Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/a5f150-3d83-42cb-9a47-e3cfe6cec0ac/1/SjWiLXpbcV4GDq4-yxg2DcKIT7g.roa
File: SjWiLXpbcV4GDq4-yxg2DcKIT7g.roa (raw, json)
Hash identifier: 0YDd2tSHqbdlGVUw8534zE6qlD3OgahAHxXc8qTEBx0=
Subject key identifier: 4A:35:A2:2D:7A:5B:71:5E:06:0E:AE:3E:CB:18:36:0D:C2:88:4F:B8
Certificate issuer: /CN=38b5bd39b74f23d7683d1238ea9aca3c66a631a3
Certificate serial: 01856F14EEC9DFD5E98C6FF9F3A95641D2E6
Authority key identifier: 38:B5:BD:39:B7:4F:23:D7:68:3D:12:38:EA:9A:CA:3C:66:A6:31:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLW9ObdPI9doPRI46prKPGamMaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/a5f150-3d83-42cb-9a47-e3cfe6cec0ac/1/SjWiLXpbcV4GDq4-yxg2DcKIT7g.roa
Signing time: Sun 01 Jan 2023 20:45:20 +0000
ROA not before: Sun 01 Jan 2023 20:45:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3203
IP address blocks: 193.0.132.0/22 maxlen: 22
176.115.128.0/22 maxlen: 22
176.115.132.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:ee:c9:df:d5:e9:8c:6f:f9:f3:a9:56:41:d2:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b5bd39b74f23d7683d1238ea9aca3c66a631a3
Validity
Not Before: Jan 1 20:45:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a35a22d7a5b715e060eae3ecb18360dc2884fb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:32:58:1f:95:05:a0:cb:91:36:87:be:a6:19:
9e:f0:76:6a:e9:08:cb:de:20:d2:30:1b:98:81:91:
88:6a:33:e6:55:82:97:c8:87:0b:21:1b:bb:4c:30:
21:71:38:d7:e3:91:04:26:d9:15:8b:bd:d0:8f:7a:
b7:7e:a7:0a:6a:dc:58:24:6c:85:44:75:26:a2:95:
59:1e:f4:c9:c3:b4:96:93:3a:95:e2:2f:fa:e3:86:
bb:c0:58:55:cc:2b:91:be:5b:06:03:21:ce:50:3b:
af:55:40:f4:78:56:54:84:4a:6b:40:91:1d:f3:1e:
b1:3c:79:93:0a:ae:ef:25:68:51:74:15:ab:00:9c:
24:d1:23:ba:66:92:1e:ed:57:1e:cd:58:8b:e9:31:
c3:a7:e1:ca:c0:0a:e5:3f:c5:1a:26:73:69:b5:01:
54:dc:04:6e:28:64:b2:63:3d:bd:c2:c7:93:55:06:
fa:34:f5:a6:45:86:44:52:6a:cc:ea:7e:25:09:85:
8f:c4:d9:df:27:38:4a:21:d3:c0:30:1a:0b:40:a8:
fd:72:aa:66:de:55:4c:87:84:58:27:bb:ac:08:2a:
e2:1b:39:26:2c:ae:9c:fa:66:4c:b5:03:a3:d8:ab:
93:2d:ef:b3:b9:f9:df:44:c3:f7:a7:15:cc:e9:fb:
fb:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:35:A2:2D:7A:5B:71:5E:06:0E:AE:3E:CB:18:36:0D:C2:88:4F:B8
X509v3 Authority Key Identifier:
keyid:38:B5:BD:39:B7:4F:23:D7:68:3D:12:38:EA:9A:CA:3C:66:A6:31:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLW9ObdPI9doPRI46prKPGamMaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/a5f150-3d83-42cb-9a47-e3cfe6cec0ac/1/SjWiLXpbcV4GDq4-yxg2DcKIT7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/a5f150-3d83-42cb-9a47-e3cfe6cec0ac/1/OLW9ObdPI9doPRI46prKPGamMaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.115.128.0/21
193.0.132.0/22
Signature Algorithm: sha256WithRSAEncryption
7f:bf:b9:c5:5f:6d:d4:75:f0:70:e2:43:17:22:58:14:51:62:
68:e5:22:70:85:58:fc:af:f8:4c:79:48:cd:6f:86:9a:a3:e1:
0c:1c:f8:a2:03:ff:85:69:fd:dc:4b:fb:c9:16:b1:54:1b:57:
79:99:59:bd:c3:3b:33:b8:3b:4f:a6:4f:cd:71:ae:00:e9:5c:
1e:08:ed:57:3d:dc:9c:37:01:59:11:dd:0a:e3:96:6b:aa:79:
90:bb:31:b6:14:4f:fc:70:7f:d9:2a:f2:67:e3:fa:9c:da:e0:
7d:98:c6:4a:2d:f6:32:5b:65:f0:bc:39:59:90:06:f6:76:71:
17:8e:3a:1c:11:d6:c4:fe:27:3a:6f:8f:6c:ed:8d:dd:1d:8d:
3c:a0:84:6d:be:c9:ba:cd:b9:ae:3b:80:76:64:21:0f:0f:c9:
b4:88:7f:81:9c:b1:90:d2:39:50:6b:b2:f3:89:cc:fc:21:ad:
f2:fe:ed:15:9d:83:35:51:bf:13:be:49:dc:5b:c9:cd:d0:aa:
73:a9:22:40:26:78:76:65:01:6e:96:d7:94:ec:1a:25:35:fa:
76:14:4b:fb:ce:5c:1a:56:06:ca:14:2a:00:e7:c7:db:e5:e3:
f7:0b:4c:32:a8:06:a1:43:c4:2c:fb:4c:18:87:d5:8f:6e:f6:
ff:0e:7b:37
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvFO7J39XpjG/586lWQdLmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjViZDM5Yjc0ZjIzZDc2ODNkMTIzOGVhOWFjYTNjNjZh
NjMxYTMwHhcNMjMwMTAxMjA0NTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTM1YTIyZDdhNWI3MTVlMDYwZWFlM2VjYjE4MzYwZGMyODg0ZmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkjJYH5UFoMuRNoe+phme8HZq6QjL
3iDSMBuYgZGIajPmVYKXyIcLIRu7TDAhcTjX45EEJtkVi73Qj3q3fqcKatxYJGyF
RHUmopVZHvTJw7SWkzqV4i/644a7wFhVzCuRvlsGAyHOUDuvVUD0eFZUhEprQJEd
8x6xPHmTCq7vJWhRdBWrAJwk0SO6ZpIe7VcezViL6THDp+HKwArlP8UaJnNptQFU
3ARuKGSyYz29wseTVQb6NPWmRYZEUmrM6n4lCYWPxNnfJzhKIdPAMBoLQKj9cqpm
3lVMh4RYJ7usCCriGzkmLK6c+mZMtQOj2KuTLe+zufnfRMP3pxXM6fv7FQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEo1oi16W3FeBg6uPssYNg3CiE+4MB8GA1UdIwQY
MBaAFDi1vTm3TyPXaD0SOOqayjxmpjGjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xXOU9iZFBJOWRvUFJJNDZwcktQR2FtTWFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9hNWYxNTAtM2Q4My00MmNiLTlhNDct
ZTNjZmU2Y2VjMGFjLzEvU2pXaUxYcGJjVjRHRHE0LXl4ZzJEY0tJVDdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9hNWYxNTAtM2Q4My00MmNiLTlhNDctZTNjZmU2Y2VjMGFj
LzEvT0xXOU9iZFBJOWRvUFJJNDZwcktQR2FtTWFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDsHOAAwQC
wQCEMA0GCSqGSIb3DQEBCwUAA4IBAQB/v7nFX23UdfBw4kMXIlgUUWJo5SJwhVj8
r/hMeUjNb4aao+EMHPiiA/+Faf3cS/vJFrFUG1d5mVm9wzszuDtPpk/Nca4A6Vwe
CO1XPdycNwFZEd0K45ZrqnmQuzG2FE/8cH/ZKvJn4/qc2uB9mMZKLfYyW2XwvDlZ
kAb2dnEXjjocEdbE/ic6b49s7Y3dHY08oIRtvsm6zbmuO4B2ZCEPD8m0iH+BnLGQ
0jlQa7Lzicz8Ia3y/u0VnYM1Ub8TvkncW8nN0KpzqSJAJnh2ZQFulteU7BolNfp2
FEv7zlwaVgbKFCoA58fb5eP3C0wyqAahQ8Qs+0wYh9WPbvb/Dns3
-----END CERTIFICATE-----
Generated at Thu Apr 17 01:15:29 2025 by rpki-client