Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/e9a31f-1537-40c1-b62d-31adf6439643/1/S0Bd3f3lx2jcCB5-j5c5iUcCkhI.roa
File: S0Bd3f3lx2jcCB5-j5c5iUcCkhI.roa (raw, json)
Hash identifier: tFWJ/9uoRKUTk9gHiO6P+PhqZ68L58wHky8SRg2tYT4=
Subject key identifier: 4B:40:5D:DD:FD:E5:C7:68:DC:08:1E:7E:8F:97:39:89:47:02:92:12
Certificate issuer: /CN=08d493078812d09e1a1e0eb2a380fc6574983f5c
Certificate serial: 01856EAFB71A7E43D3BE035CA5B7CAF1FE83
Authority key identifier: 08:D4:93:07:88:12:D0:9E:1A:1E:0E:B2:A3:80:FC:65:74:98:3F:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CNSTB4gS0J4aHg6yo4D8ZXSYP1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/e9a31f-1537-40c1-b62d-31adf6439643/1/S0Bd3f3lx2jcCB5-j5c5iUcCkhI.roa
Signing time: Sun 01 Jan 2023 18:54:47 +0000
ROA not before: Sun 01 Jan 2023 18:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 786
IP address blocks: 137.43.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:b7:1a:7e:43:d3:be:03:5c:a5:b7:ca:f1:fe:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08d493078812d09e1a1e0eb2a380fc6574983f5c
Validity
Not Before: Jan 1 18:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b405dddfde5c768dc081e7e8f97398947029212
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:b4:f2:f1:f6:65:58:0b:93:9f:bd:14:f5:3b:
c5:79:b5:1b:6b:26:0a:c2:6f:77:1b:7d:99:41:ce:
ab:35:0e:00:57:4c:60:62:7d:50:93:ab:7f:dd:7e:
1a:e2:92:dd:94:8f:7b:33:f9:0c:65:77:83:98:81:
0b:c5:82:81:25:15:43:25:0a:a3:77:ab:0c:62:14:
f2:19:b0:84:7c:5a:01:33:6f:07:40:fe:21:d6:16:
91:54:80:58:ef:3f:12:d9:96:40:fc:a6:82:9a:61:
87:98:cd:ec:09:8a:76:d8:0f:05:ca:a1:f8:ed:23:
5d:c6:6c:c4:e7:0f:62:fc:d6:9b:b8:4a:2c:8b:f4:
bd:04:8c:f4:f8:ab:c6:42:a8:51:fc:e8:cf:72:e7:
8d:a6:17:09:99:30:06:af:b5:3a:c6:af:af:66:ab:
51:85:32:b5:a2:cf:f0:20:0e:cd:12:9d:1d:f9:c0:
aa:d5:c7:11:47:b2:2a:5c:eb:fc:ba:f6:88:81:d5:
df:dc:a6:e9:68:04:16:d2:cb:0d:ea:83:e2:49:ad:
8c:49:3a:42:69:3f:6b:72:dc:73:bd:34:a2:c1:48:
24:03:4b:64:a3:45:19:e3:44:16:07:7e:d8:8d:2a:
87:c5:bc:62:66:54:00:fc:01:e3:97:c7:5e:74:94:
14:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:40:5D:DD:FD:E5:C7:68:DC:08:1E:7E:8F:97:39:89:47:02:92:12
X509v3 Authority Key Identifier:
keyid:08:D4:93:07:88:12:D0:9E:1A:1E:0E:B2:A3:80:FC:65:74:98:3F:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CNSTB4gS0J4aHg6yo4D8ZXSYP1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/e9a31f-1537-40c1-b62d-31adf6439643/1/S0Bd3f3lx2jcCB5-j5c5iUcCkhI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/e9a31f-1537-40c1-b62d-31adf6439643/1/CNSTB4gS0J4aHg6yo4D8ZXSYP1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
137.43.0.0/16
Signature Algorithm: sha256WithRSAEncryption
16:1b:d6:ec:26:17:b5:d3:aa:1a:c2:64:84:63:94:de:95:85:
5f:b7:3c:61:ea:61:4b:32:69:57:06:e0:0b:76:3d:97:a1:56:
5f:a2:1c:d8:0d:ce:1a:f6:50:9c:c7:b4:5a:a2:60:e4:84:90:
66:2c:e3:d9:98:6b:3a:fe:50:b0:98:23:82:86:af:b6:95:d2:
4f:64:32:ea:16:11:bb:3f:4a:2d:de:42:6b:fc:ad:cf:44:4b:
b0:5c:6b:e9:0c:21:58:f0:69:9a:f1:5d:44:19:9d:98:bd:b8:
23:5a:fe:49:42:a7:76:5c:82:f7:f8:aa:2a:c0:cc:76:65:c9:
8a:a7:6b:40:b8:82:19:52:d3:c0:89:75:69:60:89:76:e7:ed:
4c:ef:1a:75:2a:75:4a:a1:6c:f7:fc:90:52:4c:ce:84:dd:d0:
42:c6:0d:d4:80:77:0c:a9:de:28:0d:1d:3e:50:26:a8:b5:da:
62:fa:4a:f4:de:dc:d6:4b:92:83:20:bd:8f:7d:39:94:44:ad:
55:85:a0:f8:bc:2e:f7:b5:9f:b7:ef:80:10:ce:a9:dc:0d:13:
1b:55:50:6f:43:37:49:45:ca:97:d7:21:48:3d:1f:69:9e:c9:
6a:f4:8c:e4:5f:b1:27:c7:27:50:20:80:d2:36:0a:ec:c9:a0:
82:5b:12:52
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVur7cafkPTvgNcpbfK8f6DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ZDQ5MzA3ODgxMmQwOWUxYTFlMGViMmEzODBmYzY1NzQ5
ODNmNWMwHhcNMjMwMTAxMTg1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjQwNWRkZGZkZTVjNzY4ZGMwODFlN2U4Zjk3Mzk4OTQ3MDI5MjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5LTy8fZlWAuTn70U9TvFebUbayYK
wm93G32ZQc6rNQ4AV0xgYn1Qk6t/3X4a4pLdlI97M/kMZXeDmIELxYKBJRVDJQqj
d6sMYhTyGbCEfFoBM28HQP4h1haRVIBY7z8S2ZZA/KaCmmGHmM3sCYp22A8FyqH4
7SNdxmzE5w9i/NabuEosi/S9BIz0+KvGQqhR/OjPcueNphcJmTAGr7U6xq+vZqtR
hTK1os/wIA7NEp0d+cCq1ccRR7IqXOv8uvaIgdXf3KbpaAQW0ssN6oPiSa2MSTpC
aT9rctxzvTSiwUgkA0tko0UZ40QWB37YjSqHxbxiZlQA/AHjl8dedJQU7QIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFEtAXd395cdo3Agefo+XOYlHApISMB8GA1UdIwQY
MBaAFAjUkweIEtCeGh4OsqOA/GV0mD9cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ05TVEI0Z1MwSjRhSGc2eW80RDhaWFNZUDF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9lOWEzMWYtMTUzNy00MGMxLWI2MmQt
MzFhZGY2NDM5NjQzLzEvUzBCZDNmM2x4MmpjQ0I1LWo1YzVpVWNDa2hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9lOWEzMWYtMTUzNy00MGMxLWI2MmQtMzFhZGY2NDM5NjQz
LzEvQ05TVEI0Z1MwSjRhSGc2eW80RDhaWFNZUDF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAiSswDQYJ
KoZIhvcNAQELBQADggEBABYb1uwmF7XTqhrCZIRjlN6VhV+3PGHqYUsyaVcG4At2
PZehVl+iHNgNzhr2UJzHtFqiYOSEkGYs49mYazr+ULCYI4KGr7aV0k9kMuoWEbs/
Si3eQmv8rc9ES7Bca+kMIVjwaZrxXUQZnZi9uCNa/klCp3Zcgvf4qirAzHZlyYqn
a0C4ghlS08CJdWlgiXbn7UzvGnUqdUqhbPf8kFJMzoTd0ELGDdSAdwyp3igNHT5Q
Jqi12mL6SvTe3NZLkoMgvY99OZRErVWFoPi8Lve1n7fvgBDOqdwNExtVUG9DN0lF
ypfXIUg9H2meyWr0jORfsSfHJ1AggNI2CuzJoIJbElI=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:28 2025 by rpki-client