64:55:96:17:39:10:92:b8:49:22:90:d3:
98:94:75:0c:19:80:81:2a:cf:6e:f3:a7:f9:fd:0a:bf:a9:60:
62:88:47:3d:d9:0d:14:8e:70:0f:5f:1f:16:5a:86:a4:a5:65:
3d:df:b8:31:46:bf:74:60:b5:12:3a:21:f5:fb:2d:6e:b0:23:
85:03:fd:55:16:be:73:ba:2e:9e:47:d1:ed:ee:29:55:db:88:
24:83:02:5f:2b:12:9c:ea:c1:28:ed:bd:a1:be:2c:05:38:25:
36:07:93:11:b8:2c:58:9f:b1:48:1e:f3:ec:0a:5f:30:d7:f0:
a9:92:b6:a6:04:a9:7f:7b:a2:f0:a3:91:55:b8:92:56:c8:e6:
13:47:4a:90:f3:31:76:3b:7e:4e:da:51:68:e4:e7:4a:ff:47:
0d:19:df:41:48:02:67:c0:74:f5:97:c4:b1:36:19:74:40:ed:
23:75:a0:3a:52:40:aa:52:7c:4f:e8:14:9b:3e:82:fe:27:51:
f2:4e:31:77:0a:77:86:7b:6a:1a:45:f6:fb:ca:41:93:b1:5e:
8d:d9:e5:32:c7:02:62:a7:8c:07:d4:21:c6:f1:50:51:73:bf:
66:8a:b6:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlaEWmvNqMAaxRIPqZQaSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODk4NjQ3ZGY0N2Q1YzViOTBmNTM3M2I0OTM5OWM3NGMyNDcxODNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgg4IVkBDGkgX+HIHxqNCYOg9+W9U
4dNedAyPJ8OEV4KRl2k/OIBAA0h4bzHjvYXbyzmhF/2cwAch08TsEnSw95Hxh03a
b3F19tFvMKAvQC5u1WeK0q7J0QvvImkwBBpRUMdFxY1uUGEnMO/+SJt5KwXbyNiJ
gEXPRfJt5ZxI0UHgz8AIk6owexdr9yt8T/TS5rF7b+/K5dV0sXaq92j6R5mQAc8l
A9/nbW4gKeLBu/bBhcnIvlm9nq4O3IkzVx9Id8toxoOXSeGBDOmYOTVu9e6r6QVy
OlZJjBqfhqjr3QWs2U8LTwjLr+jE1JZIjj6Gge0yFw9ue9QZD3/6iI7o/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNiYZH30fVxbkPU3O0k5nHTCRxg8MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvMkpoa2ZmUjlYRnVROVRjN1NUbWNkTUpIR0R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXarcMA0G
CSqGSIb3DQEBCwUAA4IBAQBVjGbbMbxPW1ZbeL0zA9jZYu+Wexe1fFVkVZYXORCS
uEkikNOYlHUMGYCBKs9u86f5/Qq/qWBiiEc92Q0UjnAPXx8WWoakpWU937gxRr90
YLUSOiH1+y1usCOFA/1VFr5zui6eR9Ht7ilV24gkgwJfKxKc6sEo7b2hviwFOCU2
B5MRuCxYn7FIHvPsCl8w1/CpkramBKl/e6Lwo5FVuJJWyOYTR0qQ8zF2O35O2lFo
5OdK/0cNGd9BSAJnwHT1l8SxNhl0QO0jdaA6UkCqUnxP6BSbPoL+J1HyTjF3CneG
e2oaRfb7ykGTsV6N2eUyxwJip4wH1CHG8VBRc79mirYi
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:32:13 2025 by rpki-client