Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/sCwviRMnfuKIIU-KcSXBncFmNOk.roa
File: sCwviRMnfuKIIU-KcSXBncFmNOk.roa (raw, json)
Hash identifier: h0/7P6OtYwJtbhY1Ysg3dg9csDSTvUXwoZYo08kdH1U=
Subject key identifier: B0:2C:2F:89:13:27:7E:E2:88:21:4F:8A:71:25:C1:9D:C1:66:34:E9
Certificate issuer: /CN=da8f05e3843517cf0971c2bf9cddddd62717e52c
Certificate serial: 0189E03BBD5F0D63C3EDAEB43E01E1BC9817
Authority key identifier: DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/sCwviRMnfuKIIU-KcSXBncFmNOk.roa
Signing time: Thu 10 Aug 2023 16:15:58 +0000
ROA not before: Thu 10 Aug 2023 16:15:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205007
IP address blocks: 138.124.125.0/24 maxlen: 24
138.124.127.0/24 maxlen: 24
138.124.126.0/24 maxlen: 24
138.124.31.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e0:3b:bd:5f:0d:63:c3:ed:ae:b4:3e:01:e1:bc:98:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da8f05e3843517cf0971c2bf9cddddd62717e52c
Validity
Not Before: Aug 10 16:15:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b02c2f8913277ee288214f8a7125c19dc16634e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:fe:fd:3a:08:7f:74:ee:3e:0d:49:64:fd:00:
1e:4b:88:f7:6d:78:1b:54:c4:58:fa:22:c0:6b:da:
31:92:20:9e:94:5e:86:bc:ed:33:4e:17:d5:87:1f:
d7:f5:e3:16:dc:11:94:4a:ac:59:74:1f:55:31:2b:
6b:22:d5:ab:b8:df:0c:06:41:69:34:47:8d:78:17:
b2:aa:07:3a:9e:05:93:1a:bb:1d:cb:6c:47:e9:04:
c3:fb:2e:7f:71:e7:c3:eb:95:01:4e:a3:17:4a:99:
87:17:48:47:29:34:09:75:dc:b9:18:9c:70:1c:cd:
c8:c8:e7:35:a0:e1:3a:7c:63:44:2e:83:e5:f2:61:
25:4b:70:7f:f2:28:e7:a6:66:f9:f8:76:a4:c9:f4:
cc:3e:69:4a:b5:36:53:b7:b2:6e:01:27:ad:f1:63:
67:d4:06:b5:5f:37:e1:8f:4c:6f:24:94:73:c3:07:
21:90:e3:0a:b8:0a:33:7f:01:05:45:d3:dc:6e:0f:
d8:74:6c:ad:21:17:53:b9:b7:cc:b3:98:f3:b3:8c:
96:f0:1f:15:3f:fa:af:42:da:88:e6:82:2d:19:83:
16:8b:c1:b3:07:29:51:3c:16:9f:cb:ae:ff:a5:43:
b3:ad:16:b6:8e:a3:d2:96:f6:42:fe:0e:5b:60:c9:
92:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:2C:2F:89:13:27:7E:E2:88:21:4F:8A:71:25:C1:9D:C1:66:34:E9
X509v3 Authority Key Identifier:
keyid:DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/sCwviRMnfuKIIU-KcSXBncFmNOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.124.31.0/24
138.124.125.0-138.124.127.255
Signature Algorithm: sha256WithRSAEncryption
a1:9e:ce:db:d1:5c:44:aa:5a:b8:ef:27:17:73:ef:65:1f:e3:
61:d1:98:82:ba:62:7e:e0:fe:ae:fb:15:0b:a0:67:cb:75:0c:
ac:e3:f9:74:c1:dd:b6:04:ba:c8:32:29:12:ec:d6:8f:54:09:
e0:b5:69:72:58:ce:4e:d4:bc:b8:32:a9:3f:1e:27:86:80:27:
cb:36:eb:95:79:94:e3:79:e4:bb:58:69:41:72:c8:df:c9:b8:
5c:68:b3:b5:e6:c1:b5:2c:49:ce:01:61:02:95:7f:a4:d5:30:
a1:e8:97:04:c4:45:3c:24:69:63:c3:f1:3c:fc:b6:a0:bb:a7:
f3:30:00:ea:82:ab:0c:58:dc:0c:22:1e:1e:e2:2a:67:99:8a:
53:6b:23:0d:8b:e5:22:20:dc:fe:55:80:86:6c:c6:1e:9c:5a:
2e:78:9f:6f:ca:6a:12:c1:fd:1a:f7:ea:5b:22:30:01:68:60:
ce:06:ed:b0:45:31:c1:56:f0:a9:bd:97:d0:95:d4:56:fe:44:
48:b7:1d:72:47:88:43:d8:4c:a8:5a:cc:28:f1:b0:60:1a:48:
48:32:61:03:24:69:01:03:c3:67:bc:2c:d8:ee:9d:31:77:a7:
0b:8e:02:13:09:c9:78:85:7d:19:12:0d:db:47:1d:9d:07:82:
75:e8:85:96
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYngO71fDWPD7a60PgHhvJgXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOGYwNWUzODQzNTE3Y2YwOTcxYzJiZjljZGRkZGQ2Mjcx
N2U1MmMwHhcNMjMwODEwMTYxNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDJjMmY4OTEzMjc3ZWUyODgyMTRmOGE3MTI1YzE5ZGMxNjYzNGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqf79Ogh/dO4+DUlk/QAeS4j3bXgb
VMRY+iLAa9oxkiCelF6GvO0zThfVhx/X9eMW3BGUSqxZdB9VMStrItWruN8MBkFp
NEeNeBeyqgc6ngWTGrsdy2xH6QTD+y5/cefD65UBTqMXSpmHF0hHKTQJddy5GJxw
HM3IyOc1oOE6fGNELoPl8mElS3B/8ijnpmb5+HakyfTMPmlKtTZTt7JuASet8WNn
1Aa1Xzfhj0xvJJRzwwchkOMKuAozfwEFRdPcbg/YdGytIRdTubfMs5jzs4yW8B8V
P/qvQtqI5oItGYMWi8GzBylRPBafy67/pUOzrRa2jqPSlvZC/g5bYMmSXQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFLAsL4kTJ37iiCFPinElwZ3BZjTpMB8GA1UdIwQY
MBaAFNqPBeOENRfPCXHCv5zd3dYnF+UsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgt
ZTAxZTk0MTI0Njc0LzEvc0N3dmlSTW5mdUtJSVUtS2NTWEJuY0ZtTk9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgtZTAxZTk0MTI0Njc0
LzEvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAinwfMAwD
BACKfH0DBAeKfAAwDQYJKoZIhvcNAQELBQADggEBAKGeztvRXESqWrjvJxdz72Uf
42HRmIK6Yn7g/q77FQugZ8t1DKzj+XTB3bYEusgyKRLs1o9UCeC1aXJYzk7UvLgy
qT8eJ4aAJ8s265V5lON55LtYaUFyyN/JuFxos7XmwbUsSc4BYQKVf6TVMKHolwTE
RTwkaWPD8Tz8tqC7p/MwAOqCqwxY3AwiHh7iKmeZilNrIw2L5SIg3P5VgIZsxh6c
Wi54n2/KahLB/Rr36lsiMAFoYM4G7bBFMcFW8Km9l9CV1Fb+REi3HXJHiEPYTKha
zCjxsGAaSEgyYQMkaQEDw2e8LNjunTF3pwuOAhMJyXiFfRkSDdtHHZ0HgnXohZY=
-----END CERTIFICATE-----
Generated at Thu Apr 17 15:46:25 2025 by rpki-client