Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/IqAgQkTlDchhOtQ46aEvU1jcktA.roa
File: IqAgQkTlDchhOtQ46aEvU1jcktA.roa (raw, json)
Hash identifier: nxUozE3QXmoONAgzrTT70BCL+msG8BtiYcF31sinG6w=
Subject key identifier: 22:A0:20:42:44:E5:0D:C8:61:3A:D4:38:E9:A1:2F:53:58:DC:92:D0
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0187B354A6499D47C5EAD120EA60B46CE812
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/IqAgQkTlDchhOtQ46aEvU1jcktA.roa
Signing time: Mon 24 Apr 2023 12:54:41 +0000
ROA not before: Mon 24 Apr 2023 12:54:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213029
IP address blocks: 93.170.6.0/24 maxlen: 24
95.47.238.0/23 maxlen: 24
95.47.127.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b3:54:a6:49:9d:47:c5:ea:d1:20:ea:60:b4:6c:e8:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Apr 24 12:54:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=22a0204244e50dc8613ad438e9a12f5358dc92d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:ce:4e:0d:09:fa:5a:19:c9:e3:e0:a0:59:64:
9e:70:75:15:2d:c2:10:e0:d9:e8:7c:d6:d0:c8:f4:
bf:b9:61:87:0d:58:df:c4:76:65:34:e1:9f:f7:ed:
50:2d:b3:b0:ee:3e:00:37:34:c3:48:05:b5:ce:5d:
f0:90:f5:5d:b8:d1:4b:95:b6:a0:53:78:9d:3b:76:
8b:4f:aa:a4:6f:66:c5:9a:b8:a9:b8:4a:04:c0:7c:
2d:1e:ee:3d:21:96:dd:de:85:1e:91:3e:23:4b:61:
8b:6a:6a:16:be:b9:bd:74:c3:18:08:47:0d:08:36:
a6:71:7d:5b:10:e6:55:2d:8a:d0:3c:70:af:86:95:
08:3d:79:14:d3:8b:01:ec:17:ec:4a:ef:11:e2:fa:
b5:6f:7b:02:ba:81:cb:8e:66:a9:27:e6:d8:34:b0:
fa:4b:d7:c4:aa:8d:53:7a:48:04:4b:a9:13:51:b4:
82:e9:3f:ed:eb:66:d7:19:cd:56:df:f6:e5:bc:39:
ff:b2:d2:69:23:ec:1c:dc:17:08:45:ce:5d:53:e4:
54:e3:10:88:d1:9d:3c:bc:b0:4f:55:b0:2e:7e:52:
12:88:7d:fd:45:83:fa:4b:08:a7:d1:10:b0:8d:30:
2e:e1:ac:2d:35:e9:f5:af:6b:38:94:d0:e0:20:05:
2b:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:A0:20:42:44:E5:0D:C8:61:3A:D4:38:E9:A1:2F:53:58:DC:92:D0
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/IqAgQkTlDchhOtQ46aEvU1jcktA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.170.6.0/24
95.47.127.0/24
95.47.238.0/23
Signature Algorithm: sha256WithRSAEncryption
5b:03:2d:34:60:fe:14:52:de:a4:22:39:cb:e2:c1:de:b7:6b:
7e:03:42:13:65:c6:f6:20:be:99:98:f3:cb:d9:15:9c:1b:51:
cc:4a:83:49:84:2b:be:5a:86:cd:7d:49:1c:f7:6b:7c:8d:6d:
26:c6:f5:f4:00:10:1f:93:c5:df:6a:cb:bc:37:1a:96:58:8d:
d3:a7:8a:f3:6e:b1:2c:50:23:5f:ca:1c:90:ad:01:66:0b:fa:
db:f5:82:b8:1b:be:b2:ba:db:d5:e9:87:d2:f0:b0:c1:08:ad:
b8:a5:28:08:88:e4:6c:8b:75:e5:72:8e:f0:7e:a1:59:10:99:
c3:16:9b:4d:80:06:56:ab:a0:19:5e:a8:7a:10:9b:f8:9a:7e:
b5:e7:68:a4:de:61:60:6a:a3:57:30:b9:01:56:31:bb:c0:1b:
43:30:5f:82:8f:66:42:91:a1:1f:60:22:46:91:76:90:90:30:
58:bf:3b:26:d9:1a:f2:3a:e3:bf:5a:8e:8b:d9:7e:5d:80:0b:
6c:d8:43:45:b7:47:1f:49:eb:bc:66:57:41:a1:50:ca:2a:7d:
e3:d6:32:89:b1:5b:61:50:3b:12:5b:bd:5d:86:76:58:30:cd:
5a:0c:18:e8:77:61:c1:2e:15:14:97:51:fa:cc:4d:b6:42:a7:
2f:fc:e8:a2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYezVKZJnUfF6tEg6mC0bOgSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwNDI0MTI1NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmEwMjA0MjQ0ZTUwZGM4NjEzYWQ0MzhlOWExMmY1MzU4ZGM5MmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjc5ODQn6WhnJ4+CgWWSecHUVLcIQ
4NnofNbQyPS/uWGHDVjfxHZlNOGf9+1QLbOw7j4ANzTDSAW1zl3wkPVduNFLlbag
U3idO3aLT6qkb2bFmripuEoEwHwtHu49IZbd3oUekT4jS2GLamoWvrm9dMMYCEcN
CDamcX1bEOZVLYrQPHCvhpUIPXkU04sB7BfsSu8R4vq1b3sCuoHLjmapJ+bYNLD6
S9fEqo1TekgES6kTUbSC6T/t62bXGc1W3/blvDn/stJpI+wc3BcIRc5dU+RU4xCI
0Z08vLBPVbAuflISiH39RYP6Swin0RCwjTAu4awtNen1r2s4lNDgIAUrawIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCKgIEJE5Q3IYTrUOOmhL1NY3JLQMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvSXFBZ1FrVGxEY2hoT3RRNDZhRXZVMWpja3RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXaoGAwQA
Xy9/AwQBXy/uMA0GCSqGSIb3DQEBCwUAA4IBAQBbAy00YP4UUt6kIjnL4sHet2t+
A0ITZcb2IL6ZmPPL2RWcG1HMSoNJhCu+WobNfUkc92t8jW0mxvX0ABAfk8Xfasu8
NxqWWI3Tp4rzbrEsUCNfyhyQrQFmC/rb9YK4G76yutvV6YfS8LDBCK24pSgIiORs
i3Xlco7wfqFZEJnDFptNgAZWq6AZXqh6EJv4mn6152ik3mFgaqNXMLkBVjG7wBtD
MF+Cj2ZCkaEfYCJGkXaQkDBYvzsm2RryOuO/Wo6L2X5dgAts2ENFt0cfSeu8ZldB
oVDKKn3j1jKJsVthUDsSW71dhnZYMM1aDBjod2HBLhUUl1H6zE22Qqcv/Oii
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:20:09 2025 by rpki-client