Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/8bc44b-5d5a-4b54-ab91-da1c515e5b29/1/SaHPdk5Tu74PkPFyMbVx9ISOb6o.roa
File: SaHPdk5Tu74PkPFyMbVx9ISOb6o.roa (raw, json)
Hash identifier: ki85Yqzt7Jxz6vploo4pCtsRbAGGrJS8q0WiQS7gCQE=
Subject key identifier: 49:A1:CF:76:4E:53:BB:BE:0F:90:F1:72:31:B5:71:F4:84:8E:6F:AA
Certificate issuer: /CN=77a350d9fe4e9f90ff3e84e2f960cb5dc3d6cee1
Certificate serial: 0185711E3AABAECF4BBC51EAE7C8FDD6334F
Authority key identifier: 77:A3:50:D9:FE:4E:9F:90:FF:3E:84:E2:F9:60:CB:5D:C3:D6:CE:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d6NQ2f5On5D_PoTi-WDLXcPWzuE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/8bc44b-5d5a-4b54-ab91-da1c515e5b29/1/SaHPdk5Tu74PkPFyMbVx9ISOb6o.roa
Signing time: Mon 02 Jan 2023 06:14:44 +0000
ROA not before: Mon 02 Jan 2023 06:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3303
IP address blocks: 193.5.254.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:3a:ab:ae:cf:4b:bc:51:ea:e7:c8:fd:d6:33:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77a350d9fe4e9f90ff3e84e2f960cb5dc3d6cee1
Validity
Not Before: Jan 2 06:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=49a1cf764e53bbbe0f90f17231b571f4848e6faa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:00:3c:24:87:4e:d6:95:85:cd:b7:7d:4c:4f:
72:2a:cc:70:1f:22:62:41:07:97:6f:fd:26:e5:f7:
13:d6:db:c4:9a:e1:d7:cb:16:6e:3e:8c:1a:76:9b:
76:7e:50:09:c1:d9:e9:55:3d:bd:a0:c7:88:c1:2a:
65:78:c1:20:b5:54:c9:a8:a5:fa:91:ad:59:90:55:
b3:de:e9:b6:07:f4:6b:d4:5a:7f:99:88:7b:96:a5:
76:fb:3e:1c:c6:a2:29:c6:b1:2e:f8:8b:eb:7f:05:
09:df:83:b9:9c:71:21:8d:32:8d:4b:3c:5c:2a:41:
5a:e7:14:da:73:e5:7d:5e:c7:96:49:b2:b2:8e:ed:
5c:be:76:1a:77:ed:a9:cd:2b:f8:ec:d1:29:c4:4a:
4d:f8:95:15:77:75:76:45:cd:0d:68:85:84:a8:59:
f7:56:cd:92:84:ec:b8:75:3a:48:30:5c:a0:27:f3:
ec:9b:ed:26:a2:fa:0b:de:1d:1e:db:a1:d3:f1:7a:
66:73:be:37:5b:7f:bb:c7:4e:27:47:61:62:59:9a:
01:0e:1b:c2:b8:be:33:d8:d6:98:d1:77:f5:81:2c:
be:39:ba:00:26:bc:c1:66:26:9c:dd:f4:db:cc:70:
c9:3c:b3:81:94:97:77:73:42:2a:64:d3:fd:20:1c:
6a:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:A1:CF:76:4E:53:BB:BE:0F:90:F1:72:31:B5:71:F4:84:8E:6F:AA
X509v3 Authority Key Identifier:
keyid:77:A3:50:D9:FE:4E:9F:90:FF:3E:84:E2:F9:60:CB:5D:C3:D6:CE:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6NQ2f5On5D_PoTi-WDLXcPWzuE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/8bc44b-5d5a-4b54-ab91-da1c515e5b29/1/SaHPdk5Tu74PkPFyMbVx9ISOb6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/8bc44b-5d5a-4b54-ab91-da1c515e5b29/1/d6NQ2f5On5D_PoTi-WDLXcPWzuE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.5.254.0/24
Signature Algorithm: sha256WithRSAEncryption
01:e3:2c:16:1b:2c:ce:f8:29:2b:50:74:68:8d:6d:a4:b7:6d:
0b:c0:df:87:f3:de:be:06:bc:14:dc:52:7c:e9:16:26:e7:2b:
80:4b:2b:4f:96:8e:92:42:b4:af:0c:46:3f:c9:44:b8:fa:ca:
15:49:7e:6a:78:6e:86:e2:7a:73:67:37:1e:b2:e1:23:23:a6:
b3:6b:c2:25:61:39:06:b7:98:af:d0:d2:c3:3c:d5:a9:9a:d1:
83:db:09:5c:9f:ef:52:12:7a:a8:f9:d2:1e:fa:d7:e3:89:c2:
53:cb:c3:58:b9:4e:34:3d:9d:e0:89:cf:c9:f1:ac:c4:bf:90:
6d:3c:65:f3:26:b9:9d:95:5e:d7:1f:01:32:7a:2e:86:87:0d:
c8:6c:6a:00:5f:2e:44:f3:55:95:0c:c5:64:3a:2e:4c:06:e8:
71:f2:c7:7b:df:29:29:52:16:1c:c5:76:24:e0:40:6d:4a:47:
53:c1:d3:19:14:c2:b3:85:e4:59:8c:96:5e:dc:d4:b7:19:ff:
22:62:3d:1a:fe:ef:1e:3a:6f:dc:78:e0:84:bb:20:5a:98:95:
7b:cb:d1:3f:08:66:93:1b:2a:87:7d:83:0a:76:35:87:a6:1e:
50:43:5a:77:00:cf:dc:c0:51:6c:66:fe:f2:f6:1c:71:53:c2:
7d:22:de:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxHjqrrs9LvFHq58j91jNPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YTM1MGQ5ZmU0ZTlmOTBmZjNlODRlMmY5NjBjYjVkYzNk
NmNlZTEwHhcNMjMwMTAyMDYxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWExY2Y3NjRlNTNiYmJlMGY5MGYxNzIzMWI1NzFmNDg0OGU2ZmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2wA8JIdO1pWFzbd9TE9yKsxwHyJi
QQeXb/0m5fcT1tvEmuHXyxZuPowadpt2flAJwdnpVT29oMeIwSpleMEgtVTJqKX6
ka1ZkFWz3um2B/Rr1Fp/mYh7lqV2+z4cxqIpxrEu+IvrfwUJ34O5nHEhjTKNSzxc
KkFa5xTac+V9XseWSbKyju1cvnYad+2pzSv47NEpxEpN+JUVd3V2Rc0NaIWEqFn3
Vs2ShOy4dTpIMFygJ/Psm+0movoL3h0e26HT8Xpmc743W3+7x04nR2FiWZoBDhvC
uL4z2NaY0Xf1gSy+OboAJrzBZiac3fTbzHDJPLOBlJd3c0IqZNP9IBxqtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEmhz3ZOU7u+D5DxcjG1cfSEjm+qMB8GA1UdIwQY
MBaAFHejUNn+Tp+Q/z6E4vlgy13D1s7hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDZOUTJmNU9uNURfUG9UaS1XRExYY1BXenVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS84YmM0NGItNWQ1YS00YjU0LWFiOTEt
ZGExYzUxNWU1YjI5LzEvU2FIUGRrNVR1NzRQa1BGeU1iVng5SVNPYjZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS84YmM0NGItNWQ1YS00YjU0LWFiOTEtZGExYzUxNWU1YjI5
LzEvZDZOUTJmNU9uNURfUG9UaS1XRExYY1BXenVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQX+MA0G
CSqGSIb3DQEBCwUAA4IBAQAB4ywWGyzO+CkrUHRojW2kt20LwN+H896+BrwU3FJ8
6RYm5yuASytPlo6SQrSvDEY/yUS4+soVSX5qeG6G4npzZzcesuEjI6aza8IlYTkG
t5iv0NLDPNWpmtGD2wlcn+9SEnqo+dIe+tfjicJTy8NYuU40PZ3gic/J8azEv5Bt
PGXzJrmdlV7XHwEyei6Ghw3IbGoAXy5E81WVDMVkOi5MBuhx8sd73ykpUhYcxXYk
4EBtSkdTwdMZFMKzheRZjJZe3NS3Gf8iYj0a/u8eOm/ceOCEuyBamJV7y9E/CGaT
GyqHfYMKdjWHph5QQ1p3AM/cwFFsZv7y9hxxU8J9It7m
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:49 2025 by rpki-client