Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/S3nvju02f0pud8mtgRNFfDHLa7w.roa
File: S3nvju02f0pud8mtgRNFfDHLa7w.roa (raw, json)
Hash identifier: N+mopbOnXw1ukohyHCzimsoCUPICt6LQ/jPYZ0NKUl0=
Subject key identifier: 4B:79:EF:8E:ED:36:7F:4A:6E:77:C9:AD:81:13:45:7C:31:CB:6B:BC
Certificate issuer: /CN=56d0e3b28f2be33ec5a9d2ca00ac64155536cbc6
Certificate serial: 0188628F66116C8560391E3CA71C942A3DB3
Authority key identifier: 56:D0:E3:B2:8F:2B:E3:3E:C5:A9:D2:CA:00:AC:64:15:55:36:CB:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VtDjso8r4z7FqdLKAKxkFVU2y8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/S3nvju02f0pud8mtgRNFfDHLa7w.roa
Signing time: Sun 28 May 2023 13:32:24 +0000
ROA not before: Sun 28 May 2023 13:32:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8697
IP address blocks: 213.186.164.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:62:8f:66:11:6c:85:60:39:1e:3c:a7:1c:94:2a:3d:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56d0e3b28f2be33ec5a9d2ca00ac64155536cbc6
Validity
Not Before: May 28 13:32:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b79ef8eed367f4a6e77c9ad8113457c31cb6bbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:be:33:f7:15:7b:b3:9a:ec:58:57:59:f0:13:
5e:33:b2:0e:b1:51:72:28:74:01:5e:39:c9:0d:4d:
75:d1:f5:b0:cc:16:ed:70:7c:e8:8a:48:bd:8d:ad:
98:78:61:8c:02:1f:c7:af:0e:1c:69:82:dd:0d:1c:
4d:2c:d2:cf:95:2a:f3:32:f6:56:18:21:c6:e5:c7:
b5:53:f1:4c:0a:c3:c8:47:2e:8e:88:94:e9:e6:af:
71:5e:c6:e0:77:c0:73:27:7d:ef:ad:ef:9e:a5:41:
a6:40:1b:0e:d8:91:f3:aa:a1:1d:12:5b:d3:2f:28:
d7:09:24:fa:f2:60:e0:d0:1a:27:43:34:5f:0b:71:
e3:e9:f0:f7:ff:4a:f1:88:b6:4f:a6:7a:92:4d:96:
0d:d0:6f:5f:2f:17:6a:33:92:5c:99:6b:36:94:b1:
f7:f1:58:87:31:87:4f:8f:56:9b:b6:84:89:29:ca:
a2:89:70:ca:dd:5d:ab:b4:ee:c9:59:fb:d7:b0:64:
f8:21:03:d0:25:be:28:62:35:26:76:90:13:3b:c7:
45:67:8b:15:1d:6f:2f:8d:5b:49:83:a3:8c:5b:eb:
ce:49:c5:2d:b7:29:d3:9d:d7:8e:eb:cd:65:56:0b:
28:eb:df:e2:1c:3b:03:92:a0:1e:9e:e5:13:7e:0b:
db:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:79:EF:8E:ED:36:7F:4A:6E:77:C9:AD:81:13:45:7C:31:CB:6B:BC
X509v3 Authority Key Identifier:
keyid:56:D0:E3:B2:8F:2B:E3:3E:C5:A9:D2:CA:00:AC:64:15:55:36:CB:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VtDjso8r4z7FqdLKAKxkFVU2y8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/S3nvju02f0pud8mtgRNFfDHLa7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/VtDjso8r4z7FqdLKAKxkFVU2y8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.186.164.0/24
Signature Algorithm: sha256WithRSAEncryption
79:93:94:a1:5c:e7:7b:66:8c:56:1f:72:be:86:dc:b7:51:f5:
7b:74:09:9c:e1:b5:68:40:e4:ff:6c:1e:31:14:5e:10:2c:c1:
39:b9:b3:ac:45:97:f8:e3:54:0c:0f:9d:d1:a7:9a:c3:48:69:
30:70:8d:4b:b1:be:25:bb:59:e0:28:fa:20:10:1c:55:ec:8a:
8f:c8:b1:88:11:c3:e7:34:1d:ab:f5:bc:40:48:c5:cb:d0:78:
9f:24:df:52:53:63:17:14:1c:3e:ae:b5:02:2f:2c:96:84:0a:
78:8a:e7:54:11:93:70:0a:6c:8d:09:02:ac:58:c8:43:f3:cc:
6e:13:14:66:d4:7e:be:09:fd:e6:03:54:7d:12:36:91:84:19:
dd:9b:0b:01:23:55:b1:cd:6c:48:1c:26:dc:b8:df:b9:04:b4:
3e:97:2c:5d:97:4b:65:6f:35:10:b5:bd:98:a5:97:11:ec:7c:
dd:dd:72:e3:e8:e3:c6:48:06:50:17:aa:d8:7a:c7:b7:08:6f:
fc:c8:0b:b2:5b:28:a5:f3:ca:c1:e9:92:e8:39:54:c7:24:37:
27:45:81:e3:bf:8c:60:32:c9:34:0d:2f:2f:74:07:ae:ef:09:
de:f5:c1:a6:8f:2d:f2:12:af:8c:a2:d9:b2:63:4c:4a:19:db:
d9:3e:ca:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhij2YRbIVgOR48pxyUKj2zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2ZDBlM2IyOGYyYmUzM2VjNWE5ZDJjYTAwYWM2NDE1NTUz
NmNiYzYwHhcNMjMwNTI4MTMzMjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Yjc5ZWY4ZWVkMzY3ZjRhNmU3N2M5YWQ4MTEzNDU3YzMxY2I2YmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhb4z9xV7s5rsWFdZ8BNeM7IOsVFy
KHQBXjnJDU110fWwzBbtcHzoiki9ja2YeGGMAh/Hrw4caYLdDRxNLNLPlSrzMvZW
GCHG5ce1U/FMCsPIRy6OiJTp5q9xXsbgd8BzJ33vre+epUGmQBsO2JHzqqEdElvT
LyjXCST68mDg0BonQzRfC3Hj6fD3/0rxiLZPpnqSTZYN0G9fLxdqM5JcmWs2lLH3
8ViHMYdPj1abtoSJKcqiiXDK3V2rtO7JWfvXsGT4IQPQJb4oYjUmdpATO8dFZ4sV
HW8vjVtJg6OMW+vOScUttynTndeO681lVgso69/iHDsDkqAenuUTfgvbAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEt5747tNn9KbnfJrYETRXwxy2u8MB8GA1UdIwQY
MBaAFFbQ47KPK+M+xanSygCsZBVVNsvGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnREanNvOHI0ejdGcWRMS0FLeGtGVlUyeThZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9mZmJmNmEtNzJmMC00MDFmLWIyYzMt
OGI4ZDcyMTcyMDkwLzEvUzNudmp1MDJmMHB1ZDhtdGdSTkZmREhMYTd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9mZmJmNmEtNzJmMC00MDFmLWIyYzMtOGI4ZDcyMTcyMDkw
LzEvVnREanNvOHI0ejdGcWRMS0FLeGtGVlUyeThZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1bqkMA0G
CSqGSIb3DQEBCwUAA4IBAQB5k5ShXOd7ZoxWH3K+hty3UfV7dAmc4bVoQOT/bB4x
FF4QLME5ubOsRZf441QMD53Rp5rDSGkwcI1Lsb4lu1ngKPogEBxV7IqPyLGIEcPn
NB2r9bxASMXL0HifJN9SU2MXFBw+rrUCLyyWhAp4iudUEZNwCmyNCQKsWMhD88xu
ExRm1H6+Cf3mA1R9EjaRhBndmwsBI1WxzWxIHCbcuN+5BLQ+lyxdl0tlbzUQtb2Y
pZcR7Hzd3XLj6OPGSAZQF6rYese3CG/8yAuyWyil88rB6ZLoOVTHJDcnRYHjv4xg
Msk0DS8vdAeu7wne9cGmjy3yEq+MotmyY0xKGdvZPsqB
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:34:20 2025 by rpki-client