Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/f7189f-9d3b-4fa9-b2c1-5217df3691ab/1/SxkGv0aJbGk6968DpHpMJ4D9Fjo.roa
File: SxkGv0aJbGk6968DpHpMJ4D9Fjo.roa (raw, json)
Hash identifier: 4lJwE0lOmq2gh7KfsK6fWfk9jstfZ0/Rf9wW+DAXtSo=
Subject key identifier: 4B:19:06:BF:46:89:6C:69:3A:F7:AF:03:A4:7A:4C:27:80:FD:16:3A
Certificate issuer: /CN=c76a0db0830338d2d2961e4c8ffb0ab5a03ffe5f
Certificate serial: 01856B80F1B3D61589CFB59342C2AECB869B
Authority key identifier: C7:6A:0D:B0:83:03:38:D2:D2:96:1E:4C:8F:FB:0A:B5:A0:3F:FE:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x2oNsIMDONLSlh5Mj_sKtaA__l8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/f7189f-9d3b-4fa9-b2c1-5217df3691ab/1/SxkGv0aJbGk6968DpHpMJ4D9Fjo.roa
Signing time: Sun 01 Jan 2023 04:04:50 +0000
ROA not before: Sun 01 Jan 2023 04:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42970
IP address blocks: 193.200.182.0/24 maxlen: 24
91.213.25.0/24 maxlen: 24
185.140.196.0/22 maxlen: 22
2a07:1fc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:80:f1:b3:d6:15:89:cf:b5:93:42:c2:ae:cb:86:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c76a0db0830338d2d2961e4c8ffb0ab5a03ffe5f
Validity
Not Before: Jan 1 04:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b1906bf46896c693af7af03a47a4c2780fd163a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:44:a7:8f:45:6f:66:3d:62:d8:73:75:dc:83:
d7:d4:ab:7b:77:4c:76:07:74:74:13:18:15:ab:be:
c5:66:5c:0b:3d:40:d1:7d:5f:f0:a7:88:1e:10:2c:
db:17:13:4c:a2:72:1a:c2:59:88:d4:ea:5d:e9:21:
45:21:f8:f0:21:a5:99:93:4e:e6:ad:f9:84:b7:a0:
15:46:9f:14:3f:39:5a:bc:02:01:0d:de:ab:f9:ff:
00:bd:c2:70:8e:5c:e2:37:19:29:04:51:72:1d:84:
ee:69:9c:43:be:ec:a5:9f:57:e5:4d:c4:d2:30:13:
62:9f:cb:77:01:75:53:53:aa:dd:c1:a4:56:d1:30:
df:b6:ab:6b:6d:01:ec:1d:9d:60:d4:cb:94:5c:41:
b0:ed:c5:44:f5:5a:f1:b3:e0:da:5b:15:f3:b4:09:
a1:41:d6:44:5d:a3:87:27:54:fa:64:18:1a:b7:49:
e0:a1:35:7b:d3:40:b8:f6:d7:cb:00:08:02:cc:8a:
5e:a8:01:3e:78:ee:9b:b0:11:fd:79:2b:01:1b:5c:
ef:6b:6c:25:63:4f:4e:56:0d:f8:eb:68:09:b3:6a:
f0:a0:47:32:61:bc:14:6e:76:b2:34:f1:0d:15:5e:
cc:ee:7c:3e:a4:8d:5b:41:0a:be:67:a0:cf:e9:28:
7e:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:19:06:BF:46:89:6C:69:3A:F7:AF:03:A4:7A:4C:27:80:FD:16:3A
X509v3 Authority Key Identifier:
keyid:C7:6A:0D:B0:83:03:38:D2:D2:96:1E:4C:8F:FB:0A:B5:A0:3F:FE:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x2oNsIMDONLSlh5Mj_sKtaA__l8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/f7189f-9d3b-4fa9-b2c1-5217df3691ab/1/SxkGv0aJbGk6968DpHpMJ4D9Fjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/f7189f-9d3b-4fa9-b2c1-5217df3691ab/1/x2oNsIMDONLSlh5Mj_sKtaA__l8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.25.0/24
185.140.196.0/22
193.200.182.0/24
IPv6:
2a07:1fc0::/29
Signature Algorithm: sha256WithRSAEncryption
47:04:32:09:4a:79:b4:f5:3b:40:72:2f:ca:b2:63:b1:7e:d4:
fb:64:81:bb:c7:58:3e:c3:10:25:05:0d:ae:d0:0b:ad:1a:1b:
09:57:8d:6c:77:65:28:ce:0f:9c:d2:3d:60:0f:6d:de:ce:07:
3d:64:db:78:c8:02:fb:ac:43:33:6c:88:ee:dc:63:6a:90:f2:
cd:41:97:f1:43:7e:c8:52:74:3b:f7:bd:e1:4a:5b:9e:70:e7:
9c:bf:f9:f6:82:5c:ba:7a:9c:fb:0e:6d:b3:c6:c1:c5:1e:dd:
a3:af:e1:4b:ca:57:ba:37:4f:66:27:e0:9c:33:35:bb:44:52:
73:c2:8d:27:20:c7:61:38:f8:f5:b9:bf:33:a2:fe:58:22:47:
03:06:a6:79:16:5b:d5:7c:41:c7:35:43:f5:ca:f4:da:e8:75:
16:91:5b:e4:42:d7:0e:56:ae:60:22:3b:ec:ff:7a:5e:99:5b:
1c:92:54:e6:a4:d4:ca:72:28:89:75:1e:d2:39:8e:4e:d4:f7:
6f:ab:d0:b4:ce:e7:a7:cd:d2:13:5e:d8:a6:c8:08:d8:57:d5:
de:dd:10:32:a7:b5:77:14:2a:9a:d6:5a:e4:fa:9d:76:92:f6:
10:cf:7f:5b:da:5b:1c:f7:6f:b4:e2:f8:0f:1e:b5:76:d9:6d:
bb:34:81:06
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVrgPGz1hWJz7WTQsKuy4abMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NmEwZGIwODMwMzM4ZDJkMjk2MWU0YzhmZmIwYWI1YTAz
ZmZlNWYwHhcNMjMwMTAxMDQwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjE5MDZiZjQ2ODk2YzY5M2FmN2FmMDNhNDdhNGMyNzgwZmQxNjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5kSnj0VvZj1i2HN13IPX1Kt7d0x2
B3R0ExgVq77FZlwLPUDRfV/wp4geECzbFxNMonIawlmI1Opd6SFFIfjwIaWZk07m
rfmEt6AVRp8UPzlavAIBDd6r+f8AvcJwjlziNxkpBFFyHYTuaZxDvuyln1flTcTS
MBNin8t3AXVTU6rdwaRW0TDftqtrbQHsHZ1g1MuUXEGw7cVE9Vrxs+DaWxXztAmh
QdZEXaOHJ1T6ZBgat0ngoTV700C49tfLAAgCzIpeqAE+eO6bsBH9eSsBG1zva2wl
Y09OVg3462gJs2rwoEcyYbwUbnayNPENFV7M7nw+pI1bQQq+Z6DP6Sh+VQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFEsZBr9GiWxpOvevA6R6TCeA/RY6MB8GA1UdIwQY
MBaAFMdqDbCDAzjS0pYeTI/7CrWgP/5fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDJvTnNJTURPTkxTbGg1TWpfc0t0YUFfX2w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9mNzE4OWYtOWQzYi00ZmE5LWIyYzEt
NTIxN2RmMzY5MWFiLzEvU3hrR3YwYUpiR2s2OTY4RHBIcE1KNEQ5RmpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9mNzE4OWYtOWQzYi00ZmE5LWIyYzEtNTIxN2RmMzY5MWFi
LzEveDJvTnNJTURPTkxTbGg1TWpfc0t0YUFfX2w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAW9UZAwQC
uYzEAwQAwci2MA0EAgACMAcDBQMqBx/AMA0GCSqGSIb3DQEBCwUAA4IBAQBHBDIJ
Snm09TtAci/KsmOxftT7ZIG7x1g+wxAlBQ2u0AutGhsJV41sd2Uozg+c0j1gD23e
zgc9ZNt4yAL7rEMzbIju3GNqkPLNQZfxQ37IUnQ7973hSluecOecv/n2gly6epz7
Dm2zxsHFHt2jr+FLyle6N09mJ+CcMzW7RFJzwo0nIMdhOPj1ub8zov5YIkcDBqZ5
FlvVfEHHNUP1yvTa6HUWkVvkQtcOVq5gIjvs/3pemVscklTmpNTKciiJdR7SOY5O
1Pdvq9C0zuenzdITXtimyAjYV9Xe3RAyp7V3FCqa1lrk+p12kvYQz39b2lsc92+0
4vgPHrV22W27NIEG
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:24 2025 by rpki-client