Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/d0KvLnKPvBlTn_lWZ__k_n1dzqk.roa
File: d0KvLnKPvBlTn_lWZ__k_n1dzqk.roa (raw, json)
Hash identifier: OIHCUVksL6Hb5Y1q9Ll7LiqFn8f6klv1GGjiG96AjCQ=
Subject key identifier: 77:42:AF:2E:72:8F:BC:19:53:9F:F9:56:67:FF:E4:FE:7D:5D:CE:A9
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018570954F25CBDED5F046FB6FD77F79B0E3
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/d0KvLnKPvBlTn_lWZ__k_n1dzqk.roa
Signing time: Mon 02 Jan 2023 03:45:11 +0000
ROA not before: Mon 02 Jan 2023 03:45:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50927
IP address blocks: 95.46.160.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:4f:25:cb:de:d5:f0:46:fb:6f:d7:7f:79:b0:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7742af2e728fbc19539ff95667ffe4fe7d5dcea9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:08:b5:b7:73:6f:87:12:2b:40:e6:56:76:69:
cc:cf:bd:7a:fd:16:a8:d4:8e:44:10:bc:87:e6:99:
91:a9:41:1b:0c:4f:14:d0:2a:ee:fd:e0:36:cc:eb:
6f:4c:b0:a1:55:29:39:fb:49:c2:29:bb:2a:31:84:
20:3a:24:34:30:a0:47:f8:da:38:13:56:7f:cd:2f:
ef:12:e8:78:b2:4a:04:d2:7f:d0:11:1a:4c:db:97:
48:a0:dd:0b:28:73:58:0b:d4:68:0e:75:85:86:81:
3b:79:28:ec:66:1c:74:5e:47:88:d9:21:b7:89:72:
7e:6a:56:13:4b:2c:f1:97:70:5f:28:65:a2:ba:64:
21:fb:53:45:72:26:0e:cc:4c:b5:38:b0:47:4b:31:
dc:e4:1a:35:06:0f:de:77:26:22:75:80:16:47:77:
b1:6b:be:f4:a4:c8:cf:ac:34:6c:cf:59:1d:0a:6f:
a5:bf:67:9a:05:46:33:7d:37:7d:5e:33:cf:f8:e3:
48:08:06:41:6a:99:69:52:40:2f:10:d0:59:21:52:
f9:9c:a4:8d:18:3b:45:b6:24:bf:c7:2a:70:53:97:
a7:c4:a6:ad:c5:6f:4c:05:ec:fc:5f:8a:6b:b4:ba:
5a:3c:e3:3a:86:63:31:ff:23:41:97:cd:af:cf:de:
24:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:42:AF:2E:72:8F:BC:19:53:9F:F9:56:67:FF:E4:FE:7D:5D:CE:A9
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/d0KvLnKPvBlTn_lWZ__k_n1dzqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.46.160.0/22
Signature Algorithm: sha256WithRSAEncryption
45:82:5e:47:05:95:75:be:cd:54:ef:ee:15:17:3e:2a:26:c2:
89:c2:65:03:f2:e1:ea:73:ec:c2:0c:ca:e6:81:29:33:23:8c:
30:7d:ee:b5:c7:c5:ab:40:ae:43:e9:ae:f0:ee:ee:51:06:4b:
f7:92:5a:43:87:a0:8e:b5:ee:1d:6a:37:d8:35:9a:50:3a:77:
6e:10:49:6d:0b:3d:2e:f6:6e:ab:41:83:33:bb:02:7b:23:e5:
d9:1b:14:7e:38:51:74:f0:a9:78:5a:5c:61:33:28:a7:a5:59:
2c:41:d0:32:ff:3f:a3:1f:c8:48:6f:cf:d6:2f:14:f9:6c:ad:
af:9e:6d:f0:83:0b:08:21:ee:d3:54:29:40:55:9a:bb:23:14:
c1:c4:5b:d7:b7:f8:2a:6e:41:d4:fd:26:d3:f8:d3:db:96:10:
39:1d:cd:6b:6b:cd:be:fb:c3:9a:23:c0:38:a4:fd:79:4a:7b:
60:9d:41:c3:ee:e1:33:1b:58:b9:f6:11:4c:52:d2:c7:b5:2f:
dd:27:bc:59:0f:3b:19:89:a2:37:44:7c:38:39:13:3e:90:8d:
73:d5:23:d6:12:20:31:a5:3c:df:c3:3c:91:7b:ac:39:e8:09:
97:70:33:13:68:23:c3:53:80:52:33:35:fd:b5:95:32:7b:81:
1a:26:20:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlU8ly97V8Eb7b9d/ebDjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzQyYWYyZTcyOGZiYzE5NTM5ZmY5NTY2N2ZmZTRmZTdkNWRjZWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQi1t3NvhxIrQOZWdmnMz716/Rao
1I5EELyH5pmRqUEbDE8U0Cru/eA2zOtvTLChVSk5+0nCKbsqMYQgOiQ0MKBH+No4
E1Z/zS/vEuh4skoE0n/QERpM25dIoN0LKHNYC9RoDnWFhoE7eSjsZhx0XkeI2SG3
iXJ+alYTSyzxl3BfKGWiumQh+1NFciYOzEy1OLBHSzHc5Bo1Bg/edyYidYAWR3ex
a770pMjPrDRsz1kdCm+lv2eaBUYzfTd9XjPP+ONICAZBaplpUkAvENBZIVL5nKSN
GDtFtiS/xypwU5enxKatxW9MBez8X4prtLpaPOM6hmMx/yNBl82vz94kdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHdCry5yj7wZU5/5Vmf/5P59Xc6pMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvZDBLdkxuS1B2QmxUbl9sV1pfX2tfbjFkenFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXy6gMA0G
CSqGSIb3DQEBCwUAA4IBAQBFgl5HBZV1vs1U7+4VFz4qJsKJwmUD8uHqc+zCDMrm
gSkzI4wwfe61x8WrQK5D6a7w7u5RBkv3klpDh6COte4dajfYNZpQOnduEEltCz0u
9m6rQYMzuwJ7I+XZGxR+OFF08Kl4WlxhMyinpVksQdAy/z+jH8hIb8/WLxT5bK2v
nm3wgwsIIe7TVClAVZq7IxTBxFvXt/gqbkHU/SbT+NPblhA5Hc1ra82++8OaI8A4
pP15SntgnUHD7uEzG1i59hFMUtLHtS/dJ7xZDzsZiaI3RHw4ORM+kI1z1SPWEiAx
pTzfwzyRe6w56AmXcDMTaCPDU4BSMzX9tZUye4EaJiDY
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:34:28 2025 by rpki-client