Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/ol3CE0jj8ns5xK7Ip7sexCc2XNQ.roa
File: ol3CE0jj8ns5xK7Ip7sexCc2XNQ.roa (raw, json)
Hash identifier: L2bsH9Rx6TR2yi64O92ZSesU2i8JOVtlJSL6CF4WJlE=
Subject key identifier: A2:5D:C2:13:48:E3:F2:7B:39:C4:AE:C8:A7:BB:1E:C4:27:36:5C:D4
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0185709538D612B19A0C02BB6BA7A500A7C5
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/ol3CE0jj8ns5xK7Ip7sexCc2XNQ.roa
Signing time: Mon 02 Jan 2023 03:45:05 +0000
ROA not before: Mon 02 Jan 2023 03:45:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48277
IP address blocks: 95.46.9.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:38:d6:12:b1:9a:0c:02:bb:6b:a7:a5:00:a7:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a25dc21348e3f27b39c4aec8a7bb1ec427365cd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:45:95:f9:73:c8:55:c0:68:64:18:4c:ac:80:
c2:8b:48:96:86:2f:d1:f1:e0:f4:4a:2e:a0:34:db:
62:f9:1e:fa:3f:c9:c8:65:81:ce:a9:b2:da:8e:8d:
09:f8:b9:67:ee:27:ec:f8:48:8f:c8:b3:57:d9:94:
bd:0c:d6:aa:66:86:ef:5f:21:fe:49:d2:9f:94:ea:
43:d2:b0:ec:65:4d:1a:af:8b:ef:ac:cb:16:34:29:
71:4b:e0:d2:fc:92:49:29:2c:24:9d:7c:73:1c:cd:
11:6c:dd:71:83:dd:2a:0e:c3:4c:46:6d:d7:80:fc:
cb:2b:c2:b0:1a:e7:f9:51:c1:0c:0c:c2:64:aa:9e:
46:37:9b:b8:10:86:6e:11:bd:a7:5f:56:4c:a5:a8:
d0:71:11:5f:42:0a:9d:51:5e:56:9b:4b:ae:f5:c9:
63:ff:b5:9c:93:28:01:60:36:9e:5d:8c:e6:20:b5:
45:05:41:5c:ec:4e:66:b2:40:0d:1e:9d:b9:43:ce:
20:c7:4a:41:85:cf:12:62:53:59:d9:89:f3:bf:0d:
24:0a:bb:e6:87:85:77:3e:b0:23:fc:a5:0d:83:cb:
52:42:24:24:eb:d5:4f:f9:a4:78:91:17:44:20:56:
4f:48:10:1a:37:19:76:2e:a5:aa:43:24:99:05:44:
a1:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:5D:C2:13:48:E3:F2:7B:39:C4:AE:C8:A7:BB:1E:C4:27:36:5C:D4
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/ol3CE0jj8ns5xK7Ip7sexCc2XNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.46.9.0/24
Signature Algorithm: sha256WithRSAEncryption
22:f0:82:ef:f2:ba:dd:83:f4:36:05:b9:23:cd:c1:4e:a7:81:
50:31:dd:64:94:53:9c:73:a8:6c:b3:0f:e8:7b:57:8a:d6:54:
09:17:67:9e:01:e8:00:df:c2:d1:e3:80:a2:cf:65:6b:c0:46:
79:78:15:c6:5f:5c:bd:d5:b9:8c:2e:51:3d:e1:f3:e4:59:a4:
d6:55:b2:ad:3d:d3:8e:0a:ce:9a:db:92:ac:2d:19:48:ed:7a:
7b:2f:f2:57:07:24:d0:eb:31:c3:88:6b:d3:25:4d:db:9b:79:
b7:ff:1e:91:64:6a:01:13:65:52:4f:89:52:f3:9e:35:c5:39:
e7:8f:b3:c6:9d:fc:cf:f8:61:ab:bb:7f:9e:6e:67:59:24:5b:
dc:19:c1:c3:9c:0b:7c:83:9f:cd:7f:29:d7:dd:6d:c0:d6:8c:
d5:57:46:92:02:14:18:1b:4d:63:5d:7a:83:c1:8b:c3:4d:93:
14:b7:37:b6:f5:a2:58:df:2f:f0:31:7f:ef:3d:49:ca:85:c1:
0c:2a:f8:06:f2:87:db:c4:77:c0:ee:df:06:b0:ed:29:e2:31:
bd:ab:6a:13:e1:63:ab:23:bb:80:85:fe:60:20:b3:1c:12:70:
22:7e:bd:3b:03:c3:4e:30:4f:ce:99:42:17:0f:1c:6a:1f:7a:
fc:44:d4:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlTjWErGaDAK7a6elAKfFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjVkYzIxMzQ4ZTNmMjdiMzljNGFlYzhhN2JiMWVjNDI3MzY1Y2Q0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUWV+XPIVcBoZBhMrIDCi0iWhi/R
8eD0Si6gNNti+R76P8nIZYHOqbLajo0J+Lln7ifs+EiPyLNX2ZS9DNaqZobvXyH+
SdKflOpD0rDsZU0ar4vvrMsWNClxS+DS/JJJKSwknXxzHM0RbN1xg90qDsNMRm3X
gPzLK8KwGuf5UcEMDMJkqp5GN5u4EIZuEb2nX1ZMpajQcRFfQgqdUV5Wm0uu9clj
/7WckygBYDaeXYzmILVFBUFc7E5mskANHp25Q84gx0pBhc8SYlNZ2Ynzvw0kCrvm
h4V3PrAj/KUNg8tSQiQk69VP+aR4kRdEIFZPSBAaNxl2LqWqQySZBUShbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKJdwhNI4/J7OcSuyKe7HsQnNlzUMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvb2wzQ0Uwamo4bnM1eEs3SXA3c2V4Q2MyWE5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXy4JMA0G
CSqGSIb3DQEBCwUAA4IBAQAi8ILv8rrdg/Q2BbkjzcFOp4FQMd1klFOcc6hssw/o
e1eK1lQJF2eeAegA38LR44Ciz2VrwEZ5eBXGX1y91bmMLlE94fPkWaTWVbKtPdOO
Cs6a25KsLRlI7Xp7L/JXByTQ6zHDiGvTJU3bm3m3/x6RZGoBE2VST4lS8541xTnn
j7PGnfzP+GGru3+ebmdZJFvcGcHDnAt8g5/NfynX3W3A1ozVV0aSAhQYG01jXXqD
wYvDTZMUtze29aJY3y/wMX/vPUnKhcEMKvgG8ofbxHfA7t8GsO0p4jG9q2oT4WOr
I7uAhf5gILMcEnAifr07A8NOME/OmUIXDxxqH3r8RNRr
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:25:00 2025 by rpki-client