Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/24da6f-5053-414e-9370-16b9eafeb4ea/1/sxVZ6zmTc1oosldbUphBU5w7pyY.roa
File: sxVZ6zmTc1oosldbUphBU5w7pyY.roa (raw, json)
Hash identifier: LW/MxbuWraEdveWT8iI/DTAUigrXpsAMitRD5F2DPWk=
Subject key identifier: B3:15:59:EB:39:93:73:5A:28:B2:57:5B:52:98:41:53:9C:3B:A7:26
Certificate issuer: /CN=00e6e65ed74f06c223a9a49c3ea6d3eeecb23850
Certificate serial: 12FA572E
Authority key identifier: 00:E6:E6:5E:D7:4F:06:C2:23:A9:A4:9C:3E:A6:D3:EE:EC:B2:38:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AObmXtdPBsIjqaScPqbT7uyyOFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/24da6f-5053-414e-9370-16b9eafeb4ea/1/sxVZ6zmTc1oosldbUphBU5w7pyY.roa
Signing time: Sat 01 Jan 2022 14:55:10 +0000
ROA not before: Sat 01 Jan 2022 14:55:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 680
IP address blocks: 193.25.32.0/20 maxlen: 20
192.108.32.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 318396206 (0x12fa572e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00e6e65ed74f06c223a9a49c3ea6d3eeecb23850
Validity
Not Before: Jan 1 14:55:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b31559eb3993735a28b2575b529841539c3ba726
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f5:9e:11:83:3a:79:f3:87:33:ac:25:4a:9b:
27:24:68:43:54:9e:04:1c:6c:42:98:0c:0e:94:ba:
0d:02:7b:9b:0b:7b:19:6c:69:3d:c4:cb:1e:fd:12:
f1:c4:bb:e8:bc:58:e7:8d:2b:ad:04:66:4c:c3:af:
61:1e:40:b0:ae:34:d0:9a:96:11:5b:d1:8c:29:c9:
40:60:56:c5:b2:4f:0a:55:a1:64:21:cb:a5:31:bd:
a4:d6:8a:0a:f8:22:e3:4a:7b:ad:27:14:41:7f:96:
14:bf:b0:bf:d6:74:85:db:69:59:5a:dd:4c:41:fa:
6f:68:bc:51:25:cb:f5:b3:4f:2b:01:3b:1d:b6:80:
5b:a6:7e:b0:cd:4c:ad:69:db:8d:56:8c:1a:b8:87:
cf:b0:f2:1b:9f:83:d2:cf:2b:5b:19:4f:bd:9e:ea:
0a:36:5d:52:f7:53:cc:d3:26:77:d3:40:83:fa:d8:
37:e1:ee:9e:9c:13:d8:59:a4:d3:0e:b4:08:1d:e7:
e6:18:aa:c9:d1:f5:3c:c3:c3:1c:67:1e:67:c2:cf:
26:a3:8c:56:c5:ae:0d:d6:8a:d2:6d:77:09:17:b2:
7c:f0:16:de:0e:14:f5:6c:67:b5:80:49:00:e3:fd:
e1:b0:ef:40:32:37:cb:a9:1a:97:d2:03:71:27:b0:
bb:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:15:59:EB:39:93:73:5A:28:B2:57:5B:52:98:41:53:9C:3B:A7:26
X509v3 Authority Key Identifier:
keyid:00:E6:E6:5E:D7:4F:06:C2:23:A9:A4:9C:3E:A6:D3:EE:EC:B2:38:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AObmXtdPBsIjqaScPqbT7uyyOFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/24da6f-5053-414e-9370-16b9eafeb4ea/1/sxVZ6zmTc1oosldbUphBU5w7pyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/24da6f-5053-414e-9370-16b9eafeb4ea/1/AObmXtdPBsIjqaScPqbT7uyyOFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.108.32.0/24
193.25.32.0/20
Signature Algorithm: sha256WithRSAEncryption
10:55:40:9b:9d:2b:30:e2:2e:84:42:6e:c7:a8:08:87:96:84:
a1:1b:b0:fd:27:5f:3f:ee:05:ec:cc:ca:6f:53:38:71:8a:b8:
60:5e:24:4b:6e:22:c4:af:6a:ed:d1:29:0a:d6:aa:58:fe:d5:
d2:e7:7a:af:42:3c:c9:c2:40:25:71:8d:29:5e:60:db:5b:5c:
b3:49:ee:95:09:ee:45:f8:a9:38:c9:ab:97:32:83:01:73:43:
4d:b2:78:78:b4:eb:ab:de:74:bb:b2:3d:47:6e:b5:6e:91:b7:
14:0a:a4:d4:b2:40:37:2f:68:5d:b5:89:69:b1:e2:93:3d:2b:
51:f6:2a:5e:42:25:08:e3:0c:67:46:d1:99:90:ab:36:d2:2e:
cb:0d:7a:03:83:a9:a0:c6:8a:94:71:fc:bf:42:15:c1:5d:37:
a4:95:e7:0f:7c:4a:4b:b7:ae:ad:ae:68:9e:6f:90:d7:3f:46:
a1:d4:eb:98:43:a4:6c:6c:19:23:6d:1d:16:ad:04:66:bb:92:
8d:05:66:2f:3b:44:9b:34:0a:1b:2f:c7:f4:c4:6d:40:64:3b:
e6:f0:4f:b1:e6:22:30:80:4e:dc:ec:c1:f7:56:dc:8e:9f:93:
42:77:e4:c3:5e:e8:66:e1:f0:b0:6f:45:53:5c:14:54:a8:23:
7e:eb:7c:9a
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEEvpXLjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MGU2ZTY1ZWQ3NGYwNmMyMjNhOWE0OWMzZWE2ZDNlZWVjYjIzODUwMB4XDTIyMDEw
MTE0NTUxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjMxNTU5ZWIzOTkz
NzM1YTI4YjI1NzViNTI5ODQxNTM5YzNiYTcyNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ31nhGDOnnzhzOsJUqbJyRoQ1SeBBxsQpgMDpS6DQJ7mwt7
GWxpPcTLHv0S8cS76LxY540rrQRmTMOvYR5AsK400JqWEVvRjCnJQGBWxbJPClWh
ZCHLpTG9pNaKCvgi40p7rScUQX+WFL+wv9Z0hdtpWVrdTEH6b2i8USXL9bNPKwE7
HbaAW6Z+sM1MrWnbjVaMGriHz7DyG5+D0s8rWxlPvZ7qCjZdUvdTzNMmd9NAg/rY
N+HunpwT2Fmk0w60CB3n5hiqydH1PMPDHGceZ8LPJqOMVsWuDdaK0m13CReyfPAW
3g4U9WxntYBJAOP94bDvQDI3y6kal9IDcSewuxECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSzFVnrOZNzWiiyV1tSmEFTnDunJjAfBgNVHSMEGDAWgBQA5uZe108GwiOp
pJw+ptPu7LI4UDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FPYm1YdGRQQnNJanFhU2NQcWJUN3V5eU9GQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWQvMjRkYTZmLTUwNTMtNDE0ZS05MzcwLTE2YjllYWZlYjRlYS8x
L3N4Vlo2em1UYzFvb3NsZGJVcGhCVTV3N3B5WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWQv
MjRkYTZmLTUwNTMtNDE0ZS05MzcwLTE2YjllYWZlYjRlYS8xL0FPYm1YdGRQQnNJ
anFhU2NQcWJUN3V5eU9GQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAMBsIAMEBMEZIDANBgkqhkiG9w0B
AQsFAAOCAQEAEFVAm50rMOIuhEJux6gIh5aEoRuw/SdfP+4F7MzKb1M4cYq4YF4k
S24ixK9q7dEpCtaqWP7V0ud6r0I8ycJAJXGNKV5g21tcs0nulQnuRfipOMmrlzKD
AXNDTbJ4eLTrq950u7I9R261bpG3FAqk1LJANy9oXbWJabHikz0rUfYqXkIlCOMM
Z0bRmZCrNtIuyw16A4OpoMaKlHH8v0IVwV03pJXnD3xKS7eura5onm+Q1z9GodTr
mEOkbGwZI20dFq0EZruSjQVmLztEmzQKGy/H9MRtQGQ75vBPseYiMIBO3OzB91bc
jp+TQnfkw17oZuHwsG9FU1wUVKgjfut8mg==
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:17:47 2025 by rpki-client