Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/oEix-CjHe6wLhd-TBJvcVvxwamw.roa
File: oEix-CjHe6wLhd-TBJvcVvxwamw.roa (raw, json)
Hash identifier: 0MgmwYXBY8MXhJ/exe2We4+vwK8jfcYr3+c4u6RfaP0=
Subject key identifier: A0:48:B1:F8:28:C7:7B:AC:0B:85:DF:93:04:9B:DC:56:FC:70:6A:6C
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01857095B397F77D1972682582B7168F64D6
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/oEix-CjHe6wLhd-TBJvcVvxwamw.roa
Signing time: Mon 02 Jan 2023 03:45:37 +0000
ROA not before: Mon 02 Jan 2023 03:45:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210188
IP address blocks: 93.170.100.0/24 maxlen: 24
31.148.246.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:b3:97:f7:7d:19:72:68:25:82:b7:16:8f:64:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a048b1f828c77bac0b85df93049bdc56fc706a6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:c2:16:76:da:a1:21:98:0a:0b:9d:3b:2b:bd:
3b:aa:82:71:eb:26:85:7d:ec:b9:f6:a5:71:54:13:
e4:b1:bc:c0:6c:63:f2:76:90:12:ad:b5:2d:e4:a9:
f1:7c:32:02:2e:13:18:67:51:4c:30:38:00:b4:26:
5e:97:ed:66:ca:f8:4b:38:3e:d4:0e:8c:ee:72:a5:
95:04:6c:27:45:fc:44:e3:b4:7c:48:38:bd:56:ed:
f5:80:01:c3:ee:31:bc:c0:1c:9d:fc:a3:77:f6:c7:
c3:f6:ad:de:19:07:bc:f7:2d:e0:53:07:5b:ae:ee:
db:88:f4:da:47:ee:82:42:cf:74:d9:ff:20:72:1f:
07:7b:32:64:c3:9f:c3:60:72:57:40:ce:09:4f:5b:
73:76:5b:9b:03:0b:c8:5d:f6:32:7b:12:28:3c:56:
1a:14:61:25:6b:d5:d8:80:34:4c:3c:e0:69:ee:c3:
bb:85:1e:c6:e5:ea:af:57:0c:07:bb:31:23:5e:95:
58:23:a0:57:83:01:49:12:76:61:2e:d8:5b:31:67:
a8:75:dd:b5:c5:c1:a7:26:be:9c:f3:e5:f9:2b:0a:
de:08:ee:d5:da:f9:79:6b:8c:b6:5a:15:8d:e7:c3:
c2:bd:e4:2c:c9:a4:d4:db:30:40:92:a3:ab:46:86:
b9:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:48:B1:F8:28:C7:7B:AC:0B:85:DF:93:04:9B:DC:56:FC:70:6A:6C
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/oEix-CjHe6wLhd-TBJvcVvxwamw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.246.0/24
93.170.100.0/24
Signature Algorithm: sha256WithRSAEncryption
46:df:c0:91:27:21:da:27:f6:e1:79:10:0d:97:c4:4f:6f:df:
14:39:82:2c:74:94:57:1a:4d:04:03:a7:b1:b7:dd:41:3a:b6:
b6:d8:d3:68:5a:42:ea:8a:64:48:c9:ed:71:27:65:a1:47:36:
e7:e9:f6:2e:e5:72:c6:37:4c:b7:79:51:42:30:00:2d:e3:fb:
e1:0f:8f:58:78:8d:9d:78:ca:ae:d9:e3:71:6a:3e:12:95:9a:
53:82:69:28:3e:2c:5c:c2:b7:60:ed:8f:9e:b9:ba:77:18:f0:
09:1e:b2:95:43:b8:9e:5d:32:f0:28:bc:1e:9b:0c:79:fb:82:
fc:45:15:89:ab:2c:59:bd:99:98:e4:16:5d:cb:b2:d0:62:e8:
69:72:8a:cc:09:69:60:c6:7a:33:11:5d:4d:d2:b0:02:38:57:
5c:c8:a0:07:96:fe:ec:18:d1:01:e3:ab:d0:30:48:93:18:98:
d5:cd:94:c6:8a:59:2d:fe:c7:08:82:dd:59:1b:82:1f:3c:e9:
97:d1:bb:6c:ce:78:6e:ec:49:1d:3d:2a:7d:cd:27:35:56:4c:
d4:e8:b5:e3:9e:c5:5c:01:5e:f4:ae:b5:fb:50:a2:63:c8:32:
dd:f1:d6:f8:2f:32:a3:41:6c:dc:f5:1d:f6:33:92:be:79:88:
04:12:6e:07
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwlbOX930ZcmglgrcWj2TWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDQ4YjFmODI4Yzc3YmFjMGI4NWRmOTMwNDliZGM1NmZjNzA2YTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAksIWdtqhIZgKC507K707qoJx6yaF
fey59qVxVBPksbzAbGPydpASrbUt5KnxfDICLhMYZ1FMMDgAtCZel+1myvhLOD7U
DozucqWVBGwnRfxE47R8SDi9Vu31gAHD7jG8wByd/KN39sfD9q3eGQe89y3gUwdb
ru7biPTaR+6CQs902f8gch8HezJkw5/DYHJXQM4JT1tzdlubAwvIXfYyexIoPFYa
FGEla9XYgDRMPOBp7sO7hR7G5eqvVwwHuzEjXpVYI6BXgwFJEnZhLthbMWeodd21
xcGnJr6c8+X5KwreCO7V2vl5a4y2WhWN58PCveQsyaTU2zBAkqOrRoa5BQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKBIsfgox3usC4XfkwSb3Fb8cGpsMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvb0VpeC1DakhlNndMaGQtVEJKdmNWdnh3YW13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAH5T2AwQA
XapkMA0GCSqGSIb3DQEBCwUAA4IBAQBG38CRJyHaJ/bheRANl8RPb98UOYIsdJRX
Gk0EA6ext91BOra22NNoWkLqimRIye1xJ2WhRzbn6fYu5XLGN0y3eVFCMAAt4/vh
D49YeI2deMqu2eNxaj4SlZpTgmkoPixcwrdg7Y+eubp3GPAJHrKVQ7ieXTLwKLwe
mwx5+4L8RRWJqyxZvZmY5BZdy7LQYuhpcorMCWlgxnozEV1N0rACOFdcyKAHlv7s
GNEB46vQMEiTGJjVzZTGilkt/scIgt1ZG4IfPOmX0btsznhu7EkdPSp9zSc1VkzU
6LXjnsVcAV70rrX7UKJjyDLd8db4LzKjQWzc9R32M5K+eYgEEm4H
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:08:30 2025 by rpki-client