Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/3fa09a-e874-4f34-bf45-2c0eda70666a/1/SJwiJlJfe-n-LMtyEsLtjJXp2js.roa
File: SJwiJlJfe-n-LMtyEsLtjJXp2js.roa (raw, json)
Hash identifier: BqkClIGfw9EAZuIFUIuuoN9Q5YLQRDEh+oJ9DLR0AOI=
Subject key identifier: 48:9C:22:26:52:5F:7B:E9:FE:2C:CB:72:12:C2:ED:8C:95:E9:DA:3B
Certificate issuer: /CN=d10e38b0b7a33ef3a16e15433402987d6d678da1
Certificate serial: 01856B89FECEC35D2EC663AFAEFB55AABA37
Authority key identifier: D1:0E:38:B0:B7:A3:3E:F3:A1:6E:15:43:34:02:98:7D:6D:67:8D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Q44sLejPvOhbhVDNAKYfW1njaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/3fa09a-e874-4f34-bf45-2c0eda70666a/1/SJwiJlJfe-n-LMtyEsLtjJXp2js.roa
Signing time: Sun 01 Jan 2023 04:14:43 +0000
ROA not before: Sun 01 Jan 2023 04:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15847
IP address blocks: 195.20.198.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:89:fe:ce:c3:5d:2e:c6:63:af:ae:fb:55:aa:ba:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d10e38b0b7a33ef3a16e15433402987d6d678da1
Validity
Not Before: Jan 1 04:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=489c2226525f7be9fe2ccb7212c2ed8c95e9da3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:f3:88:2f:3e:03:b1:3a:f7:75:45:d4:4d:cb:
ca:11:42:99:b7:f3:6d:b6:51:61:91:e8:b9:04:b3:
24:0c:eb:6c:79:cc:3f:4d:c1:c7:b6:96:ed:cf:5c:
3e:6c:a8:eb:a1:b0:3c:50:41:7c:a4:a8:1d:80:58:
2d:94:f4:cd:da:b5:d1:43:f3:06:e7:54:56:bb:5b:
3b:d3:3e:c2:f4:36:2b:fe:83:4c:ac:27:15:dd:5b:
cb:d9:0c:03:ea:65:63:ce:6b:65:17:4e:8a:fd:8a:
65:97:77:23:f7:0c:af:ed:7c:25:e8:c0:9e:38:7e:
47:4e:c1:78:53:8f:0c:c7:cf:72:aa:c9:9d:5f:2e:
12:22:d3:f9:fc:9f:b3:ce:6d:03:70:e9:52:fe:12:
d7:19:90:a1:65:6d:a2:b6:55:14:56:a0:b7:37:bc:
8e:45:b4:40:4d:37:d6:42:0d:e9:71:78:f2:83:1b:
a6:b5:40:63:87:ca:ec:2a:c3:e2:30:8e:64:fe:7f:
12:02:b1:3d:66:07:92:72:6c:ba:97:f0:cb:3d:54:
c4:ec:06:a1:fc:0e:c6:d5:26:10:7b:87:97:f2:f7:
18:24:af:cc:98:25:9c:61:58:db:e2:e8:fb:e2:99:
1f:d0:3b:69:22:f1:aa:7c:13:5b:c3:4b:f5:ea:67:
cf:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:9C:22:26:52:5F:7B:E9:FE:2C:CB:72:12:C2:ED:8C:95:E9:DA:3B
X509v3 Authority Key Identifier:
keyid:D1:0E:38:B0:B7:A3:3E:F3:A1:6E:15:43:34:02:98:7D:6D:67:8D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Q44sLejPvOhbhVDNAKYfW1njaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/3fa09a-e874-4f34-bf45-2c0eda70666a/1/SJwiJlJfe-n-LMtyEsLtjJXp2js.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/3fa09a-e874-4f34-bf45-2c0eda70666a/1/0Q44sLejPvOhbhVDNAKYfW1njaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.20.198.0/23
Signature Algorithm: sha256WithRSAEncryption
aa:55:8d:de:a1:28:8e:09:75:d5:e4:53:a5:13:bc:de:29:7f:
57:bd:da:1b:23:e4:b7:91:51:49:ef:5d:6f:d9:e0:45:93:a1:
77:75:93:f3:22:64:8d:d8:65:86:c0:af:c1:47:8d:17:30:d2:
0c:e0:c1:e4:b9:3d:42:55:37:ea:35:8e:28:a9:0b:cd:79:da:
c4:38:cc:4f:52:5f:d3:ad:19:e8:2d:e8:c5:cc:54:90:62:df:
4f:90:a7:da:fe:9f:5a:1a:65:09:01:43:7f:f5:6e:66:4e:79:
76:59:5a:fa:8a:59:c2:d8:26:ad:49:49:f4:5b:ca:76:c0:c2:
ea:21:ae:2d:7c:6f:d6:c2:41:bc:15:b9:4f:37:9e:dc:72:45:
e5:bf:8b:27:fb:9b:af:75:e0:a0:1b:4c:d5:f3:ee:58:c1:29:
be:a5:b5:fc:30:a3:2a:29:0c:25:6b:c3:bd:1d:54:de:29:b9:
18:3e:71:ea:9c:96:ae:f6:98:da:a3:52:3f:53:89:df:3c:4e:
fb:45:94:0c:62:6c:c3:19:29:f8:16:06:35:98:d9:a4:6c:eb:
b6:3f:6c:81:1f:3f:05:50:61:eb:33:8a:49:ed:5a:c7:58:e5:
ad:32:3a:6d:fe:45:22:91:19:22:82:e1:02:0f:15:2b:9a:00:
2e:36:8e:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrif7Ow10uxmOvrvtVqro3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxMGUzOGIwYjdhMzNlZjNhMTZlMTU0MzM0MDI5ODdkNmQ2
NzhkYTEwHhcNMjMwMTAxMDQxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODljMjIyNjUyNWY3YmU5ZmUyY2NiNzIxMmMyZWQ4Yzk1ZTlkYTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/OILz4DsTr3dUXUTcvKEUKZt/Nt
tlFhkei5BLMkDOtsecw/TcHHtpbtz1w+bKjrobA8UEF8pKgdgFgtlPTN2rXRQ/MG
51RWu1s70z7C9DYr/oNMrCcV3VvL2QwD6mVjzmtlF06K/Ypll3cj9wyv7Xwl6MCe
OH5HTsF4U48Mx89yqsmdXy4SItP5/J+zzm0DcOlS/hLXGZChZW2itlUUVqC3N7yO
RbRATTfWQg3pcXjygxumtUBjh8rsKsPiMI5k/n8SArE9ZgeScmy6l/DLPVTE7Aah
/A7G1SYQe4eX8vcYJK/MmCWcYVjb4uj74pkf0DtpIvGqfBNbw0v16mfPYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEicIiZSX3vp/izLchLC7YyV6do7MB8GA1UdIwQY
MBaAFNEOOLC3oz7zoW4VQzQCmH1tZ42hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFE0NHNMZWpQdk9oYmhWRE5BS1lmVzFuamFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy8zZmEwOWEtZTg3NC00ZjM0LWJmNDUt
MmMwZWRhNzA2NjZhLzEvU0p3aUpsSmZlLW4tTE10eUVzTHRqSlhwMmpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy8zZmEwOWEtZTg3NC00ZjM0LWJmNDUtMmMwZWRhNzA2NjZh
LzEvMFE0NHNMZWpQdk9oYmhWRE5BS1lmVzFuamFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwxTGMA0G
CSqGSIb3DQEBCwUAA4IBAQCqVY3eoSiOCXXV5FOlE7zeKX9XvdobI+S3kVFJ711v
2eBFk6F3dZPzImSN2GWGwK/BR40XMNIM4MHkuT1CVTfqNY4oqQvNedrEOMxPUl/T
rRnoLejFzFSQYt9PkKfa/p9aGmUJAUN/9W5mTnl2WVr6ilnC2CatSUn0W8p2wMLq
Ia4tfG/WwkG8FblPN57cckXlv4sn+5uvdeCgG0zV8+5YwSm+pbX8MKMqKQwla8O9
HVTeKbkYPnHqnJau9pjao1I/U4nfPE77RZQMYmzDGSn4FgY1mNmkbOu2P2yBHz8F
UGHrM4pJ7VrHWOWtMjpt/kUikRkiguECDxUrmgAuNo4l
-----END CERTIFICATE-----
Generated at Sun Jun 8 10:41:04 2025 by rpki-client