Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/nFu1nBxpbJjcpZfCb2aGeZFnfAM.roa
File: nFu1nBxpbJjcpZfCb2aGeZFnfAM.roa (raw, json)
Hash identifier: 07PJ7HdkaLO8mnpdJ3E4gaX7hZO6O8MWwkQdmvMAbpk=
Subject key identifier: 9C:5B:B5:9C:1C:69:6C:98:DC:A5:97:C2:6F:66:86:79:91:67:7C:03
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01857095607CEDFC304BDBAAFE8AC11F8C2B
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/nFu1nBxpbJjcpZfCb2aGeZFnfAM.roa
Signing time: Mon 02 Jan 2023 03:45:15 +0000
ROA not before: Mon 02 Jan 2023 03:45:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58060
IP address blocks: 95.46.78.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:60:7c:ed:fc:30:4b:db:aa:fe:8a:c1:1f:8c:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c5bb59c1c696c98dca597c26f66867991677c03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:90:3d:e9:eb:5f:15:e8:ea:2d:df:0f:7f:05:
a0:42:bd:8d:cf:ab:8e:2c:3d:34:c8:c6:66:87:b6:
14:f0:92:97:28:c0:4b:d4:b5:c8:68:10:fc:cc:4c:
e2:84:e7:68:f8:ce:65:7c:c5:c1:8e:f9:e5:88:0a:
5e:f8:18:32:d4:80:d9:bd:55:60:4e:e7:85:32:2f:
99:eb:f3:e8:e9:cc:e4:a8:55:fc:51:54:94:bb:53:
bf:83:2b:49:c7:39:0f:15:aa:a8:90:c6:af:cd:df:
44:33:fb:4f:0c:a9:d5:95:38:01:2a:a3:3a:5c:7f:
c3:c1:01:c5:b9:5c:0f:31:ab:51:2f:3f:48:c1:88:
d1:dd:f2:9d:d2:d4:83:90:f0:e9:76:bb:fa:fa:0f:
06:64:70:6e:33:58:4b:af:73:a0:3e:26:ea:a9:1b:
a4:20:f9:56:f8:e1:c3:39:3d:e5:ea:9c:b2:39:f4:
73:c1:fc:fe:41:fd:06:c6:5c:51:6a:18:33:0c:55:
74:98:03:c9:fe:82:85:69:10:c2:4a:c5:d2:af:ff:
89:e7:cf:4e:0e:d7:4c:13:0c:c5:a3:aa:81:4d:29:
97:3f:fb:98:db:6b:6e:8a:d3:42:98:38:ad:74:fc:
39:fd:2e:69:63:25:0e:22:53:c8:2b:8b:65:76:35:
a0:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:5B:B5:9C:1C:69:6C:98:DC:A5:97:C2:6F:66:86:79:91:67:7C:03
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/nFu1nBxpbJjcpZfCb2aGeZFnfAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.46.78.0/23
Signature Algorithm: sha256WithRSAEncryption
41:88:69:87:1b:54:88:aa:a5:09:59:9f:ff:da:1a:45:55:0c:
c8:35:46:46:9e:b2:cb:fb:4b:b5:d6:80:cb:1f:65:2b:cb:b2:
89:a0:c2:22:7d:44:d2:3e:d8:3b:12:53:9b:39:ae:d9:ef:8a:
93:b5:01:c6:5b:85:c8:dd:5e:da:01:6f:7f:b9:5d:78:97:25:
a8:e1:4a:7e:62:b7:27:6e:b2:bb:58:98:f4:5f:d0:f7:61:8a:
71:1e:1d:61:3a:ab:f2:59:cd:09:59:53:9d:24:2b:03:e9:a2:
7d:0c:83:94:81:8f:db:7d:0e:e0:21:8e:2d:07:41:69:ec:cd:
e8:bd:95:5e:c3:d3:42:ef:22:16:40:b3:21:12:16:b8:b1:7c:
48:3e:e2:9d:a8:45:43:57:fd:56:60:cd:7b:4d:50:f0:ed:4f:
25:75:6b:b8:7f:9f:b1:8a:b0:83:34:16:8a:5e:a5:36:d4:39:
1d:7c:c2:9c:d2:e5:91:32:69:d6:f6:b7:73:c2:ba:c4:67:97:
e0:db:9e:f4:66:8a:1c:0e:fd:7c:8d:d0:aa:59:d8:15:4c:6d:
6a:57:ee:b1:e4:16:61:b7:06:06:77:0f:50:29:dd:27:f0:3b:
46:80:17:23:fe:0b:62:bb:1b:8d:37:61:ed:98:50:89:0e:35:
c6:c8:14:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlWB87fwwS9uq/orBH4wrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzViYjU5YzFjNjk2Yzk4ZGNhNTk3YzI2ZjY2ODY3OTkxNjc3YzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpA96etfFejqLd8PfwWgQr2Nz6uO
LD00yMZmh7YU8JKXKMBL1LXIaBD8zEzihOdo+M5lfMXBjvnliApe+Bgy1IDZvVVg
TueFMi+Z6/Po6czkqFX8UVSUu1O/gytJxzkPFaqokMavzd9EM/tPDKnVlTgBKqM6
XH/DwQHFuVwPMatRLz9IwYjR3fKd0tSDkPDpdrv6+g8GZHBuM1hLr3OgPibqqRuk
IPlW+OHDOT3l6pyyOfRzwfz+Qf0GxlxRahgzDFV0mAPJ/oKFaRDCSsXSr/+J589O
DtdMEwzFo6qBTSmXP/uY22tuitNCmDitdPw5/S5pYyUOIlPIK4tldjWg3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJxbtZwcaWyY3KWXwm9mhnmRZ3wDMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvbkZ1MW5CeHBiSmpjcFpmQ2IyYUdlWkZuZkFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXy5OMA0G
CSqGSIb3DQEBCwUAA4IBAQBBiGmHG1SIqqUJWZ//2hpFVQzINUZGnrLL+0u11oDL
H2Ury7KJoMIifUTSPtg7ElObOa7Z74qTtQHGW4XI3V7aAW9/uV14lyWo4Up+Yrcn
brK7WJj0X9D3YYpxHh1hOqvyWc0JWVOdJCsD6aJ9DIOUgY/bfQ7gIY4tB0Fp7M3o
vZVew9NC7yIWQLMhEha4sXxIPuKdqEVDV/1WYM17TVDw7U8ldWu4f5+xirCDNBaK
XqU21DkdfMKc0uWRMmnW9rdzwrrEZ5fg2570ZoocDv18jdCqWdgVTG1qV+6x5BZh
twYGdw9QKd0n8DtGgBcj/gtiuxuNN2HtmFCJDjXGyBRN
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:29:35 2025 by rpki-client