Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/aTSTJvOv2qufLrrUquO7TkAdzmU.roa
File: aTSTJvOv2qufLrrUquO7TkAdzmU.roa (raw, json)
Hash identifier: /geSsE/fl1bvynEiXYDhP3qX+vhR59YceiTRzMPJgds=
Subject key identifier: 69:34:93:26:F3:AF:DA:AB:9F:2E:BA:D4:AA:E3:BB:4E:40:1D:CE:65
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01857095740FB2E66B450EE883E72A47E961
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/aTSTJvOv2qufLrrUquO7TkAdzmU.roa
Signing time: Mon 02 Jan 2023 03:45:20 +0000
ROA not before: Mon 02 Jan 2023 03:45:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61249
IP address blocks: 93.171.204.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:74:0f:b2:e6:6b:45:0e:e8:83:e7:2a:47:e9:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69349326f3afdaab9f2ebad4aae3bb4e401dce65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ef:f0:b1:ce:19:9e:10:22:9b:c0:1c:81:9d:
68:5d:1c:f6:fe:c5:3b:0b:7f:c9:ba:48:11:a7:2b:
62:8b:88:a1:31:b6:13:27:37:81:e6:62:2b:48:d4:
99:83:17:66:88:ed:14:1e:e2:06:39:e5:fd:71:24:
3f:64:f0:43:2e:7b:71:d9:a3:c1:59:3b:97:34:05:
fc:6c:ac:61:74:fc:a4:ce:f2:71:2d:d4:ac:a2:49:
5a:90:43:f4:ba:6a:22:8b:3b:73:51:cd:69:a3:60:
c7:f4:92:c8:35:2d:58:84:3d:64:74:43:d2:8c:68:
44:4b:08:db:31:ee:a0:ad:65:bc:26:a8:55:50:fc:
79:44:13:44:31:a3:6f:d3:70:1d:eb:88:95:75:21:
33:b5:53:48:5a:0e:13:4a:57:ec:a3:d6:c2:ca:4d:
40:cc:c5:75:e0:da:a0:aa:a4:de:d6:8b:67:83:6c:
03:e3:3d:a5:77:8f:af:db:99:a3:de:da:f6:0c:48:
1f:77:18:22:e0:7e:f5:02:85:31:b7:91:26:38:6e:
f3:f6:ea:1d:1a:9c:9a:1b:a1:0c:12:e5:aa:65:36:
b5:4f:a8:f3:10:af:29:b4:1f:60:22:23:d6:da:ba:
6b:3d:99:2a:df:d8:ff:9b:40:bd:62:e6:eb:a2:ee:
58:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:34:93:26:F3:AF:DA:AB:9F:2E:BA:D4:AA:E3:BB:4E:40:1D:CE:65
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/aTSTJvOv2qufLrrUquO7TkAdzmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.171.204.0/24
Signature Algorithm: sha256WithRSAEncryption
96:5e:20:0b:43:18:53:0f:55:41:1d:9b:02:39:a9:ea:01:9e:
a8:bc:e2:96:0d:d1:6f:7a:7a:4f:12:b6:50:ab:06:92:00:62:
5e:5b:d7:6b:6d:9a:66:ca:d1:a2:58:e8:b7:ff:9b:db:ef:f0:
7b:bd:9d:59:4f:0c:30:34:b2:28:b0:e3:57:77:67:6a:57:e8:
af:86:9c:e9:12:2c:80:9f:46:de:ee:4c:ae:ce:cf:95:91:a2:
d4:b0:94:36:cb:b9:a6:e4:f3:ab:bb:77:bf:62:18:18:26:4a:
18:4a:80:b0:ef:66:ad:81:2f:0a:8c:40:39:b6:12:0d:9a:44:
00:25:ff:78:ac:96:bd:1e:3b:02:a7:b2:10:ab:80:82:c4:86:
c7:cb:92:0e:bf:82:56:52:14:75:e8:70:57:1b:0f:59:49:a2:
04:1f:5d:da:23:9e:89:90:92:a9:0c:38:65:b4:4d:e3:9e:84:
14:9b:f8:40:c1:bd:9b:6a:5a:04:e2:99:21:80:65:89:d1:b9:
a9:dc:69:e8:c6:b3:4e:c8:30:12:a9:c4:a7:cf:2d:e6:34:f7:
f2:73:23:10:07:0f:47:68:02:11:0b:5a:df:86:ba:26:3d:6f:
87:29:5c:bb:65:87:26:be:0e:43:af:67:67:70:85:b1:47:0a:
0a:d2:ea:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlXQPsuZrRQ7og+cqR+lhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTM0OTMyNmYzYWZkYWFiOWYyZWJhZDRhYWUzYmI0ZTQwMWRjZTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+/wsc4ZnhAim8AcgZ1oXRz2/sU7
C3/JukgRpytii4ihMbYTJzeB5mIrSNSZgxdmiO0UHuIGOeX9cSQ/ZPBDLntx2aPB
WTuXNAX8bKxhdPykzvJxLdSsoklakEP0umoiiztzUc1po2DH9JLINS1YhD1kdEPS
jGhESwjbMe6grWW8JqhVUPx5RBNEMaNv03Ad64iVdSEztVNIWg4TSlfso9bCyk1A
zMV14NqgqqTe1otng2wD4z2ld4+v25mj3tr2DEgfdxgi4H71AoUxt5EmOG7z9uod
GpyaG6EMEuWqZTa1T6jzEK8ptB9gIiPW2rprPZkq39j/m0C9Yubrou5YGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGk0kybzr9qrny661Krju05AHc5lMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvYVRTVEp2T3YycXVmTHJyVXF1TzdUa0Fkem1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXavMMA0G
CSqGSIb3DQEBCwUAA4IBAQCWXiALQxhTD1VBHZsCOanqAZ6ovOKWDdFvenpPErZQ
qwaSAGJeW9drbZpmytGiWOi3/5vb7/B7vZ1ZTwwwNLIosONXd2dqV+ivhpzpEiyA
n0be7kyuzs+VkaLUsJQ2y7mm5POru3e/YhgYJkoYSoCw72atgS8KjEA5thINmkQA
Jf94rJa9HjsCp7IQq4CCxIbHy5IOv4JWUhR16HBXGw9ZSaIEH13aI56JkJKpDDhl
tE3jnoQUm/hAwb2baloE4pkhgGWJ0bmp3GnoxrNOyDASqcSnzy3mNPfycyMQBw9H
aAIRC1rfhromPW+HKVy7ZYcmvg5Dr2dncIWxRwoK0uoc
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:36:45 2025 by rpki-client