Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Glyj5Omh-SFZigJISvOyDjAI4Cs.roa
File: Glyj5Omh-SFZigJISvOyDjAI4Cs.roa (raw, json)
Hash identifier: uMWLJ0+LqlOCjhKjVvbuJQg0dCgb8ih6PAQlsvMXMD0=
Subject key identifier: 1A:5C:A3:E4:E9:A1:F9:21:59:8A:02:48:4A:F3:B2:0E:30:08:E0:2B
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0185709506567F7E0E77F04E8B4822F17074
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Glyj5Omh-SFZigJISvOyDjAI4Cs.roa
Signing time: Mon 02 Jan 2023 03:44:52 +0000
ROA not before: Mon 02 Jan 2023 03:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8381
IP address blocks: 95.46.2.0/23 maxlen: 24
95.46.122.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:06:56:7f:7e:0e:77:f0:4e:8b:48:22:f1:70:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a5ca3e4e9a1f921598a02484af3b20e3008e02b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:43:e2:77:8e:8e:0b:43:8b:6b:13:c7:68:87:
93:84:e1:08:53:46:ed:40:5d:82:06:d4:36:c3:ae:
ed:1e:b7:fd:25:9c:c8:9b:94:dc:4e:9d:5a:3b:f4:
22:1b:f0:63:cc:de:0b:d0:68:81:ba:0e:7c:78:07:
ad:bb:7b:d0:c9:8c:58:21:43:7a:d3:53:19:7e:2a:
d5:da:68:69:78:56:7b:f1:37:87:53:b6:56:cd:73:
64:f2:88:4f:3f:4a:e0:d5:85:84:77:2f:13:fd:c2:
2e:33:f3:a1:0e:70:b7:86:5d:4a:1a:24:33:9a:66:
94:34:4f:af:85:ae:a8:1c:27:49:dd:23:eb:32:5e:
28:7b:8e:0b:e0:f4:f9:61:11:e2:fe:a3:78:f9:29:
7e:d6:53:7d:f0:be:5b:0b:7f:ab:65:8e:bd:43:be:
9c:bf:2c:2a:e9:c4:3f:03:4d:e5:ac:e0:48:1c:c8:
55:bd:c4:a9:a3:47:5a:2b:2d:cd:61:60:02:0d:47:
61:84:2e:5f:dc:85:bf:62:1d:ed:c4:bd:3b:43:07:
be:53:37:11:c1:12:d4:22:44:62:0c:18:d1:04:d9:
59:53:fb:5c:f3:13:45:d7:38:b5:e9:83:5f:cb:c3:
d6:1d:7c:c9:58:40:7f:77:79:61:c8:c3:d0:5a:31:
7b:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:5C:A3:E4:E9:A1:F9:21:59:8A:02:48:4A:F3:B2:0E:30:08:E0:2B
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Glyj5Omh-SFZigJISvOyDjAI4Cs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.46.2.0/23
95.46.122.0/23
Signature Algorithm: sha256WithRSAEncryption
2c:4f:7a:c5:42:4d:64:db:53:40:2a:29:0e:5d:9d:a3:8b:2c:
5a:dc:ae:3d:ae:7d:44:55:f6:da:82:b8:77:38:52:98:b1:30:
2d:8d:04:ec:3d:8b:02:2f:14:ba:fd:e0:7a:15:b0:9e:c0:ca:
43:ec:6c:92:fe:43:b5:98:bb:73:1f:78:5e:e9:65:8a:89:59:
32:35:9c:b9:9b:e0:e7:3d:17:34:d6:31:d2:36:fc:29:ac:b6:
a0:1c:29:04:d6:ca:4a:eb:9d:87:aa:21:5f:7a:2c:e9:89:77:
ad:e1:91:05:b8:cf:34:93:b6:07:dc:bb:95:67:00:30:27:7f:
80:d5:66:40:34:1e:6a:8c:17:fe:08:9b:08:f0:5e:ac:7a:a8:
bb:8b:c6:3a:9d:18:42:7a:1f:3d:3a:82:7a:34:9a:ad:71:f3:
7e:31:17:60:e3:65:f2:ff:a6:8f:d2:e5:ce:5b:4b:de:2f:37:
98:af:f4:bd:ff:94:35:9f:ba:05:e3:2f:79:76:3d:c2:86:2b:
21:1d:de:1e:0b:bd:b7:78:8a:7b:65:c3:34:b8:2c:3f:ac:c1:
a5:05:ff:e5:fa:a2:58:a1:bb:99:1c:74:42:24:1e:57:17:63:
74:9e:6d:f9:3d:5b:9d:ff:29:12:94:f9:f6:54:a8:f9:a5:9a:
f0:23:a5:a7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwlQZWf34Od/BOi0gi8XB0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTVjYTNlNGU5YTFmOTIxNTk4YTAyNDg0YWYzYjIwZTMwMDhlMDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAykPid46OC0OLaxPHaIeThOEIU0bt
QF2CBtQ2w67tHrf9JZzIm5TcTp1aO/QiG/BjzN4L0GiBug58eAetu3vQyYxYIUN6
01MZfirV2mhpeFZ78TeHU7ZWzXNk8ohPP0rg1YWEdy8T/cIuM/OhDnC3hl1KGiQz
mmaUNE+vha6oHCdJ3SPrMl4oe44L4PT5YRHi/qN4+Sl+1lN98L5bC3+rZY69Q76c
vywq6cQ/A03lrOBIHMhVvcSpo0daKy3NYWACDUdhhC5f3IW/Yh3txL07Qwe+UzcR
wRLUIkRiDBjRBNlZU/tc8xNF1zi16YNfy8PWHXzJWEB/d3lhyMPQWjF7nwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBpco+TpofkhWYoCSErzsg4wCOArMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvR2x5ajVPbWgtU0ZaaWdKSVN2T3lEakFJNENzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBXy4CAwQB
Xy56MA0GCSqGSIb3DQEBCwUAA4IBAQAsT3rFQk1k21NAKikOXZ2jiyxa3K49rn1E
Vfbagrh3OFKYsTAtjQTsPYsCLxS6/eB6FbCewMpD7GyS/kO1mLtzH3he6WWKiVky
NZy5m+DnPRc01jHSNvwprLagHCkE1spK652HqiFfeizpiXet4ZEFuM80k7YH3LuV
ZwAwJ3+A1WZANB5qjBf+CJsI8F6seqi7i8Y6nRhCeh89OoJ6NJqtcfN+MRdg42Xy
/6aP0uXOW0veLzeYr/S9/5Q1n7oF4y95dj3ChishHd4eC723eIp7ZcM0uCw/rMGl
Bf/l+qJYobuZHHRCJB5XF2N0nm35PVud/ykSlPn2VKj5pZrwI6Wn
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:29:41 2025 by rpki-client