Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/iDptOxEVKg45VfLOspN_RkUg78k.roa
File: iDptOxEVKg45VfLOspN_RkUg78k.roa (raw, json)
Hash identifier: iJcCTotqbODQrinna3S1tLjYaIfZQZamVQISfcfr1C8=
Subject key identifier: 88:3A:6D:3B:11:15:2A:0E:39:55:F2:CE:B2:93:7F:46:45:20:EF:C9
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01857095771580598CA94AA300964D2A2706
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/iDptOxEVKg45VfLOspN_RkUg78k.roa
Signing time: Mon 02 Jan 2023 03:45:21 +0000
ROA not before: Mon 02 Jan 2023 03:45:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61344
IP address blocks: 93.170.98.0/23 maxlen: 24
93.170.48.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:77:15:80:59:8c:a9:4a:a3:00:96:4d:2a:27:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=883a6d3b11152a0e3955f2ceb2937f464520efc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:bf:24:4d:3b:e3:74:4e:8a:29:7d:07:87:c8:
8d:de:f9:26:53:c7:f7:23:6d:fc:c2:42:45:c0:b3:
61:75:74:86:31:10:27:6e:85:77:32:92:9c:47:e7:
dd:3d:13:9f:b5:a8:97:17:91:7e:e0:65:bc:03:8e:
59:63:91:34:97:75:d6:a9:03:78:50:9e:1d:87:ae:
32:76:09:09:9f:b2:c9:65:a2:8c:b0:79:b2:b8:70:
83:76:11:5e:99:44:3d:ce:c0:56:ad:fd:a9:70:07:
b8:fa:28:08:c6:33:e7:21:f9:23:25:9f:88:56:93:
ac:ab:4f:72:0a:01:84:2b:48:36:88:c7:d9:f2:86:
3f:4c:e3:d4:25:cf:85:01:0d:58:20:8a:af:d3:27:
43:43:f4:8c:0b:46:e2:d7:1b:7c:df:78:03:73:db:
1d:aa:19:c4:be:8a:5d:69:44:27:e8:e3:fe:29:3a:
59:c6:77:ad:b0:f2:79:30:c3:de:54:54:eb:99:a2:
65:bf:1f:76:cb:a0:63:17:97:73:e7:4a:a3:6b:aa:
9b:c6:8e:10:c0:cc:78:ee:d5:d9:86:c3:a4:91:ee:
5b:c5:c5:21:e8:a0:f0:ab:df:79:68:35:a3:47:48:
8e:3d:d9:f5:df:79:a4:26:67:5c:5f:e6:b3:47:a6:
df:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:3A:6D:3B:11:15:2A:0E:39:55:F2:CE:B2:93:7F:46:45:20:EF:C9
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/iDptOxEVKg45VfLOspN_RkUg78k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.170.48.0/23
93.170.98.0/23
Signature Algorithm: sha256WithRSAEncryption
0f:1c:2e:27:e6:e5:dd:ba:e1:41:7f:e5:18:4f:17:57:30:f4:
d8:dc:1a:5e:28:3f:a0:de:7a:60:7d:df:05:bb:2d:dc:ee:6d:
3e:a5:c5:eb:11:4b:74:02:1c:91:1b:d7:36:02:e1:ef:0b:dd:
d7:f5:59:a0:ea:d3:0f:d3:e4:d7:2a:85:00:07:46:74:d8:e4:
d1:36:d4:b4:4f:b1:41:ee:c4:0b:7e:c0:0a:01:e4:b8:69:b3:
b2:de:df:b5:1f:3e:22:85:7d:42:c0:ed:31:86:3b:16:2f:68:
af:f1:9f:5a:04:61:36:0f:13:a1:44:fb:6e:8e:c5:47:a4:d3:
0e:41:4c:23:58:e9:08:91:b9:98:76:86:60:e2:17:1c:3f:0c:
79:d7:c7:b9:f0:df:e3:c8:d3:8e:6d:9a:d3:ed:be:b7:63:38:
ec:56:a9:96:7c:24:a9:11:ec:c3:81:76:7f:86:9e:ec:8b:3a:
a1:45:4e:1e:49:73:eb:a2:96:8e:78:29:e3:77:4a:d7:5c:47:
b3:d4:bb:50:6b:50:3c:1b:31:a7:13:79:8e:ed:70:fb:15:03:
5e:af:99:76:5d:13:46:50:06:d8:87:16:c1:d1:55:14:6d:b0:
92:a1:a2:9e:6b:52:67:55:26:79:43:a1:72:14:59:e5:70:5f:
73:ee:48:ff
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwlXcVgFmMqUqjAJZNKicGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODNhNmQzYjExMTUyYTBlMzk1NWYyY2ViMjkzN2Y0NjQ1MjBlZmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu78kTTvjdE6KKX0Hh8iN3vkmU8f3
I238wkJFwLNhdXSGMRAnboV3MpKcR+fdPROftaiXF5F+4GW8A45ZY5E0l3XWqQN4
UJ4dh64ydgkJn7LJZaKMsHmyuHCDdhFemUQ9zsBWrf2pcAe4+igIxjPnIfkjJZ+I
VpOsq09yCgGEK0g2iMfZ8oY/TOPUJc+FAQ1YIIqv0ydDQ/SMC0bi1xt833gDc9sd
qhnEvopdaUQn6OP+KTpZxnetsPJ5MMPeVFTrmaJlvx92y6BjF5dz50qja6qbxo4Q
wMx47tXZhsOkke5bxcUh6KDwq995aDWjR0iOPdn133mkJmdcX+azR6bf9QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIg6bTsRFSoOOVXyzrKTf0ZFIO/JMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvaURwdE94RVZLZzQ1VmZMT3NwTl9Sa1VnNzhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBXaowAwQB
XapiMA0GCSqGSIb3DQEBCwUAA4IBAQAPHC4n5uXduuFBf+UYTxdXMPTY3BpeKD+g
3npgfd8Fuy3c7m0+pcXrEUt0AhyRG9c2AuHvC93X9Vmg6tMP0+TXKoUAB0Z02OTR
NtS0T7FB7sQLfsAKAeS4abOy3t+1Hz4ihX1CwO0xhjsWL2iv8Z9aBGE2DxOhRPtu
jsVHpNMOQUwjWOkIkbmYdoZg4hccPwx518e58N/jyNOObZrT7b63YzjsVqmWfCSp
EezDgXZ/hp7sizqhRU4eSXPropaOeCnjd0rXXEez1LtQa1A8GzGnE3mO7XD7FQNe
r5l2XRNGUAbYhxbB0VUUbbCSoaKea1JnVSZ5Q6FyFFnlcF9z7kj/
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:44:10 2025 by rpki-client