Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/c139a4-6da2-4329-aae2-a17882b926a0/1/SL2tdNUG28iYIV338efDgTESpVY.roa
File: SL2tdNUG28iYIV338efDgTESpVY.roa (raw, json)
Hash identifier: mPc8UrsBeyvqePT6e0o6bMZrPBF6dQnSMoB8/ye6yng=
Subject key identifier: 48:BD:AD:74:D5:06:DB:C8:98:21:5D:F7:F1:E7:C3:81:31:12:A5:56
Certificate issuer: /CN=90d3e5371b64ab942d6dcba04adff2ae7ab7c712
Certificate serial: 018570DE5D53153CD5BBE436D1E72F5E14A4
Authority key identifier: 90:D3:E5:37:1B:64:AB:94:2D:6D:CB:A0:4A:DF:F2:AE:7A:B7:C7:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kNPlNxtkq5QtbcugSt_yrnq3xxI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/c139a4-6da2-4329-aae2-a17882b926a0/1/SL2tdNUG28iYIV338efDgTESpVY.roa
Signing time: Mon 02 Jan 2023 05:04:59 +0000
ROA not before: Mon 02 Jan 2023 05:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31431
IP address blocks: 195.128.228.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:de:5d:53:15:3c:d5:bb:e4:36:d1:e7:2f:5e:14:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90d3e5371b64ab942d6dcba04adff2ae7ab7c712
Validity
Not Before: Jan 2 05:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=48bdad74d506dbc898215df7f1e7c3813112a556
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:42:d8:56:45:7b:23:1d:9c:1e:67:d0:c0:da:
49:99:ee:52:6d:f7:d0:52:57:d5:a6:27:fd:14:f5:
f6:76:0a:a0:42:af:1f:50:2c:50:7f:b9:cb:e0:e1:
ee:9c:b4:e2:aa:cf:08:73:22:ae:34:6e:ce:28:86:
b7:8f:b8:64:2d:b1:8e:dd:44:72:5b:e3:c4:83:c2:
2d:27:df:1b:55:8a:e3:70:1f:22:c5:5a:16:17:8c:
ae:f1:89:ef:ee:8d:08:f6:e9:e8:c8:41:92:e8:0e:
ff:ed:ab:7e:07:00:8e:a9:43:14:09:a5:89:16:b2:
56:d8:3e:01:fb:84:e5:41:f1:85:7e:7e:7f:96:f7:
7d:f9:e4:5b:47:5e:99:9b:c1:c4:51:9e:55:b8:b5:
78:31:c8:72:6f:f5:9d:c6:49:59:12:c1:fd:37:0c:
65:31:1d:01:d3:99:5a:db:16:39:58:3a:35:a1:14:
42:53:ec:75:15:80:29:39:31:86:ea:1d:8a:72:ae:
5c:3c:9d:03:03:be:e9:14:d2:6b:0d:24:1d:45:94:
b4:7f:d5:63:74:5d:aa:a6:9b:51:17:f7:d3:7b:d3:
84:b8:5e:42:b9:de:13:51:1f:47:12:2f:08:65:53:
36:6b:d8:51:c7:42:4f:03:e2:e0:29:86:25:07:06:
01:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:BD:AD:74:D5:06:DB:C8:98:21:5D:F7:F1:E7:C3:81:31:12:A5:56
X509v3 Authority Key Identifier:
keyid:90:D3:E5:37:1B:64:AB:94:2D:6D:CB:A0:4A:DF:F2:AE:7A:B7:C7:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kNPlNxtkq5QtbcugSt_yrnq3xxI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/c139a4-6da2-4329-aae2-a17882b926a0/1/SL2tdNUG28iYIV338efDgTESpVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/c139a4-6da2-4329-aae2-a17882b926a0/1/kNPlNxtkq5QtbcugSt_yrnq3xxI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.128.228.0/23
Signature Algorithm: sha256WithRSAEncryption
49:b4:aa:12:bf:b6:3b:61:7e:12:09:50:a6:16:03:24:80:0e:
a5:d4:85:55:53:bf:00:6b:dc:de:69:22:39:00:78:0c:28:43:
59:7d:ba:c7:f5:49:3b:f0:52:31:f1:9e:19:03:9b:87:80:dd:
04:0b:6a:74:d6:c1:6a:88:69:6e:23:07:ee:08:de:85:34:c6:
be:6d:36:9e:f6:5a:c3:a4:f1:31:62:4c:9d:41:a9:b9:b8:7f:
37:1b:1a:84:6a:7a:f8:a6:8f:3f:8d:3e:c0:e3:cb:c4:da:43:
14:e9:a6:28:f8:f6:6a:39:49:58:8b:ba:10:05:27:03:b5:05:
0e:5e:f9:a9:83:b0:f4:8e:f8:95:9c:11:63:b9:77:60:27:cb:
e2:d4:63:46:eb:dc:76:03:25:9c:e1:5c:3d:30:05:27:a6:82:
25:ce:22:b1:7a:cb:74:01:bb:47:b0:a5:27:d8:17:de:6e:28:
d7:b8:ca:64:8c:79:cf:ea:87:f5:22:1b:61:a3:e8:af:30:0b:
40:29:37:ec:8c:52:cf:c2:92:91:6d:cd:bd:00:91:04:5e:8f:
95:e9:03:cb:c5:64:c2:e5:ba:33:11:4f:f0:a4:db:a3:df:46:
b4:79:c9:ac:2b:e7:cb:85:61:07:36:07:17:8c:24:f2:db:5d:
ae:1f:7c:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw3l1TFTzVu+Q20ecvXhSkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZDNlNTM3MWI2NGFiOTQyZDZkY2JhMDRhZGZmMmFlN2Fi
N2M3MTIwHhcNMjMwMTAyMDUwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGJkYWQ3NGQ1MDZkYmM4OTgyMTVkZjdmMWU3YzM4MTMxMTJhNTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0LYVkV7Ix2cHmfQwNpJme5SbffQ
UlfVpif9FPX2dgqgQq8fUCxQf7nL4OHunLTiqs8IcyKuNG7OKIa3j7hkLbGO3URy
W+PEg8ItJ98bVYrjcB8ixVoWF4yu8Ynv7o0I9unoyEGS6A7/7at+BwCOqUMUCaWJ
FrJW2D4B+4TlQfGFfn5/lvd9+eRbR16Zm8HEUZ5VuLV4Mchyb/WdxklZEsH9Nwxl
MR0B05la2xY5WDo1oRRCU+x1FYApOTGG6h2Kcq5cPJ0DA77pFNJrDSQdRZS0f9Vj
dF2qpptRF/fTe9OEuF5Cud4TUR9HEi8IZVM2a9hRx0JPA+LgKYYlBwYBWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEi9rXTVBtvImCFd9/Hnw4ExEqVWMB8GA1UdIwQY
MBaAFJDT5TcbZKuULW3LoErf8q56t8cSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva05QbE54dGtxNVF0YmN1Z1N0X3lybnEzeHhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9jMTM5YTQtNmRhMi00MzI5LWFhZTIt
YTE3ODgyYjkyNmEwLzEvU0wydGROVUcyOGlZSVYzMzhlZkRnVEVTcFZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9jMTM5YTQtNmRhMi00MzI5LWFhZTItYTE3ODgyYjkyNmEw
LzEva05QbE54dGtxNVF0YmN1Z1N0X3lybnEzeHhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw4DkMA0G
CSqGSIb3DQEBCwUAA4IBAQBJtKoSv7Y7YX4SCVCmFgMkgA6l1IVVU78Aa9zeaSI5
AHgMKENZfbrH9Uk78FIx8Z4ZA5uHgN0EC2p01sFqiGluIwfuCN6FNMa+bTae9lrD
pPExYkydQam5uH83GxqEanr4po8/jT7A48vE2kMU6aYo+PZqOUlYi7oQBScDtQUO
Xvmpg7D0jviVnBFjuXdgJ8vi1GNG69x2AyWc4Vw9MAUnpoIlziKxest0AbtHsKUn
2BfebijXuMpkjHnP6of1Ihtho+ivMAtAKTfsjFLPwpKRbc29AJEEXo+V6QPLxWTC
5bozEU/wpNuj30a0ecmsK+fLhWEHNgcXjCTy212uH3ze
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:54 2025 by rpki-client