Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/F2JOA880CKOzHUJ0pO6TiGLcgZc.roa
File: F2JOA880CKOzHUJ0pO6TiGLcgZc.roa (raw, json)
Hash identifier: XfH8ryF261MGsoqfgWl/acxX4Z0bFIXY7rxuslwdTgc=
Subject key identifier: 17:62:4E:03:CF:34:08:A3:B3:1D:42:74:A4:EE:93:88:62:DC:81:97
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01857095C24AC0DFFC40B97BC6E902B0EC71
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/F2JOA880CKOzHUJ0pO6TiGLcgZc.roa
Signing time: Mon 02 Jan 2023 03:45:40 +0000
ROA not before: Mon 02 Jan 2023 03:45:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212940
IP address blocks: 95.46.106.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:c2:4a:c0:df:fc:40:b9:7b:c6:e9:02:b0:ec:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=17624e03cf3408a3b31d4274a4ee938862dc8197
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:0b:c1:d0:32:5c:29:8d:a3:f5:6b:0e:95:80:
42:60:a3:c3:08:e2:53:a7:1a:3a:c3:bc:32:e5:be:
f0:55:f2:ce:1b:bd:5d:dc:45:d0:0e:71:a4:80:b3:
6f:91:ea:7c:c0:73:6e:9f:92:a3:d9:f7:c4:af:17:
32:26:e6:9a:17:63:83:dd:6e:0a:0d:50:10:cd:ab:
25:25:07:22:5b:cc:54:58:53:da:9b:ba:9c:56:cd:
0b:9c:a8:f0:71:dc:cc:f2:27:26:64:be:95:06:2d:
14:c0:69:24:76:a9:a2:6f:a5:2e:cd:f8:58:14:2f:
d7:02:d7:72:f4:14:40:13:78:20:f3:ac:d1:eb:d3:
cb:cf:55:6a:9e:a4:9e:aa:7c:cb:7e:16:22:cb:f2:
59:18:a6:90:66:87:09:64:64:50:f5:e6:6d:17:4f:
ec:56:e1:42:58:b1:7a:56:ca:0a:cc:87:76:ca:bf:
09:a8:69:a6:a7:d7:96:9b:fe:10:e3:9c:53:72:36:
9a:2f:c6:e3:77:01:3c:d0:34:2c:db:40:7e:60:47:
a9:09:95:84:b6:ea:39:0b:3b:a7:60:47:07:22:bf:
46:e7:59:03:65:c4:3b:fb:39:46:61:95:f6:da:00:
b0:45:31:1a:57:02:f6:f3:28:4b:da:e2:5d:ab:a5:
77:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:62:4E:03:CF:34:08:A3:B3:1D:42:74:A4:EE:93:88:62:DC:81:97
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/F2JOA880CKOzHUJ0pO6TiGLcgZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.46.106.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:54:51:4b:21:7e:c3:48:bb:4c:30:e5:45:c6:b5:27:3e:59:
98:d8:f3:11:4e:1c:95:95:26:be:86:60:dc:04:ca:95:cf:6d:
de:23:53:4f:16:fd:f6:e1:80:00:94:23:53:45:e6:2b:31:e3:
6c:62:eb:b2:32:39:bb:03:bb:8b:dc:9b:80:cf:a0:b6:94:99:
32:86:d4:eb:f0:58:92:2b:e1:ef:e1:0f:d8:0f:3b:66:c0:41:
24:3d:c2:df:d3:f4:9c:d9:a1:33:e7:0c:00:28:97:98:2c:22:
70:9c:25:58:43:ab:8e:29:23:2e:e9:ac:1c:10:78:d2:a4:04:
47:b4:89:f1:bd:de:02:ee:32:f4:63:59:4a:6c:de:0c:8b:25:
be:80:70:90:65:ef:03:fa:b0:ce:53:ed:ac:c0:df:8c:cb:fe:
6f:ef:36:6c:06:d7:75:76:af:98:75:58:b4:f5:cb:82:fc:9e:
8b:c3:ff:5f:bd:ba:69:2e:17:90:5a:c5:6a:22:a3:00:0a:15:
fe:58:46:00:55:bb:93:f9:ca:0b:e8:12:f6:d1:56:7f:a9:3d:
1d:33:16:ee:21:e6:ce:81:1d:98:98:91:83:ab:0c:0a:40:e7:
d2:92:cc:50:7e:77:3b:be:65:af:a6:6c:44:be:5f:24:a7:6e:
c4:58:c7:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlcJKwN/8QLl7xukCsOxxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzYyNGUwM2NmMzQwOGEzYjMxZDQyNzRhNGVlOTM4ODYyZGM4MTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngvB0DJcKY2j9WsOlYBCYKPDCOJT
pxo6w7wy5b7wVfLOG71d3EXQDnGkgLNvkep8wHNun5Kj2ffErxcyJuaaF2OD3W4K
DVAQzaslJQciW8xUWFPam7qcVs0LnKjwcdzM8icmZL6VBi0UwGkkdqmib6UuzfhY
FC/XAtdy9BRAE3gg86zR69PLz1VqnqSeqnzLfhYiy/JZGKaQZocJZGRQ9eZtF0/s
VuFCWLF6VsoKzId2yr8JqGmmp9eWm/4Q45xTcjaaL8bjdwE80DQs20B+YEepCZWE
tuo5CzunYEcHIr9G51kDZcQ7+zlGYZX22gCwRTEaVwL28yhL2uJdq6V3OQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBdiTgPPNAijsx1CdKTuk4hi3IGXMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvRjJKT0E4ODBDS096SFVKMHBPNlRpR0xjZ1pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXy5qMA0G
CSqGSIb3DQEBCwUAA4IBAQAtVFFLIX7DSLtMMOVFxrUnPlmY2PMRThyVlSa+hmDc
BMqVz23eI1NPFv324YAAlCNTReYrMeNsYuuyMjm7A7uL3JuAz6C2lJkyhtTr8FiS
K+Hv4Q/YDztmwEEkPcLf0/Sc2aEz5wwAKJeYLCJwnCVYQ6uOKSMu6awcEHjSpARH
tInxvd4C7jL0Y1lKbN4MiyW+gHCQZe8D+rDOU+2swN+My/5v7zZsBtd1dq+YdVi0
9cuC/J6Lw/9fvbppLheQWsVqIqMAChX+WEYAVbuT+coL6BL20VZ/qT0dMxbuIebO
gR2YmJGDqwwKQOfSksxQfnc7vmWvpmxEvl8kp27EWMft
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:05:49 2025 by rpki-client