Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/sUvpzOfBIpVtOdf5V02qFqZGBCQ.roa
File: sUvpzOfBIpVtOdf5V02qFqZGBCQ.roa (raw, json)
Hash identifier: JfQvFmwxNzhkGLhjDTu0IYJobPufmcJrnFxl/7/n0RY=
Subject key identifier: B1:4B:E9:CC:E7:C1:22:95:6D:39:D7:F9:57:4D:AA:16:A6:46:04:24
Certificate issuer: /CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Certificate serial: 01939B8013C460D0533499B093953BF6B694
Authority key identifier: 4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/sUvpzOfBIpVtOdf5V02qFqZGBCQ.roa
Signing time: Fri 06 Dec 2024 10:24:42 +0000
ROA not before: Fri 06 Dec 2024 10:24:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54994
IP address blocks: 140.150.0.0/24 maxlen: 24
140.150.1.0/24 maxlen: 24
140.150.2.0/24 maxlen: 24
140.150.3.0/24 maxlen: 24
140.150.4.0/24 maxlen: 24
140.150.5.0/24 maxlen: 24
140.150.6.0/24 maxlen: 24
140.150.7.0/24 maxlen: 24
140.150.10.0/24 maxlen: 24
140.150.12.0/24 maxlen: 24
140.150.14.0/24 maxlen: 24
140.150.18.0/24 maxlen: 24
140.150.19.0/24 maxlen: 24
140.150.21.0/24 maxlen: 24
140.150.22.0/24 maxlen: 24
140.150.23.0/24 maxlen: 24
140.150.24.0/24 maxlen: 24
140.150.25.0/24 maxlen: 24
140.150.28.0/24 maxlen: 24
140.150.29.0/24 maxlen: 24
140.150.30.0/24 maxlen: 24
140.150.31.0/24 maxlen: 24
140.150.32.0/24 maxlen: 24
140.150.33.0/24 maxlen: 24
140.150.35.0/24 maxlen: 24
140.150.37.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:9b:80:13:c4:60:d0:53:34:99:b0:93:95:3b:f6:b6:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Validity
Not Before: Dec 6 10:24:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b14be9cce7c122956d39d7f9574daa16a6460424
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:9f:1b:1a:2a:33:e0:21:c3:7f:ba:10:95:8c:
d8:c3:78:1c:46:36:27:bb:63:72:7f:3e:08:bd:4f:
24:77:b3:f3:7b:45:36:fb:a1:00:a3:9b:8e:04:51:
cf:57:79:d7:d6:d5:ad:f1:db:be:a1:d6:7c:f7:82:
02:9e:ae:ef:55:db:f6:c8:e0:bd:00:21:11:df:21:
df:52:96:5f:e9:d6:1c:2e:53:73:82:76:08:64:28:
0a:cc:f5:07:49:e1:f8:fa:7a:f2:a7:7b:2c:7c:57:
7e:c6:9e:59:6d:78:91:71:92:06:9b:79:6d:52:2f:
f8:cf:07:2c:91:8d:07:42:1f:bf:50:f2:09:14:ff:
08:4c:34:68:be:63:11:53:b5:da:c8:ec:51:19:2f:
35:57:e0:c0:b6:7e:29:9e:bf:12:45:b6:48:7f:b9:
3e:42:9f:de:fa:b4:6b:e1:69:67:53:24:e4:29:90:
7f:04:85:e5:1f:97:d6:0e:cf:76:75:36:0e:93:02:
ca:06:c3:d4:1c:3c:07:a5:ed:e9:b6:e9:27:ff:0d:
d1:6c:34:69:49:a2:3b:28:6c:a9:63:43:9e:2a:5a:
ac:38:21:e8:b3:40:ab:ed:36:85:05:a4:1c:75:ec:
16:1d:c0:f5:e3:06:ad:7d:7b:95:a2:b7:9f:e1:cb:
d8:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:4B:E9:CC:E7:C1:22:95:6D:39:D7:F9:57:4D:AA:16:A6:46:04:24
X509v3 Authority Key Identifier:
keyid:4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/sUvpzOfBIpVtOdf5V02qFqZGBCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.0.0/21
140.150.10.0/24
140.150.12.0/24
140.150.14.0/24
140.150.18.0/23
140.150.21.0-140.150.25.255
140.150.28.0-140.150.33.255
140.150.35.0/24
140.150.37.0/24
Signature Algorithm: sha256WithRSAEncryption
19:15:7c:8f:85:48:45:1e:62:dd:a8:36:0f:fb:2f:16:06:9e:
cb:9a:37:61:e0:a2:ef:4f:a9:69:9e:b0:7f:eb:22:f9:5d:35:
e3:1c:cc:30:c0:77:b3:39:2f:03:32:3c:93:b9:75:9d:e9:35:
8c:29:b2:cd:44:80:db:c3:00:0a:7f:32:89:9c:25:11:b3:2a:
1d:ed:82:56:b3:f9:a3:a9:a7:2e:d8:08:4c:3f:d4:f0:db:2f:
4b:56:9f:42:da:26:38:fe:a1:31:b8:38:d0:e4:42:79:ab:f6:
44:ab:60:64:09:a9:74:5b:b6:9d:97:8d:a6:db:31:a2:a6:3d:
e2:b7:d2:fc:ce:ec:76:31:57:7a:23:72:88:d7:45:fa:19:c3:
87:18:09:dc:41:60:8f:b9:71:99:6f:11:35:e3:7d:f3:fc:df:
a9:19:7c:31:05:a6:f1:04:de:e2:6c:86:27:09:09:14:9c:63:
33:e4:c1:3a:48:6e:94:c7:8a:11:64:90:f3:31:71:df:75:e2:
6f:11:86:9e:7d:5e:3e:5b:7d:03:4d:fb:f1:e1:62:40:ea:55:
7e:8b:48:a5:eb:fb:ab:17:c0:ce:78:ff:dd:d3:dc:04:c7:6f:
66:44:bf:84:bd:b1:7d:3c:47:ef:c3:f5:c2:e3:77:47:76:cb:
fb:24:99:53
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZObgBPEYNBTNJmwk5U79raUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOTMzMWZhN2JlNDcwZGMxNzllMTZjMzA2ZTk4YzZjNzMx
YTU3NWMwHhcNMjQxMjA2MTAyNDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTRiZTljY2U3YzEyMjk1NmQzOWQ3Zjk1NzRkYWExNmE2NDYwNDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZ8bGioz4CHDf7oQlYzYw3gcRjYn
u2Nyfz4IvU8kd7Pze0U2+6EAo5uOBFHPV3nX1tWt8du+odZ894ICnq7vVdv2yOC9
ACER3yHfUpZf6dYcLlNzgnYIZCgKzPUHSeH4+nryp3ssfFd+xp5ZbXiRcZIGm3lt
Ui/4zwcskY0HQh+/UPIJFP8ITDRovmMRU7XayOxRGS81V+DAtn4pnr8SRbZIf7k+
Qp/e+rRr4WlnUyTkKZB/BIXlH5fWDs92dTYOkwLKBsPUHDwHpe3ptukn/w3RbDRp
SaI7KGypY0OeKlqsOCHos0Cr7TaFBaQcdewWHcD14watfXuVoref4cvYYQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFLFL6cznwSKVbTnX+VdNqhamRgQkMB8GA1UdIwQY
MBaAFEuTMfp75HDcF54WwwbpjGxzGldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjIt
OGIyYjQ3MzhiMWNjLzEvc1V2cHpPZkJJcFZ0T2RmNVYwMnFGcVpHQkNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjItOGIyYjQ3MzhiMWNj
LzEvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQDjJYAAwQA
jJYKAwQAjJYMAwQAjJYOAwQBjJYSMAwDBACMlhUDBAGMlhgwDAMEAoyWHAMEAYyW
IAMEAIyWIwMEAIyWJTANBgkqhkiG9w0BAQsFAAOCAQEAGRV8j4VIRR5i3ag2D/sv
Fgaey5o3YeCi70+paZ6wf+si+V014xzMMMB3szkvAzI8k7l1nek1jCmyzUSA28MA
Cn8yiZwlEbMqHe2CVrP5o6mnLtgITD/U8NsvS1afQtomOP6hMbg40ORCeav2RKtg
ZAmpdFu2nZeNptsxoqY94rfS/M7sdjFXeiNyiNdF+hnDhxgJ3EFgj7lxmW8RNeN9
8/zfqRl8MQWm8QTe4myGJwkJFJxjM+TBOkhulMeKEWSQ8zFx33XibxGGnn1ePlt9
A0378eFiQOpVfotIpev7qxfAznj/3dPcBMdvZkS/hL2xfTxH78P1wuN3R3bL+ySZ
Uw==
-----END CERTIFICATE-----
Generated at Mon Jul 28 01:19:18 2025 by rpki-client