Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/047dec-d844-467a-a01a-fc03ef794718/1/Stem4lmd2XDTqaW5SmNNBClPLYY.roa
File: Stem4lmd2XDTqaW5SmNNBClPLYY.roa (raw, json)
Hash identifier: nBpRrM/Vuer1tbqyXFIJY+LKzrQ0KxD3gJHjaonCSqc=
Subject key identifier: 4A:D7:A6:E2:59:9D:D9:70:D3:A9:A5:B9:4A:63:4D:04:29:4F:2D:86
Certificate issuer: /CN=aecaf94aedffefa4366bca2beb91992c1db34ccc
Certificate serial: 0186311FB5781341D35FFEF7609A2B7591FD
Authority key identifier: AE:CA:F9:4A:ED:FF:EF:A4:36:6B:CA:2B:EB:91:99:2C:1D:B3:4C:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rsr5Su3_76Q2a8or65GZLB2zTMw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/047dec-d844-467a-a01a-fc03ef794718/1/Stem4lmd2XDTqaW5SmNNBClPLYY.roa
Signing time: Wed 08 Feb 2023 13:03:26 +0000
ROA not before: Wed 08 Feb 2023 13:03:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21286
IP address blocks: 193.176.216.0/23 maxlen: 23
2001:67c:5a0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:31:1f:b5:78:13:41:d3:5f:fe:f7:60:9a:2b:75:91:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aecaf94aedffefa4366bca2beb91992c1db34ccc
Validity
Not Before: Feb 8 13:03:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ad7a6e2599dd970d3a9a5b94a634d04294f2d86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:76:a1:28:d4:76:9f:eb:b8:aa:36:d5:cd:f2:
7d:01:49:2d:d9:75:5a:89:09:31:12:8b:8d:7e:38:
c6:96:64:d6:3c:2e:d9:6c:f6:08:81:f4:7b:ce:a9:
8f:0f:73:ad:94:f7:5c:33:34:cd:33:19:c0:34:b1:
cd:eb:f8:98:df:6a:4b:a8:b4:c4:b4:1f:53:c1:8e:
bb:30:b7:a3:8f:90:58:d6:31:1a:a9:74:9e:fa:b6:
37:fe:30:d3:7b:db:ae:04:c6:4f:8a:7e:25:63:db:
ac:73:21:d3:c3:81:0b:a8:97:94:6c:b0:41:f0:36:
48:97:64:ad:31:3c:2b:87:ee:29:04:b5:a5:a5:fa:
7a:a3:d6:f5:c2:f8:7a:1f:f5:17:ca:ea:03:7f:83:
4c:a8:d1:c7:e1:7a:0c:f2:47:ad:b5:67:79:b7:64:
b6:f9:bf:5b:9d:62:23:8b:ff:d1:2f:c6:de:7d:f8:
33:b3:b9:d1:4c:71:4c:ff:ad:de:5e:be:21:1d:87:
1a:81:6d:20:41:92:bc:36:ae:04:87:be:23:72:12:
d0:6a:c4:9a:69:c8:8a:d0:6b:83:bb:6d:5c:f7:0b:
21:14:e4:97:5b:9a:44:20:a7:80:32:f3:25:56:7a:
5d:cb:0c:17:6e:f0:7d:fd:ff:74:65:ea:11:45:0b:
c5:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:D7:A6:E2:59:9D:D9:70:D3:A9:A5:B9:4A:63:4D:04:29:4F:2D:86
X509v3 Authority Key Identifier:
keyid:AE:CA:F9:4A:ED:FF:EF:A4:36:6B:CA:2B:EB:91:99:2C:1D:B3:4C:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rsr5Su3_76Q2a8or65GZLB2zTMw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/047dec-d844-467a-a01a-fc03ef794718/1/Stem4lmd2XDTqaW5SmNNBClPLYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/047dec-d844-467a-a01a-fc03ef794718/1/rsr5Su3_76Q2a8or65GZLB2zTMw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.176.216.0/23
IPv6:
2001:67c:5a0::/48
Signature Algorithm: sha256WithRSAEncryption
54:99:aa:b4:e6:57:3a:be:70:be:93:91:0b:11:39:1a:e7:c5:
d8:3d:9e:16:ce:7a:b9:0b:f5:7c:7e:da:2f:19:3f:ab:e7:23:
a7:89:78:e1:c1:16:b8:6c:44:26:52:59:aa:f7:9c:ea:ff:c5:
16:0c:f5:e3:ab:70:00:60:23:25:1d:24:7c:04:9f:dc:8f:d3:
8e:e5:73:05:04:44:79:90:99:e5:6c:55:5e:88:d0:da:1f:e8:
4a:3b:62:39:4f:e7:d6:02:f8:25:83:2d:25:cf:02:37:bb:93:
be:d0:0b:f0:80:2d:31:33:a5:51:90:25:01:bc:a6:9a:ae:ad:
0d:29:41:59:1a:79:5f:e5:c0:74:17:33:f1:c6:b2:ac:9a:4b:
2d:47:83:98:27:2b:13:68:7e:ce:5e:33:fb:6c:4a:60:0d:8f:
0f:e1:f4:ef:05:b1:d7:f1:8f:33:2b:d4:a7:3c:c3:8e:b7:50:
9d:87:13:1c:be:67:e8:b8:ce:7f:77:ba:d0:2c:8f:5d:04:0e:
7b:bc:83:52:dd:ca:75:60:ea:c8:94:c9:8a:f6:c2:a7:72:b0:
4f:6c:31:bc:88:b8:a9:66:68:09:4b:dc:67:e7:00:c1:d9:fb:
c5:2c:52:f5:07:6f:e1:88:18:5e:b7:d3:86:04:3d:fb:f4:62:
76:52:e8:58
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYYxH7V4E0HTX/73YJordZH9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlY2FmOTRhZWRmZmVmYTQzNjZiY2EyYmViOTE5OTJjMWRi
MzRjY2MwHhcNMjMwMjA4MTMwMzI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWQ3YTZlMjU5OWRkOTcwZDNhOWE1Yjk0YTYzNGQwNDI5NGYyZDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinahKNR2n+u4qjbVzfJ9AUkt2XVa
iQkxEouNfjjGlmTWPC7ZbPYIgfR7zqmPD3OtlPdcMzTNMxnANLHN6/iY32pLqLTE
tB9TwY67MLejj5BY1jEaqXSe+rY3/jDTe9uuBMZPin4lY9uscyHTw4ELqJeUbLBB
8DZIl2StMTwrh+4pBLWlpfp6o9b1wvh6H/UXyuoDf4NMqNHH4XoM8kettWd5t2S2
+b9bnWIji//RL8beffgzs7nRTHFM/63eXr4hHYcagW0gQZK8Nq4Eh74jchLQasSa
aciK0GuDu21c9wshFOSXW5pEIKeAMvMlVnpdywwXbvB9/f90ZeoRRQvF7QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFErXpuJZndlw06mluUpjTQQpTy2GMB8GA1UdIwQY
MBaAFK7K+Urt/++kNmvKK+uRmSwds0zMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnNyNVN1M183NlEyYThvcjY1R1pMQjJ6VE13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8wNDdkZWMtZDg0NC00NjdhLWEwMWEt
ZmMwM2VmNzk0NzE4LzEvU3RlbTRsbWQyWERUcWFXNVNtTk5CQ2xQTFlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8wNDdkZWMtZDg0NC00NjdhLWEwMWEtZmMwM2VmNzk0NzE4
LzEvcnNyNVN1M183NlEyYThvcjY1R1pMQjJ6VE13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBwbDYMA8E
AgACMAkDBwAgAQZ8BaAwDQYJKoZIhvcNAQELBQADggEBAFSZqrTmVzq+cL6TkQsR
ORrnxdg9nhbOerkL9Xx+2i8ZP6vnI6eJeOHBFrhsRCZSWar3nOr/xRYM9eOrcABg
IyUdJHwEn9yP047lcwUERHmQmeVsVV6I0Nof6Eo7YjlP59YC+CWDLSXPAje7k77Q
C/CALTEzpVGQJQG8ppqurQ0pQVkaeV/lwHQXM/HGsqyaSy1Hg5gnKxNofs5eM/ts
SmANjw/h9O8FsdfxjzMr1Kc8w463UJ2HExy+Z+i4zn93utAsj10EDnu8g1LdynVg
6siUyYr2wqdysE9sMbyIuKlmaAlL3GfnAMHZ+8UsUvUHb+GIGF6304YEPfv0YnZS
6Fg=
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:13:59 2025 by rpki-client