Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/CsFtZw2WQgoHeOHR2Niya-irzbU.roa
File: CsFtZw2WQgoHeOHR2Niya-irzbU.roa (raw, json)
Hash identifier: HyVw/yInmwMDSykFVvvQGKTfr9smi6PE7vuHuC+nOwg=
Subject key identifier: 0A:C1:6D:67:0D:96:42:0A:07:78:E1:D1:D8:D8:B2:6B:E8:AB:CD:B5
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018B2333247A3B87351FCF0A6955290F5A18
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/CsFtZw2WQgoHeOHR2Niya-irzbU.roa
Signing time: Thu 12 Oct 2023 09:23:55 +0000
ROA not before: Thu 12 Oct 2023 09:23:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42350
IP address blocks: 93.170.89.0/24 maxlen: 24
146.120.220.0/24 maxlen: 24
146.120.234.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:23:33:24:7a:3b:87:35:1f:cf:0a:69:55:29:0f:5a:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Oct 12 09:23:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0ac16d670d96420a0778e1d1d8d8b26be8abcdb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:8d:d7:b3:7e:9e:62:4d:f5:bf:cb:c9:73:53:
93:af:c5:85:48:39:1f:38:0c:ea:0d:43:23:98:d3:
aa:73:92:f3:0f:5c:24:75:16:93:2d:ef:7f:80:6b:
1c:91:52:3f:fd:67:cd:4c:39:6e:15:01:eb:12:d6:
27:0e:c2:aa:f2:2b:2a:47:f3:ad:c2:17:3a:92:16:
37:0f:e1:51:95:37:99:09:62:cd:77:75:e8:02:17:
31:c4:10:ca:84:a7:ea:d7:56:95:ae:a2:65:ef:1c:
ae:dc:6b:24:a5:cd:0c:f5:0d:91:36:6f:fc:95:c0:
bc:75:3c:65:d0:4d:91:94:c3:9b:db:10:77:af:9b:
4c:97:c5:e5:5d:bb:16:02:e9:2c:f1:01:bb:ea:da:
d1:c8:b3:4a:be:05:f7:f8:7f:1f:e5:89:bb:a8:02:
27:eb:f9:6d:03:98:a4:91:df:7a:73:b2:00:13:15:
1e:f9:c7:95:c8:a3:df:0c:da:7d:a9:44:53:9a:bb:
1d:85:f8:53:4e:92:56:93:7e:72:a2:e7:8e:b3:48:
07:ee:08:97:7f:53:90:21:71:d9:d4:d0:ec:4e:c3:
64:85:47:d6:ad:df:40:a1:a6:3d:39:a2:7a:d2:73:
b1:c7:8a:dd:9a:52:d1:02:a5:6b:c6:f2:f2:22:60:
98:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:C1:6D:67:0D:96:42:0A:07:78:E1:D1:D8:D8:B2:6B:E8:AB:CD:B5
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/CsFtZw2WQgoHeOHR2Niya-irzbU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.170.89.0/24
146.120.220.0/24
146.120.234.0/23
Signature Algorithm: sha256WithRSAEncryption
95:7a:d5:ef:e1:01:dc:dc:52:e3:10:4c:0f:41:84:48:5f:62:
c8:ed:4b:ab:ad:8f:8c:ca:21:ce:bd:3c:57:a6:ee:1e:ae:13:
99:ec:30:28:09:8c:00:14:93:6b:f6:11:57:bd:3e:91:eb:9e:
20:04:e9:fa:42:6a:6e:03:2b:1d:24:fd:83:b3:1a:28:f5:4f:
91:6d:2f:d7:54:4e:d2:b1:b9:6a:ec:2c:f9:11:04:2a:76:bf:
0f:f3:90:a9:6d:57:91:13:eb:e4:0c:86:fc:61:14:43:e4:35:
ed:65:ab:cf:5c:3c:7b:f0:fa:a5:4b:e7:57:cb:b6:6b:57:8e:
9e:f0:d2:59:45:cd:7a:fc:d8:0f:62:01:8a:78:26:71:86:cc:
4a:a0:54:9f:5e:c3:3c:14:36:a6:66:5e:0c:01:dd:8a:66:fe:
cd:49:f9:9b:00:20:23:96:d8:8f:4c:aa:8d:dd:7f:61:98:57:
9b:44:47:2d:9a:8f:21:c7:9c:c8:aa:61:1a:93:2b:5f:31:60:
dc:0e:df:8b:63:52:b0:ec:4e:6f:a2:4e:df:3a:1a:43:4a:04:
af:02:b2:ed:f0:d2:a5:a9:27:16:af:c2:7c:9d:53:6a:53:12:
7a:46:82:80:91:7b:a3:d3:9d:05:aa:df:f6:7f:6c:8d:14:8b:
b9:bd:be:ac
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYsjMyR6O4c1H88KaVUpD1oYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMxMDEyMDkyMzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWMxNmQ2NzBkOTY0MjBhMDc3OGUxZDFkOGQ4YjI2YmU4YWJjZGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArY3Xs36eYk31v8vJc1OTr8WFSDkf
OAzqDUMjmNOqc5LzD1wkdRaTLe9/gGsckVI//WfNTDluFQHrEtYnDsKq8isqR/Ot
whc6khY3D+FRlTeZCWLNd3XoAhcxxBDKhKfq11aVrqJl7xyu3Gskpc0M9Q2RNm/8
lcC8dTxl0E2RlMOb2xB3r5tMl8XlXbsWAuks8QG76trRyLNKvgX3+H8f5Ym7qAIn
6/ltA5ikkd96c7IAExUe+ceVyKPfDNp9qURTmrsdhfhTTpJWk35youeOs0gH7giX
f1OQIXHZ1NDsTsNkhUfWrd9AoaY9OaJ60nOxx4rdmlLRAqVrxvLyImCYUwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFArBbWcNlkIKB3jh0djYsmvoq821MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvQ3NGdFp3MldRZ29IZU9IUjJOaXlhLWlyemJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXapZAwQA
knjcAwQBknjqMA0GCSqGSIb3DQEBCwUAA4IBAQCVetXv4QHc3FLjEEwPQYRIX2LI
7UurrY+MyiHOvTxXpu4erhOZ7DAoCYwAFJNr9hFXvT6R654gBOn6QmpuAysdJP2D
sxoo9U+RbS/XVE7Ssblq7Cz5EQQqdr8P85CpbVeRE+vkDIb8YRRD5DXtZavPXDx7
8PqlS+dXy7ZrV46e8NJZRc16/NgPYgGKeCZxhsxKoFSfXsM8FDamZl4MAd2KZv7N
SfmbACAjltiPTKqN3X9hmFebREctmo8hx5zIqmEakytfMWDcDt+LY1Kw7E5vok7f
OhpDSgSvArLt8NKlqScWr8J8nVNqUxJ6RoKAkXuj050Fqt/2f2yNFIu5vb6s
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:00:33 2025 by rpki-client