Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/sJPKV9RmMkfKcmGM4BeP9K0CsIE.roa
File: sJPKV9RmMkfKcmGM4BeP9K0CsIE.roa (raw, json)
Hash identifier: qFV5kI1lEJuuhoONZFIhbLyHWJW5lb/UUKlkwu/J9AQ=
Subject key identifier: B0:93:CA:57:D4:66:32:47:CA:72:61:8C:E0:17:8F:F4:AD:02:B0:81
Certificate issuer: /CN=ff44dbaca56dac319401f68a50d917f5424611ad
Certificate serial: 01885EEF0C65A5F4C4A28FAB6FD3EB870B36
Authority key identifier: FF:44:DB:AC:A5:6D:AC:31:94:01:F6:8A:50:D9:17:F5:42:46:11:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0TbrKVtrDGUAfaKUNkX9UJGEa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/sJPKV9RmMkfKcmGM4BeP9K0CsIE.roa
Signing time: Sat 27 May 2023 20:38:24 +0000
ROA not before: Sat 27 May 2023 20:38:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3257
IP address blocks: 94.143.225.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:5e:ef:0c:65:a5:f4:c4:a2:8f:ab:6f:d3:eb:87:0b:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff44dbaca56dac319401f68a50d917f5424611ad
Validity
Not Before: May 27 20:38:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b093ca57d4663247ca72618ce0178ff4ad02b081
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:84:39:13:35:69:9a:b9:4f:44:71:dc:7f:93:
2c:03:9f:91:05:3c:4e:68:34:03:bd:67:ef:9b:12:
30:93:87:64:f3:18:e6:72:6f:1b:53:d0:18:61:25:
b4:b8:68:c1:4d:8e:85:a2:f1:2f:d2:98:d6:08:d2:
22:29:e9:b3:8a:0e:72:1b:29:bf:04:6b:5b:82:49:
7b:4f:76:23:f4:3f:d0:02:93:28:ed:54:38:31:81:
b9:d2:0e:41:3c:bf:9d:0c:64:4c:16:0c:11:7d:6e:
44:e9:81:cc:9a:8f:fd:8a:09:e0:eb:7a:e2:67:f0:
16:5d:3a:5a:17:40:cb:8d:b8:3e:70:cb:b3:2c:db:
7b:04:78:70:35:26:52:76:32:90:e6:3c:55:32:de:
60:2a:7f:d6:8d:50:2b:98:bd:ba:79:59:4c:03:e7:
00:b7:42:f3:c6:22:6d:99:9b:f7:b6:17:e2:ea:d0:
8d:8e:67:b5:aa:f9:b1:48:67:34:df:69:2c:b3:a7:
61:0f:83:2b:a7:50:39:63:46:b9:56:d9:0b:ec:be:
f4:8d:81:2c:a9:6c:4d:d2:31:4b:8e:db:f9:4e:70:
d2:61:11:d3:59:72:42:95:0c:42:95:bb:db:06:89:
3e:2b:d1:28:ac:74:76:30:43:56:c3:46:f7:76:27:
99:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:93:CA:57:D4:66:32:47:CA:72:61:8C:E0:17:8F:F4:AD:02:B0:81
X509v3 Authority Key Identifier:
keyid:FF:44:DB:AC:A5:6D:AC:31:94:01:F6:8A:50:D9:17:F5:42:46:11:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0TbrKVtrDGUAfaKUNkX9UJGEa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/sJPKV9RmMkfKcmGM4BeP9K0CsIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/_0TbrKVtrDGUAfaKUNkX9UJGEa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.143.225.0/24
Signature Algorithm: sha256WithRSAEncryption
00:07:83:9f:41:42:53:9f:14:7e:71:26:f0:66:2d:eb:86:be:
f4:56:26:6c:44:2d:72:ed:73:dc:3b:e4:33:d4:e0:50:01:2c:
cc:c4:cd:31:63:59:0d:42:e9:6a:f6:bb:6d:03:b8:e6:e7:6c:
cc:18:e3:30:0b:c8:46:d1:f8:6f:c6:51:4b:5c:64:c0:75:bd:
a2:ea:f4:55:f8:ea:01:76:0c:20:cb:b3:56:fa:fd:77:dc:f8:
11:53:ed:1c:24:95:fd:71:2b:b4:7c:61:9c:3d:c7:5c:be:e2:
ec:0d:06:62:aa:91:7f:02:b4:c7:13:b4:7f:b7:5a:de:cd:99:
8f:95:3f:16:b6:00:d4:52:24:af:6f:34:a1:c0:f5:a3:92:e3:
07:bb:e6:5b:76:9f:0f:f2:63:f3:52:50:ed:2d:81:33:04:51:
a3:82:31:e6:fb:45:95:1d:0c:ce:a0:3e:9e:fa:39:9b:82:db:
66:48:18:91:59:3a:e8:0a:06:f3:33:57:23:d9:8b:9a:25:32:
ae:6e:ea:2d:bd:8f:39:41:ce:53:61:5f:62:21:37:a1:0c:5e:
3f:d2:5b:fe:37:86:b6:2a:ba:25:2b:dd:1b:28:38:6c:41:eb:
fb:6a:17:a3:ff:3d:c9:cb:a1:4a:56:0b:ee:98:36:c5:84:e7:
0a:2f:ea:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhe7wxlpfTEoo+rb9Prhws2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNDRkYmFjYTU2ZGFjMzE5NDAxZjY4YTUwZDkxN2Y1NDI0
NjExYWQwHhcNMjMwNTI3MjAzODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDkzY2E1N2Q0NjYzMjQ3Y2E3MjYxOGNlMDE3OGZmNGFkMDJiMDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYQ5EzVpmrlPRHHcf5MsA5+RBTxO
aDQDvWfvmxIwk4dk8xjmcm8bU9AYYSW0uGjBTY6FovEv0pjWCNIiKemzig5yGym/
BGtbgkl7T3Yj9D/QApMo7VQ4MYG50g5BPL+dDGRMFgwRfW5E6YHMmo/9igng63ri
Z/AWXTpaF0DLjbg+cMuzLNt7BHhwNSZSdjKQ5jxVMt5gKn/WjVArmL26eVlMA+cA
t0LzxiJtmZv3thfi6tCNjme1qvmxSGc032kss6dhD4Mrp1A5Y0a5VtkL7L70jYEs
qWxN0jFLjtv5TnDSYRHTWXJClQxClbvbBok+K9EorHR2MENWw0b3dieZKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLCTylfUZjJHynJhjOAXj/StArCBMB8GA1UdIwQY
MBaAFP9E26ylbawxlAH2ilDZF/VCRhGtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzBUYnJLVnRyREdVQWZhS1VOa1g5VUpHRWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi81M2E5NDctZmQwMy00MDE0LTk4Mjct
YzVkODk1MDgxOGVjLzEvc0pQS1Y5Um1Na2ZLY21HTTRCZVA5SzBDc0lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi81M2E5NDctZmQwMy00MDE0LTk4MjctYzVkODk1MDgxOGVj
LzEvXzBUYnJLVnRyREdVQWZhS1VOa1g5VUpHRWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXo/hMA0G
CSqGSIb3DQEBCwUAA4IBAQAAB4OfQUJTnxR+cSbwZi3rhr70ViZsRC1y7XPcO+Qz
1OBQASzMxM0xY1kNQulq9rttA7jm52zMGOMwC8hG0fhvxlFLXGTAdb2i6vRV+OoB
dgwgy7NW+v133PgRU+0cJJX9cSu0fGGcPcdcvuLsDQZiqpF/ArTHE7R/t1rezZmP
lT8WtgDUUiSvbzShwPWjkuMHu+Zbdp8P8mPzUlDtLYEzBFGjgjHm+0WVHQzOoD6e
+jmbgttmSBiRWTroCgbzM1cj2YuaJTKubuotvY85Qc5TYV9iITehDF4/0lv+N4a2
KrolK90bKDhsQev7ahej/z3Jy6FKVgvumDbFhOcKL+o2
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:55:59 2025 by rpki-client