Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/HvVC6oag1Cw1gUzOaucYKWNX1Gg.roa
File: HvVC6oag1Cw1gUzOaucYKWNX1Gg.roa (raw, json)
Hash identifier: aqQT0ar40REWnXDzbr24r+aXBhtipf4d0Wbsl02HRZI=
Subject key identifier: 1E:F5:42:EA:86:A0:D4:2C:35:81:4C:CE:6A:E7:18:29:63:57:D4:68
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018650A5E064715569ADD65B5F6F3C1554D0
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/HvVC6oag1Cw1gUzOaucYKWNX1Gg.roa
Signing time: Tue 14 Feb 2023 15:58:13 +0000
ROA not before: Tue 14 Feb 2023 15:58:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47349
IP address blocks: 93.171.155.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:50:a5:e0:64:71:55:69:ad:d6:5b:5f:6f:3c:15:54:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Feb 14 15:58:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ef542ea86a0d42c35814cce6ae718296357d468
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:1b:64:81:6c:12:ac:55:4e:67:2b:26:fd:48:
e7:25:ca:02:f1:ba:ea:fd:0d:0c:64:f5:ee:4f:f4:
2e:82:e1:93:ad:94:46:f5:c0:1c:a7:36:39:58:24:
9b:7c:37:1f:ea:16:58:0f:82:79:66:dd:e7:26:ad:
8c:c1:0a:ee:1e:89:6f:65:41:6e:ad:70:bb:7b:da:
48:c2:2a:6c:15:77:94:2c:57:15:43:4a:36:b3:a2:
9d:97:73:33:cf:d6:5b:63:7f:eb:a9:33:c5:44:81:
b5:42:d2:31:e0:36:1f:81:95:36:60:09:16:57:a6:
8b:59:2e:bc:96:1f:29:70:62:87:41:5a:bb:47:56:
26:1e:b8:da:87:8c:f4:2c:4f:34:9d:5a:80:02:46:
f7:1c:e7:10:e0:8b:53:b4:cc:2b:29:7e:fd:d6:6c:
58:75:62:d7:44:c1:de:09:7f:ef:69:f6:fd:b1:b8:
0c:82:f6:f7:1a:da:dd:e7:bf:0a:fe:ca:f0:44:69:
15:31:41:09:1c:5f:4b:7a:4b:f4:ec:5a:d0:e9:0e:
90:52:f3:6c:de:ea:13:a2:e4:ec:de:dd:ca:16:b0:
dc:31:14:b7:b2:92:0f:2b:7e:23:f1:e9:b4:58:b0:
4c:bb:47:e1:ca:b4:49:5d:36:32:be:fc:3a:af:49:
55:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:F5:42:EA:86:A0:D4:2C:35:81:4C:CE:6A:E7:18:29:63:57:D4:68
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/HvVC6oag1Cw1gUzOaucYKWNX1Gg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.171.155.0/24
Signature Algorithm: sha256WithRSAEncryption
06:d4:82:32:66:11:b7:5c:ff:c0:e9:a2:e2:c5:15:86:7a:eb:
79:ec:ee:75:d4:c4:3c:7d:f5:ec:c3:14:a5:5e:34:6b:83:93:
4f:b0:9a:2d:4a:88:58:28:fc:60:b6:eb:d0:69:49:67:6a:04:
84:87:79:7a:06:18:05:40:11:13:c1:bf:ae:07:a0:e1:41:c5:
69:63:cf:4d:03:b0:2f:64:35:bb:ab:18:5c:6d:7b:30:0b:13:
50:5f:78:74:0a:05:2c:54:29:bd:8c:e4:40:c7:2a:b1:a0:1d:
62:66:24:ca:20:c8:ba:c6:83:8c:75:0f:2c:8b:d1:ad:f6:fe:
27:f2:ab:ba:77:75:08:1d:a1:83:c9:2a:d7:41:09:f2:6e:83:
91:a5:19:d5:f0:5e:6f:a0:fe:4d:5d:fa:76:a0:a6:89:51:60:
a4:42:f1:82:dc:90:55:50:53:02:57:1f:bc:c5:99:45:4a:f0:
e0:76:22:36:33:d8:8d:e3:e9:cb:8d:07:c5:88:68:9a:92:82:
b4:68:d7:9e:e5:fd:e9:a3:a3:0b:0b:66:d0:39:26:07:21:ab:
f5:be:89:74:fd:35:2c:09:e8:c6:f9:9d:9a:7d:48:52:b9:ef:
be:46:b4:5c:ec:6a:26:7f:55:16:0f:c6:5c:dd:ff:50:df:c4:
36:08:82:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZQpeBkcVVprdZbX288FVTQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMjE0MTU1ODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWY1NDJlYTg2YTBkNDJjMzU4MTRjY2U2YWU3MTgyOTYzNTdkNDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxtkgWwSrFVOZysm/UjnJcoC8brq
/Q0MZPXuT/QuguGTrZRG9cAcpzY5WCSbfDcf6hZYD4J5Zt3nJq2MwQruHolvZUFu
rXC7e9pIwipsFXeULFcVQ0o2s6Kdl3Mzz9ZbY3/rqTPFRIG1QtIx4DYfgZU2YAkW
V6aLWS68lh8pcGKHQVq7R1YmHrjah4z0LE80nVqAAkb3HOcQ4ItTtMwrKX791mxY
dWLXRMHeCX/vafb9sbgMgvb3Gtrd578K/srwRGkVMUEJHF9Lekv07FrQ6Q6QUvNs
3uoTouTs3t3KFrDcMRS3spIPK34j8em0WLBMu0fhyrRJXTYyvvw6r0lVNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB71QuqGoNQsNYFMzmrnGCljV9RoMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvSHZWQzZvYWcxQ3cxZ1V6T2F1Y1lLV05YMUdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXaubMA0G
CSqGSIb3DQEBCwUAA4IBAQAG1IIyZhG3XP/A6aLixRWGeut57O511MQ8ffXswxSl
XjRrg5NPsJotSohYKPxgtuvQaUlnagSEh3l6BhgFQBETwb+uB6DhQcVpY89NA7Av
ZDW7qxhcbXswCxNQX3h0CgUsVCm9jORAxyqxoB1iZiTKIMi6xoOMdQ8si9Gt9v4n
8qu6d3UIHaGDySrXQQnyboORpRnV8F5voP5NXfp2oKaJUWCkQvGC3JBVUFMCVx+8
xZlFSvDgdiI2M9iN4+nLjQfFiGiakoK0aNee5f3po6MLC2bQOSYHIav1vol0/TUs
CejG+Z2afUhSue++RrRc7Gomf1UWD8Zc3f9Q38Q2CIII
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:32:14 2025 by rpki-client