Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/4a80e6-1d04-4647-a8d4-2481106f8b25/1/SlXMz-j9ZAhr2i-ICkWFxmDOlL8.roa
File: SlXMz-j9ZAhr2i-ICkWFxmDOlL8.roa (raw, json)
Hash identifier: jjzYGG8sAe94W6b/2mphw9/FLGcRCz0eVuLWQZyTLdI=
Subject key identifier: 4A:55:CC:CF:E8:FD:64:08:6B:DA:2F:88:0A:45:85:C6:60:CE:94:BF
Certificate issuer: /CN=58667131d760b5db1de98ea20c0f82fc01c9f1d9
Certificate serial: 01899694E3B3B96C2CA6203998872F7FA28B
Authority key identifier: 58:66:71:31:D7:60:B5:DB:1D:E9:8E:A2:0C:0F:82:FC:01:C9:F1:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WGZxMddgtdsd6Y6iDA-C_AHJ8dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/4a80e6-1d04-4647-a8d4-2481106f8b25/1/SlXMz-j9ZAhr2i-ICkWFxmDOlL8.roa
Signing time: Thu 27 Jul 2023 09:01:27 +0000
ROA not before: Thu 27 Jul 2023 09:01:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31673
IP address blocks: 193.239.89.0/24 maxlen: 24
2a02:4640::/32 maxlen: 32
2a02:4640:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:96:94:e3:b3:b9:6c:2c:a6:20:39:98:87:2f:7f:a2:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58667131d760b5db1de98ea20c0f82fc01c9f1d9
Validity
Not Before: Jul 27 09:01:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a55cccfe8fd64086bda2f880a4585c660ce94bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a0:2b:a1:48:cd:69:ea:e5:36:38:1c:d1:dc:
01:e4:c6:25:a5:5e:5a:f0:ad:e9:75:6b:67:38:ed:
23:aa:ef:b2:d1:6e:ef:33:b3:3a:f0:27:e1:0d:64:
ab:dc:33:15:18:41:3b:13:1f:a1:f4:92:57:cf:16:
23:9c:5e:6a:a3:fb:d7:2c:e7:19:5c:35:3c:8c:df:
ce:56:09:e0:56:2d:e4:eb:e1:bd:b5:29:8e:77:50:
c4:1c:2d:19:71:1d:30:8c:ca:bc:bb:ce:37:7b:2c:
65:d3:7a:a1:52:26:a5:2a:da:14:37:98:b2:7b:2d:
a4:39:84:0d:4f:6a:bb:b9:e3:ab:d7:7c:c1:8a:5a:
49:2e:4d:b8:42:dc:09:ba:5e:7d:80:35:51:6b:a3:
e7:86:ca:70:8d:28:35:1b:96:a6:cb:ba:1b:d3:85:
53:2e:0c:59:ba:08:96:1b:12:e8:98:0e:61:a6:df:
c4:5a:ff:1a:68:d6:c5:ce:44:0a:da:1e:3d:71:26:
58:9d:ec:54:14:e0:cc:dd:c3:13:d4:77:10:d6:6c:
73:2a:02:cc:28:88:62:ce:46:0a:c3:c9:61:0d:d2:
73:27:02:2a:b5:19:1e:f4:d4:5b:29:21:04:be:bf:
f1:c3:3b:39:1c:49:03:4d:79:e1:4a:88:06:a8:13:
2a:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:55:CC:CF:E8:FD:64:08:6B:DA:2F:88:0A:45:85:C6:60:CE:94:BF
X509v3 Authority Key Identifier:
keyid:58:66:71:31:D7:60:B5:DB:1D:E9:8E:A2:0C:0F:82:FC:01:C9:F1:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WGZxMddgtdsd6Y6iDA-C_AHJ8dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/4a80e6-1d04-4647-a8d4-2481106f8b25/1/SlXMz-j9ZAhr2i-ICkWFxmDOlL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/4a80e6-1d04-4647-a8d4-2481106f8b25/1/WGZxMddgtdsd6Y6iDA-C_AHJ8dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.239.89.0/24
IPv6:
2a02:4640::/32
Signature Algorithm: sha256WithRSAEncryption
a0:1a:8b:54:0f:36:a5:3d:03:f9:db:62:d7:ba:1e:c7:60:d8:
ed:5c:a7:a5:a3:6f:b3:81:02:71:a6:73:e2:7f:60:24:05:b3:
bb:d9:94:ce:4b:2c:67:05:94:42:65:94:c6:28:be:3b:0a:ed:
58:16:97:10:63:0d:e2:d2:94:0c:cf:35:96:2f:67:57:e5:3d:
e7:70:8b:51:1e:e4:ec:73:d9:cd:90:c7:32:23:c9:58:4f:56:
40:9b:7f:ba:72:f9:77:27:50:a3:a7:fd:07:79:a9:49:99:a0:
07:23:ff:ab:f0:af:fb:42:24:89:d5:4f:3f:8e:c2:f6:ee:00:
99:74:fe:55:2c:3c:1b:57:ff:8f:a3:3c:0f:e1:fd:c7:af:ac:
97:d2:e6:b2:07:14:56:77:51:5b:9c:e7:4f:f8:10:59:71:0b:
67:c0:8b:5d:a2:e7:bc:9e:2d:e0:eb:93:d7:d4:8e:0f:89:cb:
f5:05:15:e5:ba:da:40:96:89:5d:5b:2e:90:07:fc:a2:d5:52:
c1:79:6e:9c:85:e6:e2:df:32:3b:ba:9a:32:bf:c5:fd:5b:67:
bf:26:16:80:99:b0:dc:26:1e:af:85:8a:d7:da:2b:25:74:5d:
c9:51:e9:f9:0f:4d:02:f8:9b:99:ee:5e:f9:f2:9e:2b:51:a7:
6b:8b:26:77
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYmWlOOzuWwspiA5mIcvf6KLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4NjY3MTMxZDc2MGI1ZGIxZGU5OGVhMjBjMGY4MmZjMDFj
OWYxZDkwHhcNMjMwNzI3MDkwMTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTU1Y2NjZmU4ZmQ2NDA4NmJkYTJmODgwYTQ1ODVjNjYwY2U5NGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKAroUjNaerlNjgc0dwB5MYlpV5a
8K3pdWtnOO0jqu+y0W7vM7M68CfhDWSr3DMVGEE7Ex+h9JJXzxYjnF5qo/vXLOcZ
XDU8jN/OVgngVi3k6+G9tSmOd1DEHC0ZcR0wjMq8u843eyxl03qhUialKtoUN5iy
ey2kOYQNT2q7ueOr13zBilpJLk24QtwJul59gDVRa6PnhspwjSg1G5amy7ob04VT
LgxZugiWGxLomA5hpt/EWv8aaNbFzkQK2h49cSZYnexUFODM3cMT1HcQ1mxzKgLM
KIhizkYKw8lhDdJzJwIqtRke9NRbKSEEvr/xwzs5HEkDTXnhSogGqBMqeQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEpVzM/o/WQIa9oviApFhcZgzpS/MB8GA1UdIwQY
MBaAFFhmcTHXYLXbHemOogwPgvwByfHZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0daeE1kZGd0ZHNkNlk2aURBLUNfQUhKOGRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS80YTgwZTYtMWQwNC00NjQ3LWE4ZDQt
MjQ4MTEwNmY4YjI1LzEvU2xYTXotajlaQWhyMmktSUNrV0Z4bURPbEw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS80YTgwZTYtMWQwNC00NjQ3LWE4ZDQtMjQ4MTEwNmY4YjI1
LzEvV0daeE1kZGd0ZHNkNlk2aURBLUNfQUhKOGRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwe9ZMA0E
AgACMAcDBQAqAkZAMA0GCSqGSIb3DQEBCwUAA4IBAQCgGotUDzalPQP522LXuh7H
YNjtXKelo2+zgQJxpnPif2AkBbO72ZTOSyxnBZRCZZTGKL47Cu1YFpcQYw3i0pQM
zzWWL2dX5T3ncItRHuTsc9nNkMcyI8lYT1ZAm3+6cvl3J1Cjp/0HealJmaAHI/+r
8K/7QiSJ1U8/jsL27gCZdP5VLDwbV/+PozwP4f3Hr6yX0uayBxRWd1FbnOdP+BBZ
cQtnwItdoue8ni3g65PX1I4Picv1BRXlutpAloldWy6QB/yi1VLBeW6chebi3zI7
upoyv8X9W2e/JhaAmbDcJh6vhYrX2isldF3JUen5D00C+JuZ7l758p4rUadriyZ3
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:09 2025 by rpki-client