Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Z5BhdIfgsMfEdoUm3yyYW7bq3F4.roa
File: Z5BhdIfgsMfEdoUm3yyYW7bq3F4.roa (raw, json)
Hash identifier: bHnLbWfzEvjXRPF/+l1sMpiLynElZcdPLfGuAa/C6s4=
Subject key identifier: 67:90:61:74:87:E0:B0:C7:C4:76:85:26:DF:2C:98:5B:B6:EA:DC:5E
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018570956119F3ED4CEA6AAE8ACEAB86C075
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Z5BhdIfgsMfEdoUm3yyYW7bq3F4.roa
Signing time: Mon 02 Jan 2023 03:45:15 +0000
ROA not before: Mon 02 Jan 2023 03:45:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58254
IP address blocks: 95.47.153.0/24 maxlen: 24
146.120.16.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:61:19:f3:ed:4c:ea:6a:ae:8a:ce:ab:86:c0:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6790617487e0b0c7c4768526df2c985bb6eadc5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:f0:9c:a5:dc:94:44:16:f4:f2:22:dc:e6:56:
f2:08:96:9e:a0:13:2a:6a:ba:19:b8:a7:27:e0:3b:
86:70:4a:d0:64:9e:72:c4:da:19:7d:98:11:4e:3e:
bb:86:91:9d:a4:72:37:19:bc:10:91:b4:94:c7:db:
d1:b6:7a:e0:88:f6:06:8b:77:43:59:45:ff:bb:4c:
af:60:44:c0:d7:42:fd:bd:56:c1:2a:33:a9:44:ba:
e6:52:72:29:87:18:8d:f6:16:26:87:ad:df:77:6e:
6b:33:1e:1a:73:13:3d:ba:40:18:e2:ee:d9:8f:a5:
5e:60:91:52:3c:09:57:2f:82:a9:c4:17:1f:62:e8:
8a:56:00:5a:35:d3:c9:59:4f:50:91:60:e7:04:1e:
bf:a3:45:5a:d3:27:7f:3c:fe:c5:e1:0a:17:93:7a:
31:01:56:7d:24:7a:a8:f7:fe:1f:36:a0:7f:2e:b7:
ae:19:37:74:d2:43:07:69:11:be:29:e7:0f:eb:95:
be:ae:e9:ed:ef:c8:27:3b:cd:d4:15:fd:d0:f6:0d:
d5:30:cc:51:b6:b3:c9:c4:39:db:d7:63:36:82:e3:
97:29:06:e7:7f:47:7c:a6:f2:b3:d5:0c:33:5c:e3:
c4:84:7a:8e:4c:a0:46:3b:8a:95:17:c4:8c:92:30:
d9:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:90:61:74:87:E0:B0:C7:C4:76:85:26:DF:2C:98:5B:B6:EA:DC:5E
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Z5BhdIfgsMfEdoUm3yyYW7bq3F4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.47.153.0/24
146.120.16.0/22
Signature Algorithm: sha256WithRSAEncryption
47:21:5b:9c:35:00:44:0c:5a:b1:f2:c8:b8:23:a3:f4:25:e9:
de:11:05:38:10:54:06:2b:cd:75:88:d3:32:1d:c8:d8:07:0e:
fe:9b:e6:79:42:02:71:b3:52:98:b5:d1:f9:8b:c9:b9:9f:6a:
e9:8f:ca:5c:94:aa:35:7f:ef:87:ed:e2:c3:2b:b7:f6:21:45:
e6:38:a2:bb:16:9b:fa:81:77:52:83:86:04:fe:63:3a:4f:8e:
8c:e0:95:c8:c7:0e:4a:64:d4:f2:a6:70:e8:f1:84:79:b0:8b:
7c:26:93:46:f9:16:a9:1b:f4:31:fd:11:10:ad:4f:07:68:20:
29:44:6a:1a:96:2b:de:ad:0e:50:91:33:e1:0a:2f:f4:65:0b:
8c:f2:e9:92:60:b9:bf:c3:d6:9d:eb:7e:04:35:0d:a3:d3:e2:
5f:d0:5d:be:f9:63:48:fa:dd:30:47:ff:1a:9b:65:f4:98:24:
9b:43:b6:d3:88:64:2b:d3:3b:b0:8f:0f:86:34:2d:87:56:47:
18:2c:3b:ca:a3:d8:72:ce:4b:03:2c:34:3a:99:6c:29:a5:a2:
98:25:7b:a2:cf:18:41:a2:d5:17:1c:62:04:7c:3a:25:1c:96:
ea:36:35:77:3f:a5:93:72:b8:62:3b:44:55:61:c1:b6:8d:73:
ae:07:4e:3f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwlWEZ8+1M6mquis6rhsB1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzkwNjE3NDg3ZTBiMGM3YzQ3Njg1MjZkZjJjOTg1YmI2ZWFkYzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1PCcpdyURBb08iLc5lbyCJaeoBMq
aroZuKcn4DuGcErQZJ5yxNoZfZgRTj67hpGdpHI3GbwQkbSUx9vRtnrgiPYGi3dD
WUX/u0yvYETA10L9vVbBKjOpRLrmUnIphxiN9hYmh63fd25rMx4acxM9ukAY4u7Z
j6VeYJFSPAlXL4KpxBcfYuiKVgBaNdPJWU9QkWDnBB6/o0Va0yd/PP7F4QoXk3ox
AVZ9JHqo9/4fNqB/LreuGTd00kMHaRG+KecP65W+runt78gnO83UFf3Q9g3VMMxR
trPJxDnb12M2guOXKQbnf0d8pvKz1QwzXOPEhHqOTKBGO4qVF8SMkjDZYQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGeQYXSH4LDHxHaFJt8smFu26txeMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvWjVCaGRJZmdzTWZFZG9VbTN5eVlXN2JxM0Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXy+ZAwQC
kngQMA0GCSqGSIb3DQEBCwUAA4IBAQBHIVucNQBEDFqx8si4I6P0JeneEQU4EFQG
K811iNMyHcjYBw7+m+Z5QgJxs1KYtdH5i8m5n2rpj8pclKo1f++H7eLDK7f2IUXm
OKK7Fpv6gXdSg4YE/mM6T46M4JXIxw5KZNTypnDo8YR5sIt8JpNG+RapG/Qx/REQ
rU8HaCApRGoaliverQ5QkTPhCi/0ZQuM8umSYLm/w9ad634ENQ2j0+Jf0F2++WNI
+t0wR/8am2X0mCSbQ7bTiGQr0zuwjw+GNC2HVkcYLDvKo9hyzksDLDQ6mWwppaKY
JXuizxhBotUXHGIEfDolHJbqNjV3P6WTcrhiO0RVYcG2jXOuB04/
-----END CERTIFICATE-----
Generated at Sat Apr 12 17:04:18 2025 by rpki-client