Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/5d6f6c-b006-4563-91ad-428a111ac5e0/1/sLzr2Af8_LNEO-ho1S2k8IAoFzk.roa
File: sLzr2Af8_LNEO-ho1S2k8IAoFzk.roa (raw, json)
Hash identifier: HG8dYHXLQ5LnmyFsRxBLVzX9KgvOOfh7EbTpHjWTUKo=
Subject key identifier: B0:BC:EB:D8:07:FC:FC:B3:44:3B:E8:68:D5:2D:A4:F0:80:28:17:39
Certificate issuer: /CN=4afecf6642a450b53b076d446482d9c1a89ded74
Certificate serial: 01856D13CC2132A0100E537662ABAC24D4A3
Authority key identifier: 4A:FE:CF:66:42:A4:50:B5:3B:07:6D:44:64:82:D9:C1:A8:9D:ED:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sv7PZkKkULU7B21EZILZwaid7XQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/5d6f6c-b006-4563-91ad-428a111ac5e0/1/sLzr2Af8_LNEO-ho1S2k8IAoFzk.roa
Signing time: Sun 01 Jan 2023 11:24:52 +0000
ROA not before: Sun 01 Jan 2023 11:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35625
IP address blocks: 194.5.72.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:13:cc:21:32:a0:10:0e:53:76:62:ab:ac:24:d4:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4afecf6642a450b53b076d446482d9c1a89ded74
Validity
Not Before: Jan 1 11:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b0bcebd807fcfcb3443be868d52da4f080281739
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b8:4e:31:f9:8a:f3:23:db:76:e9:d7:fd:d3:
3a:c4:ff:6e:0c:ff:6c:0e:7b:16:47:d8:bf:07:5d:
4d:7d:7e:56:d2:26:89:17:12:c0:3c:f8:51:f0:e7:
b4:22:3b:e3:aa:93:8c:ee:cb:df:12:22:25:5a:b0:
e8:a6:10:00:7c:45:87:90:a2:52:2d:98:43:67:43:
4b:98:43:5a:96:c0:63:9e:19:06:8e:79:f0:e2:e0:
28:b6:dc:b1:dc:35:46:57:06:7b:7e:3e:f9:99:f6:
2e:13:aa:4a:6f:ea:64:9f:29:22:bf:21:1a:a2:f6:
9f:7f:81:fd:69:52:ab:10:52:fc:4c:e5:c4:d4:b2:
f0:46:65:6c:d8:c2:ad:97:a8:d0:79:4b:0e:6c:5f:
fb:0e:be:c3:d1:21:b7:ca:5b:c4:33:93:f0:c5:ca:
40:b0:b5:b5:7b:b9:f4:f1:01:5c:b6:5e:6e:05:bd:
20:75:67:3e:f4:d8:4c:e6:82:39:85:ab:3f:5a:6d:
ee:40:1c:d5:8f:bc:3d:7a:5f:18:c4:49:df:bc:28:
16:4f:bd:d9:1c:4d:7f:86:7e:a5:1d:51:b0:25:da:
e6:59:cc:d5:f9:b0:82:22:cb:fe:da:52:8b:01:d4:
03:dc:19:e5:7b:02:9e:bd:2b:ad:32:48:b2:71:c6:
db:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:BC:EB:D8:07:FC:FC:B3:44:3B:E8:68:D5:2D:A4:F0:80:28:17:39
X509v3 Authority Key Identifier:
keyid:4A:FE:CF:66:42:A4:50:B5:3B:07:6D:44:64:82:D9:C1:A8:9D:ED:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sv7PZkKkULU7B21EZILZwaid7XQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/5d6f6c-b006-4563-91ad-428a111ac5e0/1/sLzr2Af8_LNEO-ho1S2k8IAoFzk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/5d6f6c-b006-4563-91ad-428a111ac5e0/1/Sv7PZkKkULU7B21EZILZwaid7XQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.5.72.0/24
Signature Algorithm: sha256WithRSAEncryption
84:63:46:43:78:9d:8e:34:04:38:95:d6:8c:78:25:0c:a1:c2:
b3:bb:d5:33:79:04:cf:0d:09:5b:ba:7f:3b:2d:d5:65:25:69:
e9:a0:02:11:39:32:26:aa:b4:49:bd:65:e4:39:5f:79:40:03:
cc:fe:02:07:fc:a2:f1:26:aa:9e:24:0f:db:b6:95:fa:ed:37:
86:8e:a4:b3:64:26:b0:e9:d8:a4:9c:d4:60:ef:54:68:f6:37:
8c:53:c4:b1:b1:3c:ad:5d:31:01:bc:9c:66:43:96:97:3f:37:
eb:f3:0f:31:9c:ca:df:62:8c:fc:91:ac:d7:c4:f1:89:2b:b5:
31:35:c6:f1:7a:b8:00:cb:ca:c1:9f:83:ef:12:9a:b9:08:8e:
7e:f4:56:cb:0c:4b:ca:e6:27:83:ae:08:6a:ba:a5:51:22:5e:
27:0a:21:7f:ef:2a:af:4d:c8:27:71:42:33:63:3a:79:c9:61:
aa:4d:7e:e2:a3:09:d8:23:54:e9:85:42:e6:a7:09:6f:8e:5f:
60:67:93:49:3a:39:90:5c:80:7a:bd:6b:04:aa:f5:7a:82:76:
1e:88:6f:36:76:c7:ee:f9:70:eb:19:c3:e9:b2:1f:7b:83:4e:
ec:eb:89:4e:f3:1a:cb:d2:b2:95:66:a1:c4:6a:48:86:29:6e:
bf:04:fb:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtE8whMqAQDlN2YqusJNSjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhZmVjZjY2NDJhNDUwYjUzYjA3NmQ0NDY0ODJkOWMxYTg5
ZGVkNzQwHhcNMjMwMTAxMTEyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGJjZWJkODA3ZmNmY2IzNDQzYmU4NjhkNTJkYTRmMDgwMjgxNzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7hOMfmK8yPbdunX/dM6xP9uDP9s
DnsWR9i/B11NfX5W0iaJFxLAPPhR8Oe0IjvjqpOM7svfEiIlWrDophAAfEWHkKJS
LZhDZ0NLmENalsBjnhkGjnnw4uAottyx3DVGVwZ7fj75mfYuE6pKb+pknykivyEa
ovaff4H9aVKrEFL8TOXE1LLwRmVs2MKtl6jQeUsObF/7Dr7D0SG3ylvEM5PwxcpA
sLW1e7n08QFctl5uBb0gdWc+9NhM5oI5has/Wm3uQBzVj7w9el8YxEnfvCgWT73Z
HE1/hn6lHVGwJdrmWczV+bCCIsv+2lKLAdQD3BnlewKevSutMkiyccbbDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLC869gH/PyzRDvoaNUtpPCAKBc5MB8GA1UdIwQY
MBaAFEr+z2ZCpFC1OwdtRGSC2cGone10MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3Y3UFprS2tVTFU3QjIxRVpJTFp3YWlkN1hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS81ZDZmNmMtYjAwNi00NTYzLTkxYWQt
NDI4YTExMWFjNWUwLzEvc0x6cjJBZjhfTE5FTy1obzFTMms4SUFvRnprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS81ZDZmNmMtYjAwNi00NTYzLTkxYWQtNDI4YTExMWFjNWUw
LzEvU3Y3UFprS2tVTFU3QjIxRVpJTFp3YWlkN1hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgVIMA0G
CSqGSIb3DQEBCwUAA4IBAQCEY0ZDeJ2ONAQ4ldaMeCUMocKzu9UzeQTPDQlbun87
LdVlJWnpoAIROTImqrRJvWXkOV95QAPM/gIH/KLxJqqeJA/btpX67TeGjqSzZCaw
6diknNRg71Ro9jeMU8SxsTytXTEBvJxmQ5aXPzfr8w8xnMrfYoz8kazXxPGJK7Ux
NcbxergAy8rBn4PvEpq5CI5+9FbLDEvK5ieDrghquqVRIl4nCiF/7yqvTcgncUIz
Yzp5yWGqTX7iownYI1TphULmpwlvjl9gZ5NJOjmQXIB6vWsEqvV6gnYeiG82dsfu
+XDrGcPpsh97g07s64lO8xrL0rKVZqHEakiGKW6/BPv+
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:43:45 2025 by rpki-client