Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/eYHJyPX6YRi9CdzCq30ZEBaewG0.roa
File: eYHJyPX6YRi9CdzCq30ZEBaewG0.roa (raw, json)
Hash identifier: fgOmlW98ZpmOfnmXAvjACu7UsN9a7WDyWiBMP7jqsWs=
Subject key identifier: 79:81:C9:C8:F5:FA:61:18:BD:09:DC:C2:AB:7D:19:10:16:9E:C0:6D
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0184D2A9EB4D2D5C654B1D3C86359264AF81
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/eYHJyPX6YRi9CdzCq30ZEBaewG0.roa
Signing time: Fri 02 Dec 2022 11:47:41 +0000
ROA not before: Fri 02 Dec 2022 11:47:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44834
IP address blocks: 95.47.170.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d2:a9:eb:4d:2d:5c:65:4b:1d:3c:86:35:92:64:af:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Dec 2 11:47:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7981c9c8f5fa6118bd09dcc2ab7d1910169ec06d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:b2:a2:0c:60:f0:43:c8:14:86:c0:90:91:65:
ba:16:6c:ba:02:61:9a:57:29:be:88:64:3e:a0:46:
c4:ac:53:51:55:7c:08:35:b7:b6:7c:f8:67:87:36:
ac:b5:b5:9e:00:48:d2:d0:56:c2:15:c0:39:79:8d:
e5:3e:d4:65:0a:79:5f:9e:28:7b:da:a7:28:d0:17:
da:3c:d9:b9:44:3e:93:d9:2d:7e:72:ca:23:5a:47:
dd:2a:a0:4b:bd:51:a5:9f:84:8d:24:01:24:0e:3c:
12:eb:23:91:1b:95:40:87:9a:ff:f5:d6:7f:52:1a:
fc:98:cc:4c:11:9a:a0:90:01:9b:b2:cb:12:5c:c4:
4b:32:97:a2:ea:1c:6e:f0:15:6f:c7:23:8f:5a:f8:
15:49:33:4d:54:8b:c0:b5:da:d9:d3:88:6c:10:72:
f9:9b:71:ad:2a:25:33:2c:04:99:5a:24:29:d2:28:
e4:cf:6e:18:06:b3:2e:0c:0e:4a:73:c9:e8:52:ca:
bd:5e:2c:ad:c1:41:ad:e9:ff:e3:4b:9f:25:06:8b:
e3:d8:99:41:25:2b:ce:97:06:9d:00:ea:79:34:66:
a7:1a:8e:fd:6f:e3:09:51:bb:20:f4:dd:67:e8:cf:
c3:d5:47:31:f8:c6:b8:48:64:86:87:de:67:1a:06:
08:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:81:C9:C8:F5:FA:61:18:BD:09:DC:C2:AB:7D:19:10:16:9E:C0:6D
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/eYHJyPX6YRi9CdzCq30ZEBaewG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.47.170.0/23
Signature Algorithm: sha256WithRSAEncryption
55:38:d9:03:b1:c7:c7:50:79:32:6f:12:58:10:74:d9:33:7e:
25:e6:84:bc:d0:bf:c6:91:9a:0c:6b:0f:a9:f8:93:74:24:60:
da:c8:8d:0e:cb:e1:72:bf:6f:c7:bc:ba:cf:dd:03:5a:9a:f6:
3b:32:d0:6c:a0:c0:38:5b:71:04:22:14:c4:76:b9:98:ac:a4:
a2:c2:b0:86:0a:29:5d:dc:40:23:29:ab:f1:57:33:1a:94:0f:
25:52:1d:94:27:89:52:90:3b:0e:51:8a:f6:81:23:6f:ab:6f:
b9:66:83:0f:dc:a7:98:d2:c9:7e:66:b0:0e:f8:d0:63:cf:12:
8d:d5:0d:04:a3:77:7b:63:da:79:cf:c1:9a:ea:cc:ef:d0:4e:
fe:17:b5:f8:af:29:32:40:bf:a8:46:9c:24:45:bb:8e:1b:6a:
64:2a:bd:6d:eb:1e:d2:0e:10:00:d5:50:3d:db:5e:53:8d:b8:
f7:7a:59:59:07:09:ef:4e:81:83:2c:8e:9f:bb:6a:14:1e:1c:
d8:e7:79:d6:ed:02:88:cc:84:68:9c:7f:2f:05:95:dd:17:f8:
6c:b0:05:8b:61:e8:4e:e3:fd:a6:ae:3e:80:8a:63:d0:6d:16:
87:0b:b7:aa:07:52:0f:bd:fe:c0:65:b9:67:df:7f:fe:c9:4e:
73:04:7a:b9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTSqetNLVxlSx08hjWSZK+BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjIxMjAyMTE0NzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTgxYzljOGY1ZmE2MTE4YmQwOWRjYzJhYjdkMTkxMDE2OWVjMDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLKiDGDwQ8gUhsCQkWW6Fmy6AmGa
Vym+iGQ+oEbErFNRVXwINbe2fPhnhzastbWeAEjS0FbCFcA5eY3lPtRlCnlfnih7
2qco0BfaPNm5RD6T2S1+csojWkfdKqBLvVGln4SNJAEkDjwS6yORG5VAh5r/9dZ/
Uhr8mMxMEZqgkAGbsssSXMRLMpei6hxu8BVvxyOPWvgVSTNNVIvAtdrZ04hsEHL5
m3GtKiUzLASZWiQp0ijkz24YBrMuDA5Kc8noUsq9XiytwUGt6f/jS58lBovj2JlB
JSvOlwadAOp5NGanGo79b+MJUbsg9N1n6M/D1Ucx+Ma4SGSGh95nGgYIlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHmBycj1+mEYvQncwqt9GRAWnsBtMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvZVlISnlQWDZZUmk5Q2R6Q3EzMFpFQmFld0cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXy+qMA0G
CSqGSIb3DQEBCwUAA4IBAQBVONkDscfHUHkybxJYEHTZM34l5oS80L/GkZoMaw+p
+JN0JGDayI0Oy+Fyv2/HvLrP3QNamvY7MtBsoMA4W3EEIhTEdrmYrKSiwrCGCild
3EAjKavxVzMalA8lUh2UJ4lSkDsOUYr2gSNvq2+5ZoMP3KeY0sl+ZrAO+NBjzxKN
1Q0Eo3d7Y9p5z8Ga6szv0E7+F7X4rykyQL+oRpwkRbuOG2pkKr1t6x7SDhAA1VA9
215Tjbj3ellZBwnvToGDLI6fu2oUHhzY53nW7QKIzIRonH8vBZXdF/hssAWLYehO
4/2mrj6AimPQbRaHC7eqB1IPvf7AZbln33/+yU5zBHq5
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:41:33 2025 by rpki-client