Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/b897ad-5d41-40a2-90c3-e29ee3d91395/1/SPasbFU5tA8jlgVt8D2G7e0nmQc.roa
File: SPasbFU5tA8jlgVt8D2G7e0nmQc.roa (raw, json)
Hash identifier: dYAci8chX3WNkAfwteq6yvhtUHjuWmk0fWuZSC197X0=
Subject key identifier: 48:F6:AC:6C:55:39:B4:0F:23:96:05:6D:F0:3D:86:ED:ED:27:99:07
Certificate issuer: /CN=db418bcf3194317b9c2881193196feb598fd9eee
Certificate serial: 0185710BFC44452A7211C6A640C8377DC836
Authority key identifier: DB:41:8B:CF:31:94:31:7B:9C:28:81:19:31:96:FE:B5:98:FD:9E:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/20GLzzGUMXucKIEZMZb-tZj9nu4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/b897ad-5d41-40a2-90c3-e29ee3d91395/1/SPasbFU5tA8jlgVt8D2G7e0nmQc.roa
Signing time: Mon 02 Jan 2023 05:54:48 +0000
ROA not before: Mon 02 Jan 2023 05:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48571
IP address blocks: 91.216.80.0/24 maxlen: 24
194.55.152.0/22 maxlen: 24
91.209.189.0/24 maxlen: 24
2a0c:cb40::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0b:fc:44:45:2a:72:11:c6:a6:40:c8:37:7d:c8:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db418bcf3194317b9c2881193196feb598fd9eee
Validity
Not Before: Jan 2 05:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=48f6ac6c5539b40f2396056df03d86eded279907
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f6:9c:de:45:c7:88:a4:9c:af:cc:5e:77:96:
30:79:8f:da:ac:29:ea:77:ae:ec:d3:5a:cf:f6:36:
4a:a9:17:46:44:6c:d5:9e:df:88:77:00:42:f8:71:
e1:be:9a:5f:0c:cb:ae:cd:28:0e:e1:b5:be:3d:4d:
eb:8d:9b:8d:81:3e:8a:75:53:5a:6e:17:06:2f:90:
b4:93:ef:81:59:83:2c:33:e0:0a:65:b2:63:da:a1:
bf:08:2f:b5:9d:d6:61:da:09:a7:39:ae:e9:91:9e:
e2:55:ce:a9:1c:9d:44:5b:96:1f:bc:dc:2d:b8:79:
11:ff:9a:9b:62:a7:e4:c8:a7:89:f0:7c:53:c5:8d:
ac:cc:18:b9:c3:c2:fa:bd:30:76:8f:3f:12:9d:56:
d0:dd:86:f9:a8:e3:56:cd:d4:d7:30:c7:9e:6e:0f:
c2:e3:73:82:b0:ed:20:c0:37:1e:da:60:5f:71:2e:
a3:28:fe:65:15:7b:af:48:a2:9b:b4:e3:ae:b5:05:
4c:12:8e:e3:54:f3:57:c5:92:0a:75:16:91:cf:4a:
b8:00:20:24:10:12:46:da:92:df:04:81:58:b6:82:
c8:19:55:9b:b3:c0:cb:66:33:e5:39:86:f8:f7:aa:
b0:a6:52:33:a0:bd:88:56:b3:b7:71:1c:72:41:43:
29:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:F6:AC:6C:55:39:B4:0F:23:96:05:6D:F0:3D:86:ED:ED:27:99:07
X509v3 Authority Key Identifier:
keyid:DB:41:8B:CF:31:94:31:7B:9C:28:81:19:31:96:FE:B5:98:FD:9E:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/20GLzzGUMXucKIEZMZb-tZj9nu4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/b897ad-5d41-40a2-90c3-e29ee3d91395/1/SPasbFU5tA8jlgVt8D2G7e0nmQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/b897ad-5d41-40a2-90c3-e29ee3d91395/1/20GLzzGUMXucKIEZMZb-tZj9nu4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.189.0/24
91.216.80.0/24
194.55.152.0/22
IPv6:
2a0c:cb40::/29
Signature Algorithm: sha256WithRSAEncryption
33:07:7f:2f:0a:7e:af:bb:b0:23:aa:5e:0e:ba:a7:37:9e:2e:
f3:41:37:73:db:9b:6f:5a:ea:d6:1c:39:49:12:4a:9b:92:3e:
96:1c:db:09:bf:2d:c2:a9:ce:81:84:eb:8c:3f:eb:52:51:98:
3f:09:04:bd:02:35:2a:7e:7c:75:ca:b2:e2:8e:e5:f8:af:3c:
82:aa:db:d1:e4:0b:48:65:6e:f6:0b:4f:58:a1:7b:08:20:3d:
f8:fb:ef:44:4d:57:68:ef:34:84:bb:5f:dd:f8:da:4c:cf:4b:
f6:fd:16:2d:91:be:4c:a7:df:22:5a:9d:53:b7:03:38:2b:fc:
f7:ce:8a:77:f1:e7:df:00:52:83:70:77:61:91:53:30:0a:5f:
36:1a:1f:d3:a0:a8:14:64:a9:c5:35:47:3f:0b:a9:83:53:59:
c2:53:8c:3c:b6:df:22:45:cd:c3:56:ec:06:51:8f:65:e7:5a:
3c:08:fb:ce:ff:3c:60:6f:59:36:f3:ed:1d:ec:3d:ba:c5:f8:
96:88:b0:70:97:a1:66:a6:c8:da:84:1b:9f:58:db:43:9e:96:
08:41:36:5b:0b:f4:ee:b2:55:24:0c:62:51:74:ab:63:dd:10:
f5:43:7a:f5:68:8e:5e:ee:7e:71:a9:3e:67:bd:f5:63:59:db:
a4:10:27:ce
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVxC/xERSpyEcamQMg3fcg2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNDE4YmNmMzE5NDMxN2I5YzI4ODExOTMxOTZmZWI1OThm
ZDllZWUwHhcNMjMwMTAyMDU1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGY2YWM2YzU1MzliNDBmMjM5NjA1NmRmMDNkODZlZGVkMjc5OTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/ac3kXHiKScr8xed5YweY/arCnq
d67s01rP9jZKqRdGRGzVnt+IdwBC+HHhvppfDMuuzSgO4bW+PU3rjZuNgT6KdVNa
bhcGL5C0k++BWYMsM+AKZbJj2qG/CC+1ndZh2gmnOa7pkZ7iVc6pHJ1EW5YfvNwt
uHkR/5qbYqfkyKeJ8HxTxY2szBi5w8L6vTB2jz8SnVbQ3Yb5qONWzdTXMMeebg/C
43OCsO0gwDce2mBfcS6jKP5lFXuvSKKbtOOutQVMEo7jVPNXxZIKdRaRz0q4ACAk
EBJG2pLfBIFYtoLIGVWbs8DLZjPlOYb496qwplIzoL2IVrO3cRxyQUMp+wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFEj2rGxVObQPI5YFbfA9hu3tJ5kHMB8GA1UdIwQY
MBaAFNtBi88xlDF7nCiBGTGW/rWY/Z7uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjBHTHp6R1VNWHVjS0lFWk1aYi10Wmo5bnU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9iODk3YWQtNWQ0MS00MGEyLTkwYzMt
ZTI5ZWUzZDkxMzk1LzEvU1Bhc2JGVTV0QThqbGdWdDhEMkc3ZTBubVFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9iODk3YWQtNWQ0MS00MGEyLTkwYzMtZTI5ZWUzZDkxMzk1
LzEvMjBHTHp6R1VNWHVjS0lFWk1aYi10Wmo5bnU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAW9G9AwQA
W9hQAwQCwjeYMA0EAgACMAcDBQMqDMtAMA0GCSqGSIb3DQEBCwUAA4IBAQAzB38v
Cn6vu7Ajql4Ouqc3ni7zQTdz25tvWurWHDlJEkqbkj6WHNsJvy3Cqc6BhOuMP+tS
UZg/CQS9AjUqfnx1yrLijuX4rzyCqtvR5AtIZW72C09YoXsIID34++9ETVdo7zSE
u1/d+NpMz0v2/RYtkb5Mp98iWp1TtwM4K/z3zop38effAFKDcHdhkVMwCl82Gh/T
oKgUZKnFNUc/C6mDU1nCU4w8tt8iRc3DVuwGUY9l51o8CPvO/zxgb1k28+0d7D26
xfiWiLBwl6FmpsjahBufWNtDnpYIQTZbC/TuslUkDGJRdKtj3RD1Q3r1aI5e7n5x
qT5nvfVjWdukECfO
-----END CERTIFICATE-----
Generated at Sun Apr 13 05:07:06 2025 by rpki-client