Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/sPUNCiEz_B2FdKIDYo88CizpsSo.roa
File: sPUNCiEz_B2FdKIDYo88CizpsSo.roa (raw, json)
Hash identifier: 1XN1jIW9ffN/pNey9x/Q5KHqx/ZEdvLSCeb2QW3cTB4=
Subject key identifier: B0:F5:0D:0A:21:33:FC:1D:85:74:A2:03:62:8F:3C:0A:2C:E9:B1:2A
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018BEC2E5703AD67A9E64052C2C8DF64116E
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/sPUNCiEz_B2FdKIDYo88CizpsSo.roa
Signing time: Mon 20 Nov 2023 10:02:21 +0000
ROA not before: Mon 20 Nov 2023 10:02:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197992
IP address blocks: 194.33.32.0/24 maxlen: 24
2a0f:7f00::/29 maxlen: 29
2a13:2cc0::/29 maxlen: 29
2a06:dfc0::/29 maxlen: 29
2a0e:5a80::/29 maxlen: 29
2a13:2b40::/29 maxlen: 29
2a13:d300::/29 maxlen: 29
2a13:200::/29 maxlen: 29
2a12:d540::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ec:2e:57:03:ad:67:a9:e6:40:52:c2:c8:df:64:11:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Nov 20 10:02:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b0f50d0a2133fc1d8574a203628f3c0a2ce9b12a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:c1:cd:33:81:7d:63:5d:6e:a0:15:63:88:ed:
52:7a:4c:c2:07:1d:de:5a:5f:5d:de:25:ce:bc:3e:
7f:98:c3:ff:4d:05:b5:13:95:6c:42:8d:fa:63:20:
f5:cc:6d:57:f0:04:f1:09:e0:fd:52:0e:63:a5:0a:
92:f5:a4:35:0a:e8:e2:fa:ba:27:2a:be:24:60:20:
bb:24:a6:bc:c0:45:5a:40:36:e9:f0:24:71:c1:e0:
58:58:07:c5:4c:43:5a:57:5f:70:db:aa:0a:91:32:
04:d7:d8:a5:17:6f:c6:43:22:8f:da:29:5f:20:88:
83:85:02:14:2d:15:0a:ff:f0:1e:e8:94:b9:21:a5:
f3:44:f0:03:0e:c8:6f:79:18:05:bc:e7:3d:72:57:
35:30:a2:0e:38:74:ff:f3:3d:3c:a1:93:6a:17:25:
55:26:eb:a5:7e:4d:89:c7:58:fd:55:6b:77:5f:6d:
6d:f0:d9:52:8f:6f:aa:5c:f0:e0:ac:29:db:28:21:
15:a5:7a:71:a9:05:a8:73:20:70:9e:bc:ea:f1:70:
24:ae:ee:5a:a1:cc:8d:5b:1b:14:5d:60:de:df:18:
1b:e1:89:81:89:af:13:be:89:e8:df:4b:84:5f:ef:
a0:8d:04:2f:68:f3:b0:70:35:3f:b4:29:9f:09:3b:
12:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:F5:0D:0A:21:33:FC:1D:85:74:A2:03:62:8F:3C:0A:2C:E9:B1:2A
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/sPUNCiEz_B2FdKIDYo88CizpsSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.33.32.0/24
IPv6:
2a06:dfc0::/29
2a0e:5a80::/29
2a0f:7f00::/29
2a12:d540::/29
2a13:200::/29
2a13:2b40::/29
2a13:2cc0::/29
2a13:d300::/29
Signature Algorithm: sha256WithRSAEncryption
62:ab:60:15:49:24:62:fe:db:e7:9c:4f:cf:5a:c1:df:d2:45:
eb:c4:d8:e1:ed:84:c9:3a:90:31:bd:8f:24:68:86:7f:5b:bb:
1c:0e:98:02:ee:8c:37:d9:42:ef:f9:f2:a6:c7:b5:b7:f3:f2:
2b:5f:ed:64:c7:e5:28:cd:f5:63:40:94:52:f3:d3:48:98:54:
91:da:8d:a1:a6:e7:4c:c2:69:e7:a6:8b:7e:a5:56:c6:8d:a1:
74:31:3c:7a:f9:25:6b:92:88:bf:28:e3:9a:d1:7b:35:f0:17:
6f:d3:c8:77:74:6d:d4:a0:b7:7d:dc:ae:f5:40:54:ed:fd:73:
9f:83:41:99:1d:00:4b:16:10:bb:0f:82:7b:c5:5e:c8:5a:86:
d9:8d:d4:d9:50:f9:a1:b7:b0:d4:2d:0e:6b:50:10:0c:89:7f:
3a:0d:b9:34:29:54:70:03:5e:ba:d7:c5:c0:dc:0c:a5:71:2b:
61:41:a7:68:75:2a:f0:1e:57:0b:35:ec:06:fe:9a:48:d9:16:
4e:43:47:9e:a9:60:fd:88:79:15:f0:50:95:d2:1a:d4:85:c4:
ef:4e:cf:f7:93:5c:0c:b3:32:b2:1a:61:89:5d:f7:90:9d:7f:
be:b7:d1:ec:76:21:10:10:a8:96:0f:40:75:b6:31:f1:12:35:
6b:c6:f5:60
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYvsLlcDrWep5kBSwsjfZBFuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMxMTIwMTAwMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGY1MGQwYTIxMzNmYzFkODU3NGEyMDM2MjhmM2MwYTJjZTliMTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh8HNM4F9Y11uoBVjiO1SekzCBx3e
Wl9d3iXOvD5/mMP/TQW1E5VsQo36YyD1zG1X8ATxCeD9Ug5jpQqS9aQ1Cuji+ron
Kr4kYCC7JKa8wEVaQDbp8CRxweBYWAfFTENaV19w26oKkTIE19ilF2/GQyKP2ilf
IIiDhQIULRUK//Ae6JS5IaXzRPADDshveRgFvOc9clc1MKIOOHT/8z08oZNqFyVV
Juulfk2Jx1j9VWt3X21t8NlSj2+qXPDgrCnbKCEVpXpxqQWocyBwnrzq8XAkru5a
ocyNWxsUXWDe3xgb4YmBia8Tvono30uEX++gjQQvaPOwcDU/tCmfCTsSFwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFLD1DQohM/wdhXSiA2KPPAos6bEqMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvc1BVTkNpRXpfQjJGZEtJRFlvODhDaXpwc1NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjAMBAIAATAGAwQAwiEgMD4E
AgACMDgDBQMqBt/AAwUDKg5agAMFAyoPfwADBQMqEtVAAwUDKhMCAAMFAyoTK0AD
BQMqEyzAAwUDKhPTADANBgkqhkiG9w0BAQsFAAOCAQEAYqtgFUkkYv7b55xPz1rB
39JF68TY4e2EyTqQMb2PJGiGf1u7HA6YAu6MN9lC7/nypse1t/PyK1/tZMflKM31
Y0CUUvPTSJhUkdqNoabnTMJp56aLfqVWxo2hdDE8evkla5KIvyjjmtF7NfAXb9PI
d3Rt1KC3fdyu9UBU7f1zn4NBmR0ASxYQuw+Ce8VeyFqG2Y3U2VD5obew1C0Oa1AQ
DIl/Og25NClUcANeutfFwNwMpXErYUGnaHUq8B5XCzXsBv6aSNkWTkNHnqlg/Yh5
FfBQldIa1IXE707P95NcDLMyshphiV33kJ1/vrfR7HYhEBColg9AdbYx8RI1a8b1
YA==
-----END CERTIFICATE-----
Generated at Sun Jun 8 07:05:38 2025 by rpki-client