Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/08a9c8-4be3-4682-af82-2a1cce7d2c65/1/Sb76LTVAfeZzKq3Wqy_bgv5M8gI.roa
File: Sb76LTVAfeZzKq3Wqy_bgv5M8gI.roa (raw, json)
Hash identifier: y8Nams7miGTX8XsE1rmTvsux7dN/qd26AMtmVkif+Qg=
Subject key identifier: 49:BE:FA:2D:35:40:7D:E6:73:2A:AD:D6:AB:2F:DB:82:FE:4C:F2:02
Certificate issuer: /CN=fa1b2478dfe0f33a278b13f42dd319601d6378a8
Certificate serial: 018A8E98248A00B9079F15BB61872F5B28B1
Authority key identifier: FA:1B:24:78:DF:E0:F3:3A:27:8B:13:F4:2D:D3:19:60:1D:63:78:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-hskeN_g8zonixP0LdMZYB1jeKg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/08a9c8-4be3-4682-af82-2a1cce7d2c65/1/Sb76LTVAfeZzKq3Wqy_bgv5M8gI.roa
Signing time: Wed 13 Sep 2023 12:50:50 +0000
ROA not before: Wed 13 Sep 2023 12:50:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207647
IP address blocks: 87.239.9.0/24 maxlen: 24
87.239.8.0/24 maxlen: 24
87.239.10.0/24 maxlen: 24
87.239.12.0/24 maxlen: 24
87.239.15.0/24 maxlen: 24
87.239.14.0/24 maxlen: 24
87.239.13.0/24 maxlen: 24
2001:678:6a0::/48 maxlen: 48
2001:678:be4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8e:98:24:8a:00:b9:07:9f:15:bb:61:87:2f:5b:28:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa1b2478dfe0f33a278b13f42dd319601d6378a8
Validity
Not Before: Sep 13 12:50:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=49befa2d35407de6732aadd6ab2fdb82fe4cf202
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:33:fb:a4:bc:41:bb:3b:09:9b:8a:4e:aa:7e:
a5:ef:bd:f3:66:bd:ec:c6:5f:a2:d5:25:b6:c7:0d:
a4:dd:28:3d:81:20:aa:45:80:bc:e9:90:3d:f1:0b:
0d:8b:62:cb:00:f9:14:73:f9:a1:5e:e1:0b:97:c6:
0a:7e:32:20:79:0b:b1:8d:7d:a4:16:37:c7:d6:84:
55:f9:4f:d0:16:5d:e5:51:aa:02:47:bf:75:2d:d0:
33:c0:7a:06:b9:d4:43:2c:01:3f:68:62:e2:20:a6:
d2:0f:0d:fb:50:09:19:12:fc:aa:88:ab:3e:a9:7f:
64:c1:35:23:7c:f1:0b:40:c4:b0:91:0d:3f:a2:9f:
5f:19:4a:90:99:cd:b2:11:10:60:f4:ad:e8:4c:be:
48:2d:0a:23:76:64:de:f9:85:61:1c:e9:6e:4e:28:
3c:67:9e:de:65:a2:a4:1b:39:a4:15:14:14:75:28:
60:93:6d:e5:d1:21:f5:d6:e4:31:cb:72:36:ca:a6:
bb:6e:68:6d:f4:7a:f1:0b:a4:02:12:1d:9a:f5:cb:
71:9c:a6:91:a1:1b:a0:f6:8e:01:a5:46:6c:2d:97:
8d:2a:61:ae:08:8f:50:df:f8:82:6b:d8:e0:57:98:
81:a8:1b:c6:6a:52:fa:a6:a0:fe:1c:ec:41:a3:27:
bf:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:BE:FA:2D:35:40:7D:E6:73:2A:AD:D6:AB:2F:DB:82:FE:4C:F2:02
X509v3 Authority Key Identifier:
keyid:FA:1B:24:78:DF:E0:F3:3A:27:8B:13:F4:2D:D3:19:60:1D:63:78:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-hskeN_g8zonixP0LdMZYB1jeKg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/08a9c8-4be3-4682-af82-2a1cce7d2c65/1/Sb76LTVAfeZzKq3Wqy_bgv5M8gI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/08a9c8-4be3-4682-af82-2a1cce7d2c65/1/1-hskeN_g8zonixP0LdMZYB1jeKg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.239.8.0-87.239.10.255
87.239.12.0/22
IPv6:
2001:678:6a0::/48
2001:678:be4::/48
Signature Algorithm: sha256WithRSAEncryption
34:25:2e:de:91:a1:47:da:76:3a:b0:b5:05:eb:e3:9d:bb:39:
a6:a0:5b:68:1e:0e:29:64:92:f2:1f:c6:d2:89:46:59:09:b6:
ee:1e:66:e7:25:9f:2d:70:4f:b6:59:3d:3d:da:56:22:52:9a:
e0:a9:77:10:34:fe:27:7f:55:6a:14:85:3a:8b:b4:3b:cc:67:
4b:f7:45:bc:d4:b4:50:0c:1a:97:f9:7b:e7:2a:fc:e3:55:f9:
88:68:5c:2f:12:19:b9:90:16:4f:ea:22:e9:e0:37:37:9c:77:
b6:0f:79:44:57:cd:da:a0:3b:0e:4b:3f:04:1a:5e:de:09:4f:
20:a2:d9:71:0a:33:a9:b8:cb:db:c4:f9:71:64:d6:bd:c0:f8:
aa:17:17:49:81:35:3e:25:b9:67:7a:0e:09:0d:cf:de:26:7d:
d8:6b:ec:00:74:cd:52:f9:0c:3b:5a:fa:68:6d:63:6a:17:ef:
06:4d:0d:fa:be:08:8b:2b:d9:03:ec:12:cd:a0:59:a2:68:86:
50:09:0d:c3:16:48:86:a6:34:cc:1b:5b:99:f7:8b:25:9a:c0:
67:97:24:29:c2:ef:65:72:db:3d:cd:37:c9:b5:2f:0b:34:1d:
4b:a1:0f:1b:07:6f:3f:3f:97:22:31:38:f5:fd:df:4c:fe:c3:
11:e7:44:e6
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYqOmCSKALkHnxW7YYcvWyixMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhMWIyNDc4ZGZlMGYzM2EyNzhiMTNmNDJkZDMxOTYwMWQ2
Mzc4YTgwHhcNMjMwOTEzMTI1MDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWJlZmEyZDM1NDA3ZGU2NzMyYWFkZDZhYjJmZGI4MmZlNGNmMjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmDP7pLxBuzsJm4pOqn6l773zZr3s
xl+i1SW2xw2k3Sg9gSCqRYC86ZA98QsNi2LLAPkUc/mhXuELl8YKfjIgeQuxjX2k
FjfH1oRV+U/QFl3lUaoCR791LdAzwHoGudRDLAE/aGLiIKbSDw37UAkZEvyqiKs+
qX9kwTUjfPELQMSwkQ0/op9fGUqQmc2yERBg9K3oTL5ILQojdmTe+YVhHOluTig8
Z57eZaKkGzmkFRQUdShgk23l0SH11uQxy3I2yqa7bmht9HrxC6QCEh2a9ctxnKaR
oRug9o4BpUZsLZeNKmGuCI9Q3/iCa9jgV5iBqBvGalL6pqD+HOxBoye/bQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFEm++i01QH3mcyqt1qsv24L+TPICMB8GA1UdIwQY
MBaAFPobJHjf4PM6J4sT9C3TGWAdY3ioMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1oc2tlTl9nOHpvbml4UDBMZE1aWUIxamVLZy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWYvMDhhOWM4LTRiZTMtNDY4Mi1hZjgy
LTJhMWNjZTdkMmM2NS8xL1NiNzZMVFZBZmVaektxM1dxeV9iZ3Y1TThnSS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYWYvMDhhOWM4LTRiZTMtNDY4Mi1hZjgyLTJhMWNjZTdkMmM2
NS8xLzEtaHNrZU5fZzh6b25peFAwTGRNWllCMWplS2cuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwRwYIKwYBBQUHAQcBAf8EODA2MBoEAgABMBQwDAMEA1fv
CAMEAFfvCgMEAlfvDDAYBAIAAjASAwcAIAEGeAagAwcAIAEGeAvkMA0GCSqGSIb3
DQEBCwUAA4IBAQA0JS7ekaFH2nY6sLUF6+OduzmmoFtoHg4pZJLyH8bSiUZZCbbu
HmbnJZ8tcE+2WT092lYiUprgqXcQNP4nf1VqFIU6i7Q7zGdL90W81LRQDBqX+Xvn
KvzjVfmIaFwvEhm5kBZP6iLp4Dc3nHe2D3lEV83aoDsOSz8EGl7eCU8gotlxCjOp
uMvbxPlxZNa9wPiqFxdJgTU+Jblneg4JDc/eJn3Ya+wAdM1S+Qw7WvpobWNqF+8G
TQ36vgiLK9kD7BLNoFmiaIZQCQ3DFkiGpjTMG1uZ94slmsBnlyQpwu9lcts9zTfJ
tS8LNB1LoQ8bB28/P5ciMTj1/d9M/sMR50Tm
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:20:47 2025 by rpki-client