Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/a144e5-fce6-4a50-bd2a-83741041b8c7/1/SXuepbbfT-tqyvqxQBhfC0diOiU.roa
File: SXuepbbfT-tqyvqxQBhfC0diOiU.roa (raw, json)
Hash identifier: l3ke1N/zKGeH0V/YbksOG84T4+dYzPbLRGwsYCtHUw4=
Subject key identifier: 49:7B:9E:A5:B6:DF:4F:EB:6A:CA:FA:B1:40:18:5F:0B:47:62:3A:25
Certificate issuer: /CN=01bacccb74c77bd5fd2abea3e612d881eab73356
Certificate serial: 01856F1DC0D5F6DD8DA194FB5CA51A111D43
Authority key identifier: 01:BA:CC:CB:74:C7:7B:D5:FD:2A:BE:A3:E6:12:D8:81:EA:B7:33:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AbrMy3THe9X9Kr6j5hLYgeq3M1Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/a144e5-fce6-4a50-bd2a-83741041b8c7/1/SXuepbbfT-tqyvqxQBhfC0diOiU.roa
Signing time: Sun 01 Jan 2023 20:54:58 +0000
ROA not before: Sun 01 Jan 2023 20:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198612
IP address blocks: 195.49.160.0/22 maxlen: 22
194.116.156.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:c0:d5:f6:dd:8d:a1:94:fb:5c:a5:1a:11:1d:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01bacccb74c77bd5fd2abea3e612d881eab73356
Validity
Not Before: Jan 1 20:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=497b9ea5b6df4feb6acafab140185f0b47623a25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:a4:75:85:70:fd:53:36:39:fe:29:a0:c8:d9:
4b:48:77:dd:62:37:1f:38:f7:f7:17:4c:dd:87:30:
af:03:27:42:d0:70:20:3a:f2:63:be:6b:fe:0d:fb:
8a:56:6e:df:31:5d:e7:42:28:5a:4d:12:80:10:bc:
81:08:80:d0:d1:f8:a0:b8:47:b6:6f:cc:c9:a6:d4:
52:5e:16:0b:c5:ba:8b:4b:7e:c4:ae:e4:83:e1:4d:
6d:af:6e:ea:b7:e1:27:c4:c8:5a:ac:20:82:a4:16:
dd:80:55:31:2d:6e:80:29:83:55:3d:50:78:f8:f7:
2c:1b:09:09:bf:60:f8:3f:79:9b:33:d6:8b:64:b5:
8b:3f:66:67:6d:a0:62:2d:01:2d:8a:d9:34:2d:f7:
fc:3f:e9:a7:8f:26:f7:08:86:7e:30:3e:38:4c:0d:
2a:a2:85:a6:9a:35:5e:9d:15:e7:94:eb:61:65:a1:
6d:68:ec:cb:5e:7f:98:4d:c4:ed:24:c8:5e:67:f3:
8b:68:25:ec:ee:0d:ef:59:45:6c:5d:1e:ae:65:00:
78:c0:a8:57:ec:04:83:3c:e8:72:e8:6b:4b:28:19:
60:64:fa:1e:fe:fa:f5:bb:9e:7d:3f:fd:fc:d5:e8:
c8:28:54:c4:b8:09:d4:a3:9a:28:d1:25:6a:0a:17:
f6:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:7B:9E:A5:B6:DF:4F:EB:6A:CA:FA:B1:40:18:5F:0B:47:62:3A:25
X509v3 Authority Key Identifier:
keyid:01:BA:CC:CB:74:C7:7B:D5:FD:2A:BE:A3:E6:12:D8:81:EA:B7:33:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AbrMy3THe9X9Kr6j5hLYgeq3M1Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/a144e5-fce6-4a50-bd2a-83741041b8c7/1/SXuepbbfT-tqyvqxQBhfC0diOiU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/a144e5-fce6-4a50-bd2a-83741041b8c7/1/AbrMy3THe9X9Kr6j5hLYgeq3M1Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.116.156.0/23
195.49.160.0/22
Signature Algorithm: sha256WithRSAEncryption
56:ec:f9:1a:84:db:b4:34:e2:fa:8a:9c:a3:1b:0b:26:fc:59:
df:48:f1:26:c4:ea:bf:65:bd:df:59:3f:31:66:75:d1:bc:a0:
47:39:04:f0:75:5e:55:80:63:d9:29:44:40:5d:1a:fd:b2:3a:
69:46:5a:1c:23:37:5f:fd:88:4a:40:03:96:8f:cc:a9:ee:90:
d0:b3:fc:ce:ed:dc:7b:44:d2:51:8d:75:00:8f:91:77:16:00:
2d:61:02:1e:41:6f:35:99:85:f5:cf:88:7c:23:8d:8d:5f:dc:
2c:ec:e3:eb:bf:07:c7:44:f3:ef:83:4e:11:10:5e:21:2f:46:
14:3b:61:e1:11:6f:4d:6f:9d:e7:fb:ac:10:8a:4a:bb:e0:1b:
e5:9b:b8:8f:c1:8d:a7:15:e9:ef:6a:72:00:44:07:bc:93:a1:
36:a5:99:98:be:c5:c1:3d:ee:8d:f1:c0:9c:e3:84:86:7b:18:
ab:80:15:f6:e2:df:5a:ef:5e:e7:03:ff:88:4a:44:4a:77:db:
de:48:e7:da:f5:ae:df:fc:39:29:14:f6:c5:4d:41:01:60:47:
cb:60:2f:d5:e4:47:44:f4:b4:75:a8:81:85:a0:bc:9a:07:f7:
40:38:85:53:1c:16:e1:08:b8:b6:3f:1a:2d:fa:38:e9:73:6e:
b3:c6:63:ae
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvHcDV9t2NoZT7XKUaER1DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxYmFjY2NiNzRjNzdiZDVmZDJhYmVhM2U2MTJkODgxZWFi
NzMzNTYwHhcNMjMwMTAxMjA1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTdiOWVhNWI2ZGY0ZmViNmFjYWZhYjE0MDE4NWYwYjQ3NjIzYTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKR1hXD9UzY5/imgyNlLSHfdYjcf
OPf3F0zdhzCvAydC0HAgOvJjvmv+DfuKVm7fMV3nQihaTRKAELyBCIDQ0figuEe2
b8zJptRSXhYLxbqLS37EruSD4U1tr27qt+EnxMharCCCpBbdgFUxLW6AKYNVPVB4
+PcsGwkJv2D4P3mbM9aLZLWLP2ZnbaBiLQEtitk0Lff8P+mnjyb3CIZ+MD44TA0q
ooWmmjVenRXnlOthZaFtaOzLXn+YTcTtJMheZ/OLaCXs7g3vWUVsXR6uZQB4wKhX
7ASDPOhy6GtLKBlgZPoe/vr1u559P/381ejIKFTEuAnUo5oo0SVqChf2RwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEl7nqW230/rasr6sUAYXwtHYjolMB8GA1UdIwQY
MBaAFAG6zMt0x3vV/Sq+o+YS2IHqtzNWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWJyTXkzVEhlOVg5S3I2ajVoTFlnZXEzTTFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9hMTQ0ZTUtZmNlNi00YTUwLWJkMmEt
ODM3NDEwNDFiOGM3LzEvU1h1ZXBiYmZULXRxeXZxeFFCaGZDMGRpT2lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9hMTQ0ZTUtZmNlNi00YTUwLWJkMmEtODM3NDEwNDFiOGM3
LzEvQWJyTXkzVEhlOVg5S3I2ajVoTFlnZXEzTTFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwnScAwQC
wzGgMA0GCSqGSIb3DQEBCwUAA4IBAQBW7PkahNu0NOL6ipyjGwsm/FnfSPEmxOq/
Zb3fWT8xZnXRvKBHOQTwdV5VgGPZKURAXRr9sjppRlocIzdf/YhKQAOWj8yp7pDQ
s/zO7dx7RNJRjXUAj5F3FgAtYQIeQW81mYX1z4h8I42NX9ws7OPrvwfHRPPvg04R
EF4hL0YUO2HhEW9Nb53n+6wQikq74Bvlm7iPwY2nFenvanIARAe8k6E2pZmYvsXB
Pe6N8cCc44SGexirgBX24t9a717nA/+ISkRKd9veSOfa9a7f/DkpFPbFTUEBYEfL
YC/V5EdE9LR1qIGFoLyaB/dAOIVTHBbhCLi2Pxot+jjpc26zxmOu
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:19:31 2025 by rpki-client