Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/RPJudKiXrrTK6L4TGnp_waEXbBw.roa
File: RPJudKiXrrTK6L4TGnp_waEXbBw.roa (raw, json)
Hash identifier: lrm+CS27gyqqwRAwIAgLdPPayKa2IVl9o065vL2e09Y=
Subject key identifier: 44:F2:6E:74:A8:97:AE:B4:CA:E8:BE:13:1A:7A:7F:C1:A1:17:6C:1C
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018570951E1849AB44DDD47BAB63EAABEC2E
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/RPJudKiXrrTK6L4TGnp_waEXbBw.roa
Signing time: Mon 02 Jan 2023 03:44:58 +0000
ROA not before: Mon 02 Jan 2023 03:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42066
IP address blocks: 93.170.170.0/23 maxlen: 24
95.46.7.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:1e:18:49:ab:44:dd:d4:7b:ab:63:ea:ab:ec:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=44f26e74a897aeb4cae8be131a7a7fc1a1176c1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:d0:ab:65:56:37:f7:e7:35:15:3b:8d:46:d2:
a9:de:ea:1a:dd:70:80:e9:12:11:7b:45:c9:19:0d:
e2:9a:1e:0d:84:b0:1b:da:1a:c6:27:12:bd:72:23:
f9:ca:a3:20:2f:cc:44:ba:f5:f8:bf:f4:bb:49:f3:
80:80:93:8f:6c:e1:17:46:c9:bc:0c:f7:e8:71:b2:
36:1f:0c:a9:c8:06:56:aa:ad:65:6d:27:8a:58:ca:
ef:2c:cf:61:d0:66:bc:0c:40:5f:c3:39:89:4b:5b:
0d:8b:9e:fc:85:ea:51:d5:5d:45:6b:33:d9:95:0b:
b2:24:72:ac:1a:3f:59:68:79:22:60:a3:7c:2f:01:
1a:d3:36:0a:9b:33:4d:39:d2:26:72:e7:0e:38:dd:
dc:a8:43:df:4b:55:87:d4:a2:9a:65:28:8f:bb:04:
7a:26:af:39:3d:5c:69:5b:8a:21:98:c3:b8:93:2d:
41:a2:a9:5a:a5:43:87:d8:55:39:8a:61:ec:21:d8:
6f:9e:96:19:3d:f6:8e:11:ec:ce:30:bb:90:3f:83:
5f:70:24:3b:28:18:b6:f0:bd:9c:64:aa:cf:8b:43:
ec:0e:6f:1c:b1:f5:a5:78:c4:3a:2a:ff:a6:34:b5:
41:af:34:64:e4:6e:7a:5d:a0:96:86:2e:76:18:4c:
06:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:F2:6E:74:A8:97:AE:B4:CA:E8:BE:13:1A:7A:7F:C1:A1:17:6C:1C
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/RPJudKiXrrTK6L4TGnp_waEXbBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.170.170.0/23
95.46.7.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:26:6f:71:bb:77:45:74:94:f0:0d:6a:cb:6a:2c:cc:e2:5c:
67:73:7a:27:02:14:ca:97:4a:dc:0e:71:06:5a:fd:b6:18:2e:
98:0c:c0:88:24:40:82:62:81:90:fb:4b:e0:ab:a6:e5:a0:cf:
ad:09:e2:25:65:50:c2:ed:bb:24:fb:87:7b:86:f9:60:d0:e5:
dd:39:99:90:b1:b1:ae:6a:16:56:08:7d:fe:19:d1:84:c5:86:
42:ed:96:15:70:66:ef:3f:a3:cf:b3:45:1e:a7:7f:a1:ae:35:
9c:1e:ae:e9:0a:7c:53:1b:17:a2:33:ba:1d:a7:df:a0:82:e2:
b0:69:63:1b:15:2f:94:1a:af:3e:5b:e8:1a:41:58:1c:38:c6:
ba:81:79:b7:75:08:3b:78:47:be:5a:cf:d3:e6:f2:c0:4b:d4:
4b:b0:ba:07:10:25:a0:98:68:e6:31:a9:bb:74:93:c1:29:9c:
ba:1c:63:97:2b:a0:eb:6e:77:f7:60:ae:81:41:cc:fc:6a:4f:
c6:37:ab:a2:06:eb:87:aa:33:0b:fa:83:67:98:02:20:a5:b5:
22:5c:5c:30:97:6a:c8:d2:c4:bc:3c:55:67:ca:f5:09:f2:18:
47:22:73:07:3d:68:1f:04:e4:10:ff:3f:aa:ba:fa:e8:ae:7c:
da:65:6f:d7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwlR4YSatE3dR7q2Pqq+wuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGYyNmU3NGE4OTdhZWI0Y2FlOGJlMTMxYTdhN2ZjMWExMTc2YzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtCrZVY39+c1FTuNRtKp3uoa3XCA
6RIRe0XJGQ3imh4NhLAb2hrGJxK9ciP5yqMgL8xEuvX4v/S7SfOAgJOPbOEXRsm8
DPfocbI2HwypyAZWqq1lbSeKWMrvLM9h0Ga8DEBfwzmJS1sNi578hepR1V1FazPZ
lQuyJHKsGj9ZaHkiYKN8LwEa0zYKmzNNOdImcucOON3cqEPfS1WH1KKaZSiPuwR6
Jq85PVxpW4ohmMO4ky1BoqlapUOH2FU5imHsIdhvnpYZPfaOEezOMLuQP4NfcCQ7
KBi28L2cZKrPi0PsDm8csfWleMQ6Kv+mNLVBrzRk5G56XaCWhi52GEwGpwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFETybnSol660yui+Exp6f8GhF2wcMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvUlBKdWRLaVhyclRLNkw0VEducF93YUVYYkJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBXaqqAwQA
Xy4HMA0GCSqGSIb3DQEBCwUAA4IBAQB7Jm9xu3dFdJTwDWrLaizM4lxnc3onAhTK
l0rcDnEGWv22GC6YDMCIJECCYoGQ+0vgq6bloM+tCeIlZVDC7bsk+4d7hvlg0OXd
OZmQsbGuahZWCH3+GdGExYZC7ZYVcGbvP6PPs0Uep3+hrjWcHq7pCnxTGxeiM7od
p9+gguKwaWMbFS+UGq8+W+gaQVgcOMa6gXm3dQg7eEe+Ws/T5vLAS9RLsLoHECWg
mGjmMam7dJPBKZy6HGOXK6Drbnf3YK6BQcz8ak/GN6uiBuuHqjML+oNnmAIgpbUi
XFwwl2rI0sS8PFVnyvUJ8hhHInMHPWgfBOQQ/z+quvrornzaZW/X
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:43:51 2025 by rpki-client