Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/hFDmRdF39j6foDiu0Yg2KcxvPTI.roa
File: hFDmRdF39j6foDiu0Yg2KcxvPTI.roa (raw, json)
Hash identifier: lOAyWEYXedM/qbVutTuBlB2atMbKeRO8UV00OndU64Y=
Subject key identifier: 84:50:E6:45:D1:77:F6:3E:9F:A0:38:AE:D1:88:36:29:CC:6F:3D:32
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01869C2FD56C8378CD1F7B083091E45D13B2
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/hFDmRdF39j6foDiu0Yg2KcxvPTI.roa
Signing time: Wed 01 Mar 2023 08:00:25 +0000
ROA not before: Wed 01 Mar 2023 08:00:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 32097
IP address blocks: 93.114.246.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9c:2f:d5:6c:83:78:cd:1f:7b:08:30:91:e4:5d:13:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Mar 1 08:00:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8450e645d177f63e9fa038aed1883629cc6f3d32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:87:4f:8d:69:d2:41:18:4a:10:bc:46:7f:c2:
e4:14:d5:6d:27:8e:72:b8:ca:4f:1f:fd:55:17:a6:
86:1b:3e:29:b0:4c:0d:ac:df:13:99:45:c8:9b:07:
c1:fc:e9:d8:0b:0f:8e:5f:1f:5f:fb:44:ec:72:da:
db:ea:e9:64:3d:2d:11:ae:ab:ce:fb:07:af:c4:fc:
d3:7c:4b:c5:d6:34:f8:d5:7f:cb:33:51:d7:ad:79:
66:eb:93:24:0b:f4:7a:9c:f0:9d:8f:7e:4b:8c:c8:
c3:e1:5d:bb:4b:73:0d:73:9c:6d:64:75:d0:54:c6:
c7:8b:32:8b:9e:64:57:80:d0:7c:af:f1:38:98:58:
65:9f:9a:6d:89:48:2f:a8:ad:1a:02:2d:4d:83:ec:
f8:af:a1:b1:b1:50:30:73:3f:11:bc:32:80:cf:f4:
b4:36:23:92:a8:fd:bc:e2:64:08:fa:35:2f:9b:57:
df:a9:a0:7c:4b:9c:5a:27:4e:6f:b8:21:23:34:e1:
db:f9:e0:96:23:20:97:1c:b8:64:e3:26:20:0f:9c:
3d:56:fa:e9:10:19:73:8b:0a:94:c8:b6:b6:9d:84:
a9:37:18:79:65:07:c5:cc:8b:ff:30:27:5e:1d:6b:
cb:65:ed:fe:e3:65:ee:2d:b0:35:b4:0f:ef:bb:b3:
3a:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:50:E6:45:D1:77:F6:3E:9F:A0:38:AE:D1:88:36:29:CC:6F:3D:32
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/hFDmRdF39j6foDiu0Yg2KcxvPTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.114.246.0/24
Signature Algorithm: sha256WithRSAEncryption
00:18:af:9c:15:27:27:e9:22:76:55:32:13:72:e7:6d:48:58:
1f:c3:11:73:b3:28:18:65:30:05:e7:bb:5f:22:6f:22:83:bb:
2c:3f:5f:0f:28:b2:7d:4c:6f:b8:26:7d:01:5e:24:18:2c:1e:
a0:82:62:e0:56:df:e7:69:06:df:c5:ac:83:ea:9e:aa:5e:4f:
ee:12:14:2c:54:a2:e3:b9:1b:95:cc:0c:fd:52:c8:37:4a:fc:
22:ec:c2:76:14:60:5e:2d:ac:29:da:fe:fe:88:a6:79:b4:08:
b0:10:0f:b7:b2:c2:77:69:ce:22:a6:56:7c:02:9a:5c:ee:21:
ac:45:58:e4:1d:c8:6f:e1:42:fb:f7:25:1a:91:19:86:9f:d6:
9c:75:96:a5:bc:6a:b5:13:3a:66:6e:af:d5:d9:37:43:eb:31:
a3:64:4a:4c:be:57:da:f2:3e:65:89:de:02:8b:2c:13:6b:32:
5b:69:cb:14:40:ee:69:db:9c:d8:de:40:70:60:5d:8a:d5:26:
0b:98:df:56:80:9b:18:92:ca:17:d1:8e:89:93:e1:14:fd:e6:
60:46:8f:4c:e5:ac:9d:a8:d0:2f:e4:74:c8:73:70:46:11:43:
ba:79:23:48:b9:c6:a8:e4:0c:01:ea:90:16:90:44:53:04:2e:
c1:08:f4:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYacL9Vsg3jNH3sIMJHkXROyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMzAxMDgwMDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDUwZTY0NWQxNzdmNjNlOWZhMDM4YWVkMTg4MzYyOWNjNmYzZDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoodPjWnSQRhKELxGf8LkFNVtJ45y
uMpPH/1VF6aGGz4psEwNrN8TmUXImwfB/OnYCw+OXx9f+0Tsctrb6ulkPS0RrqvO
+wevxPzTfEvF1jT41X/LM1HXrXlm65MkC/R6nPCdj35LjMjD4V27S3MNc5xtZHXQ
VMbHizKLnmRXgNB8r/E4mFhln5ptiUgvqK0aAi1Ng+z4r6GxsVAwcz8RvDKAz/S0
NiOSqP284mQI+jUvm1ffqaB8S5xaJ05vuCEjNOHb+eCWIyCXHLhk4yYgD5w9Vvrp
EBlziwqUyLa2nYSpNxh5ZQfFzIv/MCdeHWvLZe3+42XuLbA1tA/vu7M65wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIRQ5kXRd/Y+n6A4rtGINinMbz0yMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvaEZEbVJkRjM5ajZmb0RpdTBZZzJLY3h2UFRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXXL2MA0G
CSqGSIb3DQEBCwUAA4IBAQAAGK+cFScn6SJ2VTITcudtSFgfwxFzsygYZTAF57tf
Im8ig7ssP18PKLJ9TG+4Jn0BXiQYLB6ggmLgVt/naQbfxayD6p6qXk/uEhQsVKLj
uRuVzAz9Usg3Svwi7MJ2FGBeLawp2v7+iKZ5tAiwEA+3ssJ3ac4iplZ8Appc7iGs
RVjkHchv4UL79yUakRmGn9acdZalvGq1Ezpmbq/V2TdD6zGjZEpMvlfa8j5lid4C
iywTazJbacsUQO5p25zY3kBwYF2K1SYLmN9WgJsYksoX0Y6Jk+EU/eZgRo9M5ayd
qNAv5HTIc3BGEUO6eSNIucao5AwB6pAWkERTBC7BCPRo
-----END CERTIFICATE-----
Generated at Mon Apr 28 12:41:10 2025 by rpki-client