Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/CLB1ZsVjpoOqRx3eDM7CBoii3QU.roa
File: CLB1ZsVjpoOqRx3eDM7CBoii3QU.roa (raw, json)
Hash identifier: FaBB0JyHWdGJOUxd1bJ1K9LBfrjiVZtmgAqZU1FyKEE=
Subject key identifier: 08:B0:75:66:C5:63:A6:83:AA:47:1D:DE:0C:CE:C2:06:88:A2:DD:05
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0185709571F5EC833114CDBB82641CCFDD78
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/CLB1ZsVjpoOqRx3eDM7CBoii3QU.roa
Signing time: Mon 02 Jan 2023 03:45:20 +0000
ROA not before: Mon 02 Jan 2023 03:45:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61196
IP address blocks: 95.46.44.0/23 maxlen: 24
93.171.215.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:71:f5:ec:83:31:14:cd:bb:82:64:1c:cf:dd:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08b07566c563a683aa471dde0ccec20688a2dd05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:91:67:7b:94:40:a5:36:90:e2:16:7b:ce:32:
be:f6:b2:6b:21:48:ed:78:2d:c0:f1:20:9f:4c:74:
9b:90:2b:47:51:1e:49:5c:a2:18:8c:ca:0d:97:bd:
37:06:07:e4:fd:ad:ab:64:c5:14:0c:f8:99:81:bd:
ee:24:21:b4:cf:5b:5d:37:b7:b3:fa:14:68:86:75:
4d:1e:5f:7d:df:bd:60:4c:e0:d1:0d:5b:d8:e6:93:
c8:fb:95:17:c2:51:27:6d:e0:9a:c1:1b:13:36:f4:
4f:4d:8e:5f:c0:02:b0:9c:3d:cf:3a:30:b5:18:f0:
a7:a8:b2:1c:62:54:cd:f9:d7:c3:81:06:42:7d:ba:
97:46:cb:c0:a7:d7:66:97:6a:0f:e3:25:29:ee:92:
9e:3f:b4:06:84:fe:ce:e7:9f:a9:76:47:72:a3:bc:
04:c5:ad:0e:58:b1:6c:97:78:66:9c:23:9f:16:67:
12:50:a8:03:57:f4:6a:1a:b5:80:53:e6:79:fa:e9:
c8:57:4e:a0:b5:49:a1:11:ec:f0:cb:3a:42:72:96:
c3:cd:f8:f7:41:dc:09:0e:58:de:9b:76:e3:a0:75:
4c:c7:23:e7:3d:fe:42:48:d0:25:4d:80:1c:7d:3d:
f2:e3:f5:7d:12:be:5c:15:5b:2a:f6:d7:d4:f8:02:
bb:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:B0:75:66:C5:63:A6:83:AA:47:1D:DE:0C:CE:C2:06:88:A2:DD:05
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/CLB1ZsVjpoOqRx3eDM7CBoii3QU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.171.215.0/24
95.46.44.0/23
Signature Algorithm: sha256WithRSAEncryption
65:98:1e:78:c6:53:18:09:66:3c:dc:26:75:67:bc:13:99:78:
9b:4e:03:6b:a2:a1:3e:c7:53:ee:67:77:d2:41:1f:98:49:c9:
09:a8:6b:99:69:3a:e4:02:3e:22:a6:f6:8a:c2:4a:2e:eb:43:
0e:0e:b8:ac:ba:2e:ff:d2:4a:75:e8:13:31:f2:3a:62:b7:fe:
d4:7a:9c:a1:b5:83:62:b8:0a:e3:f4:ec:65:78:b3:b6:1a:de:
bb:59:a8:d6:a6:3a:f4:e4:d0:17:f8:a9:b8:95:8d:c3:d7:5a:
67:08:cc:b6:6a:4f:1e:0e:3c:83:07:00:90:98:12:ff:93:13:
bc:b3:41:01:3b:90:d1:32:7e:ea:c4:38:a5:ee:c5:27:41:33:
3d:48:aa:35:a4:83:b6:45:12:5b:d9:8f:40:57:c1:4e:ff:c3:
c8:52:5c:e4:8c:39:1f:85:e2:14:b5:71:dd:0b:d1:74:ab:35:
8e:1c:91:94:72:65:e3:af:c0:f8:49:af:7d:37:8e:c5:e3:3a:
14:5b:f2:22:58:2d:c9:e4:ed:05:20:31:ef:3d:cd:4c:0c:d7:
66:e5:bf:eb:8a:a4:15:1f:c8:20:aa:fc:50:16:33:32:f5:be:
06:d6:bf:84:96:56:26:09:f1:82:dd:fe:cb:d7:a0:d1:c3:62:
0a:af:07:fc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwlXH17IMxFM27gmQcz914MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGIwNzU2NmM1NjNhNjgzYWE0NzFkZGUwY2NlYzIwNjg4YTJkZDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5Fne5RApTaQ4hZ7zjK+9rJrIUjt
eC3A8SCfTHSbkCtHUR5JXKIYjMoNl703Bgfk/a2rZMUUDPiZgb3uJCG0z1tdN7ez
+hRohnVNHl99371gTODRDVvY5pPI+5UXwlEnbeCawRsTNvRPTY5fwAKwnD3POjC1
GPCnqLIcYlTN+dfDgQZCfbqXRsvAp9dml2oP4yUp7pKeP7QGhP7O55+pdkdyo7wE
xa0OWLFsl3hmnCOfFmcSUKgDV/RqGrWAU+Z5+unIV06gtUmhEezwyzpCcpbDzfj3
QdwJDljem3bjoHVMxyPnPf5CSNAlTYAcfT3y4/V9Er5cFVsq9tfU+AK7oQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAiwdWbFY6aDqkcd3gzOwgaIot0FMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvQ0xCMVpzVmpwb09xUngzZURNN0NCb2lpM1FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXavXAwQB
Xy4sMA0GCSqGSIb3DQEBCwUAA4IBAQBlmB54xlMYCWY83CZ1Z7wTmXibTgNroqE+
x1PuZ3fSQR+YSckJqGuZaTrkAj4ipvaKwkou60MODrisui7/0kp16BMx8jpit/7U
epyhtYNiuArj9OxleLO2Gt67WajWpjr05NAX+Km4lY3D11pnCMy2ak8eDjyDBwCQ
mBL/kxO8s0EBO5DRMn7qxDil7sUnQTM9SKo1pIO2RRJb2Y9AV8FO/8PIUlzkjDkf
heIUtXHdC9F0qzWOHJGUcmXjr8D4Sa99N47F4zoUW/IiWC3J5O0FIDHvPc1MDNdm
5b/riqQVH8ggqvxQFjMy9b4G1r+EllYmCfGC3f7L16DRw2IKrwf8
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:48:34 2025 by rpki-client