Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/SE6Rh8Xn0g_cCXooV3YAde1ZBMA.roa
File: SE6Rh8Xn0g_cCXooV3YAde1ZBMA.roa (raw, json)
Hash identifier: pI+U96Hm+FpP0/GtjJGhWbqhnTZ+HTXGId20lT3+JYg=
Subject key identifier: 48:4E:91:87:C5:E7:D2:0F:DC:09:7A:28:57:76:00:75:ED:59:04:C0
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0188E90E1B14F31FCA40A9BA7184F6BB9FF9
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/SE6Rh8Xn0g_cCXooV3YAde1ZBMA.roa
Signing time: Fri 23 Jun 2023 16:19:55 +0000
ROA not before: Fri 23 Jun 2023 16:19:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.14.166.0/24 maxlen: 24
93.123.74.0/24 maxlen: 24
83.219.96.0/24 maxlen: 24
83.219.99.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:e9:0e:1b:14:f3:1f:ca:40:a9:ba:71:84:f6:bb:9f:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 23 16:19:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=484e9187c5e7d20fdc097a2857760075ed5904c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:3b:4f:f0:f2:8d:45:e1:39:e8:a0:b2:21:9b:
b1:bc:65:8d:33:c6:fc:c0:b3:0c:1d:de:c0:b4:d4:
2f:4a:85:26:ce:1b:98:92:56:56:37:5e:1f:4f:bc:
8b:37:fc:06:8d:0f:e0:73:35:b2:0e:40:04:53:cf:
9c:76:5f:5d:34:41:f4:38:06:3b:8b:34:a7:1b:bd:
db:50:d1:b4:2f:e6:66:01:8d:57:34:b3:fb:f8:5a:
c6:dd:85:82:6e:c4:03:35:01:61:5e:d1:ec:4e:ba:
6e:74:3a:ec:e1:9d:7c:0b:90:da:5d:ee:ec:37:a6:
6a:ac:8f:ba:b1:d6:15:fd:47:a6:40:75:f1:0a:5b:
16:58:4b:73:ea:22:45:46:e5:98:68:32:7a:d2:ac:
5a:6e:f7:5c:72:fc:29:ea:03:8d:dc:62:76:2a:ba:
7a:d9:d0:0e:4c:cb:fe:0c:69:8e:a3:fe:69:76:58:
52:79:04:cc:e9:fd:73:b3:16:9f:05:ea:4c:b8:32:
66:9a:8f:4e:4d:44:7b:74:21:01:7f:1c:8a:16:60:
a5:53:fc:8b:ee:c4:7c:21:f5:c7:ad:75:1d:52:48:
93:d3:81:78:6c:ae:14:30:67:ce:eb:2b:13:76:69:
fe:f0:d5:06:6e:b0:a7:60:fb:0f:35:70:28:b2:7f:
a4:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:4E:91:87:C5:E7:D2:0F:DC:09:7A:28:57:76:00:75:ED:59:04:C0
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/SE6Rh8Xn0g_cCXooV3YAde1ZBMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.166.0/24
83.219.96.0/24
83.219.99.0/24
93.123.74.0/24
Signature Algorithm: sha256WithRSAEncryption
75:0b:68:4c:4a:35:f6:49:ab:0c:90:98:88:7c:13:34:59:df:
2b:ce:ae:e5:eb:61:8c:21:c1:80:50:9b:ce:7e:42:f7:15:90:
a4:97:16:1e:1f:25:c0:e3:51:57:d0:1e:ac:48:c8:30:fd:17:
64:14:7c:a1:85:cc:8e:f1:3b:f4:a6:44:f6:c7:49:b1:e6:b5:
0d:7a:f5:58:5c:78:18:d1:68:4b:42:96:a3:96:a4:81:06:76:
a3:d5:d8:6c:2c:fb:2a:00:15:32:7d:a4:c5:d9:7d:b3:2c:30:
6e:d2:53:d3:13:0b:d9:01:2f:e2:e3:91:3a:b7:cb:46:9d:e1:
1d:07:c3:05:65:c3:9a:4f:d1:e8:24:a0:5c:db:6b:bb:22:3c:
6f:3d:58:84:7e:1e:5c:9f:6c:a2:da:98:6a:bd:ea:46:f5:78:
b3:fc:ac:ba:2d:1a:90:74:89:62:90:b3:b7:4b:86:80:2c:7d:
09:33:96:4e:f1:cc:4b:52:7a:bc:cd:af:cf:80:56:a3:fb:21:
91:92:5f:52:13:b4:a6:31:66:b5:03:02:74:c6:8e:27:31:4d:
19:b0:79:0d:bb:45:34:89:96:07:fa:90:1e:a7:49:92:2c:9a:
f2:b7:19:b9:2e:ed:9f:a8:64:c1:13:1b:8d:61:f2:f6:e9:e9:
4e:40:74:15
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYjpDhsU8x/KQKm6cYT2u5/5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNjIzMTYxOTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODRlOTE4N2M1ZTdkMjBmZGMwOTdhMjg1Nzc2MDA3NWVkNTkwNGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujtP8PKNReE56KCyIZuxvGWNM8b8
wLMMHd7AtNQvSoUmzhuYklZWN14fT7yLN/wGjQ/gczWyDkAEU8+cdl9dNEH0OAY7
izSnG73bUNG0L+ZmAY1XNLP7+FrG3YWCbsQDNQFhXtHsTrpudDrs4Z18C5DaXe7s
N6ZqrI+6sdYV/UemQHXxClsWWEtz6iJFRuWYaDJ60qxabvdccvwp6gON3GJ2Krp6
2dAOTMv+DGmOo/5pdlhSeQTM6f1zsxafBepMuDJmmo9OTUR7dCEBfxyKFmClU/yL
7sR8IfXHrXUdUkiT04F4bK4UMGfO6ysTdmn+8NUGbrCnYPsPNXAosn+kZwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEhOkYfF59IP3Al6KFd2AHXtWQTAMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvU0U2Umg4WG4wZ19jQ1hvb1YzWUFkZTFaQk1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALQ6mAwQA
U9tgAwQAU9tjAwQAXXtKMA0GCSqGSIb3DQEBCwUAA4IBAQB1C2hMSjX2SasMkJiI
fBM0Wd8rzq7l62GMIcGAUJvOfkL3FZCklxYeHyXA41FX0B6sSMgw/RdkFHyhhcyO
8Tv0pkT2x0mx5rUNevVYXHgY0WhLQpajlqSBBnaj1dhsLPsqABUyfaTF2X2zLDBu
0lPTEwvZAS/i45E6t8tGneEdB8MFZcOaT9HoJKBc22u7IjxvPViEfh5cn2yi2phq
vepG9Xiz/Ky6LRqQdIlikLO3S4aALH0JM5ZO8cxLUnq8za/PgFaj+yGRkl9SE7Sm
MWa1AwJ0xo4nMU0ZsHkNu0U0iZYH+pAep0mSLJrytxm5Lu2fqGTBExuNYfL26elO
QHQV
-----END CERTIFICATE-----
Generated at Tue May 13 20:25:56 2025 by rpki-client