Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/05ca1d-c357-48bc-9609-45a534f222f4/1/sbPA11CGuEXzdpnqu4YTJzf-31w.roa
File: sbPA11CGuEXzdpnqu4YTJzf-31w.roa (raw, json)
Hash identifier: ZQ2/8z8wO6Neg2gGOrxejh/Qd3ypabONXVFkovsSQLA=
Subject key identifier: B1:B3:C0:D7:50:86:B8:45:F3:76:99:EA:BB:86:13:27:37:FE:DF:5C
Certificate issuer: /CN=24a9d84c6d16c083093c3371b4575d36ef448fe4
Certificate serial: 018601D8BC31BB2A0E62C05BC3C5DD284121
Authority key identifier: 24:A9:D8:4C:6D:16:C0:83:09:3C:33:71:B4:57:5D:36:EF:44:8F:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JKnYTG0WwIMJPDNxtFddNu9Ej-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/05ca1d-c357-48bc-9609-45a534f222f4/1/sbPA11CGuEXzdpnqu4YTJzf-31w.roa
Signing time: Mon 30 Jan 2023 08:43:46 +0000
ROA not before: Mon 30 Jan 2023 08:43:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41514
IP address blocks: 194.156.152.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:01:d8:bc:31:bb:2a:0e:62:c0:5b:c3:c5:dd:28:41:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24a9d84c6d16c083093c3371b4575d36ef448fe4
Validity
Not Before: Jan 30 08:43:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b1b3c0d75086b845f37699eabb86132737fedf5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:5d:b4:a2:27:49:03:33:f9:58:a7:dc:e5:52:
0c:4b:24:00:f9:c5:a5:c6:1f:20:24:34:6f:ec:14:
01:8d:95:1c:d4:44:81:d5:e8:a0:27:3c:20:55:a5:
a4:17:a7:cd:b6:0b:f2:bd:42:60:d8:b2:68:9f:4c:
24:22:8e:18:26:42:b4:76:1f:b6:13:78:7d:6d:a8:
76:9e:4a:8a:9a:09:b9:90:ef:f0:af:89:8c:d5:00:
6c:db:d1:13:c7:b7:32:60:88:3c:aa:4a:9b:32:cd:
47:8d:1e:6f:11:ff:35:ab:b7:07:41:a8:03:f2:a7:
a8:b6:be:0d:aa:5c:85:4f:23:3c:7f:37:3e:64:96:
55:d5:26:a3:b1:97:c5:61:e5:e7:89:b5:d3:9b:13:
61:0b:6d:65:ec:81:64:7f:e8:65:12:58:5b:03:b7:
ee:71:88:82:43:43:33:06:43:be:96:17:aa:7a:e2:
bb:e7:34:0b:d3:89:60:67:e5:e5:eb:36:d6:1b:1b:
73:73:d9:cf:97:4b:81:1e:f6:ec:45:bf:94:b4:cd:
6a:bc:da:d6:56:5e:a9:17:41:bd:ef:45:2f:bb:d2:
1d:c4:ed:10:43:c5:84:28:cd:71:1c:e9:8d:6a:c5:
d3:ea:8b:93:37:d5:f1:c1:8b:21:50:36:fc:79:9c:
21:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:B3:C0:D7:50:86:B8:45:F3:76:99:EA:BB:86:13:27:37:FE:DF:5C
X509v3 Authority Key Identifier:
keyid:24:A9:D8:4C:6D:16:C0:83:09:3C:33:71:B4:57:5D:36:EF:44:8F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JKnYTG0WwIMJPDNxtFddNu9Ej-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/05ca1d-c357-48bc-9609-45a534f222f4/1/sbPA11CGuEXzdpnqu4YTJzf-31w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/05ca1d-c357-48bc-9609-45a534f222f4/1/JKnYTG0WwIMJPDNxtFddNu9Ej-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.156.152.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:98:23:16:63:2f:84:fa:df:16:6c:41:3f:83:24:4c:68:84:
cb:30:63:f9:d0:94:9f:d8:14:58:3c:23:14:ca:c0:a8:f2:e9:
ae:77:4c:b7:92:82:e4:89:5f:a1:e9:73:4d:bc:a5:62:8b:0b:
07:e8:85:d0:39:e0:2f:e0:64:5d:59:ad:7c:b8:8b:42:85:9f:
82:00:a0:dd:42:3f:cb:1b:78:43:a1:ec:fc:8e:44:f1:0f:a1:
9c:84:d8:3a:5b:fb:bf:19:97:91:e6:cb:59:4e:99:49:58:de:
e7:bd:e1:9b:ac:9e:68:e4:48:d2:54:a4:68:fd:48:0a:1d:22:
62:59:6d:80:f1:6d:4e:aa:e9:d0:93:4e:d9:d5:51:69:ee:a6:
51:99:92:7e:31:04:59:41:74:4b:4f:a7:4d:32:02:f7:f8:f7:
51:07:cd:4b:2a:cb:99:4d:da:8f:c4:fe:2b:69:e3:5b:ca:50:
4c:c7:56:bb:7e:2e:ef:2f:c6:2c:9b:be:76:50:b6:1f:90:8e:
91:d1:28:25:aa:ff:bb:ca:b2:54:4a:29:cc:3f:cc:9e:9c:48:
c9:f5:9d:44:46:36:02:41:8c:44:80:57:2f:64:3b:8e:0b:f1:
32:77:f7:da:17:b3:fd:cc:c6:82:d1:23:f9:09:09:97:90:8d:
e0:dc:b0:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYB2LwxuyoOYsBbw8XdKEEhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0YTlkODRjNmQxNmMwODMwOTNjMzM3MWI0NTc1ZDM2ZWY0
NDhmZTQwHhcNMjMwMTMwMDg0MzQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWIzYzBkNzUwODZiODQ1ZjM3Njk5ZWFiYjg2MTMyNzM3ZmVkZjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhF20oidJAzP5WKfc5VIMSyQA+cWl
xh8gJDRv7BQBjZUc1ESB1eigJzwgVaWkF6fNtgvyvUJg2LJon0wkIo4YJkK0dh+2
E3h9bah2nkqKmgm5kO/wr4mM1QBs29ETx7cyYIg8qkqbMs1HjR5vEf81q7cHQagD
8qeotr4NqlyFTyM8fzc+ZJZV1SajsZfFYeXnibXTmxNhC21l7IFkf+hlElhbA7fu
cYiCQ0MzBkO+lheqeuK75zQL04lgZ+Xl6zbWGxtzc9nPl0uBHvbsRb+UtM1qvNrW
Vl6pF0G970Uvu9IdxO0QQ8WEKM1xHOmNasXT6ouTN9XxwYshUDb8eZwhiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLGzwNdQhrhF83aZ6ruGEyc3/t9cMB8GA1UdIwQY
MBaAFCSp2ExtFsCDCTwzcbRXXTbvRI/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSktuWVRHMFd3SU1KUEROeHRGZGROdTlFai1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8wNWNhMWQtYzM1Ny00OGJjLTk2MDkt
NDVhNTM0ZjIyMmY0LzEvc2JQQTExQ0d1RVh6ZHBucXU0WVRKemYtMzF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8wNWNhMWQtYzM1Ny00OGJjLTk2MDktNDVhNTM0ZjIyMmY0
LzEvSktuWVRHMFd3SU1KUEROeHRGZGROdTlFai1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwpyYMA0G
CSqGSIb3DQEBCwUAA4IBAQA6mCMWYy+E+t8WbEE/gyRMaITLMGP50JSf2BRYPCMU
ysCo8umud0y3koLkiV+h6XNNvKViiwsH6IXQOeAv4GRdWa18uItChZ+CAKDdQj/L
G3hDoez8jkTxD6GchNg6W/u/GZeR5stZTplJWN7nveGbrJ5o5EjSVKRo/UgKHSJi
WW2A8W1OqunQk07Z1VFp7qZRmZJ+MQRZQXRLT6dNMgL3+PdRB81LKsuZTdqPxP4r
aeNbylBMx1a7fi7vL8Ysm752ULYfkI6R0Sglqv+7yrJUSinMP8yenEjJ9Z1ERjYC
QYxEgFcvZDuOC/Eyd/faF7P9zMaC0SP5CQmXkI3g3LCe
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:36 2025 by rpki-client