Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/a4141d-8498-42f4-b2f3-1f6409848150/1/ssi5GEA4VylF8IR2kJ4Z1ZIUvfQ.roa
File: ssi5GEA4VylF8IR2kJ4Z1ZIUvfQ.roa (raw, json)
Hash identifier: qslIqjJ3kBX5WtfCH6OBj7/vExOobtfMYzu0S+uTOG4=
Subject key identifier: B2:C8:B9:18:40:38:57:29:45:F0:84:76:90:9E:19:D5:92:14:BD:F4
Certificate issuer: /CN=bfb493457b2f02e69b85f718dcc16a9a9ef0fcd1
Certificate serial: 01856F26E07ADC3CEA064965E2801BFAB6BE
Authority key identifier: BF:B4:93:45:7B:2F:02:E6:9B:85:F7:18:DC:C1:6A:9A:9E:F0:FC:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v7STRXsvAuabhfcY3MFqmp7w_NE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/a4141d-8498-42f4-b2f3-1f6409848150/1/ssi5GEA4VylF8IR2kJ4Z1ZIUvfQ.roa
Signing time: Sun 01 Jan 2023 21:04:56 +0000
ROA not before: Sun 01 Jan 2023 21:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 93.94.3.0/24 maxlen: 24
2a03:1e03::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:e0:7a:dc:3c:ea:06:49:65:e2:80:1b:fa:b6:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfb493457b2f02e69b85f718dcc16a9a9ef0fcd1
Validity
Not Before: Jan 1 21:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b2c8b9184038572945f08476909e19d59214bdf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:2c:49:89:b4:78:33:a8:a4:e0:b4:09:7f:b1:
73:1f:ae:66:0c:a5:dc:1c:fb:66:c7:6b:b7:e9:b7:
d4:eb:3d:c1:ce:f0:eb:0d:53:2e:b8:3b:82:8e:ee:
ee:ef:b5:1e:82:db:23:94:07:02:37:40:0e:44:11:
54:4a:0c:a2:2e:bd:a3:a7:47:21:f7:50:c2:b2:ac:
cf:6f:48:55:97:29:32:f6:b2:c2:64:74:91:3d:a9:
12:da:4e:a5:20:c7:59:d4:8c:ef:a6:06:f2:84:8c:
38:4e:60:b8:ef:8e:d9:99:b8:c8:d7:a5:51:ae:af:
2a:5d:b9:80:52:ef:f7:e6:a9:50:4e:68:d2:33:8e:
6b:68:17:5d:c9:5b:a5:76:db:d7:f1:60:80:44:f7:
4a:8d:2e:ef:cc:2f:83:af:17:13:34:66:3e:e2:90:
d8:44:51:34:7e:25:9c:26:51:05:d8:cf:c2:07:79:
30:ef:d0:43:60:4a:0f:8a:96:93:77:2c:0e:6b:d4:
a9:77:ae:e6:6d:ee:e2:26:fa:0c:7c:57:32:87:da:
8e:08:1a:4b:42:2a:b6:16:89:1c:ac:fe:4e:58:e0:
32:ac:ed:e3:db:87:32:eb:7f:00:fd:0a:27:34:79:
e8:6a:07:d4:7a:f8:d6:d6:0f:01:38:08:4b:18:81:
a7:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:C8:B9:18:40:38:57:29:45:F0:84:76:90:9E:19:D5:92:14:BD:F4
X509v3 Authority Key Identifier:
keyid:BF:B4:93:45:7B:2F:02:E6:9B:85:F7:18:DC:C1:6A:9A:9E:F0:FC:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v7STRXsvAuabhfcY3MFqmp7w_NE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/a4141d-8498-42f4-b2f3-1f6409848150/1/ssi5GEA4VylF8IR2kJ4Z1ZIUvfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/a4141d-8498-42f4-b2f3-1f6409848150/1/v7STRXsvAuabhfcY3MFqmp7w_NE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.94.3.0/24
IPv6:
2a03:1e03::/48
Signature Algorithm: sha256WithRSAEncryption
46:18:57:d8:fc:a1:0c:b3:66:30:35:04:b2:bf:0f:3f:4c:b2:
73:76:c5:be:7f:5e:4b:7f:4b:35:05:b1:9b:71:c5:54:36:4d:
7b:77:d5:9a:d0:a0:db:b9:7c:89:30:09:bd:a3:59:35:48:ae:
6a:54:6f:8b:be:69:4c:2c:7b:c6:56:4d:7f:30:a6:82:ca:70:
64:eb:55:15:a7:38:8b:49:c0:42:5c:e5:63:6f:09:57:35:8c:
df:1f:7f:de:eb:8f:15:32:4c:df:c4:0f:01:87:45:6f:4e:75:
77:f6:de:06:7c:c1:79:31:42:4d:02:68:b4:32:64:4d:e1:04:
7a:e7:60:08:3e:2e:af:50:b8:32:ec:49:83:93:f2:61:0c:89:
a3:75:85:d4:46:fd:96:74:9f:0b:61:6d:5d:5c:56:9a:cc:bb:
c7:5d:3b:a9:6a:c7:03:03:83:29:39:51:dd:3c:ff:81:d5:c6:
ef:e1:79:3c:19:78:43:a5:5b:d6:75:88:37:89:56:bd:23:26:
c2:8d:62:32:c2:5e:b4:e2:fb:61:13:c5:f8:d4:34:a8:7b:cc:
07:77:08:bf:97:31:90:f7:c8:3d:0f:25:b7:99:8c:e3:21:a0:
32:7f:1f:f3:cb:40:b5:54:58:12:e8:8a:40:44:59:3f:18:09:
85:ba:89:61
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVvJuB63DzqBkll4oAb+ra+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYjQ5MzQ1N2IyZjAyZTY5Yjg1ZjcxOGRjYzE2YTlhOWVm
MGZjZDEwHhcNMjMwMTAxMjEwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmM4YjkxODQwMzg1NzI5NDVmMDg0NzY5MDllMTlkNTkyMTRiZGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuixJibR4M6ik4LQJf7FzH65mDKXc
HPtmx2u36bfU6z3BzvDrDVMuuDuCju7u77UegtsjlAcCN0AORBFUSgyiLr2jp0ch
91DCsqzPb0hVlyky9rLCZHSRPakS2k6lIMdZ1IzvpgbyhIw4TmC4747ZmbjI16VR
rq8qXbmAUu/35qlQTmjSM45raBddyVuldtvX8WCARPdKjS7vzC+DrxcTNGY+4pDY
RFE0fiWcJlEF2M/CB3kw79BDYEoPipaTdywOa9Spd67mbe7iJvoMfFcyh9qOCBpL
Qiq2FokcrP5OWOAyrO3j24cy638A/QonNHnoagfUevjW1g8BOAhLGIGn5wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLLIuRhAOFcpRfCEdpCeGdWSFL30MB8GA1UdIwQY
MBaAFL+0k0V7LwLmm4X3GNzBapqe8PzRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjdTVFJYc3ZBdWFiaGZjWTNNRnFtcDd3X05FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9hNDE0MWQtODQ5OC00MmY0LWIyZjMt
MWY2NDA5ODQ4MTUwLzEvc3NpNUdFQTRWeWxGOElSMmtKNFoxWklVdmZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9hNDE0MWQtODQ5OC00MmY0LWIyZjMtMWY2NDA5ODQ4MTUw
LzEvdjdTVFJYc3ZBdWFiaGZjWTNNRnFtcDd3X05FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAXV4DMA8E
AgACMAkDBwAqAx4DAAAwDQYJKoZIhvcNAQELBQADggEBAEYYV9j8oQyzZjA1BLK/
Dz9MsnN2xb5/Xkt/SzUFsZtxxVQ2TXt31ZrQoNu5fIkwCb2jWTVIrmpUb4u+aUws
e8ZWTX8wpoLKcGTrVRWnOItJwEJc5WNvCVc1jN8ff97rjxUyTN/EDwGHRW9OdXf2
3gZ8wXkxQk0CaLQyZE3hBHrnYAg+Lq9QuDLsSYOT8mEMiaN1hdRG/ZZ0nwthbV1c
VprMu8ddO6lqxwMDgyk5Ud08/4HVxu/heTwZeEOlW9Z1iDeJVr0jJsKNYjLCXrTi
+2ETxfjUNKh7zAd3CL+XMZD3yD0PJbeZjOMhoDJ/H/PLQLVUWBLoikBEWT8YCYW6
iWE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:58 2025 by rpki-client