Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/idsxRHXeKrEe-QCnwKeW7rZEdi0.roa
File: idsxRHXeKrEe-QCnwKeW7rZEdi0.roa (raw, json)
Hash identifier: AQtV/TmYHd5w6jTfEBdAANGM3M3AW3gjD1cXiX/pXwo=
Subject key identifier: 89:DB:31:44:75:DE:2A:B1:1E:F9:00:A7:C0:A7:96:EE:B6:44:76:2D
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01857095C2F6322DF1AA6CAEB91BC692D343
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/idsxRHXeKrEe-QCnwKeW7rZEdi0.roa
Signing time: Mon 02 Jan 2023 03:45:40 +0000
ROA not before: Mon 02 Jan 2023 03:45:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212999
IP address blocks: 95.46.136.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:c2:f6:32:2d:f1:aa:6c:ae:b9:1b:c6:92:d3:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89db314475de2ab11ef900a7c0a796eeb644762d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:a1:ca:ba:d0:25:e6:5b:6c:ce:a3:8e:73:4b:
9f:48:f3:c6:ff:1d:8c:19:82:e6:ab:0e:24:32:3d:
bb:36:3e:b6:89:10:d4:4c:b8:94:89:50:9d:eb:c6:
36:fc:0c:12:f7:bf:af:e0:cf:0b:7e:17:f8:64:de:
b0:06:72:3b:5c:47:02:8d:15:b8:34:08:3c:32:17:
fd:e2:c2:d6:21:13:38:53:80:d6:75:df:dc:44:19:
b1:ab:14:12:b8:81:99:20:06:36:a6:61:94:1b:aa:
27:5c:23:e7:09:bb:29:54:06:c5:62:6e:94:f8:c7:
9f:c2:f2:9e:bc:2e:c9:96:34:0e:40:ed:c1:5e:ca:
15:1a:8a:cd:0e:dc:ff:e2:24:89:27:d1:81:a2:8c:
98:2b:d5:7e:62:51:71:56:cb:28:25:98:e0:9c:ae:
aa:e4:26:3f:88:e0:b1:3e:3f:00:e5:d9:04:8b:62:
73:eb:f1:19:04:20:96:d5:f1:3f:2c:d3:20:0c:8c:
06:a3:3c:38:b3:63:c5:e1:5d:00:3b:27:9a:10:6d:
8b:35:0b:43:c9:64:ac:9a:59:35:5e:3d:e1:ad:5a:
2e:a5:ec:71:1c:3c:74:56:0f:14:ee:5d:07:94:b0:
16:56:4b:58:b2:f3:ef:ab:49:0e:67:4a:45:0e:d3:
09:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:DB:31:44:75:DE:2A:B1:1E:F9:00:A7:C0:A7:96:EE:B6:44:76:2D
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/idsxRHXeKrEe-QCnwKeW7rZEdi0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.46.136.0/22
Signature Algorithm: sha256WithRSAEncryption
30:fc:08:06:35:53:57:91:07:e7:c1:aa:62:d6:ec:ac:13:79:
bf:e6:8a:fb:79:2a:20:32:ea:c1:98:d3:82:e8:45:e1:1a:24:
53:41:3c:ed:54:25:e8:3f:b3:99:60:4c:c9:09:28:0e:36:6d:
31:55:65:f9:ae:19:b8:60:b2:8f:da:dd:d6:24:87:a1:18:ae:
35:f0:34:c0:99:e3:19:1c:bf:45:90:bc:c2:0b:eb:82:4a:cf:
6d:b8:fb:fe:75:c7:f7:f2:92:47:10:e6:14:dc:8c:d1:21:2a:
f9:b0:d8:e9:68:8d:33:42:db:02:46:fb:5a:fe:e4:ac:9b:f2:
4a:26:fb:f3:ec:3e:a3:25:cf:a4:25:33:97:17:85:96:88:8a:
3a:4d:15:ab:9b:73:65:f4:c8:ed:70:15:c8:ee:0a:27:d5:ef:
06:7b:e9:e2:d4:b9:b1:45:b7:7d:1f:3c:88:4c:81:98:10:2a:
d2:08:9a:f5:26:87:0e:f7:c0:18:c7:1f:05:90:c6:9c:99:bb:
a9:18:89:02:5c:e2:c4:82:d6:38:a8:93:1a:8c:33:2b:da:1f:
38:0c:cd:c0:92:75:ee:1c:3d:12:88:82:d3:dd:78:ec:a4:45:
24:24:a3:69:84:1d:e9:ea:76:ee:b6:c6:18:46:9d:22:dd:7f:
b9:67:48:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlcL2Mi3xqmyuuRvGktNDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWRiMzE0NDc1ZGUyYWIxMWVmOTAwYTdjMGE3OTZlZWI2NDQ3NjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApaHKutAl5ltszqOOc0ufSPPG/x2M
GYLmqw4kMj27Nj62iRDUTLiUiVCd68Y2/AwS97+v4M8Lfhf4ZN6wBnI7XEcCjRW4
NAg8Mhf94sLWIRM4U4DWdd/cRBmxqxQSuIGZIAY2pmGUG6onXCPnCbspVAbFYm6U
+MefwvKevC7JljQOQO3BXsoVGorNDtz/4iSJJ9GBooyYK9V+YlFxVssoJZjgnK6q
5CY/iOCxPj8A5dkEi2Jz6/EZBCCW1fE/LNMgDIwGozw4s2PF4V0AOyeaEG2LNQtD
yWSsmlk1Xj3hrVoupexxHDx0Vg8U7l0HlLAWVktYsvPvq0kOZ0pFDtMJFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFInbMUR13iqxHvkAp8Cnlu62RHYtMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvaWRzeFJIWGVLckVlLVFDbndLZVc3clpFZGkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXy6IMA0G
CSqGSIb3DQEBCwUAA4IBAQAw/AgGNVNXkQfnwapi1uysE3m/5or7eSogMurBmNOC
6EXhGiRTQTztVCXoP7OZYEzJCSgONm0xVWX5rhm4YLKP2t3WJIehGK418DTAmeMZ
HL9FkLzCC+uCSs9tuPv+dcf38pJHEOYU3IzRISr5sNjpaI0zQtsCRvta/uSsm/JK
Jvvz7D6jJc+kJTOXF4WWiIo6TRWrm3Nl9MjtcBXI7gon1e8Ge+ni1LmxRbd9HzyI
TIGYECrSCJr1JocO98AYxx8FkMacmbupGIkCXOLEgtY4qJMajDMr2h84DM3AknXu
HD0SiILT3XjspEUkJKNphB3p6nbutsYYRp0i3X+5Z0gZ
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:56:08 2025 by rpki-client