Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/c3ECYi9XcCW-_refX4nXXP0qU2A.roa
File: c3ECYi9XcCW-_refX4nXXP0qU2A.roa (raw, json)
Hash identifier: QSEmjlDHb+jrxnR21tx2H4stnJOU9+e4l7l5VY3OgXs=
Subject key identifier: 73:71:02:62:2F:57:70:25:BE:FE:B7:9F:5F:89:D7:5C:FD:2A:53:60
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01857095BD058A91B7EC8D2B9D2D13056111
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/c3ECYi9XcCW-_refX4nXXP0qU2A.roa
Signing time: Mon 02 Jan 2023 03:45:39 +0000
ROA not before: Mon 02 Jan 2023 03:45:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212205
IP address blocks: 93.171.155.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:bd:05:8a:91:b7:ec:8d:2b:9d:2d:13:05:61:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=737102622f577025befeb79f5f89d75cfd2a5360
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:b2:b5:6c:48:7e:15:7e:78:06:d8:76:ba:25:
cb:dd:f0:71:c2:bc:07:0a:e8:2c:ca:b5:6f:03:2f:
ac:94:75:18:36:ae:2c:3b:1f:cf:59:42:a4:33:9f:
5e:e2:65:3e:38:3b:7b:37:60:ce:98:91:92:43:50:
b6:e1:b1:b8:57:93:62:5d:b5:56:48:93:b3:d0:22:
8e:11:25:29:33:25:5c:76:8c:78:48:05:46:cd:be:
0b:fc:a4:9d:0c:de:8c:50:bb:1c:b3:52:1c:80:18:
d4:fb:16:53:58:e7:49:26:3a:6f:fe:03:d5:3c:84:
33:9d:8b:77:7e:b2:b4:a4:27:4b:35:54:03:ea:56:
6f:7d:6c:9f:f0:01:d0:25:46:29:b9:82:7d:e0:13:
b5:a0:ce:f6:64:46:ee:51:cb:6d:b5:69:a5:4f:59:
b5:94:e5:2f:79:64:b3:d7:86:59:0e:74:2b:96:da:
30:b5:00:75:aa:b6:c6:1d:32:8c:2e:17:6b:e4:07:
9c:59:2d:25:10:ce:95:b4:3c:2c:eb:2e:24:84:68:
51:00:68:33:dc:7f:13:02:36:68:e4:ce:a0:79:67:
26:6a:10:5c:73:fe:3e:68:0b:06:dc:f3:c4:eb:c2:
4e:46:46:da:07:18:5e:12:d9:c2:41:db:ae:9f:c2:
81:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:71:02:62:2F:57:70:25:BE:FE:B7:9F:5F:89:D7:5C:FD:2A:53:60
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/c3ECYi9XcCW-_refX4nXXP0qU2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.171.155.0/24
Signature Algorithm: sha256WithRSAEncryption
12:bc:cd:e5:c7:87:6a:dd:db:bf:e8:2f:6e:58:27:85:0e:f9:
8e:53:b6:b7:e4:e1:11:84:fa:26:de:81:f0:2c:79:60:96:ef:
89:44:bd:8c:0c:8d:dc:21:a4:5f:13:69:b4:c4:b0:bd:51:31:
b6:99:33:2e:a5:1b:86:fc:8a:5d:2f:2c:4a:4e:33:30:d6:10:
e3:a9:01:c7:e7:37:48:ff:0c:95:25:4a:1f:8a:dd:00:cb:b9:
50:41:ec:f8:48:17:00:3f:38:e0:92:f2:e4:b5:ad:77:98:3d:
21:2a:ea:88:9a:a5:ce:78:15:4c:44:f9:70:83:a6:22:7c:51:
01:52:f4:26:d2:5a:ca:d0:2d:e2:0c:be:59:d8:9d:a4:b5:78:
2f:c5:98:dc:9f:b2:ed:60:bd:38:6e:fc:a9:47:49:96:2f:aa:
0d:07:82:2b:1c:9e:b4:ca:79:d1:0c:f8:17:a8:c9:a0:92:14:
f2:17:33:13:ef:d9:59:09:e3:59:b0:f6:b1:e7:c1:5c:d2:91:
5d:6b:7f:b9:e9:1e:c1:46:1a:75:05:77:c9:0b:56:61:b4:20:
91:2e:57:27:7b:c0:7f:40:79:60:a4:1a:92:d0:02:45:8e:b0:
d8:22:fa:a8:a9:07:cf:9d:00:ee:91:58:f7:e1:99:bc:01:1c:
36:69:f5:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlb0FipG37I0rnS0TBWERMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzcxMDI2MjJmNTc3MDI1YmVmZWI3OWY1Zjg5ZDc1Y2ZkMmE1MzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbK1bEh+FX54Bth2uiXL3fBxwrwH
CugsyrVvAy+slHUYNq4sOx/PWUKkM59e4mU+ODt7N2DOmJGSQ1C24bG4V5NiXbVW
SJOz0CKOESUpMyVcdox4SAVGzb4L/KSdDN6MULscs1IcgBjU+xZTWOdJJjpv/gPV
PIQznYt3frK0pCdLNVQD6lZvfWyf8AHQJUYpuYJ94BO1oM72ZEbuUctttWmlT1m1
lOUveWSz14ZZDnQrltowtQB1qrbGHTKMLhdr5AecWS0lEM6VtDws6y4khGhRAGgz
3H8TAjZo5M6geWcmahBcc/4+aAsG3PPE68JORkbaBxheEtnCQduun8KBqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHNxAmIvV3Alvv63n1+J11z9KlNgMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvYzNFQ1lpOVhjQ1ctX3JlZlg0blhYUDBxVTJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXaubMA0G
CSqGSIb3DQEBCwUAA4IBAQASvM3lx4dq3du/6C9uWCeFDvmOU7a35OERhPom3oHw
LHlglu+JRL2MDI3cIaRfE2m0xLC9UTG2mTMupRuG/IpdLyxKTjMw1hDjqQHH5zdI
/wyVJUofit0Ay7lQQez4SBcAPzjgkvLkta13mD0hKuqImqXOeBVMRPlwg6YifFEB
UvQm0lrK0C3iDL5Z2J2ktXgvxZjcn7LtYL04bvypR0mWL6oNB4IrHJ60ynnRDPgX
qMmgkhTyFzMT79lZCeNZsPax58Fc0pFda3+56R7BRhp1BXfJC1ZhtCCRLlcne8B/
QHlgpBqS0AJFjrDYIvqoqQfPnQDukVj34Zm8ARw2afWS
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:44:12 2025 by rpki-client