Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/on3yTQkhhxvhqB0gD8c8S4uXKtA.roa
File: on3yTQkhhxvhqB0gD8c8S4uXKtA.roa (raw, json)
Hash identifier: aX9nclZeSRMkodI2Xoq0wuUsyCMK7mgiZHMjLP9kra4=
Subject key identifier: A2:7D:F2:4D:09:21:87:1B:E1:A8:1D:20:0F:C7:3C:4B:8B:97:2A:D0
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01857095553BB536015EAF9CD7237EC8EF43
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/on3yTQkhhxvhqB0gD8c8S4uXKtA.roa
Signing time: Mon 02 Jan 2023 03:45:12 +0000
ROA not before: Mon 02 Jan 2023 03:45:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52114
IP address blocks: 93.171.176.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:55:3b:b5:36:01:5e:af:9c:d7:23:7e:c8:ef:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a27df24d0921871be1a81d200fc73c4b8b972ad0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:20:c6:1b:a1:d8:8e:3d:45:bc:71:71:c1:ca:
58:5d:93:a6:87:47:3a:cb:58:80:7f:8f:d9:03:96:
32:61:9d:bd:c0:3d:f9:ab:9c:33:68:93:f4:19:9e:
79:12:bd:06:4d:e7:b6:37:e4:7a:cb:c5:98:df:1c:
30:e6:77:e0:d0:21:6d:78:bb:a5:81:14:1a:8f:83:
4d:3c:8e:ff:de:19:07:ff:54:8a:d9:a2:38:9d:71:
75:f3:8b:1a:aa:62:59:85:35:9a:56:e2:82:cc:4a:
20:88:7e:02:22:ef:c0:3e:ea:77:33:23:78:b4:85:
46:0e:ff:7b:7e:65:4a:d6:d2:3a:d0:e0:1b:7f:0c:
c0:2a:c4:6e:c3:a2:53:f3:8f:8a:c1:68:f7:17:6e:
a3:5c:80:c0:8c:05:9a:a9:76:5c:87:76:b0:6d:91:
21:5b:ca:cc:12:3d:43:29:c9:9d:4e:38:54:d5:2b:
5d:e3:8e:eb:6d:ec:51:7f:8d:f3:5a:04:46:2d:40:
1a:84:47:8a:f6:52:9e:e7:f4:b2:4d:04:59:90:d4:
52:5e:eb:a0:46:80:e9:e1:a8:f2:fc:b8:da:18:12:
3b:40:3d:0a:a9:e7:7f:15:2c:83:0f:bc:d7:54:f7:
64:75:2d:2a:12:37:85:e1:f0:b7:02:69:e7:0a:55:
66:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:7D:F2:4D:09:21:87:1B:E1:A8:1D:20:0F:C7:3C:4B:8B:97:2A:D0
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/on3yTQkhhxvhqB0gD8c8S4uXKtA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.171.176.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:31:94:48:72:da:8d:5a:3a:d3:7a:49:58:7d:8d:db:39:2e:
32:9f:73:b3:a8:47:98:7b:71:ca:2e:6c:0d:34:7a:cf:46:27:
f1:e2:53:6f:64:11:35:b7:c4:4c:9e:5f:e0:35:29:5b:11:f0:
5d:44:f5:f7:a9:89:9d:61:81:ae:21:f7:91:03:18:98:bf:7f:
50:9f:27:1d:ef:fe:8c:3a:45:48:ef:17:e3:8a:76:42:5e:f7:
9b:62:87:ca:f6:b0:69:0e:41:6a:02:aa:c9:cc:2a:70:7b:33:
89:33:c8:fe:75:6a:19:42:dc:4c:b3:32:95:58:76:65:76:94:
89:ce:cd:45:8f:4a:c5:dc:f0:a4:7b:c8:14:96:75:05:29:20:
18:0f:38:be:03:da:b7:a0:08:33:ca:23:6a:52:cb:b9:f5:b3:
ca:46:ad:88:95:d2:2f:b1:7b:5f:46:45:b6:75:11:50:7c:ab:
40:6c:19:d8:3b:d8:24:2d:3d:2b:b7:9d:84:b2:c6:88:f1:ab:
f1:16:1f:6c:bb:3e:32:84:e6:5e:fa:b2:12:69:cb:a3:d7:0d:
3b:0e:19:12:b3:7b:38:9e:a5:00:4b:d1:3b:48:39:da:ec:fb:
86:2c:ef:d4:17:4a:dd:fe:97:fc:cf:f0:a3:d5:54:49:d0:ee:
7d:06:e0:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlVU7tTYBXq+c1yN+yO9DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjdkZjI0ZDA5MjE4NzFiZTFhODFkMjAwZmM3M2M0YjhiOTcyYWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCDGG6HYjj1FvHFxwcpYXZOmh0c6
y1iAf4/ZA5YyYZ29wD35q5wzaJP0GZ55Er0GTee2N+R6y8WY3xww5nfg0CFteLul
gRQaj4NNPI7/3hkH/1SK2aI4nXF184saqmJZhTWaVuKCzEogiH4CIu/APup3MyN4
tIVGDv97fmVK1tI60OAbfwzAKsRuw6JT84+KwWj3F26jXIDAjAWaqXZch3awbZEh
W8rMEj1DKcmdTjhU1Std447rbexRf43zWgRGLUAahEeK9lKe5/SyTQRZkNRSXuug
RoDp4ajy/LjaGBI7QD0Kqed/FSyDD7zXVPdkdS0qEjeF4fC3AmnnClVmuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKJ98k0JIYcb4agdIA/HPEuLlyrQMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvb24zeVRRa2hoeHZocUIwZ0Q4YzhTNHVYS3RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXauwMA0G
CSqGSIb3DQEBCwUAA4IBAQCeMZRIctqNWjrTeklYfY3bOS4yn3OzqEeYe3HKLmwN
NHrPRifx4lNvZBE1t8RMnl/gNSlbEfBdRPX3qYmdYYGuIfeRAxiYv39Qnycd7/6M
OkVI7xfjinZCXvebYofK9rBpDkFqAqrJzCpwezOJM8j+dWoZQtxMszKVWHZldpSJ
zs1Fj0rF3PCke8gUlnUFKSAYDzi+A9q3oAgzyiNqUsu59bPKRq2IldIvsXtfRkW2
dRFQfKtAbBnYO9gkLT0rt52EssaI8avxFh9suz4yhOZe+rISacuj1w07DhkSs3s4
nqUAS9E7SDna7PuGLO/UF0rd/pf8z/Cj1VRJ0O59BuC3
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:51:00 2025 by rpki-client