Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/32f8d3-7328-45f0-a007-402238638ea3/1/S4gqu5qRgCouJ-iCBdUK6XDLC-I.roa
File: S4gqu5qRgCouJ-iCBdUK6XDLC-I.roa (raw, json)
Hash identifier: O1iOvm1m3gcqWbuu6y4it+dEkkeYpElm7PmhH2zIMXc=
Subject key identifier: 4B:88:2A:BB:9A:91:80:2A:2E:27:E8:82:05:D5:0A:E9:70:CB:0B:E2
Certificate issuer: /CN=5f1f213b8c792b7e013fa5041f5b89971e6f62d6
Certificate serial: 01856CF8696DFD20C787648C91F6100B2CA1
Authority key identifier: 5F:1F:21:3B:8C:79:2B:7E:01:3F:A5:04:1F:5B:89:97:1E:6F:62:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xx8hO4x5K34BP6UEH1uJlx5vYtY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/32f8d3-7328-45f0-a007-402238638ea3/1/S4gqu5qRgCouJ-iCBdUK6XDLC-I.roa
Signing time: Sun 01 Jan 2023 10:54:57 +0000
ROA not before: Sun 01 Jan 2023 10:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 193.8.236.0/24 maxlen: 24
193.8.237.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:69:6d:fd:20:c7:87:64:8c:91:f6:10:0b:2c:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f1f213b8c792b7e013fa5041f5b89971e6f62d6
Validity
Not Before: Jan 1 10:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b882abb9a91802a2e27e88205d50ae970cb0be2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:c6:e8:eb:2d:ba:cf:3c:f3:4c:05:0f:23:c5:
50:19:ad:f7:cc:af:df:ea:0f:dc:ae:f2:99:47:47:
d3:d4:87:33:ae:e3:2d:24:f2:ae:2f:53:d3:01:da:
87:55:2d:ec:72:93:52:9b:37:61:ba:4b:28:58:69:
7e:ed:ef:18:a8:47:ca:d3:ba:3d:8b:ce:34:03:c1:
b8:2a:ad:45:fb:c5:29:f6:f1:14:1c:b9:6f:02:92:
81:18:71:ec:c8:b2:cc:03:97:1f:76:f5:f9:da:c7:
70:18:47:8d:79:53:67:ce:bc:57:84:f3:73:1f:ef:
a6:58:cd:57:58:7a:10:71:b4:71:e1:80:72:58:e8:
83:d4:55:b4:e2:67:c5:d5:1f:92:74:69:8d:59:fa:
26:00:ba:32:06:1c:fa:f4:fb:d1:42:1f:04:0e:ec:
77:76:1f:0d:d0:74:4d:df:fb:19:11:62:90:1e:45:
d9:fe:df:d5:24:67:bb:52:b2:22:7c:b8:07:2b:b3:
d0:09:25:80:de:30:40:a5:88:48:da:45:9a:85:3b:
40:00:a7:81:e8:05:eb:1b:bf:60:46:40:b5:39:a1:
2c:8b:50:06:33:11:2d:c0:4d:aa:46:fa:e8:ff:cc:
6e:16:50:af:e3:5a:f8:eb:68:cf:c5:59:3f:9a:0b:
c8:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:88:2A:BB:9A:91:80:2A:2E:27:E8:82:05:D5:0A:E9:70:CB:0B:E2
X509v3 Authority Key Identifier:
keyid:5F:1F:21:3B:8C:79:2B:7E:01:3F:A5:04:1F:5B:89:97:1E:6F:62:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xx8hO4x5K34BP6UEH1uJlx5vYtY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/32f8d3-7328-45f0-a007-402238638ea3/1/S4gqu5qRgCouJ-iCBdUK6XDLC-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/32f8d3-7328-45f0-a007-402238638ea3/1/Xx8hO4x5K34BP6UEH1uJlx5vYtY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.8.236.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:a3:93:32:d6:57:e5:ad:d3:0a:48:b7:e8:f9:d4:80:5d:44:
0d:61:4e:4b:dc:61:ef:cb:a3:d6:61:9b:01:6d:e9:25:04:64:
1d:b1:65:31:58:ed:07:d4:35:11:75:65:58:41:33:40:88:39:
d4:c3:5a:5e:16:7e:01:6d:88:33:a0:f9:ec:f2:be:b7:af:20:
d7:a9:80:b3:fa:b0:75:e8:7a:30:87:11:96:c2:9a:02:fe:17:
66:98:01:f7:e2:77:c3:bd:0c:73:f0:19:b8:3b:70:3c:26:46:
65:06:ac:ed:97:e4:12:1b:be:f8:9d:17:7a:b1:28:88:80:39:
d7:c1:d2:79:77:01:f7:9f:5d:8a:13:4e:79:af:22:00:50:59:
68:55:8d:26:03:c6:81:b3:ae:36:91:25:e0:bf:89:29:30:85:
f0:9e:35:28:f5:a2:b2:07:f9:43:04:39:18:b5:bc:06:d8:60:
56:1b:24:9e:a4:91:b9:4e:c0:14:e1:a7:10:fd:07:50:56:2f:
db:ee:f8:26:4a:9f:e9:1d:ff:77:3f:ea:38:df:8c:91:0e:5e:
04:e3:78:24:c7:39:a5:69:13:62:ce:2a:d0:cb:f4:3d:32:c0:
2b:37:31:5f:65:ac:aa:8e:6a:66:cc:ef:3f:65:1f:25:4e:57:
0a:fb:aa:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs+Glt/SDHh2SMkfYQCyyhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMWYyMTNiOGM3OTJiN2UwMTNmYTUwNDFmNWI4OTk3MWU2
ZjYyZDYwHhcNMjMwMTAxMTA1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Yjg4MmFiYjlhOTE4MDJhMmUyN2U4ODIwNWQ1MGFlOTcwY2IwYmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Mbo6y26zzzzTAUPI8VQGa33zK/f
6g/crvKZR0fT1IczruMtJPKuL1PTAdqHVS3scpNSmzdhuksoWGl+7e8YqEfK07o9
i840A8G4Kq1F+8Up9vEUHLlvApKBGHHsyLLMA5cfdvX52sdwGEeNeVNnzrxXhPNz
H++mWM1XWHoQcbRx4YByWOiD1FW04mfF1R+SdGmNWfomALoyBhz69PvRQh8EDux3
dh8N0HRN3/sZEWKQHkXZ/t/VJGe7UrIifLgHK7PQCSWA3jBApYhI2kWahTtAAKeB
6AXrG79gRkC1OaEsi1AGMxEtwE2qRvro/8xuFlCv41r462jPxVk/mgvIkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEuIKruakYAqLifoggXVCulwywviMB8GA1UdIwQY
MBaAFF8fITuMeSt+AT+lBB9biZceb2LWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHg4aE80eDVLMzRCUDZVRUgxdUpseDV2WXRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zMmY4ZDMtNzMyOC00NWYwLWEwMDct
NDAyMjM4NjM4ZWEzLzEvUzRncXU1cVJnQ291Si1pQ0JkVUs2WERMQy1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zMmY4ZDMtNzMyOC00NWYwLWEwMDctNDAyMjM4NjM4ZWEz
LzEvWHg4aE80eDVLMzRCUDZVRUgxdUpseDV2WXRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwQjsMA0G
CSqGSIb3DQEBCwUAA4IBAQBLo5My1lflrdMKSLfo+dSAXUQNYU5L3GHvy6PWYZsB
beklBGQdsWUxWO0H1DURdWVYQTNAiDnUw1peFn4BbYgzoPns8r63ryDXqYCz+rB1
6HowhxGWwpoC/hdmmAH34nfDvQxz8Bm4O3A8JkZlBqztl+QSG774nRd6sSiIgDnX
wdJ5dwH3n12KE055ryIAUFloVY0mA8aBs642kSXgv4kpMIXwnjUo9aKyB/lDBDkY
tbwG2GBWGySepJG5TsAU4acQ/QdQVi/b7vgmSp/pHf93P+o434yRDl4E43gkxzml
aRNizirQy/Q9MsArNzFfZayqjmpmzO8/ZR8lTlcK+6re
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:47:11 2025 by rpki-client