Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/sXoevPmZeE9imYWzndt2EoA-q8A.roa
File: sXoevPmZeE9imYWzndt2EoA-q8A.roa (raw, json)
Hash identifier: Resk6puGgappH5uuN7CTP2PBcoPwOuI16gFnBAOe0w0=
Subject key identifier: B1:7A:1E:BC:F9:99:78:4F:62:99:85:B3:9D:DB:76:12:80:3E:AB:C0
Certificate issuer: /CN=0a37d807d4f7cdd3e0afe4abc8ee5a880c6090f1
Certificate serial: 08FEBF86
Authority key identifier: 0A:37:D8:07:D4:F7:CD:D3:E0:AF:E4:AB:C8:EE:5A:88:0C:60:90:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/sXoevPmZeE9imYWzndt2EoA-q8A.roa
Signing time: Sat 01 Jan 2022 08:59:08 +0000
ROA not before: Sat 01 Jan 2022 08:59:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209677
IP address blocks: 192.109.145.0/24 maxlen: 24
159.151.64.0/18 maxlen: 18
2a07:8142::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 150912902 (0x8febf86)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a37d807d4f7cdd3e0afe4abc8ee5a880c6090f1
Validity
Not Before: Jan 1 08:59:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b17a1ebcf999784f629985b39ddb7612803eabc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:43:70:b8:fd:98:9d:85:c3:1c:d4:c7:ec:31:
67:5d:96:46:9e:77:b8:1d:03:d4:11:1a:c3:f4:86:
45:c9:b3:ca:53:85:73:82:8f:76:b0:3b:ca:25:2e:
e3:c2:48:f0:7d:fa:d8:1f:6c:8f:8c:5b:d5:62:fa:
2c:1c:32:45:e9:91:c2:37:15:f7:e4:20:be:12:72:
ff:89:b4:af:32:a6:af:21:20:18:1f:11:d8:aa:f6:
4e:99:dd:f8:fa:f1:42:40:35:91:22:b0:f5:8a:61:
46:eb:7c:f4:cd:d3:18:9b:ab:71:c9:22:ea:6b:f4:
7c:b1:31:60:f9:e9:10:0a:a0:cf:b2:f9:e6:19:4a:
12:cc:f1:12:31:14:a9:3d:40:33:d1:6d:b7:72:75:
37:14:8d:8a:70:34:7f:3c:b1:f0:74:32:fa:e6:01:
49:6c:c6:27:f8:c1:16:ce:19:9f:c9:29:4e:82:15:
04:b6:b8:2f:ec:5e:a5:4b:a3:14:11:54:27:a1:ec:
af:4d:37:6c:37:6a:2e:3f:58:b3:00:e8:c1:17:22:
ef:bc:b4:16:b7:69:58:b5:3e:48:86:88:2e:cc:ca:
3a:bc:ff:3f:73:2b:54:a4:6b:54:53:e1:c1:18:ea:
1c:8f:1b:95:ca:f3:16:93:12:09:b8:d0:00:65:af:
72:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:7A:1E:BC:F9:99:78:4F:62:99:85:B3:9D:DB:76:12:80:3E:AB:C0
X509v3 Authority Key Identifier:
keyid:0A:37:D8:07:D4:F7:CD:D3:E0:AF:E4:AB:C8:EE:5A:88:0C:60:90:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/sXoevPmZeE9imYWzndt2EoA-q8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/CjfYB9T3zdPgr-SryO5aiAxgkPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.151.64.0/18
192.109.145.0/24
IPv6:
2a07:8142::/36
Signature Algorithm: sha256WithRSAEncryption
57:05:8f:c9:5f:9f:3d:84:92:da:16:c7:15:65:58:23:4d:52:
92:d5:ab:7c:33:b9:c4:37:46:1f:9f:a4:f8:b1:b5:f3:60:98:
58:7a:61:f9:21:9b:f7:27:be:f6:9d:16:63:d4:23:1b:2c:e0:
23:c9:9e:11:40:e9:bd:74:ab:c4:a2:7f:76:c7:c5:a0:cb:88:
63:9a:9c:8f:ab:a1:61:bb:25:d8:62:33:5b:73:88:65:17:fe:
21:15:5b:01:f7:98:3d:10:1a:7d:72:64:af:72:26:f1:18:1d:
74:16:67:8f:b2:f8:ad:2e:57:af:8c:2d:b8:51:56:5c:0b:47:
46:b3:83:cc:72:f9:06:98:ed:90:de:dc:49:cd:57:ee:2b:fc:
eb:af:36:94:34:11:f0:ea:1e:72:51:0f:5e:98:ed:fc:5a:79:
09:9e:ee:48:54:4b:74:ae:72:e5:52:b1:ff:b5:6d:7b:80:fd:
6c:e8:0f:71:cf:cd:d5:cc:58:52:25:61:ae:5c:30:da:f7:3b:
e7:23:00:98:2d:d7:e9:18:5e:42:54:4b:7f:9a:c2:82:2e:3b:
d6:48:87:fd:46:17:a0:c2:e0:50:78:67:29:79:3c:a5:b9:d4:
b8:84:85:f0:60:80:04:93:b0:d9:3f:b7:e2:d2:61:3f:a3:d9:
49:d6:76:06
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIECP6/hjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YTM3ZDgwN2Q0ZjdjZGQzZTBhZmU0YWJjOGVlNWE4ODBjNjA5MGYxMB4XDTIyMDEw
MTA4NTkwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjE3YTFlYmNmOTk5
Nzg0ZjYyOTk4NWIzOWRkYjc2MTI4MDNlYWJjMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJJDcLj9mJ2FwxzUx+wxZ12WRp53uB0D1BEaw/SGRcmzylOF
c4KPdrA7yiUu48JI8H362B9sj4xb1WL6LBwyRemRwjcV9+QgvhJy/4m0rzKmryEg
GB8R2Kr2Tpnd+PrxQkA1kSKw9YphRut89M3TGJurccki6mv0fLExYPnpEAqgz7L5
5hlKEszxEjEUqT1AM9Ftt3J1NxSNinA0fzyx8HQy+uYBSWzGJ/jBFs4Zn8kpToIV
BLa4L+xepUujFBFUJ6Hsr003bDdqLj9YswDowRci77y0FrdpWLU+SIaILszKOrz/
P3MrVKRrVFPhwRjqHI8blcrzFpMSCbjQAGWvck8CAwEAAaOCAh8wggIbMB0GA1Ud
DgQWBBSxeh68+Zl4T2KZhbOd23YSgD6rwDAfBgNVHSMEGDAWgBQKN9gH1PfN0+Cv
5KvI7lqIDGCQ8TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NqZllCOVQzemRQZ3ItU3J5TzVhaUF4Z2tQRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODgvYmMyNjhkLTYxZjAtNDcxZi1hYWI5LTgwMGVkYTJjZmIzNi8x
L3NYb2V2UG1aZUU5aW1ZV3puZHQyRW9BLXE4QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODgv
YmMyNjhkLTYxZjAtNDcxZi1hYWI5LTgwMGVkYTJjZmIzNi8xL0NqZllCOVQzemRQ
Z3ItU3J5TzVhaUF4Z2tQRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA1
BggrBgEFBQcBBwEB/wQmMCQwEgQCAAEwDAMEBp+XQAMEAMBtkTAOBAIAAjAIAwYE
KgeBQgAwDQYJKoZIhvcNAQELBQADggEBAFcFj8lfnz2EktoWxxVlWCNNUpLVq3wz
ucQ3Rh+fpPixtfNgmFh6Yfkhm/cnvvadFmPUIxss4CPJnhFA6b10q8Sif3bHxaDL
iGOanI+roWG7JdhiM1tziGUX/iEVWwH3mD0QGn1yZK9yJvEYHXQWZ4+y+K0uV6+M
LbhRVlwLR0azg8xy+QaY7ZDe3EnNV+4r/OuvNpQ0EfDqHnJRD16Y7fxaeQme7khU
S3SucuVSsf+1bXuA/WzoD3HPzdXMWFIlYa5cMNr3O+cjAJgt1+kYXkJUS3+awoIu
O9ZIh/1GF6DC4FB4Zyl5PKW51LiEhfBggASTsNk/t+LSYT+j2UnWdgY=
-----END CERTIFICATE-----
Generated at Tue Apr 22 21:02:31 2025 by rpki-client