Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/1d7f08-e77c-4338-9a39-8e19c0db86c2/1/s2sgkPib1hY74tgz0x4DNdLteBI.roa
File: s2sgkPib1hY74tgz0x4DNdLteBI.roa (raw, json)
Hash identifier: GgKih/RlZcrkXamankqPvzKNq8rp1ETsg8hOsQ1xdEI=
Subject key identifier: B3:6B:20:90:F8:9B:D6:16:3B:E2:D8:33:D3:1E:03:35:D2:ED:78:12
Certificate issuer: /CN=239572ddfcab6291e6410ccd4e860ee36000e668
Certificate serial: 01856F0B798BE86F4CB63E1B7564616B67CC
Authority key identifier: 23:95:72:DD:FC:AB:62:91:E6:41:0C:CD:4E:86:0E:E3:60:00:E6:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I5Vy3fyrYpHmQQzNToYO42AA5mg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/1d7f08-e77c-4338-9a39-8e19c0db86c2/1/s2sgkPib1hY74tgz0x4DNdLteBI.roa
Signing time: Sun 01 Jan 2023 20:35:00 +0000
ROA not before: Sun 01 Jan 2023 20:35:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197216
IP address blocks: 109.232.160.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:0b:79:8b:e8:6f:4c:b6:3e:1b:75:64:61:6b:67:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=239572ddfcab6291e6410ccd4e860ee36000e668
Validity
Not Before: Jan 1 20:35:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b36b2090f89bd6163be2d833d31e0335d2ed7812
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c2:a9:34:86:cc:97:56:4e:28:27:50:85:30:
bf:8a:7a:b6:f8:08:32:ec:9d:4a:bc:3c:f0:f2:06:
41:c5:e6:4c:54:0a:08:7b:bf:10:3e:bf:d0:fb:22:
aa:09:20:5b:65:f4:5e:68:f8:6a:0e:ed:35:d3:99:
17:a8:1c:b1:04:60:da:d1:26:4e:11:60:1c:7d:a9:
0c:26:5c:d2:d3:e0:d8:01:70:2d:a6:51:03:e1:fa:
be:2a:d2:42:d2:a5:25:fa:d1:3e:02:61:0b:07:05:
02:6f:7e:98:11:0c:c6:b3:5a:79:7a:6f:af:5f:a1:
62:bb:a0:2f:e7:ca:12:65:53:c8:11:8a:ff:ff:8b:
18:df:f0:5e:d9:1c:09:44:a5:38:fd:be:4b:ab:29:
18:80:a8:e3:b6:8e:a3:0a:c8:6f:cb:27:c1:46:3a:
5f:3e:d6:74:d8:c3:9f:93:23:62:60:4f:fb:98:4a:
54:22:9b:dd:e9:ad:e6:93:15:7f:11:10:0e:c2:42:
8c:b4:17:20:57:b9:d1:49:cc:6f:b3:b4:e5:ab:b7:
a0:69:78:be:39:ad:6d:17:6e:ee:8d:9d:86:94:d5:
1c:22:ff:f5:f1:73:ee:7f:cf:66:ef:82:57:56:82:
fb:68:37:85:8d:ef:b0:4e:be:8c:b0:7b:1b:bc:61:
79:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:6B:20:90:F8:9B:D6:16:3B:E2:D8:33:D3:1E:03:35:D2:ED:78:12
X509v3 Authority Key Identifier:
keyid:23:95:72:DD:FC:AB:62:91:E6:41:0C:CD:4E:86:0E:E3:60:00:E6:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I5Vy3fyrYpHmQQzNToYO42AA5mg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/1d7f08-e77c-4338-9a39-8e19c0db86c2/1/s2sgkPib1hY74tgz0x4DNdLteBI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/1d7f08-e77c-4338-9a39-8e19c0db86c2/1/I5Vy3fyrYpHmQQzNToYO42AA5mg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.232.160.0/24
Signature Algorithm: sha256WithRSAEncryption
97:20:6a:b6:1d:da:83:68:94:b0:0e:1e:13:0b:e5:c8:10:78:
ff:a0:70:e2:5b:20:f9:bb:6b:7f:2f:59:f9:e1:55:24:9f:3d:
55:7e:35:bc:a1:20:d4:80:b8:e3:45:90:33:10:05:8d:3e:c8:
ea:61:ce:7c:d7:0a:c4:9d:71:ac:8a:40:12:bf:18:f8:2c:63:
c0:44:a7:3d:24:37:b6:bd:8a:bd:e4:55:34:a7:a1:46:02:f4:
58:be:6b:78:3c:63:84:f2:aa:2b:c4:24:1a:8f:49:50:66:2e:
6d:92:1d:62:03:32:a7:e6:92:c0:91:9c:f3:3f:32:90:32:bf:
bf:e2:20:81:c5:23:4e:2d:0e:e5:5a:f2:94:9c:58:bc:8a:2b:
7b:44:1d:20:51:7b:90:43:87:4b:14:6c:d6:26:11:8d:25:cf:
fc:9a:99:92:a2:2e:d0:c8:2a:54:e3:77:4d:8b:13:f4:fd:79:
af:2a:9f:7b:d9:9d:d7:7e:9c:e9:e1:3a:af:99:bf:c2:ba:d1:
51:b0:6e:bb:40:25:a7:a4:fc:4d:fe:74:cb:31:01:43:03:2e:
e8:e3:92:0a:c5:6e:8f:1b:60:b3:ce:61:86:07:9a:c2:cd:5d:
39:d7:e1:e8:1b:ca:5f:3c:57:a5:f5:1b:f1:6c:1b:c3:cf:44:
48:00:b1:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvC3mL6G9Mtj4bdWRha2fMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzOTU3MmRkZmNhYjYyOTFlNjQxMGNjZDRlODYwZWUzNjAw
MGU2NjgwHhcNMjMwMTAxMjAzNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzZiMjA5MGY4OWJkNjE2M2JlMmQ4MzNkMzFlMDMzNWQyZWQ3ODEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcKpNIbMl1ZOKCdQhTC/inq2+Agy
7J1KvDzw8gZBxeZMVAoIe78QPr/Q+yKqCSBbZfReaPhqDu0105kXqByxBGDa0SZO
EWAcfakMJlzS0+DYAXAtplED4fq+KtJC0qUl+tE+AmELBwUCb36YEQzGs1p5em+v
X6Fiu6Av58oSZVPIEYr//4sY3/Be2RwJRKU4/b5LqykYgKjjto6jCshvyyfBRjpf
PtZ02MOfkyNiYE/7mEpUIpvd6a3mkxV/ERAOwkKMtBcgV7nRScxvs7Tlq7egaXi+
Oa1tF27ujZ2GlNUcIv/18XPuf89m74JXVoL7aDeFje+wTr6MsHsbvGF5gQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLNrIJD4m9YWO+LYM9MeAzXS7XgSMB8GA1UdIwQY
MBaAFCOVct38q2KR5kEMzU6GDuNgAOZoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTVWeTNmeXJZcEhtUVF6TlRvWU80MkFBNW1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8xZDdmMDgtZTc3Yy00MzM4LTlhMzkt
OGUxOWMwZGI4NmMyLzEvczJzZ2tQaWIxaFk3NHRnejB4NEROZEx0ZUJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8xZDdmMDgtZTc3Yy00MzM4LTlhMzktOGUxOWMwZGI4NmMy
LzEvSTVWeTNmeXJZcEhtUVF6TlRvWU80MkFBNW1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbeigMA0G
CSqGSIb3DQEBCwUAA4IBAQCXIGq2HdqDaJSwDh4TC+XIEHj/oHDiWyD5u2t/L1n5
4VUknz1VfjW8oSDUgLjjRZAzEAWNPsjqYc581wrEnXGsikASvxj4LGPARKc9JDe2
vYq95FU0p6FGAvRYvmt4PGOE8qorxCQaj0lQZi5tkh1iAzKn5pLAkZzzPzKQMr+/
4iCBxSNOLQ7lWvKUnFi8iit7RB0gUXuQQ4dLFGzWJhGNJc/8mpmSoi7QyCpU43dN
ixP0/XmvKp972Z3Xfpzp4Tqvmb/CutFRsG67QCWnpPxN/nTLMQFDAy7o45IKxW6P
G2CzzmGGB5rCzV051+HoG8pfPFel9RvxbBvDz0RIALGX
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:20 2025 by rpki-client