Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/uDf2X5fSCY1VqzUnXRbpz1BkGV8.roa
File: uDf2X5fSCY1VqzUnXRbpz1BkGV8.roa (raw, json)
Hash identifier: wjLvnqmQ15jtaMIOpvJQXnZRaVH3R/0ckvy+5d2rccE=
Subject key identifier: B8:37:F6:5F:97:D2:09:8D:55:AB:35:27:5D:16:E9:CF:50:64:19:5F
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01857095B6D15AD0A2EFDAA5A3D7B9C9685A
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/uDf2X5fSCY1VqzUnXRbpz1BkGV8.roa
Signing time: Mon 02 Jan 2023 03:45:37 +0000
ROA not before: Mon 02 Jan 2023 03:45:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210845
IP address blocks: 93.171.175.0/24 maxlen: 24
2a02:128:18::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:b6:d1:5a:d0:a2:ef:da:a5:a3:d7:b9:c9:68:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b837f65f97d2098d55ab35275d16e9cf5064195f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:01:5b:6a:a4:ce:93:d1:6a:11:79:ab:92:c4:
b0:70:e7:25:d8:31:2d:f4:2c:78:d8:4e:cf:78:e9:
3f:24:d4:a6:46:81:b4:b1:11:52:0b:8a:b1:42:6a:
46:53:2f:39:9d:02:f1:a0:8a:f3:58:35:87:0c:53:
b6:6f:c1:12:e3:a1:c9:41:2b:c0:95:97:c1:af:11:
94:2b:fd:1f:cc:65:a3:67:2c:ee:3e:31:1c:57:77:
07:dc:e9:7b:16:05:fb:34:71:b8:e6:7a:16:03:07:
ba:b8:b7:71:aa:13:82:cf:9f:92:8b:2f:2b:c1:a4:
ad:c1:bb:f6:81:b5:e9:83:c9:75:98:b7:53:f5:a5:
33:53:7e:33:32:a5:9c:33:54:2b:21:d6:c8:0f:a2:
12:b5:bd:d1:2c:17:d2:6d:7f:d2:aa:22:d3:a8:ea:
b3:be:15:af:d7:be:10:d0:62:8e:78:05:44:09:50:
98:f7:97:dd:3e:69:ca:66:74:12:45:5f:b0:02:ea:
a3:bd:e2:23:c2:13:5d:04:2d:b4:94:03:46:7c:03:
d8:6e:f8:7e:a9:e7:8d:9a:01:4e:7c:1e:5f:4d:61:
73:fe:3d:03:bc:74:93:32:43:40:c1:48:7e:7a:76:
e4:a4:34:59:2f:59:8f:4c:5f:38:55:d9:98:b9:38:
03:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:37:F6:5F:97:D2:09:8D:55:AB:35:27:5D:16:E9:CF:50:64:19:5F
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/uDf2X5fSCY1VqzUnXRbpz1BkGV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.171.175.0/24
IPv6:
2a02:128:18::/48
Signature Algorithm: sha256WithRSAEncryption
7c:e1:62:36:48:ad:03:42:c7:63:cf:36:f4:79:4c:ed:86:29:
12:67:b5:85:aa:78:96:0f:66:a8:5e:3b:5b:be:61:a4:67:9a:
55:43:e6:9c:a4:1f:f0:7c:49:ce:50:92:45:df:3c:05:32:f2:
41:f5:ca:e8:7b:70:30:61:02:91:cb:ab:5b:e6:e3:9a:ba:c1:
66:58:9d:42:72:cb:32:5e:f1:f3:25:c5:3b:02:25:5d:0f:e7:
e3:b0:23:68:98:35:b8:49:9e:df:31:b5:5a:a7:6b:1a:df:71:
06:62:61:8e:11:5b:74:e4:db:92:08:99:18:5d:3f:c1:97:41:
3a:e4:92:90:11:ae:8d:17:91:04:03:1a:fb:a8:0f:f3:2c:9f:
26:25:25:e4:d5:31:b4:7f:36:f7:4b:8d:bd:2d:8c:3b:ba:34:
47:cc:a3:38:93:d9:05:ea:73:61:a7:52:3d:0e:21:4e:33:3c:
f4:09:d5:ac:8f:e2:f9:8d:fd:ab:1c:74:81:ed:14:41:1c:27:
06:84:9d:86:21:c8:2a:d6:5f:f9:dc:df:25:11:7b:4f:4d:1e:
26:b1:d3:f4:2b:1f:b6:fc:ac:3d:21:0a:28:13:f3:cb:bf:8c:
56:73:60:c6:04:4d:a3:f6:5f:70:8a:1e:43:1c:2a:95:d7:af:
2f:73:ec:55
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVwlbbRWtCi79qlo9e5yWhaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODM3ZjY1Zjk3ZDIwOThkNTVhYjM1Mjc1ZDE2ZTljZjUwNjQxOTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7QFbaqTOk9FqEXmrksSwcOcl2DEt
9Cx42E7PeOk/JNSmRoG0sRFSC4qxQmpGUy85nQLxoIrzWDWHDFO2b8ES46HJQSvA
lZfBrxGUK/0fzGWjZyzuPjEcV3cH3Ol7FgX7NHG45noWAwe6uLdxqhOCz5+Siy8r
waStwbv2gbXpg8l1mLdT9aUzU34zMqWcM1QrIdbID6IStb3RLBfSbX/SqiLTqOqz
vhWv174Q0GKOeAVECVCY95fdPmnKZnQSRV+wAuqjveIjwhNdBC20lANGfAPYbvh+
qeeNmgFOfB5fTWFz/j0DvHSTMkNAwUh+enbkpDRZL1mPTF84VdmYuTgDXwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLg39l+X0gmNVas1J10W6c9QZBlfMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvdURmMlg1ZlNDWTFWcXpVblhSYnB6MUJrR1Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAXauvMA8E
AgACMAkDBwAqAgEoABgwDQYJKoZIhvcNAQELBQADggEBAHzhYjZIrQNCx2PPNvR5
TO2GKRJntYWqeJYPZqheO1u+YaRnmlVD5pykH/B8Sc5QkkXfPAUy8kH1yuh7cDBh
ApHLq1vm45q6wWZYnUJyyzJe8fMlxTsCJV0P5+OwI2iYNbhJnt8xtVqnaxrfcQZi
YY4RW3Tk25IImRhdP8GXQTrkkpARro0XkQQDGvuoD/MsnyYlJeTVMbR/NvdLjb0t
jDu6NEfMoziT2QXqc2GnUj0OIU4zPPQJ1ayP4vmN/ascdIHtFEEcJwaEnYYhyCrW
X/nc3yURe09NHiax0/QrH7b8rD0hCigT88u/jFZzYMYETaP2X3CKHkMcKpXXry9z
7FU=
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:58:16 2025 by rpki-client