Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/6d8470-4861-416d-a72a-28aded8ddfab/1/SVTRf7EeHLhqkIc9RmNORgmV4v0.roa
File: SVTRf7EeHLhqkIc9RmNORgmV4v0.roa (raw, json)
Hash identifier: f3MIQl5pqzunzaKYDqK+IznUZw7+KQtZax9bcE5PM90=
Subject key identifier: 49:54:D1:7F:B1:1E:1C:B8:6A:90:87:3D:46:63:4E:46:09:95:E2:FD
Certificate issuer: /CN=690bdb18899afb27fe1ff780516fcc0b93c8b80d
Certificate serial: 0189CBA61B573AAEA3C57BF54A0AEBBF88EF
Authority key identifier: 69:0B:DB:18:89:9A:FB:27:FE:1F:F7:80:51:6F:CC:0B:93:C8:B8:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aQvbGIma-yf-H_eAUW_MC5PIuA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/6d8470-4861-416d-a72a-28aded8ddfab/1/SVTRf7EeHLhqkIc9RmNORgmV4v0.roa
Signing time: Sun 06 Aug 2023 16:20:08 +0000
ROA not before: Sun 06 Aug 2023 16:20:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204457
IP address blocks: 194.4.153.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:cb:a6:1b:57:3a:ae:a3:c5:7b:f5:4a:0a:eb:bf:88:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=690bdb18899afb27fe1ff780516fcc0b93c8b80d
Validity
Not Before: Aug 6 16:20:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4954d17fb11e1cb86a90873d46634e460995e2fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:3e:8f:e4:42:c9:e3:98:ee:11:0b:5a:7c:0b:
3a:79:c2:b1:07:14:52:8c:e4:a7:59:68:6a:1c:ee:
a6:c4:44:66:80:02:35:c8:4a:44:75:cc:ba:aa:cb:
06:ab:4e:87:5f:0a:03:6e:87:2d:1f:96:02:d2:c9:
f7:2f:e0:e2:63:6b:23:0b:33:23:f8:c1:fa:52:5a:
41:92:93:06:25:5e:3e:f8:99:15:c7:4f:d3:0f:02:
3e:61:c3:03:c1:56:2d:ad:20:2f:a4:c1:6c:c9:99:
99:f1:29:b9:9e:cf:61:d6:5d:0e:e4:e7:73:e9:d2:
24:28:4d:70:c5:f5:20:00:f0:09:96:84:fa:1b:4e:
37:6e:36:27:49:2c:62:2b:b0:df:c3:85:38:ed:17:
53:b0:86:79:72:62:94:2b:44:b0:d3:3e:20:bb:60:
17:68:7f:0f:77:19:c4:42:8f:38:80:52:81:58:de:
c8:ce:23:a9:c1:0a:da:fa:4a:1b:ed:b3:61:e2:eb:
23:a2:cb:96:c0:f3:34:a2:41:13:1e:69:e9:a6:b5:
6a:60:57:f1:12:35:bf:87:ea:49:7b:34:63:9b:8c:
89:26:32:63:13:a4:c2:07:e0:fd:bc:b6:62:f2:b7:
74:98:c9:2d:25:4f:30:dc:97:36:32:9d:a9:5d:93:
41:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:54:D1:7F:B1:1E:1C:B8:6A:90:87:3D:46:63:4E:46:09:95:E2:FD
X509v3 Authority Key Identifier:
keyid:69:0B:DB:18:89:9A:FB:27:FE:1F:F7:80:51:6F:CC:0B:93:C8:B8:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aQvbGIma-yf-H_eAUW_MC5PIuA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/6d8470-4861-416d-a72a-28aded8ddfab/1/SVTRf7EeHLhqkIc9RmNORgmV4v0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/6d8470-4861-416d-a72a-28aded8ddfab/1/aQvbGIma-yf-H_eAUW_MC5PIuA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.4.153.0/24
Signature Algorithm: sha256WithRSAEncryption
17:23:e0:8b:37:86:f2:88:c7:53:7d:c4:ba:98:1a:07:c1:a6:
ab:b0:d1:36:f0:f7:c7:ff:59:83:b5:d7:4b:a0:8f:4f:14:4e:
4a:65:fb:5f:e9:8c:0f:b4:2a:69:f4:33:f6:f1:df:39:0f:cb:
13:4f:4a:22:e9:a3:a5:28:1f:af:61:ea:a3:96:12:b9:09:a7:
77:3d:ea:9c:56:43:08:3f:c0:8f:2b:f8:37:06:c2:f7:88:ed:
60:b3:48:c8:7b:6f:43:68:c6:a9:1b:a5:3d:d7:60:2b:a3:9f:
e0:c8:3f:c4:a4:26:b8:b0:21:b0:ec:ff:80:50:58:c6:84:a8:
f0:e9:b0:fd:94:28:1f:94:52:97:ff:92:f9:96:cc:2d:19:98:
a8:a8:0a:dc:d8:05:fe:68:43:36:a8:47:96:03:10:a0:24:1b:
d7:6d:c2:4d:b8:bb:85:81:5d:ff:92:02:f4:d8:03:33:ac:07:
6a:17:59:0e:3a:8c:42:f8:02:7b:2e:4e:34:1b:f5:2c:4e:8f:
6f:51:89:f0:3f:ff:74:46:f8:f5:33:68:4b:33:eb:53:26:b9:
70:ce:a1:ee:1c:3f:3c:90:a2:27:da:ae:c9:de:36:a8:01:93:
f4:9d:09:54:1c:21:96:d5:72:8d:c3:bf:4f:43:c9:5a:79:e7:
c7:b0:8f:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnLphtXOq6jxXv1Sgrrv4jvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5MGJkYjE4ODk5YWZiMjdmZTFmZjc4MDUxNmZjYzBiOTNj
OGI4MGQwHhcNMjMwODA2MTYyMDA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTU0ZDE3ZmIxMWUxY2I4NmE5MDg3M2Q0NjYzNGU0NjA5OTVlMmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiT6P5ELJ45juEQtafAs6ecKxBxRS
jOSnWWhqHO6mxERmgAI1yEpEdcy6qssGq06HXwoDboctH5YC0sn3L+DiY2sjCzMj
+MH6UlpBkpMGJV4++JkVx0/TDwI+YcMDwVYtrSAvpMFsyZmZ8Sm5ns9h1l0O5Odz
6dIkKE1wxfUgAPAJloT6G043bjYnSSxiK7Dfw4U47RdTsIZ5cmKUK0Sw0z4gu2AX
aH8PdxnEQo84gFKBWN7IziOpwQra+kob7bNh4usjosuWwPM0okETHmnpprVqYFfx
EjW/h+pJezRjm4yJJjJjE6TCB+D9vLZi8rd0mMktJU8w3Jc2Mp2pXZNBqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFElU0X+xHhy4apCHPUZjTkYJleL9MB8GA1UdIwQY
MBaAFGkL2xiJmvsn/h/3gFFvzAuTyLgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVF2YkdJbWEteWYtSF9lQVVXX01DNVBJdUEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS82ZDg0NzAtNDg2MS00MTZkLWE3MmEt
MjhhZGVkOGRkZmFiLzEvU1ZUUmY3RWVITGhxa0ljOVJtTk9SZ21WNHYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS82ZDg0NzAtNDg2MS00MTZkLWE3MmEtMjhhZGVkOGRkZmFi
LzEvYVF2YkdJbWEteWYtSF9lQVVXX01DNVBJdUEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgSZMA0G
CSqGSIb3DQEBCwUAA4IBAQAXI+CLN4byiMdTfcS6mBoHwaarsNE28PfH/1mDtddL
oI9PFE5KZftf6YwPtCpp9DP28d85D8sTT0oi6aOlKB+vYeqjlhK5Cad3PeqcVkMI
P8CPK/g3BsL3iO1gs0jIe29DaMapG6U912Aro5/gyD/EpCa4sCGw7P+AUFjGhKjw
6bD9lCgflFKX/5L5lswtGZioqArc2AX+aEM2qEeWAxCgJBvXbcJNuLuFgV3/kgL0
2AMzrAdqF1kOOoxC+AJ7Lk40G/UsTo9vUYnwP/90Rvj1M2hLM+tTJrlwzqHuHD88
kKIn2q7J3jaoAZP0nQlUHCGW1XKNw79PQ8laeefHsI8Y
-----END CERTIFICATE-----
Generated at Wed Apr 16 08:26:03 2025 by rpki-client