Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/191219-47c9-4b1b-8e46-dd8a68dbd3b6/1/a_SfYhkg7P2fFqtcj0z4khPLvAI.roa
File: a_SfYhkg7P2fFqtcj0z4khPLvAI.roa (raw, json)
Hash identifier: cq7YbpFKv8Sc7kdTOHK/TeHlFyuafZan0rWdT2vC+Vo=
Subject key identifier: 6B:F4:9F:62:19:20:EC:FD:9F:16:AB:5C:8F:4C:F8:92:13:CB:BC:02
Certificate issuer: /CN=ffabc23595fd80447d98f5ec3513161bd2473fc6
Certificate serial: 01856F54B009E03BD6029D3319D2AE7F0873
Authority key identifier: FF:AB:C2:35:95:FD:80:44:7D:98:F5:EC:35:13:16:1B:D2:47:3F:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_6vCNZX9gER9mPXsNRMWG9JHP8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/191219-47c9-4b1b-8e46-dd8a68dbd3b6/1/a_SfYhkg7P2fFqtcj0z4khPLvAI.roa
Signing time: Sun 01 Jan 2023 21:54:59 +0000
ROA not before: Sun 01 Jan 2023 21:54:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203568
IP address blocks: 193.222.252.0/23 maxlen: 23
193.223.70.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:54:b0:09:e0:3b:d6:02:9d:33:19:d2:ae:7f:08:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffabc23595fd80447d98f5ec3513161bd2473fc6
Validity
Not Before: Jan 1 21:54:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6bf49f621920ecfd9f16ab5c8f4cf89213cbbc02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:9d:91:a6:da:be:49:88:3c:a8:89:79:09:bd:
9a:42:21:21:75:78:bf:99:0a:ad:7a:87:d1:a0:63:
07:65:2e:91:2d:76:2b:1c:e7:4b:55:e8:0a:82:40:
dc:98:3f:da:06:90:6f:c3:ab:4f:37:40:c6:89:7f:
19:fe:8e:fd:f7:97:42:c2:a5:bb:0b:5c:23:c1:4c:
1b:b0:65:b8:3b:16:f0:fb:07:a0:3b:09:ef:05:06:
70:a9:ed:9b:fc:dc:dc:ab:0b:57:1c:be:24:cb:35:
21:ce:49:a0:c9:64:29:5d:db:7a:38:1a:32:88:fa:
22:0a:68:6e:ea:c7:ad:4a:62:c3:3c:18:2a:ec:6a:
4c:00:f3:0e:c2:d3:da:b5:60:d9:16:b7:b8:5e:6e:
7f:05:0d:0b:34:10:d8:4f:7f:30:25:70:da:ae:fc:
c2:ed:eb:09:d6:85:0c:fe:a9:1b:1a:b7:39:7c:4f:
12:aa:a1:e0:d2:4c:76:27:7a:48:55:fb:85:07:47:
ef:cc:98:90:dc:51:7c:d2:3b:38:30:28:7c:c3:ed:
07:0e:26:95:dd:fc:66:3f:28:04:07:5e:a5:83:de:
89:6f:6a:08:0b:5e:81:6d:17:38:d7:65:3b:52:8a:
36:98:16:ef:e9:c0:f4:49:aa:47:d5:7d:d4:79:e1:
e0:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:F4:9F:62:19:20:EC:FD:9F:16:AB:5C:8F:4C:F8:92:13:CB:BC:02
X509v3 Authority Key Identifier:
keyid:FF:AB:C2:35:95:FD:80:44:7D:98:F5:EC:35:13:16:1B:D2:47:3F:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_6vCNZX9gER9mPXsNRMWG9JHP8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/191219-47c9-4b1b-8e46-dd8a68dbd3b6/1/a_SfYhkg7P2fFqtcj0z4khPLvAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/191219-47c9-4b1b-8e46-dd8a68dbd3b6/1/_6vCNZX9gER9mPXsNRMWG9JHP8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.222.252.0/23
193.223.70.0/23
Signature Algorithm: sha256WithRSAEncryption
43:fb:7e:a3:51:63:99:d5:53:ff:48:06:c0:3d:2c:c3:98:ba:
6f:3e:21:c3:8d:4c:c3:5c:0e:37:f1:0f:9b:90:e8:60:49:c7:
60:aa:83:c1:50:84:aa:80:c2:bd:02:a9:60:3a:0b:f7:63:1f:
ec:e5:0b:69:a5:35:a8:78:7d:8a:f6:ba:dd:c1:d4:8e:26:70:
1e:78:8f:83:b4:6a:48:5e:93:e8:99:f5:52:4a:2d:9e:a8:f2:
f2:28:57:7d:84:35:3f:e3:bf:fe:07:ca:8e:a7:8d:92:bf:b3:
e6:d6:f9:5c:d6:6a:90:46:30:4f:c3:8d:5b:e5:3a:c0:af:5d:
c5:b5:0c:09:0b:bc:c9:02:b8:cf:c2:a0:dc:56:89:3c:8a:ce:
40:96:91:9d:87:5a:ce:2d:37:78:0a:1c:38:e2:05:45:07:bd:
f8:03:1e:6f:de:d4:3f:b7:17:7a:b9:6b:e0:e2:7b:55:e7:3a:
1b:e9:6b:54:c6:13:d3:77:06:39:3f:96:ae:b9:b3:83:c6:bb:
97:d3:a5:13:a2:e0:d4:9f:ed:6c:ef:cb:03:6a:f8:db:0c:ff:
88:a0:3f:a8:22:e4:6f:7e:34:5e:83:48:f2:fe:c2:64:06:18:
15:3d:3a:85:2f:38:eb:c6:8d:33:3c:c0:86:47:c1:69:c5:07:
77:d8:e9:5b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvVLAJ4DvWAp0zGdKufwhzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmYWJjMjM1OTVmZDgwNDQ3ZDk4ZjVlYzM1MTMxNjFiZDI0
NzNmYzYwHhcNMjMwMTAxMjE1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmY0OWY2MjE5MjBlY2ZkOWYxNmFiNWM4ZjRjZjg5MjEzY2JiYzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJ2Rptq+SYg8qIl5Cb2aQiEhdXi/
mQqteofRoGMHZS6RLXYrHOdLVegKgkDcmD/aBpBvw6tPN0DGiX8Z/o7995dCwqW7
C1wjwUwbsGW4Oxbw+wegOwnvBQZwqe2b/NzcqwtXHL4kyzUhzkmgyWQpXdt6OBoy
iPoiCmhu6setSmLDPBgq7GpMAPMOwtPatWDZFre4Xm5/BQ0LNBDYT38wJXDarvzC
7esJ1oUM/qkbGrc5fE8SqqHg0kx2J3pIVfuFB0fvzJiQ3FF80js4MCh8w+0HDiaV
3fxmPygEB16lg96Jb2oIC16BbRc412U7Uoo2mBbv6cD0SapH1X3UeeHggwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGv0n2IZIOz9nxarXI9M+JITy7wCMB8GA1UdIwQY
MBaAFP+rwjWV/YBEfZj17DUTFhvSRz/GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzZ2Q05aWDlnRVI5bVBYc05STVdHOUpIUDhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8xOTEyMTktNDdjOS00YjFiLThlNDYt
ZGQ4YTY4ZGJkM2I2LzEvYV9TZlloa2c3UDJmRnF0Y2owejRraFBMdkFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8xOTEyMTktNDdjOS00YjFiLThlNDYtZGQ4YTY4ZGJkM2I2
LzEvXzZ2Q05aWDlnRVI5bVBYc05STVdHOUpIUDhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwd78AwQB
wd9GMA0GCSqGSIb3DQEBCwUAA4IBAQBD+36jUWOZ1VP/SAbAPSzDmLpvPiHDjUzD
XA438Q+bkOhgScdgqoPBUISqgMK9AqlgOgv3Yx/s5QtppTWoeH2K9rrdwdSOJnAe
eI+DtGpIXpPomfVSSi2eqPLyKFd9hDU/47/+B8qOp42Sv7Pm1vlc1mqQRjBPw41b
5TrAr13FtQwJC7zJArjPwqDcVok8is5AlpGdh1rOLTd4Chw44gVFB734Ax5v3tQ/
txd6uWvg4ntV5zob6WtUxhPTdwY5P5auubODxruX06UTouDUn+1s78sDavjbDP+I
oD+oIuRvfjReg0jy/sJkBhgVPTqFLzjrxo0zPMCGR8FpxQd32Olb
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:46:16 2025 by rpki-client