Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/GnQdKM6x5sw0lIJMTADTyxVDFdo.roa
File: GnQdKM6x5sw0lIJMTADTyxVDFdo.roa (raw, json)
Hash identifier: gAlGVN6iGcw7SLUnTHRQCTRunorCr288qQxXH+yI/kQ=
Subject key identifier: 1A:74:1D:28:CE:B1:E6:CC:34:94:82:4C:4C:00:D3:CB:15:43:15:DA
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018570958D16D37A3B1FB9922351F380D0F5
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/GnQdKM6x5sw0lIJMTADTyxVDFdo.roa
Signing time: Mon 02 Jan 2023 03:45:27 +0000
ROA not before: Mon 02 Jan 2023 03:45:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200123
IP address blocks: 93.170.9.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:8d:16:d3:7a:3b:1f:b9:92:23:51:f3:80:d0:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a741d28ceb1e6cc3494824c4c00d3cb154315da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:05:82:ff:c1:7d:e5:8b:76:ae:1f:ad:d1:ad:
79:ff:38:60:b0:78:21:d5:c1:9b:46:00:7d:73:2d:
dd:3e:5b:e5:d8:04:57:6b:05:d3:e5:8f:00:0a:3b:
00:ff:34:a2:3e:8b:12:d7:ac:7e:ca:c7:8e:5c:e4:
03:04:d9:7c:5c:a1:73:90:b6:d1:d5:a9:2e:bb:25:
65:8c:74:fc:f0:4b:6c:47:0d:9b:db:3c:4a:60:fc:
cf:40:4c:77:2a:62:66:7d:7c:42:1d:ac:27:88:cf:
b4:cd:00:31:79:89:6f:23:a9:82:3e:1a:4b:ad:b3:
45:14:e1:9c:d7:1a:39:ae:05:9f:82:34:58:46:cd:
7c:06:f7:54:d7:a0:62:58:20:fa:2a:51:2b:3f:44:
05:a7:cf:35:4f:b1:3f:29:d5:df:fd:4e:a1:5a:5a:
10:b6:4f:7a:b8:99:58:72:6c:33:47:d6:07:89:27:
cf:a9:82:67:83:ca:44:9e:b3:f0:20:ab:af:78:cc:
79:6d:c3:12:7f:f0:ef:fa:20:c0:1a:3c:36:32:4f:
88:15:4a:23:60:68:0c:7b:72:e6:e9:c6:ff:75:61:
c8:64:7e:29:67:c0:78:87:5d:e6:17:42:f4:8c:d5:
48:f0:3a:04:c4:3d:56:3f:96:bd:ad:4b:9c:36:8e:
f0:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:74:1D:28:CE:B1:E6:CC:34:94:82:4C:4C:00:D3:CB:15:43:15:DA
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/GnQdKM6x5sw0lIJMTADTyxVDFdo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.170.9.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:30:6f:b6:20:0b:0b:64:60:df:af:6b:dd:db:7e:b3:57:da:
b2:d3:08:f0:46:20:1d:51:7e:58:86:e9:e1:d2:66:79:e0:d0:
2d:ef:04:a7:30:20:b8:d7:81:64:d1:05:a5:33:16:d2:01:0c:
7b:98:38:a5:89:3e:93:da:2e:54:9e:c1:6a:d2:63:ed:b3:b2:
93:e0:66:d2:a5:df:f3:53:15:1c:bc:b4:45:a6:74:47:99:a4:
d8:4d:d3:56:28:5d:fa:7e:99:f9:fe:2e:17:cb:65:ac:92:a4:
8a:59:e0:b9:23:0a:1e:c6:c8:c4:0d:54:0a:c6:76:c6:0c:d6:
16:08:dd:9b:28:8e:50:06:5a:5b:e6:a5:94:6d:21:6b:16:9b:
70:72:49:ba:6a:1f:29:33:76:8e:45:a2:51:d6:a5:28:cc:26:
43:d9:fd:46:43:fa:42:5c:62:65:bc:5b:c0:5b:39:21:4f:7b:
85:54:00:eb:69:d4:ca:c3:83:e4:50:51:ac:92:78:75:5d:4e:
33:4f:6e:3b:2a:b4:55:1f:e7:34:c3:81:d6:cf:29:a5:6d:76:
82:0d:af:2b:c3:c7:7e:09:58:55:b6:72:c1:2b:03:65:4f:ae:
07:2d:e2:c5:f6:78:60:c3:04:b0:3f:5f:ed:60:d2:bb:30:db:
a4:83:64:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlY0W03o7H7mSI1HzgND1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTc0MWQyOGNlYjFlNmNjMzQ5NDgyNGM0YzAwZDNjYjE1NDMxNWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2QWC/8F95Yt2rh+t0a15/zhgsHgh
1cGbRgB9cy3dPlvl2ARXawXT5Y8ACjsA/zSiPosS16x+yseOXOQDBNl8XKFzkLbR
1akuuyVljHT88EtsRw2b2zxKYPzPQEx3KmJmfXxCHawniM+0zQAxeYlvI6mCPhpL
rbNFFOGc1xo5rgWfgjRYRs18BvdU16BiWCD6KlErP0QFp881T7E/KdXf/U6hWloQ
tk96uJlYcmwzR9YHiSfPqYJng8pEnrPwIKuveMx5bcMSf/Dv+iDAGjw2Mk+IFUoj
YGgMe3Lm6cb/dWHIZH4pZ8B4h13mF0L0jNVI8DoExD1WP5a9rUucNo7wNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBp0HSjOsebMNJSCTEwA08sVQxXaMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvR25RZEtNNng1c3cwbElKTVRBRFR5eFZERmRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXaoJMA0G
CSqGSIb3DQEBCwUAA4IBAQAcMG+2IAsLZGDfr2vd236zV9qy0wjwRiAdUX5Yhunh
0mZ54NAt7wSnMCC414Fk0QWlMxbSAQx7mDiliT6T2i5UnsFq0mPts7KT4GbSpd/z
UxUcvLRFpnRHmaTYTdNWKF36fpn5/i4Xy2WskqSKWeC5IwoexsjEDVQKxnbGDNYW
CN2bKI5QBlpb5qWUbSFrFptwckm6ah8pM3aORaJR1qUozCZD2f1GQ/pCXGJlvFvA
WzkhT3uFVADradTKw4PkUFGsknh1XU4zT247KrRVH+c0w4HWzymlbXaCDa8rw8d+
CVhVtnLBKwNlT64HLeLF9nhgwwSwP1/tYNK7MNukg2QG
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:48:48 2025 by rpki-client