Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/UgEqcT5lG0YrUtr-141ZODxH1yE.roa
File: UgEqcT5lG0YrUtr-141ZODxH1yE.roa (raw, json)
Hash identifier: a252o/FpKeugMIdEdLD2u9bnGKxkxPCXVDuubTDvAmM=
Subject key identifier: 52:01:2A:71:3E:65:1B:46:2B:52:DA:FE:D7:8D:59:38:3C:47:D7:21
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01867F91AB234519DF7AF8CF3B27A3069C41
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/UgEqcT5lG0YrUtr-141ZODxH1yE.roa
Signing time: Thu 23 Feb 2023 18:38:18 +0000
ROA not before: Thu 23 Feb 2023 18:38:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40983
IP address blocks: 93.170.216.0/24 maxlen: 24
93.171.231.0/24 maxlen: 24
93.171.245.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7f:91:ab:23:45:19:df:7a:f8:cf:3b:27:a3:06:9c:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Feb 23 18:38:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52012a713e651b462b52dafed78d59383c47d721
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c2:b8:46:ae:0e:92:9c:38:d3:70:61:aa:7d:
b0:27:9f:12:bd:b3:96:00:5c:a1:24:59:27:bc:14:
11:4a:67:f0:fc:9d:17:1e:60:2e:82:e7:71:1e:21:
77:5e:fe:0e:6b:e5:79:a6:79:21:ab:e9:ac:74:fb:
96:4b:d7:5c:63:7f:5b:27:ec:56:8d:21:ec:3d:64:
35:61:13:a1:d4:55:e7:38:f8:91:2d:4a:ff:c6:f2:
a0:ab:bb:fa:31:03:40:6c:49:8f:78:6d:25:25:0d:
f3:85:73:6c:3d:20:e1:d0:93:fe:9a:e1:b8:18:98:
e2:41:33:ba:c5:68:47:26:59:6e:d1:1f:63:09:c1:
81:bd:73:ea:f8:0c:05:d4:39:7e:bc:d1:13:f9:36:
d3:bb:86:73:00:97:b5:99:be:7e:3a:6e:16:72:62:
dd:5f:c8:f5:3c:b2:21:1e:4f:55:fb:19:ae:39:be:
d6:45:c1:fc:21:6b:6c:ed:92:67:aa:47:25:68:02:
f9:ae:eb:c1:8c:95:2a:ca:e9:07:a5:08:d9:fb:83:
e7:18:9a:25:ed:ff:37:11:6d:b2:bf:fb:e7:53:56:
dd:ab:3e:17:59:52:01:46:7d:b7:4c:74:05:93:fd:
34:6b:90:83:df:3e:d2:89:7c:d6:6f:fa:b8:85:e4:
48:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:01:2A:71:3E:65:1B:46:2B:52:DA:FE:D7:8D:59:38:3C:47:D7:21
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/UgEqcT5lG0YrUtr-141ZODxH1yE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.170.216.0/24
93.171.231.0/24
93.171.245.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:32:ee:17:9c:f0:26:d8:56:26:4f:a8:e3:4b:3e:6c:f3:c4:
f8:f2:04:f6:14:28:38:dc:c4:fc:f7:97:bd:4a:fa:25:51:cf:
dd:4e:5a:3b:f1:f8:6f:3a:8b:1c:20:10:12:ef:cc:13:21:53:
0a:7e:9b:72:04:e0:c8:b6:7b:3d:e4:6e:a5:fd:12:b8:1b:51:
0d:54:f9:c9:76:1e:be:3e:7c:e9:7a:a7:e7:be:c4:29:17:8f:
f5:55:e7:f9:1f:9a:52:fa:f4:68:b1:a4:74:f6:17:e8:77:d0:
8b:80:ec:f7:de:a9:42:cf:30:21:af:64:6b:cd:3d:31:a3:7e:
c2:72:34:24:d4:3f:51:d1:bc:9e:88:81:ba:31:23:63:78:9f:
28:7a:8a:cd:dd:02:4a:28:bd:5c:26:ab:50:db:5f:61:af:10:
58:96:c0:c1:a7:0a:90:55:56:8b:df:ef:7d:aa:f2:a0:14:c1:
3b:fc:04:03:22:82:5f:92:42:29:16:f2:8a:6a:48:e5:aa:c5:
5b:43:82:23:41:eb:fd:2b:cd:04:10:2f:e4:90:88:33:b4:b5:
af:d3:2d:c0:1c:15:e0:2c:1b:05:5f:c9:56:95:f4:9c:77:ed:
93:ac:81:69:53:26:14:cd:c3:30:13:59:e3:fb:6b:a6:c0:86:
9b:b0:c7:54
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYZ/kasjRRnfevjPOyejBpxBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMjIzMTgzODE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjAxMmE3MTNlNjUxYjQ2MmI1MmRhZmVkNzhkNTkzODNjNDdkNzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocK4Rq4Okpw403Bhqn2wJ58SvbOW
AFyhJFknvBQRSmfw/J0XHmAugudxHiF3Xv4Oa+V5pnkhq+msdPuWS9dcY39bJ+xW
jSHsPWQ1YROh1FXnOPiRLUr/xvKgq7v6MQNAbEmPeG0lJQ3zhXNsPSDh0JP+muG4
GJjiQTO6xWhHJllu0R9jCcGBvXPq+AwF1Dl+vNET+TbTu4ZzAJe1mb5+Om4WcmLd
X8j1PLIhHk9V+xmuOb7WRcH8IWts7ZJnqkclaAL5ruvBjJUqyukHpQjZ+4PnGJol
7f83EW2yv/vnU1bdqz4XWVIBRn23THQFk/00a5CD3z7SiXzWb/q4heRIKQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFIBKnE+ZRtGK1La/teNWTg8R9chMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvVWdFcWNUNWxHMFlyVXRyLTE0MVpPRHhIMXlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXarYAwQA
XavnAwQAXav1MA0GCSqGSIb3DQEBCwUAA4IBAQA/Mu4XnPAm2FYmT6jjSz5s88T4
8gT2FCg43MT895e9SvolUc/dTlo78fhvOoscIBAS78wTIVMKfptyBODItns95G6l
/RK4G1ENVPnJdh6+PnzpeqfnvsQpF4/1Vef5H5pS+vRosaR09hfod9CLgOz33qlC
zzAhr2RrzT0xo37CcjQk1D9R0byeiIG6MSNjeJ8oeorN3QJKKL1cJqtQ219hrxBY
lsDBpwqQVVaL3+99qvKgFME7/AQDIoJfkkIpFvKKakjlqsVbQ4IjQev9K80EEC/k
kIgztLWv0y3AHBXgLBsFX8lWlfScd+2TrIFpUyYUzcMwE1nj+2umwIabsMdU
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:27:25 2025 by rpki-client