Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/eqVR3wMfUNlleMoVn7L0wyd4hH4.roa
File: eqVR3wMfUNlleMoVn7L0wyd4hH4.roa (raw, json)
Hash identifier: xeGogU5qV4Q7C6hVYRjvKSuCRZNPS+jtRAzind7gJck=
Subject key identifier: 7A:A5:51:DF:03:1F:50:D9:65:78:CA:15:9F:B2:F4:C3:27:78:84:7E
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0187A45A6C830B3D196546F99A6813A0677B
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/eqVR3wMfUNlleMoVn7L0wyd4hH4.roa
Signing time: Fri 21 Apr 2023 15:06:42 +0000
ROA not before: Fri 21 Apr 2023 15:06:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49716
IP address blocks: 171.22.28.0/24 maxlen: 24
95.214.26.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:a4:5a:6c:83:0b:3d:19:65:46:f9:9a:68:13:a0:67:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 21 15:06:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7aa551df031f50d96578ca159fb2f4c32778847e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:cf:b3:1c:0d:e4:b9:7f:c8:84:f3:36:de:23:
de:00:39:48:6d:d9:52:46:0b:4d:04:d4:d2:a2:8d:
2a:cb:f3:12:bc:38:23:27:f0:8a:b7:7e:cd:ed:d5:
cf:20:bf:e6:2c:57:f3:8a:62:b9:c9:e8:5d:b4:23:
6e:09:03:ac:e4:dc:b8:63:24:46:d1:6f:9b:72:61:
7d:2c:f2:f7:c4:ec:38:9e:ab:c8:1b:27:ab:f6:f0:
50:b6:c3:a2:38:04:2b:a2:29:dc:77:fe:2c:be:e0:
09:5a:d1:b9:9e:a1:c2:e0:47:ab:44:78:ff:08:ff:
86:90:60:a5:9b:e7:5d:ab:9a:36:82:31:86:d3:da:
0c:74:cd:df:26:f1:1f:c6:ef:cc:ea:27:f1:4f:82:
9d:7e:1c:82:23:c6:cb:3d:62:5a:1e:ba:8b:2c:04:
45:13:9c:95:b9:1b:6e:80:60:5c:d3:21:ce:4d:d6:
a1:ca:1b:71:89:cb:a1:4b:19:c2:b6:be:49:c6:6d:
36:8e:60:9e:56:c4:b3:54:3e:19:5c:ca:ef:97:17:
4c:2a:fe:d9:b7:6c:74:92:af:2b:14:e3:81:3c:9e:
7f:4f:17:9c:5f:ac:cb:aa:58:da:fa:7c:f5:87:2f:
0c:f9:71:d9:66:3e:d5:2c:23:62:46:bb:87:97:da:
1f:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:A5:51:DF:03:1F:50:D9:65:78:CA:15:9F:B2:F4:C3:27:78:84:7E
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/eqVR3wMfUNlleMoVn7L0wyd4hH4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.26.0/24
171.22.28.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:55:e9:c7:24:a7:72:3f:4e:99:ff:9f:4d:87:e9:46:fa:d7:
02:78:f5:1f:dd:97:8e:5e:ef:b9:10:cd:b5:55:e4:2f:9f:0f:
dc:d1:26:7b:1a:d9:db:d4:3b:15:bb:09:da:a1:44:d5:5b:8b:
b5:3d:ed:0d:6b:52:24:27:b9:e8:b0:57:ab:a1:47:c9:08:1d:
3a:a4:d0:e0:eb:bd:47:8d:d0:23:34:a0:99:6e:fd:ec:1f:72:
d2:cb:3d:41:95:64:94:82:f0:f6:47:47:34:df:c1:4e:6a:c3:
50:4e:7f:ee:d8:f7:99:2b:f4:4d:82:dd:b4:a5:03:f0:3e:31:
c7:d6:10:d1:8d:cb:a5:e1:81:77:2a:99:7d:53:cc:53:89:2a:
66:9d:78:db:e9:47:3f:ba:0d:24:05:e1:df:ee:25:13:3a:cd:
fa:4c:21:99:f5:a7:ae:54:e2:e2:17:9b:21:e8:a2:3e:77:6d:
66:e5:a2:67:2b:76:48:6f:d6:b4:94:a8:d3:c6:13:6f:7e:50:
df:fb:8e:b5:52:c9:66:6a:35:0b:06:ca:22:c6:58:f7:16:d8:
fc:0b:e0:69:bf:7e:ce:02:4b:61:25:f4:be:ea:2e:d6:74:06:
8d:a7:a5:04:2b:bb:dc:92:9b:a5:de:92:ab:fc:76:09:0b:6c:
2c:6f:68:72
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYekWmyDCz0ZZUb5mmgToGd7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNDIxMTUwNjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWE1NTFkZjAzMWY1MGQ5NjU3OGNhMTU5ZmIyZjRjMzI3Nzg4NDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0s+zHA3kuX/IhPM23iPeADlIbdlS
RgtNBNTSoo0qy/MSvDgjJ/CKt37N7dXPIL/mLFfzimK5yehdtCNuCQOs5Ny4YyRG
0W+bcmF9LPL3xOw4nqvIGyer9vBQtsOiOAQroincd/4svuAJWtG5nqHC4EerRHj/
CP+GkGClm+ddq5o2gjGG09oMdM3fJvEfxu/M6ifxT4KdfhyCI8bLPWJaHrqLLARF
E5yVuRtugGBc0yHOTdahyhtxicuhSxnCtr5Jxm02jmCeVsSzVD4ZXMrvlxdMKv7Z
t2x0kq8rFOOBPJ5/TxecX6zLqlja+nz1hy8M+XHZZj7VLCNiRruHl9ofYQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHqlUd8DH1DZZXjKFZ+y9MMneIR+MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZXFWUjN3TWZVTmxsZU1vVm43TDB3eWQ0aEg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAX9YaAwQA
qxYcMA0GCSqGSIb3DQEBCwUAA4IBAQCwVenHJKdyP06Z/59Nh+lG+tcCePUf3ZeO
Xu+5EM21VeQvnw/c0SZ7Gtnb1DsVuwnaoUTVW4u1Pe0Na1IkJ7nosFeroUfJCB06
pNDg671HjdAjNKCZbv3sH3LSyz1BlWSUgvD2R0c038FOasNQTn/u2PeZK/RNgt20
pQPwPjHH1hDRjcul4YF3Kpl9U8xTiSpmnXjb6Uc/ug0kBeHf7iUTOs36TCGZ9aeu
VOLiF5sh6KI+d21m5aJnK3ZIb9a0lKjTxhNvflDf+461UslmajULBsoixlj3Ftj8
C+Bpv37OAkthJfS+6i7WdAaNp6UEK7vckpul3pKr/HYJC2wsb2hy
-----END CERTIFICATE-----
Generated at Tue May 13 22:57:15 2025 by rpki-client