Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/b72592-5961-4c5e-a20f-f1d456869f97/1/S9YphB5XXjfMXiCP_oPiusI3kiQ.roa
File: S9YphB5XXjfMXiCP_oPiusI3kiQ.roa (raw, json)
Hash identifier: TJEB8GRD0T/qsorjx69cXL9/uHcKHbz5VSick8fIJTY=
Subject key identifier: 4B:D6:29:84:1E:57:5E:37:CC:5E:20:8F:FE:83:E2:BA:C2:37:92:24
Certificate issuer: /CN=c7fa3cadca4e131a0fbe1b9e40dba383833cf48a
Certificate serial: 018437EA4319C3E62C0AE1A31B158C15783E
Authority key identifier: C7:FA:3C:AD:CA:4E:13:1A:0F:BE:1B:9E:40:DB:A3:83:83:3C:F4:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x_o8rcpOExoPvhueQNujg4M89Io.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/b72592-5961-4c5e-a20f-f1d456869f97/1/S9YphB5XXjfMXiCP_oPiusI3kiQ.roa
Signing time: Wed 02 Nov 2022 10:36:50 +0000
ROA not before: Wed 02 Nov 2022 10:36:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39568
IP address blocks: 185.230.206.0/24 maxlen: 24
185.230.205.0/24 maxlen: 24
185.230.204.0/24 maxlen: 24
185.230.204.0/22 maxlen: 22
185.230.207.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:37:ea:43:19:c3:e6:2c:0a:e1:a3:1b:15:8c:15:78:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7fa3cadca4e131a0fbe1b9e40dba383833cf48a
Validity
Not Before: Nov 2 10:36:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4bd629841e575e37cc5e208ffe83e2bac2379224
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:c3:ca:fa:47:f3:9b:c2:9e:23:8f:b4:9f:b7:
69:21:3b:a4:6e:de:45:7e:27:e6:eb:ff:77:ff:27:
6f:b4:52:ed:14:df:a2:f0:33:7f:7f:cb:c4:8c:dc:
c1:b3:87:c5:03:83:47:1c:21:22:ae:97:53:88:a3:
6a:6a:30:38:66:66:53:b8:0d:51:51:a8:f4:f9:7f:
c3:0e:8c:dd:38:a9:6e:fb:7c:e8:54:88:77:d0:32:
08:bf:21:03:bd:7d:1b:25:55:92:e4:bb:e7:da:c9:
bf:1d:68:26:be:f8:94:4b:8b:5d:43:a8:e9:cc:65:
84:6a:7b:71:e3:ac:69:7c:99:94:36:5d:37:33:00:
58:06:9d:88:7d:8e:f2:96:2c:08:01:1d:37:31:6e:
3d:30:af:a5:02:8e:f2:cc:35:c1:fd:8b:0e:69:d5:
3b:6f:3d:8d:47:91:71:37:c7:38:c7:76:9e:6b:29:
ce:b2:09:b4:21:60:c9:dc:fa:ef:3d:56:0c:cd:dd:
b2:b6:51:30:17:a3:a6:55:71:84:94:67:28:d2:d9:
25:32:68:5b:cd:94:5a:e6:40:e9:99:9c:b5:e5:6d:
4f:d7:72:8e:eb:4a:5d:d5:00:f0:e5:34:80:3c:ac:
7b:0e:56:14:61:3b:90:a1:9e:5e:b4:08:ff:cf:bd:
d7:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:D6:29:84:1E:57:5E:37:CC:5E:20:8F:FE:83:E2:BA:C2:37:92:24
X509v3 Authority Key Identifier:
keyid:C7:FA:3C:AD:CA:4E:13:1A:0F:BE:1B:9E:40:DB:A3:83:83:3C:F4:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x_o8rcpOExoPvhueQNujg4M89Io.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/b72592-5961-4c5e-a20f-f1d456869f97/1/S9YphB5XXjfMXiCP_oPiusI3kiQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/b72592-5961-4c5e-a20f-f1d456869f97/1/x_o8rcpOExoPvhueQNujg4M89Io.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.230.204.0/22
Signature Algorithm: sha256WithRSAEncryption
b4:3c:76:29:c0:3a:48:91:c6:a8:0f:5d:95:9f:7c:6c:79:6e:
32:1a:bf:d7:e1:5f:b6:d8:f9:c4:04:04:ba:e2:ba:97:a8:8e:
be:ce:48:05:5f:f0:be:7b:b9:b1:62:d3:8b:a8:c8:0c:c8:8c:
87:e5:91:61:d5:ab:7f:cf:3f:09:18:81:0f:cd:da:21:a1:57:
a9:79:b3:44:37:6c:e1:dc:1b:e0:5e:e1:73:6f:7c:9c:38:ba:
bf:ac:ef:4d:ef:ca:bf:9f:15:de:65:5d:fc:78:15:02:9c:5c:
f1:be:cc:d8:68:d9:80:83:29:16:8b:97:eb:b9:7e:f7:8d:6d:
83:85:69:63:10:bb:6a:78:2a:3f:49:9c:97:bd:67:b3:dc:e1:
8c:ac:77:4c:23:af:b4:83:ff:ad:d0:a3:63:a9:be:30:82:17:
c2:b5:cd:fa:6c:28:3f:51:d7:0b:86:10:97:0b:91:86:fd:0e:
7e:57:14:57:7d:e6:b7:26:e0:4c:b5:42:9d:ed:c0:88:0f:c3:
a0:ff:ac:d5:2f:a4:5b:78:0d:60:72:38:64:1b:09:15:12:8b:
14:8a:1a:bd:de:a4:0a:51:0e:3c:f4:7b:b2:74:c0:a2:6d:74:
5f:15:eb:47:a4:76:a3:99:d0:24:e7:45:86:78:ac:1b:67:2f:
e2:5a:5b:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQ36kMZw+YsCuGjGxWMFXg+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3ZmEzY2FkY2E0ZTEzMWEwZmJlMWI5ZTQwZGJhMzgzODMz
Y2Y0OGEwHhcNMjIxMTAyMTAzNjUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmQ2Mjk4NDFlNTc1ZTM3Y2M1ZTIwOGZmZTgzZTJiYWMyMzc5MjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMPK+kfzm8KeI4+0n7dpITukbt5F
fifm6/93/ydvtFLtFN+i8DN/f8vEjNzBs4fFA4NHHCEirpdTiKNqajA4ZmZTuA1R
Uaj0+X/DDozdOKlu+3zoVIh30DIIvyEDvX0bJVWS5Lvn2sm/HWgmvviUS4tdQ6jp
zGWEantx46xpfJmUNl03MwBYBp2IfY7yliwIAR03MW49MK+lAo7yzDXB/YsOadU7
bz2NR5FxN8c4x3aeaynOsgm0IWDJ3PrvPVYMzd2ytlEwF6OmVXGElGco0tklMmhb
zZRa5kDpmZy15W1P13KO60pd1QDw5TSAPKx7DlYUYTuQoZ5etAj/z73XmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEvWKYQeV143zF4gj/6D4rrCN5IkMB8GA1UdIwQY
MBaAFMf6PK3KThMaD74bnkDbo4ODPPSKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveF9vOHJjcE9FeG9Qdmh1ZVFOdWpnNE04OUlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9iNzI1OTItNTk2MS00YzVlLWEyMGYt
ZjFkNDU2ODY5Zjk3LzEvUzlZcGhCNVhYamZNWGlDUF9vUGl1c0kza2lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9iNzI1OTItNTk2MS00YzVlLWEyMGYtZjFkNDU2ODY5Zjk3
LzEveF9vOHJjcE9FeG9Qdmh1ZVFOdWpnNE04OUlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuebMMA0G
CSqGSIb3DQEBCwUAA4IBAQC0PHYpwDpIkcaoD12Vn3xseW4yGr/X4V+22PnEBAS6
4rqXqI6+zkgFX/C+e7mxYtOLqMgMyIyH5ZFh1at/zz8JGIEPzdohoVepebNEN2zh
3BvgXuFzb3ycOLq/rO9N78q/nxXeZV38eBUCnFzxvszYaNmAgykWi5fruX73jW2D
hWljELtqeCo/SZyXvWez3OGMrHdMI6+0g/+t0KNjqb4wghfCtc36bCg/UdcLhhCX
C5GG/Q5+VxRXfea3JuBMtUKd7cCID8Og/6zVL6RbeA1gcjhkGwkVEosUihq93qQK
UQ489HuydMCibXRfFetHpHajmdAk50WGeKwbZy/iWlvK
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:33:30 2025 by rpki-client