Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/oFR91F9rDJ0lHvC6bpJa0n-PNeo.roa
File: oFR91F9rDJ0lHvC6bpJa0n-PNeo.roa (raw, json)
Hash identifier: 4DqBhdCOLJcjowDH1y/KQ2R0XzCuka8adL0KABPOHNE=
Subject key identifier: A0:54:7D:D4:5F:6B:0C:9D:25:1E:F0:BA:6E:92:5A:D2:7F:8F:35:EA
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0185709582F66AF31FFE4438BBB57C39DECE
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/oFR91F9rDJ0lHvC6bpJa0n-PNeo.roa
Signing time: Mon 02 Jan 2023 03:45:24 +0000
ROA not before: Mon 02 Jan 2023 03:45:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62330
IP address blocks: 93.171.134.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:82:f6:6a:f3:1f:fe:44:38:bb:b5:7c:39:de:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0547dd45f6b0c9d251ef0ba6e925ad27f8f35ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:eb:8c:96:75:f1:7b:d7:5b:6b:c6:13:af:c3:
62:e8:3e:ce:b1:a2:27:08:ff:ba:2a:14:db:fb:51:
2e:5b:56:04:38:6d:ef:2f:0f:70:d5:52:a3:59:0e:
db:91:04:8c:48:f7:2b:2b:d4:b3:24:58:f2:80:8f:
fc:96:f0:61:07:a2:fc:fd:b2:8a:26:1a:bd:9f:2e:
e6:20:06:e0:7c:3a:f8:74:4e:67:6e:a6:19:4c:e4:
a0:e7:16:b9:03:bf:62:d1:a2:c7:30:42:73:87:99:
1e:8a:1d:95:39:d2:80:2e:a6:13:1e:45:ec:16:e2:
b0:0e:ea:78:66:af:af:1a:9e:11:5e:d6:64:57:b1:
24:39:62:39:71:98:be:11:07:28:09:0c:69:2e:64:
a3:f7:b0:34:50:57:af:de:51:87:c4:2c:00:5e:36:
7c:9f:d1:ed:5e:d5:fd:6c:0a:98:99:4b:f1:9e:c7:
45:bc:e1:05:26:df:da:9e:da:31:05:ae:d6:29:50:
f1:89:0b:4c:4e:22:13:2c:40:98:1e:31:a9:74:93:
be:3f:b2:3e:69:d3:c3:b6:85:8e:69:ff:a1:4a:46:
2f:6f:79:68:5c:ec:9a:0f:49:51:83:c5:9b:23:90:
79:ab:1e:04:36:c2:6b:97:76:59:72:8f:be:e9:87:
85:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:54:7D:D4:5F:6B:0C:9D:25:1E:F0:BA:6E:92:5A:D2:7F:8F:35:EA
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/oFR91F9rDJ0lHvC6bpJa0n-PNeo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.171.134.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:0d:3d:e9:e1:fa:8f:61:22:cd:50:17:08:90:d1:4c:5c:de:
ed:04:a4:5f:6c:85:be:9b:ce:97:2e:17:5f:9f:a2:a9:13:2c:
d6:d6:4b:b1:45:8a:4a:51:e4:56:5d:8b:8d:07:bc:8c:58:b3:
d4:60:e9:79:77:eb:e9:ce:27:bb:cc:53:80:c0:83:e3:82:7c:
e4:b4:2d:93:82:a6:50:f2:dd:77:ff:32:6c:85:aa:e0:e8:b4:
9d:ca:6f:f7:6b:c1:d2:7c:df:0f:b8:9f:d6:87:16:45:2e:d1:
f7:cc:1b:b0:f0:82:df:24:d4:d4:31:52:ff:59:70:60:35:cb:
48:f9:00:9b:3c:89:a8:b0:89:bb:90:05:99:0f:06:e8:86:f7:
45:dd:bf:56:f6:a6:bf:dd:30:4c:d8:c2:d2:28:b7:c7:56:ce:
74:32:bf:3e:0e:f6:bc:2d:7c:29:d0:29:ee:d1:f3:09:bb:e5:
5a:34:48:2c:13:3b:63:53:42:80:f7:d6:ab:61:6f:17:dd:27:
1a:71:f7:02:42:19:f2:77:bd:b2:12:86:65:29:62:79:86:25:
81:5d:63:d4:8a:6e:6c:83:55:80:c4:2b:20:52:8e:e7:0b:7b:
73:ca:eb:ea:b2:56:01:92:c2:23:95:bd:dd:e5:72:53:f7:a4:
e7:ac:39:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlYL2avMf/kQ4u7V8Od7OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDU0N2RkNDVmNmIwYzlkMjUxZWYwYmE2ZTkyNWFkMjdmOGYzNWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjuuMlnXxe9dba8YTr8Ni6D7OsaIn
CP+6KhTb+1EuW1YEOG3vLw9w1VKjWQ7bkQSMSPcrK9SzJFjygI/8lvBhB6L8/bKK
Jhq9ny7mIAbgfDr4dE5nbqYZTOSg5xa5A79i0aLHMEJzh5keih2VOdKALqYTHkXs
FuKwDup4Zq+vGp4RXtZkV7EkOWI5cZi+EQcoCQxpLmSj97A0UFev3lGHxCwAXjZ8
n9HtXtX9bAqYmUvxnsdFvOEFJt/antoxBa7WKVDxiQtMTiITLECYHjGpdJO+P7I+
adPDtoWOaf+hSkYvb3loXOyaD0lRg8WbI5B5qx4ENsJrl3ZZco++6YeFQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKBUfdRfawydJR7wum6SWtJ/jzXqMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvb0ZSOTFGOXJESjBsSHZDNmJwSmEwbi1QTmVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXauGMA0G
CSqGSIb3DQEBCwUAA4IBAQCgDT3p4fqPYSLNUBcIkNFMXN7tBKRfbIW+m86XLhdf
n6KpEyzW1kuxRYpKUeRWXYuNB7yMWLPUYOl5d+vpzie7zFOAwIPjgnzktC2TgqZQ
8t13/zJsharg6LSdym/3a8HSfN8PuJ/WhxZFLtH3zBuw8ILfJNTUMVL/WXBgNctI
+QCbPImosIm7kAWZDwbohvdF3b9W9qa/3TBM2MLSKLfHVs50Mr8+Dva8LXwp0Cnu
0fMJu+VaNEgsEztjU0KA99arYW8X3ScacfcCQhnyd72yEoZlKWJ5hiWBXWPUim5s
g1WAxCsgUo7nC3tzyuvqslYBksIjlb3d5XJT96TnrDnQ
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:58:31 2025 by rpki-client