Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/SbXF6yT3PnG4jLEOifFotQj9dM0.roa
File: SbXF6yT3PnG4jLEOifFotQj9dM0.roa (raw, json)
Hash identifier: b0h9J3Y27g8XQysTJoq7HlXo0cB/07FMcP//lQnshYg=
Subject key identifier: 49:B5:C5:EB:24:F7:3E:71:B8:8C:B1:0E:89:F1:68:B5:08:FD:74:CD
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 018572CC9AE8B01EF6DFDBAF550D5D8184ED
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/SbXF6yT3PnG4jLEOifFotQj9dM0.roa
Signing time: Mon 02 Jan 2023 14:04:49 +0000
ROA not before: Mon 02 Jan 2023 14:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 36351
IP address blocks: 85.203.23.0/24 maxlen: 24
85.203.37.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:cc:9a:e8:b0:1e:f6:df:db:af:55:0d:5d:81:84:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Jan 2 14:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=49b5c5eb24f73e71b88cb10e89f168b508fd74cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b5:37:89:91:b5:da:32:43:7d:95:4f:2b:14:
c0:9b:21:62:a4:7b:4f:30:02:fd:a8:bc:5e:30:44:
3d:4e:43:af:aa:d6:eb:06:29:3c:b8:eb:5b:08:1b:
51:12:b1:87:12:99:61:69:b4:96:d4:a1:8b:67:72:
34:dc:af:68:e8:e5:7b:20:d1:b0:c7:cc:01:f3:2c:
06:f4:38:17:17:95:47:d1:66:98:29:df:f4:e7:4a:
28:58:94:a3:e8:c3:4b:30:f9:23:a8:4c:70:43:49:
03:b3:b8:2c:1a:df:a9:a3:3a:e2:f5:9f:4e:17:d4:
be:e4:df:de:6a:9d:64:fa:aa:85:69:55:cb:ce:35:
2f:ec:4e:e4:c5:e8:55:51:f6:79:f8:2d:b2:d3:25:
cb:96:ec:bb:9e:86:df:be:fa:1f:37:22:1c:1c:7f:
bc:e3:eb:d5:97:23:c0:49:cd:74:e1:9d:cd:92:9a:
99:7e:a2:13:75:2e:22:79:6e:df:62:b2:f4:88:85:
03:23:1a:94:b8:51:da:a2:b0:9e:8b:3c:44:89:2c:
a0:8c:19:1f:af:c2:d7:8d:20:4e:c3:95:d4:f8:d2:
f2:08:7c:93:3f:58:70:24:4e:f3:2a:d3:b1:92:71:
a6:04:c9:65:6f:8b:ed:3c:11:4a:b4:12:64:32:8e:
6f:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:B5:C5:EB:24:F7:3E:71:B8:8C:B1:0E:89:F1:68:B5:08:FD:74:CD
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/SbXF6yT3PnG4jLEOifFotQj9dM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.23.0/24
85.203.37.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:4e:07:47:fb:b7:98:e4:cf:37:15:87:5c:ad:ee:f8:2c:91:
f8:98:5b:8c:cf:96:55:9d:17:73:3a:35:b3:cd:b0:56:15:9f:
0d:b5:79:e9:42:7f:0c:ef:30:dd:be:f3:ae:26:63:f6:95:4e:
eb:2c:74:b8:d4:c5:ca:14:d0:93:df:7b:13:a8:f0:7b:c9:33:
00:3b:3f:18:6c:c9:49:12:6f:1a:8e:4e:01:24:40:b4:44:7b:
29:cd:11:71:70:42:af:2e:b8:48:af:d1:16:4a:58:01:78:0a:
dc:42:cf:9d:65:a0:57:19:84:35:a4:4b:b2:68:c3:0e:63:1c:
98:83:b5:76:dc:79:11:a7:10:ae:55:c1:32:f0:28:9e:42:21:
ce:65:78:6c:b7:07:e9:02:88:8e:e5:57:c2:cd:d4:d1:c4:f2:
d6:df:43:ee:a3:c6:69:cf:83:68:86:09:ee:d7:69:b8:42:0c:
dd:df:59:a3:4a:91:79:e5:7e:9d:30:8e:df:b6:66:5a:d8:5b:
bd:78:1a:bd:85:f5:98:e1:3c:d8:f5:48:e9:17:6c:a9:c3:f9:
e2:c0:d5:dc:7a:c7:b2:84:c7:88:ba:ff:67:9d:04:8b:d3:12:
a6:57:a2:e2:62:2f:06:a1:e4:dd:5d:21:dd:d2:6d:9b:73:7a:
3c:55:6f:b2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyzJrosB7239uvVQ1dgYTtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWJkZjZlZWMwODM3MGFlMWY2N2U4M2Y5OWI1YWMxZmUy
Njg3MmMwHhcNMjMwMTAyMTQwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWI1YzVlYjI0ZjczZTcxYjg4Y2IxMGU4OWYxNjhiNTA4ZmQ3NGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbU3iZG12jJDfZVPKxTAmyFipHtP
MAL9qLxeMEQ9TkOvqtbrBik8uOtbCBtRErGHEplhabSW1KGLZ3I03K9o6OV7INGw
x8wB8ywG9DgXF5VH0WaYKd/050ooWJSj6MNLMPkjqExwQ0kDs7gsGt+pozri9Z9O
F9S+5N/eap1k+qqFaVXLzjUv7E7kxehVUfZ5+C2y0yXLluy7nobfvvofNyIcHH+8
4+vVlyPASc104Z3NkpqZfqITdS4ieW7fYrL0iIUDIxqUuFHaorCeizxEiSygjBkf
r8LXjSBOw5XU+NLyCHyTP1hwJE7zKtOxknGmBMllb4vtPBFKtBJkMo5v1QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEm1xesk9z5xuIyxDonxaLUI/XTNMB8GA1UdIwQY
MBaAFNRb327sCDcK4fZ+g/mbWsH+JocsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEt
OTg0NjM4NTllY2MxLzEvU2JYRjZ5VDNQbkc0akxFT2lmRm90UWo5ZE0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEtOTg0NjM4NTllY2Mx
LzEvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVcsXAwQA
VcslMA0GCSqGSIb3DQEBCwUAA4IBAQAuTgdH+7eY5M83FYdcre74LJH4mFuMz5ZV
nRdzOjWzzbBWFZ8NtXnpQn8M7zDdvvOuJmP2lU7rLHS41MXKFNCT33sTqPB7yTMA
Oz8YbMlJEm8ajk4BJEC0RHspzRFxcEKvLrhIr9EWSlgBeArcQs+dZaBXGYQ1pEuy
aMMOYxyYg7V23HkRpxCuVcEy8CieQiHOZXhstwfpAoiO5VfCzdTRxPLW30Puo8Zp
z4Nohgnu12m4Qgzd31mjSpF55X6dMI7ftmZa2Fu9eBq9hfWY4TzY9UjpF2ypw/ni
wNXceseyhMeIuv9nnQSL0xKmV6LiYi8GoeTdXSHd0m2bc3o8VW+y
-----END CERTIFICATE-----
Generated at Thu Apr 17 21:29:00 2025 by rpki-client