Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/ndtK0Ihd-dmL3LkG3w1xHEQejAk.roa
File: ndtK0Ihd-dmL3LkG3w1xHEQejAk.roa (raw, json)
Hash identifier: 6d5owpouQE8QCGbKUS0WdqbsLFUXBV2TxaFWxRcPP5w=
Subject key identifier: 9D:DB:4A:D0:88:5D:F9:D9:8B:DC:B9:06:DF:0D:71:1C:44:1E:8C:09
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 289792C7
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/ndtK0Ihd-dmL3LkG3w1xHEQejAk.roa
Signing time: Tue 18 Jan 2022 13:26:15 +0000
ROA not before: Tue 18 Jan 2022 13:26:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50400
IP address blocks: 93.171.239.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 681022151 (0x289792c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 18 13:26:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9ddb4ad0885df9d98bdcb906df0d711c441e8c09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:bd:93:bc:4d:87:02:78:8c:46:ce:36:57:da:
64:bc:b1:ae:2c:1e:ec:8e:08:6a:18:9c:5d:e3:09:
77:fd:99:5b:97:cd:f6:e2:6a:8e:26:46:15:bd:82:
c9:f7:1a:61:b0:fc:c5:da:a4:b9:7a:b7:31:83:39:
7b:a6:cb:bd:a4:21:e9:73:db:7b:57:a4:18:9a:0a:
b4:04:ba:40:e0:95:f1:99:ca:7e:f3:14:6d:64:83:
2c:63:43:00:1b:a7:7a:35:ae:0c:71:ce:fa:2d:ce:
65:1e:12:71:c8:ea:cd:8d:10:91:e8:c1:ed:9a:12:
7a:18:42:10:1d:ac:e8:5d:d7:12:fc:63:b9:50:81:
7f:9e:6f:10:46:f2:0b:d5:06:30:ad:71:2b:33:4c:
09:5e:47:6e:ae:be:03:b1:3e:0d:4a:33:97:5b:44:
9e:6e:c5:e0:bc:d8:ba:05:96:29:a8:2c:65:65:e0:
1a:ab:20:54:8a:ca:86:9a:9c:d9:09:fa:7d:9b:26:
68:c9:ea:59:e6:90:04:2c:f6:84:29:14:19:1a:01:
81:6b:01:89:96:f2:f1:f8:f0:5f:35:1f:03:6b:a6:
95:9f:9b:8e:7a:30:2a:eb:6c:74:14:c5:29:90:90:
27:01:22:7d:3c:9d:9e:f1:0a:01:a8:77:e8:2c:5b:
48:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:DB:4A:D0:88:5D:F9:D9:8B:DC:B9:06:DF:0D:71:1C:44:1E:8C:09
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/ndtK0Ihd-dmL3LkG3w1xHEQejAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.171.239.0/24
Signature Algorithm: sha256WithRSAEncryption
01:d1:61:df:3a:fa:5e:67:be:c2:54:b0:bf:1a:21:51:20:05:
32:d2:d0:2a:50:fc:a2:0a:2c:71:67:6f:8f:4b:72:ca:6c:6b:
a3:6e:df:b2:71:53:bf:b8:35:b7:ed:cb:d8:0d:d4:66:ce:b1:
aa:fe:d9:3f:20:fb:25:6e:05:66:88:d1:3b:32:ed:fd:3c:29:
6b:38:75:32:49:e7:cc:e7:cb:75:b0:ec:1c:43:dd:95:5e:c6:
0a:65:e5:19:dd:61:5c:0b:1b:01:5c:82:88:d6:14:78:cb:17:
e6:67:d0:ba:e1:bd:e4:8f:cf:14:a6:56:c7:9e:c4:4b:3a:f0:
e4:48:96:c8:3a:a6:8a:9a:a9:f9:fb:65:53:d2:45:54:31:f7:
34:45:e0:cc:01:54:bc:90:af:f4:0f:84:4c:9d:81:6f:ca:92:
54:d8:ba:20:04:7c:7b:5d:8c:ba:be:6b:f4:47:f0:bc:04:2e:
7e:67:c4:8e:a9:6e:32:9b:bf:20:5c:ac:c6:32:93:e8:b7:87:
a1:2a:fb:d8:e9:ab:4e:82:27:f4:2c:5b:bb:97:64:2f:54:ea:
38:eb:77:88:47:71:09:cc:ab:76:50:a5:9f:11:b6:5c:57:fe:
12:23:01:af:6e:f8:54:63:a5:46:6e:28:1a:20:fc:b2:b3:18:
e0:69:35:86
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEKJeSxzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDkxMjJjMzU0MzhhNGViMjYyMzNmZGM2ZTRiYjFkZjJkYWFlZjQyMB4XDTIyMDEx
ODEzMjYxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWRkYjRhZDA4ODVk
ZjlkOThiZGNiOTA2ZGYwZDcxMWM0NDFlOGMwOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMG9k7xNhwJ4jEbONlfaZLyxriwe7I4IahicXeMJd/2ZW5fN
9uJqjiZGFb2CyfcaYbD8xdqkuXq3MYM5e6bLvaQh6XPbe1ekGJoKtAS6QOCV8ZnK
fvMUbWSDLGNDABunejWuDHHO+i3OZR4SccjqzY0QkejB7ZoSehhCEB2s6F3XEvxj
uVCBf55vEEbyC9UGMK1xKzNMCV5Hbq6+A7E+DUozl1tEnm7F4LzYugWWKagsZWXg
GqsgVIrKhpqc2Qn6fZsmaMnqWeaQBCz2hCkUGRoBgWsBiZby8fjwXzUfA2umlZ+b
jnowKutsdBTFKZCQJwEifTydnvEKAah36CxbSJcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSd20rQiF352YvcuQbfDXEcRB6MCTAfBgNVHSMEGDAWgBR0kSLDVDik6yYj
P9xuS7HfLarvQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8x
L25kdEswSWhkLWRtTDNMa0czdzF4SEVRZWpBay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
MThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8xL2RKRWl3MVE0cE9z
bUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAF2r7zANBgkqhkiG9w0BAQsFAAOC
AQEAAdFh3zr6Xme+wlSwvxohUSAFMtLQKlD8ogoscWdvj0tyymxro27fsnFTv7g1
t+3L2A3UZs6xqv7ZPyD7JW4FZojROzLt/Twpazh1MknnzOfLdbDsHEPdlV7GCmXl
Gd1hXAsbAVyCiNYUeMsX5mfQuuG95I/PFKZWx57ESzrw5EiWyDqmipqp+ftlU9JF
VDH3NEXgzAFUvJCv9A+ETJ2Bb8qSVNi6IAR8e12Mur5r9EfwvAQufmfEjqluMpu/
IFysxjKT6LeHoSr72OmrToIn9Cxbu5dkL1TqOOt3iEdxCcyrdlClnxG2XFf+EiMB
r274VGOlRm4oGiD8srMY4Gk1hg==
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:46:24 2025 by rpki-client