Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/ivbEeidFfQgfawgnscqZphrVYac.roa
File: ivbEeidFfQgfawgnscqZphrVYac.roa (raw, json)
Hash identifier: 1imZIx92DOAezk3tUWRBmZVPevsDVxflgYL5dQ9HfG8=
Subject key identifier: 8A:F6:C4:7A:27:45:7D:08:1F:6B:08:27:B1:CA:99:A6:1A:D5:61:A7
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0185709577A7212DA8814A2EB9693AA9C0C2
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/ivbEeidFfQgfawgnscqZphrVYac.roa
Signing time: Mon 02 Jan 2023 03:45:21 +0000
ROA not before: Mon 02 Jan 2023 03:45:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61371
IP address blocks: 93.171.185.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:77:a7:21:2d:a8:81:4a:2e:b9:69:3a:a9:c0:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8af6c47a27457d081f6b0827b1ca99a61ad561a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:ff:30:9c:bc:75:c3:63:71:69:f7:ce:dc:39:
91:2c:a7:a3:c8:22:dc:b1:e4:bd:42:b3:2b:34:b2:
ec:c4:cb:2c:63:25:d3:8e:20:44:65:73:9c:ab:3d:
18:39:fc:d1:8d:48:1f:51:01:8b:86:7c:8c:5f:52:
65:9a:7a:95:a5:ea:61:04:46:ef:da:18:09:00:4f:
91:dc:2c:16:02:bb:91:b4:ba:5e:ed:83:a3:d7:72:
3d:f0:08:d7:67:b3:b6:49:28:4a:1c:b9:49:7e:90:
c2:7a:20:2b:52:d0:ed:36:b1:bf:6e:7d:5f:35:e7:
8f:5b:35:8f:ea:fd:02:88:f4:bb:6f:d2:d4:8b:a5:
24:68:ef:33:bd:03:07:6e:18:cd:e0:10:57:23:d9:
ab:2b:cf:78:7b:aa:2e:5b:17:05:2a:f0:bb:19:62:
f6:5e:59:16:ce:26:ca:bb:98:d7:0c:66:a0:35:42:
ef:22:dd:f2:a9:ac:5e:bd:bb:cd:20:fd:a2:77:22:
ff:d2:57:1f:36:a4:62:f4:8a:5d:b1:e3:54:1f:57:
da:23:15:26:cd:26:93:72:d4:55:47:9b:ec:35:75:
8f:d6:62:58:7e:24:54:4a:3b:2b:01:5f:7a:64:73:
30:2b:6b:a8:12:25:7d:b1:f3:9f:5a:90:55:65:8e:
64:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:F6:C4:7A:27:45:7D:08:1F:6B:08:27:B1:CA:99:A6:1A:D5:61:A7
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/ivbEeidFfQgfawgnscqZphrVYac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.171.185.0/24
Signature Algorithm: sha256WithRSAEncryption
04:e5:dc:51:fb:43:ce:d0:c4:eb:f1:f7:3f:a4:57:3f:0a:62:
33:5e:76:db:b1:de:50:4d:57:a0:a5:c8:2d:b3:51:ce:ab:0e:
72:a9:f8:c8:9d:32:f3:09:db:31:19:f0:f6:7a:e2:0c:3a:aa:
b8:26:23:9c:a9:e6:61:b8:29:d9:b0:55:e1:bf:98:84:a8:2b:
8b:f8:70:73:99:29:26:84:97:43:d0:c3:4a:3a:3a:13:22:27:
40:d3:ae:f3:e2:ba:14:58:8c:a8:92:e8:7c:f9:bc:63:3b:8e:
aa:18:49:c8:bc:f5:0e:f3:cf:e5:90:43:8c:73:2e:0c:61:ad:
0f:53:ed:42:91:d9:40:e4:75:ed:89:a5:f4:4d:d7:77:42:2a:
75:bb:18:02:6e:6c:ec:e2:29:b4:30:9a:61:e6:64:0e:e2:4a:
36:aa:4a:b3:16:17:94:3f:df:00:81:58:7b:1a:b5:d7:35:e1:
04:d9:a3:61:9e:ee:54:71:6a:e6:2c:65:47:9e:f7:6a:70:3e:
ce:26:f1:79:5b:0f:97:ed:84:37:24:4d:43:f5:e6:25:57:97:
20:63:95:b2:f5:57:46:11:4d:df:a2:f3:1c:b5:35:94:a5:5e:
14:76:52:ff:0e:cb:0b:81:73:71:22:14:f1:e6:7f:79:d0:c4:
15:b6:5f:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlXenIS2ogUouuWk6qcDCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWY2YzQ3YTI3NDU3ZDA4MWY2YjA4MjdiMWNhOTlhNjFhZDU2MWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlv8wnLx1w2NxaffO3DmRLKejyCLc
seS9QrMrNLLsxMssYyXTjiBEZXOcqz0YOfzRjUgfUQGLhnyMX1JlmnqVpephBEbv
2hgJAE+R3CwWAruRtLpe7YOj13I98AjXZ7O2SShKHLlJfpDCeiArUtDtNrG/bn1f
NeePWzWP6v0CiPS7b9LUi6UkaO8zvQMHbhjN4BBXI9mrK894e6ouWxcFKvC7GWL2
XlkWzibKu5jXDGagNULvIt3yqaxevbvNIP2idyL/0lcfNqRi9IpdseNUH1faIxUm
zSaTctRVR5vsNXWP1mJYfiRUSjsrAV96ZHMwK2uoEiV9sfOfWpBVZY5kjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIr2xHonRX0IH2sIJ7HKmaYa1WGnMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvaXZiRWVpZEZmUWdmYXdnbnNjcVpwaHJWWWFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXau5MA0G
CSqGSIb3DQEBCwUAA4IBAQAE5dxR+0PO0MTr8fc/pFc/CmIzXnbbsd5QTVegpcgt
s1HOqw5yqfjInTLzCdsxGfD2euIMOqq4JiOcqeZhuCnZsFXhv5iEqCuL+HBzmSkm
hJdD0MNKOjoTIidA067z4roUWIyokuh8+bxjO46qGEnIvPUO88/lkEOMcy4MYa0P
U+1CkdlA5HXtiaX0Tdd3Qip1uxgCbmzs4im0MJph5mQO4ko2qkqzFheUP98AgVh7
GrXXNeEE2aNhnu5UcWrmLGVHnvdqcD7OJvF5Ww+X7YQ3JE1D9eYlV5cgY5Wy9VdG
EU3fovMctTWUpV4UdlL/DssLgXNxIhTx5n950MQVtl9P
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:56:08 2025 by rpki-client