Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f7e6e9-c121-4064-8ad5-07c17fe374a6/1/sB4TbC6SfqijRZsGVlenEiXJCRM.roa
File: sB4TbC6SfqijRZsGVlenEiXJCRM.roa (raw, json)
Hash identifier: DLOrYDq2roFkO+BlgsWYiYUxbJ33xzpfl3zuCXE5C44=
Subject key identifier: B0:1E:13:6C:2E:92:7E:A8:A3:45:9B:06:56:57:A7:12:25:C9:09:13
Certificate issuer: /CN=1ac06cf2c9e957537439734f0584a8204a7b8311
Certificate serial: 01856D4177FAF2A5F488D5FDFBA1B6F6B9EC
Authority key identifier: 1A:C0:6C:F2:C9:E9:57:53:74:39:73:4F:05:84:A8:20:4A:7B:83:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GsBs8snpV1N0OXNPBYSoIEp7gxE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f7e6e9-c121-4064-8ad5-07c17fe374a6/1/sB4TbC6SfqijRZsGVlenEiXJCRM.roa
Signing time: Sun 01 Jan 2023 12:14:45 +0000
ROA not before: Sun 01 Jan 2023 12:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 680
IP address blocks: 134.110.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:41:77:fa:f2:a5:f4:88:d5:fd:fb:a1:b6:f6:b9:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ac06cf2c9e957537439734f0584a8204a7b8311
Validity
Not Before: Jan 1 12:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b01e136c2e927ea8a3459b065657a71225c90913
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:92:a2:32:fc:1f:6f:a5:ae:67:5e:4a:3b:9f:
95:64:db:d4:39:bf:74:c6:0a:a7:07:43:0d:0f:8a:
de:15:50:7c:e6:fc:72:1e:3e:3a:42:cc:9b:2c:ba:
5d:08:9e:63:5f:41:f4:4e:3a:c8:b5:19:ec:cd:73:
3a:71:56:7b:e9:c7:83:3c:5e:b4:17:92:94:66:7a:
78:5d:1f:fd:0c:8d:e3:2c:98:56:df:0a:df:ff:2a:
67:5b:58:16:bb:79:de:ee:dc:bb:20:8f:39:5a:f9:
44:ac:f8:24:2d:e9:09:c0:ea:6e:92:e7:5a:73:3b:
32:7c:0b:cb:6f:c0:83:83:64:43:6c:b4:7f:9a:28:
fe:3c:84:b9:68:1c:b4:87:dc:7c:48:04:d6:17:cc:
7b:d6:48:40:0a:8f:2f:35:bc:b9:21:aa:d9:43:22:
87:0b:14:d6:45:7d:1b:80:24:0e:24:10:6b:36:71:
c6:3a:b0:a3:0c:a3:1a:3e:09:59:02:ce:b6:d4:99:
c6:a8:6b:c8:03:08:27:be:a4:72:6e:62:ac:94:86:
b9:99:a4:19:27:96:a2:c3:97:e4:45:a7:b7:5d:97:
00:98:0f:2b:ae:92:a7:f8:90:a1:99:71:09:af:96:
03:e3:9f:fc:12:34:55:b6:45:70:d3:e0:08:96:fb:
f4:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:1E:13:6C:2E:92:7E:A8:A3:45:9B:06:56:57:A7:12:25:C9:09:13
X509v3 Authority Key Identifier:
keyid:1A:C0:6C:F2:C9:E9:57:53:74:39:73:4F:05:84:A8:20:4A:7B:83:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GsBs8snpV1N0OXNPBYSoIEp7gxE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f7e6e9-c121-4064-8ad5-07c17fe374a6/1/sB4TbC6SfqijRZsGVlenEiXJCRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f7e6e9-c121-4064-8ad5-07c17fe374a6/1/GsBs8snpV1N0OXNPBYSoIEp7gxE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.110.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0e:b1:53:f8:98:f8:fb:29:03:f4:55:53:88:3f:33:e1:2c:df:
59:15:be:c9:ef:1e:6c:f6:69:47:c7:8e:fd:98:03:f0:2f:2e:
5c:06:3f:62:b1:af:c3:f7:bc:ac:e8:ca:58:0d:34:0c:6e:67:
56:11:23:b8:f5:3b:8e:d7:85:f9:c2:4b:23:5d:ef:f2:e1:e9:
9b:83:7b:f0:a9:c7:a2:c0:9c:fb:9b:05:29:2f:b6:99:93:1f:
b7:5d:42:c2:7f:4e:52:0b:33:c1:94:8d:18:86:1d:32:d7:1e:
6d:f8:a7:ab:e3:e1:fa:81:b4:8a:53:db:b2:1c:18:72:b7:38:
67:41:d3:0d:70:f2:07:5a:03:de:eb:aa:03:2f:1a:09:d2:bb:
e7:8e:1f:e0:de:26:28:60:27:50:54:14:19:f6:0a:e6:0f:ed:
03:8e:d7:78:c1:c1:99:6b:af:6d:65:29:e0:19:22:84:0e:7b:
a6:bf:57:74:e2:7b:57:1d:97:63:1d:0d:59:23:71:3c:2e:85:
b3:da:41:2a:8c:62:c1:bb:c8:1c:c3:37:ae:30:90:31:93:03:
4d:08:d6:08:54:06:21:89:b9:b5:77:18:6f:52:d4:2d:b6:4a:
87:2c:88:93:79:31:59:81:cd:3b:a2:dd:ae:cb:f1:4b:26:bb:
96:13:40:dc
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVtQXf68qX0iNX9+6G29rnsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhYzA2Y2YyYzllOTU3NTM3NDM5NzM0ZjA1ODRhODIwNGE3
YjgzMTEwHhcNMjMwMTAxMTIxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDFlMTM2YzJlOTI3ZWE4YTM0NTliMDY1NjU3YTcxMjI1YzkwOTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZKiMvwfb6WuZ15KO5+VZNvUOb90
xgqnB0MND4reFVB85vxyHj46QsybLLpdCJ5jX0H0TjrItRnszXM6cVZ76ceDPF60
F5KUZnp4XR/9DI3jLJhW3wrf/ypnW1gWu3ne7ty7II85WvlErPgkLekJwOpukuda
czsyfAvLb8CDg2RDbLR/mij+PIS5aBy0h9x8SATWF8x71khACo8vNby5IarZQyKH
CxTWRX0bgCQOJBBrNnHGOrCjDKMaPglZAs621JnGqGvIAwgnvqRybmKslIa5maQZ
J5aiw5fkRae3XZcAmA8rrpKn+JChmXEJr5YD45/8EjRVtkVw0+AIlvv0mwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFLAeE2wukn6oo0WbBlZXpxIlyQkTMB8GA1UdIwQY
MBaAFBrAbPLJ6VdTdDlzTwWEqCBKe4MRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3NCczhzbnBWMU4wT1hOUEJZU29JRXA3Z3hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mN2U2ZTktYzEyMS00MDY0LThhZDUt
MDdjMTdmZTM3NGE2LzEvc0I0VGJDNlNmcWlqUlpzR1ZsZW5FaVhKQ1JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mN2U2ZTktYzEyMS00MDY0LThhZDUtMDdjMTdmZTM3NGE2
LzEvR3NCczhzbnBWMU4wT1hOUEJZU29JRXA3Z3hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAhm4wDQYJ
KoZIhvcNAQELBQADggEBAA6xU/iY+PspA/RVU4g/M+Es31kVvsnvHmz2aUfHjv2Y
A/AvLlwGP2Kxr8P3vKzoylgNNAxuZ1YRI7j1O47XhfnCSyNd7/Lh6ZuDe/Cpx6LA
nPubBSkvtpmTH7ddQsJ/TlILM8GUjRiGHTLXHm34p6vj4fqBtIpT27IcGHK3OGdB
0w1w8gdaA97rqgMvGgnSu+eOH+DeJihgJ1BUFBn2CuYP7QOO13jBwZlrr21lKeAZ
IoQOe6a/V3Tie1cdl2MdDVkjcTwuhbPaQSqMYsG7yBzDN64wkDGTA00I1ghUBiGJ
ubV3GG9S1C22SocsiJN5MVmBzTui3a7L8Usmu5YTQNw=
-----END CERTIFICATE-----
Generated at Mon Apr 14 14:34:55 2025 by rpki-client