Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/c7c51d-4f90-4087-a13a-f3c1a9a11d73/1/ssROtnBeebhj4XXeaZnTNeGyt20.roa
File: ssROtnBeebhj4XXeaZnTNeGyt20.roa (raw, json)
Hash identifier: e/RHoNn+DZfP5hHJIBF2mtm9gOgBb1V5WTpqcFv8j1o=
Subject key identifier: B2:C4:4E:B6:70:5E:79:B8:63:E1:75:DE:69:99:D3:35:E1:B2:B7:6D
Certificate issuer: /CN=9c47ee73c28780b12f152cfa259ade3d8ae0d13b
Certificate serial: 018570CBEC52F63792393EC8C8110C203012
Authority key identifier: 9C:47:EE:73:C2:87:80:B1:2F:15:2C:FA:25:9A:DE:3D:8A:E0:D1:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nEfuc8KHgLEvFSz6JZrePYrg0Ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/c7c51d-4f90-4087-a13a-f3c1a9a11d73/1/ssROtnBeebhj4XXeaZnTNeGyt20.roa
Signing time: Mon 02 Jan 2023 04:44:50 +0000
ROA not before: Mon 02 Jan 2023 04:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58251
IP address blocks: 194.33.105.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:cb:ec:52:f6:37:92:39:3e:c8:c8:11:0c:20:30:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c47ee73c28780b12f152cfa259ade3d8ae0d13b
Validity
Not Before: Jan 2 04:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b2c44eb6705e79b863e175de6999d335e1b2b76d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:54:e8:1b:48:50:ad:f5:03:a1:06:ce:ea:ec:
b8:b0:a2:f7:0a:ad:0d:da:60:c8:08:14:54:a2:86:
1a:22:9c:ba:64:4d:e8:99:18:24:01:47:a3:29:e8:
0d:dd:27:72:79:4a:45:57:da:0b:d3:9b:04:0a:2f:
31:88:d3:a4:a3:50:dc:a9:53:9e:6f:b3:bd:fa:1b:
6e:8b:a7:e1:93:ab:13:8b:f9:99:46:ce:d1:3b:47:
10:71:13:25:e8:7f:cf:f8:6d:d0:2c:f6:57:2a:65:
a5:39:03:26:bf:fb:bc:95:5c:f1:8d:70:1b:23:7d:
78:55:47:91:a3:e6:aa:fd:b1:79:97:fc:54:9a:13:
b8:1f:f0:bb:c1:4b:84:14:e8:f4:06:78:30:85:d9:
86:96:5a:63:15:77:80:14:94:eb:3e:4b:53:7e:d6:
16:6f:99:fc:4c:06:f1:39:75:77:b1:2a:3d:34:ed:
39:c6:e0:8e:eb:d4:04:06:7e:da:70:56:bc:56:34:
49:1c:a8:8e:cf:92:36:c3:00:75:a0:af:73:58:0f:
be:15:21:b0:e5:eb:07:df:a4:1f:17:fe:b2:9c:16:
a2:32:8e:59:e4:a7:cd:16:4f:27:84:ea:04:d1:e4:
0b:61:94:bd:00:5e:3f:45:e5:27:04:ae:12:59:21:
35:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:C4:4E:B6:70:5E:79:B8:63:E1:75:DE:69:99:D3:35:E1:B2:B7:6D
X509v3 Authority Key Identifier:
keyid:9C:47:EE:73:C2:87:80:B1:2F:15:2C:FA:25:9A:DE:3D:8A:E0:D1:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nEfuc8KHgLEvFSz6JZrePYrg0Ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/c7c51d-4f90-4087-a13a-f3c1a9a11d73/1/ssROtnBeebhj4XXeaZnTNeGyt20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/c7c51d-4f90-4087-a13a-f3c1a9a11d73/1/nEfuc8KHgLEvFSz6JZrePYrg0Ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.33.105.0/24
Signature Algorithm: sha256WithRSAEncryption
53:21:f5:11:53:dd:56:0f:33:37:e1:91:19:9e:e1:ad:43:43:
b8:0b:3f:56:e7:4f:2a:18:9d:84:d8:aa:56:24:5c:11:dc:81:
1c:19:98:4b:24:d4:8c:3c:15:93:9e:86:73:66:11:3b:36:67:
e8:7f:94:e2:07:ec:f3:59:2a:c8:7d:04:d9:ca:b1:4c:c7:69:
90:47:b2:04:77:b8:4d:5f:e7:ff:db:5a:69:f9:a3:e0:a9:e2:
4b:a8:8d:e5:d2:93:fd:e4:21:f2:ce:c2:c8:a2:64:94:b2:66:
55:1d:13:d3:36:a7:31:b2:36:8f:8f:80:eb:b3:10:0f:79:f3:
35:35:32:2b:ad:ae:8a:69:88:9c:5a:b8:11:31:62:2a:34:6d:
94:92:83:13:96:2c:3b:09:61:3b:02:46:cb:e7:f6:17:95:73:
13:a9:6e:a0:35:08:c2:66:23:59:2d:2e:fb:6c:82:db:32:e3:
6e:76:39:36:91:ad:65:51:2f:1c:a4:98:f8:3b:9b:89:67:d1:
d0:11:4b:04:03:39:8c:eb:36:5c:72:3f:90:12:e0:9b:93:49:
7e:b0:3a:02:05:ae:53:69:cc:00:82:15:ef:e0:02:53:00:c2:
8f:25:9a:ca:8c:b9:70:39:9a:70:27:c3:4a:6e:f8:eb:c1:3e:
38:33:37:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwy+xS9jeSOT7IyBEMIDASMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNDdlZTczYzI4NzgwYjEyZjE1MmNmYTI1OWFkZTNkOGFl
MGQxM2IwHhcNMjMwMTAyMDQ0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmM0NGViNjcwNWU3OWI4NjNlMTc1ZGU2OTk5ZDMzNWUxYjJiNzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVToG0hQrfUDoQbO6uy4sKL3Cq0N
2mDICBRUooYaIpy6ZE3omRgkAUejKegN3SdyeUpFV9oL05sECi8xiNOko1DcqVOe
b7O9+htui6fhk6sTi/mZRs7RO0cQcRMl6H/P+G3QLPZXKmWlOQMmv/u8lVzxjXAb
I314VUeRo+aq/bF5l/xUmhO4H/C7wUuEFOj0BngwhdmGllpjFXeAFJTrPktTftYW
b5n8TAbxOXV3sSo9NO05xuCO69QEBn7acFa8VjRJHKiOz5I2wwB1oK9zWA++FSGw
5esH36QfF/6ynBaiMo5Z5KfNFk8nhOoE0eQLYZS9AF4/ReUnBK4SWSE1UQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLLETrZwXnm4Y+F13mmZ0zXhsrdtMB8GA1UdIwQY
MBaAFJxH7nPCh4CxLxUs+iWa3j2K4NE7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkVmdWM4S0hnTEV2RlN6NkpacmVQWXJnMFRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9jN2M1MWQtNGY5MC00MDg3LWExM2Et
ZjNjMWE5YTExZDczLzEvc3NST3RuQmVlYmhqNFhYZWFablROZUd5dDIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9jN2M1MWQtNGY5MC00MDg3LWExM2EtZjNjMWE5YTExZDcz
LzEvbkVmdWM4S0hnTEV2RlN6NkpacmVQWXJnMFRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwiFpMA0G
CSqGSIb3DQEBCwUAA4IBAQBTIfURU91WDzM34ZEZnuGtQ0O4Cz9W508qGJ2E2KpW
JFwR3IEcGZhLJNSMPBWTnoZzZhE7Nmfof5TiB+zzWSrIfQTZyrFMx2mQR7IEd7hN
X+f/21pp+aPgqeJLqI3l0pP95CHyzsLIomSUsmZVHRPTNqcxsjaPj4DrsxAPefM1
NTIrra6KaYicWrgRMWIqNG2UkoMTliw7CWE7AkbL5/YXlXMTqW6gNQjCZiNZLS77
bILbMuNudjk2ka1lUS8cpJj4O5uJZ9HQEUsEAzmM6zZccj+QEuCbk0l+sDoCBa5T
acwAghXv4AJTAMKPJZrKjLlwOZpwJ8NKbvjrwT44MzdK
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:51:48 2025 by rpki-client