Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/a_Nr2GeQO6vVME4xIoUS4KTg2TQ.roa
File: a_Nr2GeQO6vVME4xIoUS4KTg2TQ.roa (raw, json)
Hash identifier: VdYU/1TQF1Naz8Ic/8nvMjdybA3dk8eXd7meEho1RsE=
Subject key identifier: 6B:F3:6B:D8:67:90:3B:AB:D5:30:4E:31:22:85:12:E0:A4:E0:D9:34
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 27948E78
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/a_Nr2GeQO6vVME4xIoUS4KTg2TQ.roa
Signing time: Sat 01 Jan 2022 16:08:21 +0000
ROA not before: Sat 01 Jan 2022 16:08:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44429
IP address blocks: 93.171.140.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 664047224 (0x27948e78)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 1 16:08:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6bf36bd867903babd5304e31228512e0a4e0d934
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:36:5d:38:81:79:25:70:10:82:d4:27:5c:e9:
bb:d2:61:e0:f6:f2:ec:10:84:be:40:3d:d9:d5:3d:
ba:0e:16:6f:0a:73:d0:e9:1a:66:66:b1:bb:28:c8:
32:63:e5:4a:8f:f5:09:5c:25:d3:81:d4:00:90:0b:
80:bc:43:1f:ed:fa:3a:c0:97:65:02:0d:ee:d3:9e:
59:59:0a:b0:df:77:19:ba:5a:dc:9a:9f:bf:28:53:
98:ea:6e:31:46:d5:5b:42:64:eb:87:83:c7:ce:fb:
93:3f:02:52:31:55:e5:cd:c4:04:d6:9b:38:5e:bb:
9e:d7:34:4c:81:7f:66:74:d9:f6:51:b5:5e:5d:0b:
7d:96:3d:40:99:a9:24:40:02:cf:b2:01:84:54:eb:
6a:9f:18:88:64:e3:44:18:dc:04:07:56:17:2d:5f:
46:69:6a:a7:62:c1:0e:78:8b:80:db:1c:2b:28:46:
43:d3:96:c4:e8:ea:68:fa:03:64:7f:80:4a:9d:87:
ce:65:42:11:16:ed:4b:98:91:cf:f1:a7:01:46:8b:
c8:89:14:db:d5:c9:cf:07:b4:a7:61:8a:0e:b0:41:
af:d5:da:cc:dc:29:4f:31:20:ff:7e:94:6a:1e:8c:
91:ed:a5:f5:1a:b4:a7:dc:6b:e8:1f:ae:dd:4f:bf:
c5:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:F3:6B:D8:67:90:3B:AB:D5:30:4E:31:22:85:12:E0:A4:E0:D9:34
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/a_Nr2GeQO6vVME4xIoUS4KTg2TQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.171.140.0/23
Signature Algorithm: sha256WithRSAEncryption
31:c1:be:f4:d7:13:69:87:e7:21:8c:7f:a4:c1:e0:6b:ee:73:
8d:55:8d:93:76:87:29:6a:d6:1f:2b:d2:0e:a9:fa:48:b7:9f:
b7:c7:a3:0d:b0:47:b0:5c:69:a0:e6:db:16:ce:5d:45:78:37:
e3:8c:64:c7:32:fd:bc:82:6d:44:f3:cf:3a:b9:ba:f5:c7:22:
93:9c:5e:0b:11:7f:ce:6e:04:14:72:5f:a8:83:0f:5e:8a:74:
9a:66:bb:1d:89:6f:03:c3:5b:a5:8b:83:3b:21:8c:a6:0a:52:
82:4e:24:2c:24:bc:e4:dc:36:ba:4e:dc:b5:00:ff:b7:78:36:
95:66:62:cb:2f:2f:e4:fa:2a:ad:13:52:67:0b:f6:02:08:25:
e7:35:98:79:ce:df:dd:38:74:e2:fc:f8:e0:04:37:a2:33:08:
09:19:b6:ea:81:dc:c2:75:4c:51:bf:1d:6d:ed:ac:f2:95:52:
3f:1f:9b:b2:79:ba:e0:5b:9c:eb:51:94:f7:45:12:3c:09:51:
ec:c3:42:ff:16:fd:51:da:74:fb:50:ba:b7:bf:a1:e6:e2:c2:
f5:ba:b3:5d:4d:7f:25:9d:6f:5f:54:e8:ec:be:2d:9e:1e:7c:
9c:ee:b4:c7:b5:42:37:84:76:dc:63:74:e7:c8:cf:db:3c:37:
f1:1b:08:09
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEJ5SOeDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDkxMjJjMzU0MzhhNGViMjYyMzNmZGM2ZTRiYjFkZjJkYWFlZjQyMB4XDTIyMDEw
MTE2MDgyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmJmMzZiZDg2Nzkw
M2JhYmQ1MzA0ZTMxMjI4NTEyZTBhNGUwZDkzNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIQ2XTiBeSVwEILUJ1zpu9Jh4Pby7BCEvkA92dU9ug4Wbwpz
0OkaZmaxuyjIMmPlSo/1CVwl04HUAJALgLxDH+36OsCXZQIN7tOeWVkKsN93Gbpa
3JqfvyhTmOpuMUbVW0Jk64eDx877kz8CUjFV5c3EBNabOF67ntc0TIF/ZnTZ9lG1
Xl0LfZY9QJmpJEACz7IBhFTrap8YiGTjRBjcBAdWFy1fRmlqp2LBDniLgNscKyhG
Q9OWxOjqaPoDZH+ASp2HzmVCERbtS5iRz/GnAUaLyIkU29XJzwe0p2GKDrBBr9Xa
zNwpTzEg/36Uah6Mke2l9Rq0p9xr6B+u3U+/xTkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRr82vYZ5A7q9UwTjEihRLgpODZNDAfBgNVHSMEGDAWgBR0kSLDVDik6yYj
P9xuS7HfLarvQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8x
L2FfTnIyR2VRTzZ2Vk1FNHhJb1VTNEtUZzJUUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
MThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8xL2RKRWl3MVE0cE9z
bUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAV2rjDANBgkqhkiG9w0BAQsFAAOC
AQEAMcG+9NcTaYfnIYx/pMHga+5zjVWNk3aHKWrWHyvSDqn6SLeft8ejDbBHsFxp
oObbFs5dRXg344xkxzL9vIJtRPPPOrm69ccik5xeCxF/zm4EFHJfqIMPXop0mma7
HYlvA8NbpYuDOyGMpgpSgk4kLCS85Nw2uk7ctQD/t3g2lWZiyy8v5PoqrRNSZwv2
Aggl5zWYec7f3Th04vz44AQ3ojMICRm26oHcwnVMUb8dbe2s8pVSPx+bsnm64Fuc
61GU90USPAlR7MNC/xb9Udp0+1C6t7+h5uLC9bqzXU1/JZ1vX1To7L4tnh58nO60
x7VCN4R23GN058jP2zw38RsICQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:34:27 2025 by rpki-client