Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/4a80e6-1d04-4647-a8d4-2481106f8b25/1/eznM5OqSFg11KDhs7aKpSJCOXLk.roa
File: eznM5OqSFg11KDhs7aKpSJCOXLk.roa (raw, json)
Hash identifier: eGtAtloTPGNUEMz06dTnLA3QaTLto9onnrdRVzLQMgc=
Subject key identifier: 7B:39:CC:E4:EA:92:16:0D:75:28:38:6C:ED:A2:A9:48:90:8E:5C:B9
Certificate issuer: /CN=58667131d760b5db1de98ea20c0f82fc01c9f1d9
Certificate serial: 01856D0169712D253BDF2592D08E24DFA396
Authority key identifier: 58:66:71:31:D7:60:B5:DB:1D:E9:8E:A2:0C:0F:82:FC:01:C9:F1:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WGZxMddgtdsd6Y6iDA-C_AHJ8dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/4a80e6-1d04-4647-a8d4-2481106f8b25/1/eznM5OqSFg11KDhs7aKpSJCOXLk.roa
Signing time: Sun 01 Jan 2023 11:04:46 +0000
ROA not before: Sun 01 Jan 2023 11:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25525
IP address blocks: 87.237.103.0/24 maxlen: 24
87.237.99.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:69:71:2d:25:3b:df:25:92:d0:8e:24:df:a3:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58667131d760b5db1de98ea20c0f82fc01c9f1d9
Validity
Not Before: Jan 1 11:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7b39cce4ea92160d7528386ceda2a948908e5cb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:36:a3:14:66:aa:29:76:b5:63:2d:d3:4e:02:
d9:f4:86:a0:f9:ed:44:4b:fc:47:55:2b:08:89:18:
78:c8:41:e6:4a:ac:10:58:a6:9d:ef:81:c8:c2:73:
32:bf:27:bd:2b:b4:f0:c4:3b:94:f4:a8:ed:df:fc:
b8:05:a9:cd:b5:af:57:46:81:70:07:4f:f1:5b:0d:
f3:88:26:f4:13:49:07:aa:c3:69:f8:c7:27:ca:4b:
d8:9c:ea:43:a7:95:ef:57:bc:7d:16:9f:60:ae:f0:
be:3c:b5:e0:d1:15:90:13:3b:43:fd:e2:4a:8d:5b:
e0:d0:16:5f:d3:60:eb:60:b6:ac:71:4e:83:b5:47:
d2:9e:9c:94:d5:b1:8d:86:ec:bc:ad:ef:d6:fc:9c:
72:d8:25:99:d7:78:26:c4:54:84:b3:56:fd:58:79:
cd:5b:f0:54:e9:16:ad:b3:24:6a:ca:98:7b:5b:b8:
32:95:ac:fa:a6:cb:be:6b:2c:eb:bc:81:88:13:f5:
96:80:44:99:06:41:16:e6:81:29:36:19:ce:63:ec:
3a:a1:c2:19:ab:2a:a6:58:d3:5e:d3:3d:80:2c:23:
8f:30:d0:a2:96:82:4b:5d:b0:20:6a:ab:d8:ac:e3:
9f:25:22:9c:1a:39:10:0e:03:36:7a:a8:45:f9:a8:
56:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:39:CC:E4:EA:92:16:0D:75:28:38:6C:ED:A2:A9:48:90:8E:5C:B9
X509v3 Authority Key Identifier:
keyid:58:66:71:31:D7:60:B5:DB:1D:E9:8E:A2:0C:0F:82:FC:01:C9:F1:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WGZxMddgtdsd6Y6iDA-C_AHJ8dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/4a80e6-1d04-4647-a8d4-2481106f8b25/1/eznM5OqSFg11KDhs7aKpSJCOXLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/4a80e6-1d04-4647-a8d4-2481106f8b25/1/WGZxMddgtdsd6Y6iDA-C_AHJ8dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.237.99.0/24
87.237.103.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:1d:24:51:48:43:cb:e5:8c:b2:5f:80:82:66:10:77:6e:7a:
c5:7d:af:34:f2:f4:b8:17:18:68:82:45:18:16:25:6f:d5:36:
6c:7f:33:ec:1d:2c:94:20:91:17:9c:ab:ca:73:e2:34:92:f5:
08:fe:dc:f0:07:f7:7f:15:5c:ec:78:59:10:e9:0b:d9:14:be:
c5:c5:7d:e4:47:af:9d:dd:80:18:e9:19:74:bd:28:93:97:7c:
65:b8:af:a7:51:c5:56:ad:d2:e1:d6:eb:c6:64:95:68:ae:5f:
f9:6d:68:7c:9f:b3:a8:ab:83:fe:51:b1:19:fd:76:95:a0:08:
be:92:dc:72:c3:20:93:95:b9:b2:95:9c:b9:c9:af:45:05:df:
28:29:38:30:57:52:c3:fc:d9:72:a8:75:f8:78:f2:b7:c7:70:
28:c9:fa:ac:2d:7a:93:1c:01:9c:e7:1f:0e:ec:f6:7f:e2:ad:
96:1a:ff:53:d7:97:09:e4:e2:ee:2d:3c:b3:47:70:db:2d:9b:
1a:66:53:89:0d:3f:25:69:b2:ed:f8:23:c3:e3:70:81:94:0c:
e8:7a:40:a8:1f:63:c4:23:3c:dc:3b:02:7d:71:4f:d7:1d:ea:
cc:39:45:80:76:90:4c:85:00:77:c8:e9:e1:df:24:e4:fe:b6:
0a:9b:f1:81
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtAWlxLSU73yWS0I4k36OWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4NjY3MTMxZDc2MGI1ZGIxZGU5OGVhMjBjMGY4MmZjMDFj
OWYxZDkwHhcNMjMwMTAxMTEwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjM5Y2NlNGVhOTIxNjBkNzUyODM4NmNlZGEyYTk0ODkwOGU1Y2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjajFGaqKXa1Yy3TTgLZ9Iag+e1E
S/xHVSsIiRh4yEHmSqwQWKad74HIwnMyvye9K7TwxDuU9Kjt3/y4BanNta9XRoFw
B0/xWw3ziCb0E0kHqsNp+McnykvYnOpDp5XvV7x9Fp9grvC+PLXg0RWQEztD/eJK
jVvg0BZf02DrYLascU6DtUfSnpyU1bGNhuy8re/W/Jxy2CWZ13gmxFSEs1b9WHnN
W/BU6RatsyRqyph7W7gylaz6psu+ayzrvIGIE/WWgESZBkEW5oEpNhnOY+w6ocIZ
qyqmWNNe0z2ALCOPMNCiloJLXbAgaqvYrOOfJSKcGjkQDgM2eqhF+ahWTwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHs5zOTqkhYNdSg4bO2iqUiQjly5MB8GA1UdIwQY
MBaAFFhmcTHXYLXbHemOogwPgvwByfHZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0daeE1kZGd0ZHNkNlk2aURBLUNfQUhKOGRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS80YTgwZTYtMWQwNC00NjQ3LWE4ZDQt
MjQ4MTEwNmY4YjI1LzEvZXpuTTVPcVNGZzExS0RoczdhS3BTSkNPWExrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS80YTgwZTYtMWQwNC00NjQ3LWE4ZDQtMjQ4MTEwNmY4YjI1
LzEvV0daeE1kZGd0ZHNkNlk2aURBLUNfQUhKOGRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAV+1jAwQA
V+1nMA0GCSqGSIb3DQEBCwUAA4IBAQCmHSRRSEPL5YyyX4CCZhB3bnrFfa808vS4
FxhogkUYFiVv1TZsfzPsHSyUIJEXnKvKc+I0kvUI/tzwB/d/FVzseFkQ6QvZFL7F
xX3kR6+d3YAY6Rl0vSiTl3xluK+nUcVWrdLh1uvGZJVorl/5bWh8n7Ooq4P+UbEZ
/XaVoAi+ktxywyCTlbmylZy5ya9FBd8oKTgwV1LD/NlyqHX4ePK3x3AoyfqsLXqT
HAGc5x8O7PZ/4q2WGv9T15cJ5OLuLTyzR3DbLZsaZlOJDT8labLt+CPD43CBlAzo
ekCoH2PEIzzcOwJ9cU/XHerMOUWAdpBMhQB3yOnh3yTk/rYKm/GB
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:57 2025 by rpki-client