Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/6eb365-803a-4c2f-b7ae-c647a8c1ddfa/1/5OLAfKpqRazhoihbMwzlh19zYeM.roa
File: 5OLAfKpqRazhoihbMwzlh19zYeM.roa (raw, json)
Hash identifier: yVjNYAOvV9EKcOi6/tQhDDxTAyRuqN1RXwt7IO/2I3M=
Subject key identifier: E4:E2:C0:7C:AA:6A:45:AC:E1:A2:28:5B:33:0C:E5:87:5F:73:61:E3
Certificate issuer: /CN=222c4585bd88fb27cadf29ee5bb95d6575fcef83
Certificate serial: 0185737AB8F72B447F2E2ADC06552E91F0E9
Authority key identifier: 22:2C:45:85:BD:88:FB:27:CA:DF:29:EE:5B:B9:5D:65:75:FC:EF:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IixFhb2I-yfK3ynuW7ldZXX874M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/6eb365-803a-4c2f-b7ae-c647a8c1ddfa/1/5OLAfKpqRazhoihbMwzlh19zYeM.roa
Signing time: Mon 02 Jan 2023 17:15:00 +0000
ROA not before: Mon 02 Jan 2023 17:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33387
IP address blocks: 93.113.130.0/24 maxlen: 24
93.113.44.0/24 maxlen: 24
94.176.109.0/24 maxlen: 24
94.177.67.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:7a:b8:f7:2b:44:7f:2e:2a:dc:06:55:2e:91:f0:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=222c4585bd88fb27cadf29ee5bb95d6575fcef83
Validity
Not Before: Jan 2 17:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e4e2c07caa6a45ace1a2285b330ce5875f7361e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:b2:14:19:5f:3f:73:d7:6f:88:de:06:13:4f:
67:49:72:5c:9f:72:1a:67:6b:bd:29:12:3d:4b:5d:
92:27:e7:4f:61:01:55:92:d8:79:20:2d:b8:d2:e1:
1b:72:c7:f4:f3:39:b7:ef:b3:6d:4f:55:33:60:fd:
6c:e7:d6:a9:0c:43:94:cb:4e:25:2a:6e:e8:de:90:
af:d1:bd:47:12:02:e3:53:a9:fc:9a:0c:4e:73:d2:
52:da:40:4f:f8:9f:81:67:e8:05:c1:18:c9:2a:37:
1c:04:44:1c:23:37:f6:14:b1:4b:66:80:28:a5:69:
fb:d6:7d:d8:4a:83:9e:d3:1e:3b:c8:2f:7f:59:da:
f7:df:e3:fa:46:a7:cf:14:70:46:a2:74:3c:98:39:
f8:2c:60:1e:f8:a1:9f:5f:42:e1:89:ca:70:2d:32:
90:f0:8a:94:c2:b4:ec:2a:66:54:81:f0:c7:15:bf:
f1:fb:cf:6b:b7:9f:0e:15:8e:1d:f9:e0:2e:91:53:
57:bf:20:09:2b:6d:2a:7c:c7:b1:ac:6e:13:91:2c:
90:7b:d0:0a:aa:b8:19:5c:98:d6:4c:d4:e7:f9:d8:
9c:03:45:00:8b:d8:3b:11:6a:7c:cc:4c:98:db:42:
46:72:be:6e:62:7e:4d:0d:54:bf:b3:f0:bd:8b:7f:
b0:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:E2:C0:7C:AA:6A:45:AC:E1:A2:28:5B:33:0C:E5:87:5F:73:61:E3
X509v3 Authority Key Identifier:
keyid:22:2C:45:85:BD:88:FB:27:CA:DF:29:EE:5B:B9:5D:65:75:FC:EF:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IixFhb2I-yfK3ynuW7ldZXX874M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6eb365-803a-4c2f-b7ae-c647a8c1ddfa/1/5OLAfKpqRazhoihbMwzlh19zYeM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6eb365-803a-4c2f-b7ae-c647a8c1ddfa/1/IixFhb2I-yfK3ynuW7ldZXX874M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.113.44.0/24
93.113.130.0/24
94.176.109.0/24
94.177.67.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:21:dc:27:30:4b:f6:26:ec:c7:9d:c7:e8:17:39:81:4c:70:
0f:dc:2e:de:7e:ab:15:ab:b5:83:34:65:73:4d:84:0d:c2:e1:
0c:8a:ed:2d:fa:64:7c:72:ef:07:f8:cb:4d:0d:76:ec:d5:65:
12:8b:63:30:5b:d8:cb:6b:4b:b7:c1:bc:79:07:2e:53:f7:48:
d4:b4:55:f6:02:a9:81:f3:01:8c:29:bf:3b:e1:44:e8:90:37:
2a:b9:89:57:d8:fa:1e:92:10:35:34:4d:ae:21:38:ef:9a:4e:
81:da:50:35:e2:84:28:fa:fa:13:ef:11:26:4c:e2:3a:17:12:
27:69:1a:7b:b8:02:5b:d8:8f:87:d4:a6:c8:a4:a7:58:a0:17:
9b:e7:ac:f7:b1:b5:be:62:6e:07:49:63:34:93:8e:dc:6a:3e:
2c:50:a4:d5:86:21:55:34:ce:f0:0c:46:a6:1f:ca:39:d0:34:
0a:37:4d:a1:fe:cd:80:9c:9b:7a:87:fd:7b:2a:26:3e:18:1b:
24:dc:73:ff:45:a8:af:f8:7f:96:20:18:06:b4:88:43:be:a2:
8e:01:c2:14:fd:3d:62:24:f2:e5:a5:5f:31:69:ca:1a:a0:0d:
45:37:39:24:ef:ae:81:15:9e:64:ce:ee:7f:57:21:9f:c3:6b:
c4:b3:6e:04
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVzerj3K0R/LircBlUukfDpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMmM0NTg1YmQ4OGZiMjdjYWRmMjllZTViYjk1ZDY1NzVm
Y2VmODMwHhcNMjMwMTAyMTcxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGUyYzA3Y2FhNmE0NWFjZTFhMjI4NWIzMzBjZTU4NzVmNzM2MWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjrIUGV8/c9dviN4GE09nSXJcn3Ia
Z2u9KRI9S12SJ+dPYQFVkth5IC240uEbcsf08zm377NtT1UzYP1s59apDEOUy04l
Km7o3pCv0b1HEgLjU6n8mgxOc9JS2kBP+J+BZ+gFwRjJKjccBEQcIzf2FLFLZoAo
pWn71n3YSoOe0x47yC9/Wdr33+P6RqfPFHBGonQ8mDn4LGAe+KGfX0LhicpwLTKQ
8IqUwrTsKmZUgfDHFb/x+89rt58OFY4d+eAukVNXvyAJK20qfMexrG4TkSyQe9AK
qrgZXJjWTNTn+dicA0UAi9g7EWp8zEyY20JGcr5uYn5NDVS/s/C9i3+wMQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOTiwHyqakWs4aIoWzMM5Ydfc2HjMB8GA1UdIwQY
MBaAFCIsRYW9iPsnyt8p7lu5XWV1/O+DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWl4RmhiMkkteWZLM3ludVc3bGRaWFg4NzRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC82ZWIzNjUtODAzYS00YzJmLWI3YWUt
YzY0N2E4YzFkZGZhLzEvNU9MQWZLcHFSYXpob2loYk13emxoMTl6WWVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC82ZWIzNjUtODAzYS00YzJmLWI3YWUtYzY0N2E4YzFkZGZh
LzEvSWl4RmhiMkkteWZLM3ludVc3bGRaWFg4NzRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAXXEsAwQA
XXGCAwQAXrBtAwQAXrFDMA0GCSqGSIb3DQEBCwUAA4IBAQBOIdwnMEv2JuzHncfo
FzmBTHAP3C7efqsVq7WDNGVzTYQNwuEMiu0t+mR8cu8H+MtNDXbs1WUSi2MwW9jL
a0u3wbx5By5T90jUtFX2AqmB8wGMKb874UTokDcquYlX2PoekhA1NE2uITjvmk6B
2lA14oQo+voT7xEmTOI6FxInaRp7uAJb2I+H1KbIpKdYoBeb56z3sbW+Ym4HSWM0
k47caj4sUKTVhiFVNM7wDEamH8o50DQKN02h/s2AnJt6h/17KiY+GBsk3HP/Raiv
+H+WIBgGtIhDvqKOAcIU/T1iJPLlpV8xacoaoA1FNzkk766BFZ5kzu5/VyGfw2vE
s24E
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:44 2025 by rpki-client