Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/sfh05V4YScDn_ELKkwh9aW1vuN8.roa
File: sfh05V4YScDn_ELKkwh9aW1vuN8.roa (raw, json)
Hash identifier: bsI1oxeb/l0yrQCvDc0Ptbipvjx1lPf4QLGbqHmJncQ=
Subject key identifier: B1:F8:74:E5:5E:18:49:C0:E7:FC:42:CA:93:08:7D:69:6D:6F:B8:DF
Certificate issuer: /CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Certificate serial: 018302A6B21F3A25C7D8B75C57299D7A908E
Authority key identifier: 87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/sfh05V4YScDn_ELKkwh9aW1vuN8.roa
Signing time: Sat 03 Sep 2022 09:20:22 +0000
ROA not before: Sat 03 Sep 2022 09:20:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34535
IP address blocks: 193.0.229.0/24 maxlen: 24
193.0.227.0/24 maxlen: 24
193.0.230.0/24 maxlen: 24
2a0f:cdc0::/32 maxlen: 32
2a0f:cdc1::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:02:a6:b2:1f:3a:25:c7:d8:b7:5c:57:29:9d:7a:90:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Validity
Not Before: Sep 3 09:20:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b1f874e55e1849c0e7fc42ca93087d696d6fb8df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:59:cd:28:26:74:11:60:86:87:91:3f:df:af:
2a:c0:30:9e:ef:db:0f:61:25:5b:1e:e6:fa:99:5d:
89:cc:ac:f1:4f:6b:90:66:9e:b3:e1:a7:fe:40:39:
44:e2:a4:c0:cb:d5:a7:7a:43:f7:f1:89:00:a8:d5:
28:cc:15:36:76:09:6c:aa:5c:11:e3:ae:a5:03:94:
52:c0:37:4c:c2:13:4a:f3:8b:55:5c:54:9a:3d:a6:
c8:4d:72:a3:86:1a:60:75:e7:a4:84:f7:4b:ce:56:
be:7e:a8:c9:30:f8:8d:c1:0c:9e:64:7f:60:d2:57:
e7:4b:25:d3:a8:81:d7:23:be:e7:15:b9:dd:c1:64:
3e:22:fe:34:c6:1f:e5:db:55:c0:e0:50:73:bf:fa:
a3:f7:83:54:1a:0f:d4:7d:46:dd:ba:1a:c0:d1:9e:
15:d6:42:44:7d:91:3b:fe:1f:87:8e:30:77:3e:8a:
d7:d8:b6:45:87:7f:b8:15:81:f4:1f:62:3b:6b:c5:
32:24:5a:81:7a:ea:b4:19:28:b2:fa:30:dc:3a:e3:
7f:35:c4:c7:d2:2b:61:1c:99:0f:5c:dd:70:fe:9d:
f8:ad:38:7e:7b:87:19:e2:d5:ce:dd:17:57:5e:88:
b8:4f:a3:f5:e3:70:0f:69:e1:1c:a7:8d:8b:72:87:
44:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:F8:74:E5:5E:18:49:C0:E7:FC:42:CA:93:08:7D:69:6D:6F:B8:DF
X509v3 Authority Key Identifier:
keyid:87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/sfh05V4YScDn_ELKkwh9aW1vuN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.227.0/24
193.0.229.0-193.0.230.255
IPv6:
2a0f:cdc0::/31
Signature Algorithm: sha256WithRSAEncryption
1e:79:90:e5:8f:75:e2:2e:38:59:f4:1c:f3:52:4a:46:e0:d7:
1b:da:25:41:c8:ed:ef:d7:d3:c4:c5:90:97:c9:b3:42:35:0d:
26:82:d7:fe:38:b0:b2:5d:1f:f9:34:c6:27:6c:45:60:9d:33:
3e:81:1a:c4:1c:33:d7:9e:86:f4:db:c1:aa:7b:57:c4:e3:80:
4a:9d:05:b1:be:45:c3:ac:9d:a4:00:41:24:e2:a1:98:6a:32:
45:8b:5c:cf:be:63:31:32:f6:8e:4e:e2:f4:ad:46:18:73:7c:
01:bf:eb:b8:16:49:74:a6:f9:69:09:f7:ed:ba:2d:e7:74:24:
12:09:58:6f:d1:cf:97:95:31:24:57:5c:98:5a:39:78:ec:a4:
b3:50:01:64:7e:10:3d:56:fc:4f:49:7c:d4:c1:e0:bb:51:e5:
9e:fc:1d:02:e2:9c:06:00:12:2b:59:dd:58:86:32:5a:80:e8:
59:b1:32:cc:7c:c4:24:a0:42:40:e3:9b:08:c1:60:9b:15:c8:
e4:80:d7:06:93:3e:8a:27:e7:49:5b:c3:8b:0a:66:86:55:c0:
6d:41:df:65:5e:51:70:69:14:e4:17:88:d3:23:e4:00:f8:a4:
6a:61:26:ab:d8:73:26:8c:af:03:c4:c2:7d:46:0c:da:8a:69:
84:e1:d3:07
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYMCprIfOiXH2LdcVymdepCOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzhhZDgxNjhlMDljZjkyZDRlMDQ5ODI1N2Y4ZTljZWFi
ZjA2OTIwHhcNMjIwOTAzMDkyMDIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWY4NzRlNTVlMTg0OWMwZTdmYzQyY2E5MzA4N2Q2OTZkNmZiOGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFnNKCZ0EWCGh5E/368qwDCe79sP
YSVbHub6mV2JzKzxT2uQZp6z4af+QDlE4qTAy9WnekP38YkAqNUozBU2dglsqlwR
466lA5RSwDdMwhNK84tVXFSaPabITXKjhhpgdeekhPdLzla+fqjJMPiNwQyeZH9g
0lfnSyXTqIHXI77nFbndwWQ+Iv40xh/l21XA4FBzv/qj94NUGg/UfUbduhrA0Z4V
1kJEfZE7/h+HjjB3PorX2LZFh3+4FYH0H2I7a8UyJFqBeuq0GSiy+jDcOuN/NcTH
0ithHJkPXN1w/p34rTh+e4cZ4tXO3RdXXoi4T6P143APaeEcp42LcodEkwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFLH4dOVeGEnA5/xCypMIfWltb7jfMB8GA1UdIwQY
MBaAFId4rYFo4Jz5LU4EmCV/jpzqvwaSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAt
YWE5ZDY5MTgxMWU3LzEvc2ZoMDVWNFlTY0RuX0VMS2t3aDlhVzF2dU44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAtYWE5ZDY5MTgxMWU3
LzEvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQAwQDjMAwD
BADBAOUDBADBAOYwDQQCAAIwBwMFASoPzcAwDQYJKoZIhvcNAQELBQADggEBAB55
kOWPdeIuOFn0HPNSSkbg1xvaJUHI7e/X08TFkJfJs0I1DSaC1/44sLJdH/k0xids
RWCdMz6BGsQcM9eehvTbwap7V8TjgEqdBbG+RcOsnaQAQSTioZhqMkWLXM++YzEy
9o5O4vStRhhzfAG/67gWSXSm+WkJ9+26Led0JBIJWG/Rz5eVMSRXXJhaOXjspLNQ
AWR+ED1W/E9JfNTB4LtR5Z78HQLinAYAEitZ3ViGMlqA6FmxMsx8xCSgQkDjmwjB
YJsVyOSA1waTPoon50lbw4sKZoZVwG1B32VeUXBpFOQXiNMj5AD4pGphJqvYcyaM
rwPEwn1GDNqKaYTh0wc=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:16 2025 by rpki-client