Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/b8c687-a23d-47b0-8462-93252014ccf8/1/RM-AiMIx-7ykUlw4AVo1wMUwNCQ.roa
File: RM-AiMIx-7ykUlw4AVo1wMUwNCQ.roa (raw, json)
Hash identifier: hd5B0xDgdHd0PxOI8EWMCzjX9NpgDEb9OgXwEiawvmc=
Subject key identifier: 44:CF:80:88:C2:31:FB:BC:A4:52:5C:38:01:5A:35:C0:C5:30:34:24
Certificate issuer: /CN=927a47d7477f25689f64d064b3eca09647e8cea2
Certificate serial: 01856FD4F79D3A75AD8ACA7E7CF4FC147775
Authority key identifier: 92:7A:47:D7:47:7F:25:68:9F:64:D0:64:B3:EC:A0:96:47:E8:CE:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/knpH10d_JWifZNBks-yglkfozqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/b8c687-a23d-47b0-8462-93252014ccf8/1/RM-AiMIx-7ykUlw4AVo1wMUwNCQ.roa
Signing time: Mon 02 Jan 2023 00:15:06 +0000
ROA not before: Mon 02 Jan 2023 00:15:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60076
IP address blocks: 193.107.66.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d4:f7:9d:3a:75:ad:8a:ca:7e:7c:f4:fc:14:77:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=927a47d7477f25689f64d064b3eca09647e8cea2
Validity
Not Before: Jan 2 00:15:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=44cf8088c231fbbca4525c38015a35c0c5303424
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:78:2d:35:51:f9:28:9b:10:a6:fe:eb:d8:a1:
c6:e0:ef:a3:05:71:68:86:8d:76:07:e0:7c:9a:8f:
b7:b4:c2:48:b9:08:8f:ee:b1:95:da:cc:be:41:59:
59:8b:22:ac:8d:af:b2:8d:29:b4:e1:67:1e:4e:e9:
41:c4:d0:0d:cb:14:e6:12:fd:13:9c:d5:0c:74:86:
9f:10:79:d8:ef:92:7e:0d:93:e9:04:9a:26:33:49:
02:d2:e8:d3:bb:c9:93:02:65:e4:99:b1:0c:76:4c:
e8:72:7a:f8:86:23:19:e3:90:3e:c7:bf:25:06:ca:
8a:97:2a:2f:1b:9f:3a:0a:48:56:aa:08:05:58:79:
92:c3:fb:54:9e:99:6a:25:18:66:67:8d:b3:66:a5:
a1:63:95:0b:d2:a8:c4:63:c2:91:f9:4f:ff:c5:2e:
64:db:1e:ae:29:f4:ac:69:66:85:92:92:58:59:57:
72:df:38:4a:ba:67:ac:ef:3d:82:c1:84:cd:56:b3:
19:87:a0:c4:25:8b:03:0f:20:94:73:04:43:67:0f:
5e:cf:e9:fa:4f:44:a1:4b:ad:38:93:67:ac:53:29:
f3:12:ab:2c:1e:1a:06:4a:d6:42:a6:95:79:ab:60:
e9:f1:3c:6a:af:fb:49:14:a7:e0:2c:b1:1f:0b:dd:
a4:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:CF:80:88:C2:31:FB:BC:A4:52:5C:38:01:5A:35:C0:C5:30:34:24
X509v3 Authority Key Identifier:
keyid:92:7A:47:D7:47:7F:25:68:9F:64:D0:64:B3:EC:A0:96:47:E8:CE:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/knpH10d_JWifZNBks-yglkfozqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b8c687-a23d-47b0-8462-93252014ccf8/1/RM-AiMIx-7ykUlw4AVo1wMUwNCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b8c687-a23d-47b0-8462-93252014ccf8/1/knpH10d_JWifZNBks-yglkfozqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.107.66.0/24
Signature Algorithm: sha256WithRSAEncryption
85:89:bb:07:b1:f2:65:ae:56:88:34:95:ed:78:b4:76:2d:ad:
34:8c:25:dd:f2:8b:43:69:5a:fa:ba:c8:6a:1a:59:dc:3e:a6:
f2:47:68:da:99:b7:7e:85:b9:5c:3d:57:4b:d8:d8:be:c5:88:
7c:fa:37:50:54:2e:88:93:6c:a8:f7:37:72:57:b7:8e:e7:82:
f2:0c:33:5d:2c:fa:bb:1c:a8:f4:6e:ee:5d:a3:5f:88:80:84:
49:87:f9:ac:64:10:fd:b9:22:31:4f:95:30:17:05:c9:23:af:
a2:96:1e:ff:35:1a:eb:8d:7d:16:78:b7:aa:9b:f6:da:ae:5c:
b4:6e:51:40:ee:6f:fe:47:48:87:fd:f3:80:90:3b:7f:1b:dd:
bb:43:1c:d7:5d:56:be:e1:d0:6f:8e:3e:52:05:95:6a:65:7f:
90:6a:9a:8c:a8:bc:f4:b1:d6:52:13:22:27:ef:1e:ec:db:7b:
64:14:2d:2b:14:44:6b:70:4f:fc:fc:20:9a:2e:95:9f:f1:10:
1d:95:dd:e9:be:64:0b:e8:20:b2:54:9f:ad:79:1a:5b:a8:48:
93:db:a2:98:53:2b:43:01:ec:39:29:58:d6:30:93:0c:03:73:
88:b2:79:b5:f8:24:08:4b:81:55:e2:13:6e:f5:f7:c5:4f:e3:
9b:1f:66:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv1PedOnWtisp+fPT8FHd1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyN2E0N2Q3NDc3ZjI1Njg5ZjY0ZDA2NGIzZWNhMDk2NDdl
OGNlYTIwHhcNMjMwMTAyMDAxNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGNmODA4OGMyMzFmYmJjYTQ1MjVjMzgwMTVhMzVjMGM1MzAzNDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHgtNVH5KJsQpv7r2KHG4O+jBXFo
ho12B+B8mo+3tMJIuQiP7rGV2sy+QVlZiyKsja+yjSm04WceTulBxNANyxTmEv0T
nNUMdIafEHnY75J+DZPpBJomM0kC0ujTu8mTAmXkmbEMdkzocnr4hiMZ45A+x78l
BsqKlyovG586CkhWqggFWHmSw/tUnplqJRhmZ42zZqWhY5UL0qjEY8KR+U//xS5k
2x6uKfSsaWaFkpJYWVdy3zhKumes7z2CwYTNVrMZh6DEJYsDDyCUcwRDZw9ez+n6
T0ShS604k2esUynzEqssHhoGStZCppV5q2Dp8Txqr/tJFKfgLLEfC92kAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFETPgIjCMfu8pFJcOAFaNcDFMDQkMB8GA1UdIwQY
MBaAFJJ6R9dHfyVon2TQZLPsoJZH6M6iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva25wSDEwZF9KV2lmWk5Ca3MteWdsa2ZvenFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9iOGM2ODctYTIzZC00N2IwLTg0NjIt
OTMyNTIwMTRjY2Y4LzEvUk0tQWlNSXgtN3lrVWx3NEFWbzF3TVV3TkNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9iOGM2ODctYTIzZC00N2IwLTg0NjItOTMyNTIwMTRjY2Y4
LzEva25wSDEwZF9KV2lmWk5Ca3MteWdsa2ZvenFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWtCMA0G
CSqGSIb3DQEBCwUAA4IBAQCFibsHsfJlrlaINJXteLR2La00jCXd8otDaVr6ushq
GlncPqbyR2jambd+hblcPVdL2Ni+xYh8+jdQVC6Ik2yo9zdyV7eO54LyDDNdLPq7
HKj0bu5do1+IgIRJh/msZBD9uSIxT5UwFwXJI6+ilh7/NRrrjX0WeLeqm/barly0
blFA7m/+R0iH/fOAkDt/G927QxzXXVa+4dBvjj5SBZVqZX+QapqMqLz0sdZSEyIn
7x7s23tkFC0rFERrcE/8/CCaLpWf8RAdld3pvmQL6CCyVJ+teRpbqEiT26KYUytD
Aew5KVjWMJMMA3OIsnm1+CQIS4FV4hNu9ffFT+ObH2a1
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:13:05 2025 by rpki-client