Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/eJTpsfZvQukQhO9jHW9rfsyWYDI.roa
File: eJTpsfZvQukQhO9jHW9rfsyWYDI.roa (raw, json)
Hash identifier: b4dWcz6WfvRW3nar7O3OwaQYo9uP3fuOp8u7EYPaRS0=
Subject key identifier: 78:94:E9:B1:F6:6F:42:E9:10:84:EF:63:1D:6F:6B:7E:CC:96:60:32
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01857C6A5C6636878E0351A0D967C9F79981
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/eJTpsfZvQukQhO9jHW9rfsyWYDI.roa
Signing time: Wed 04 Jan 2023 10:53:43 +0000
ROA not before: Wed 04 Jan 2023 10:53:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49529
IP address blocks: 95.46.146.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:7c:6a:5c:66:36:87:8e:03:51:a0:d9:67:c9:f7:99:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 4 10:53:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7894e9b1f66f42e91084ef631d6f6b7ecc966032
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:7b:f1:72:92:b5:56:0d:2e:fd:cf:9f:94:bb:
45:a6:65:61:00:89:3b:43:52:50:55:bf:d2:d7:72:
d3:11:69:61:f1:49:6c:c4:f5:5d:85:74:29:38:90:
37:e8:3e:35:56:1d:53:90:d6:15:0e:5c:8c:6a:76:
82:0f:4f:52:59:66:7e:52:c7:d3:c0:9b:fc:65:6c:
56:de:3a:f0:92:5d:61:1a:4d:9a:77:96:5a:89:0c:
2f:af:aa:3b:e5:8b:15:be:ff:93:a0:bb:8d:12:e0:
f0:c5:cb:fd:33:26:05:ed:61:4a:18:e1:77:9e:87:
98:0d:68:9b:a3:d9:a1:ed:d3:63:be:ba:f1:e2:de:
76:34:59:07:3f:db:5f:e2:7c:fe:48:ee:9c:c5:08:
51:00:62:8a:dc:11:d5:c7:84:73:39:fd:04:78:01:
6f:26:a6:51:4c:69:ca:3b:8d:22:5d:95:dd:0e:32:
3a:0b:90:3c:96:7e:64:43:28:bf:02:18:91:51:09:
e2:89:84:d5:c3:a7:a2:9d:a8:79:aa:be:f2:5b:38:
7b:87:c9:bd:05:2c:b3:6d:99:ad:b5:31:bc:23:d8:
63:53:d3:48:3b:cf:b4:3d:14:81:54:3e:66:9f:cc:
50:45:90:29:68:88:64:d9:0e:8e:ed:13:4c:b6:15:
ec:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:94:E9:B1:F6:6F:42:E9:10:84:EF:63:1D:6F:6B:7E:CC:96:60:32
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/eJTpsfZvQukQhO9jHW9rfsyWYDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.46.146.0/23
Signature Algorithm: sha256WithRSAEncryption
17:ec:33:60:7e:77:d6:c5:77:bc:60:62:e6:b6:6e:37:d1:51:
17:c4:8c:12:4c:d8:89:a2:e2:f8:a8:55:6e:e6:25:31:1d:6e:
90:c6:e0:f3:58:6d:94:ff:2b:6a:f6:da:65:48:4c:d7:3c:70:
02:ed:6c:08:07:cd:3f:30:59:bd:d8:d3:6d:4e:75:12:72:e9:
3a:ed:b8:2e:26:79:8e:1d:07:c6:4b:a2:0f:84:7a:6f:c5:e6:
e7:ec:be:a6:52:dc:7a:2e:7b:bf:3a:58:0e:cd:2a:b0:94:23:
76:11:61:86:19:c9:f5:88:f0:be:92:af:1b:b0:e4:42:45:92:
d6:3a:64:40:97:18:69:2d:5b:cb:8c:c7:18:9c:09:4d:8d:c6:
4a:93:1b:91:13:13:df:50:bd:4b:28:85:ec:da:43:82:a6:60:
48:15:41:ca:fb:e5:84:9a:2a:96:3d:87:3a:75:65:dc:4b:58:
0a:5c:31:81:98:43:cc:fd:b7:8f:f4:fd:29:db:e1:1f:17:33:
60:bf:ad:7b:df:a2:30:10:06:63:39:17:31:b9:59:db:8e:aa:
98:4b:de:76:da:0f:80:65:4d:08:d1:a8:ea:2e:43:27:cb:8c:
6b:4e:0b:c8:12:c4:b2:6a:2f:99:b2:93:92:fc:2a:2c:b9:29:
d5:0c:f7:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYV8alxmNoeOA1Gg2WfJ95mBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTA0MTA1MzQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODk0ZTliMWY2NmY0MmU5MTA4NGVmNjMxZDZmNmI3ZWNjOTY2MDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAynvxcpK1Vg0u/c+flLtFpmVhAIk7
Q1JQVb/S13LTEWlh8UlsxPVdhXQpOJA36D41Vh1TkNYVDlyManaCD09SWWZ+UsfT
wJv8ZWxW3jrwkl1hGk2ad5ZaiQwvr6o75YsVvv+ToLuNEuDwxcv9MyYF7WFKGOF3
noeYDWibo9mh7dNjvrrx4t52NFkHP9tf4nz+SO6cxQhRAGKK3BHVx4RzOf0EeAFv
JqZRTGnKO40iXZXdDjI6C5A8ln5kQyi/AhiRUQniiYTVw6einah5qr7yWzh7h8m9
BSyzbZmttTG8I9hjU9NIO8+0PRSBVD5mn8xQRZApaIhk2Q6O7RNMthXsnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHiU6bH2b0LpEITvYx1va37MlmAyMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvZUpUcHNmWnZRdWtRaE85akhXOXJmc3lXWURJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXy6SMA0G
CSqGSIb3DQEBCwUAA4IBAQAX7DNgfnfWxXe8YGLmtm430VEXxIwSTNiJouL4qFVu
5iUxHW6QxuDzWG2U/ytq9tplSEzXPHAC7WwIB80/MFm92NNtTnUScuk67bguJnmO
HQfGS6IPhHpvxebn7L6mUtx6Lnu/OlgOzSqwlCN2EWGGGcn1iPC+kq8bsORCRZLW
OmRAlxhpLVvLjMcYnAlNjcZKkxuRExPfUL1LKIXs2kOCpmBIFUHK++WEmiqWPYc6
dWXcS1gKXDGBmEPM/beP9P0p2+EfFzNgv61736IwEAZjORcxuVnbjqqYS9522g+A
ZU0I0ajqLkMny4xrTgvIEsSyai+ZspOS/CosuSnVDPcq
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:36:42 2025 by rpki-client