Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/SjIAmyjYf8Jv1l71l-y1wc8A93g.roa
File: SjIAmyjYf8Jv1l71l-y1wc8A93g.roa (raw, json)
Hash identifier: Jlm1gZuuqVJgjQfwQhQznIyz0ye9xguyVGl/x+Dq2Ao=
Subject key identifier: 4A:32:00:9B:28:D8:7F:C2:6F:D6:5E:F5:97:EC:B5:C1:CF:00:F7:78
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018505910D4A6CD149699F91A5923F3C4CE3
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/SjIAmyjYf8Jv1l71l-y1wc8A93g.roa
Signing time: Mon 12 Dec 2022 09:01:10 +0000
ROA not before: Mon 12 Dec 2022 09:01:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24866
IP address blocks: 193.201.228.0/22 maxlen: 24
212.14.160.0/19 maxlen: 24
188.162.0.0/16 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
195.5.128.0/19 maxlen: 24
178.176.229.0/24 maxlen: 24
178.176.228.0/24 maxlen: 24
178.176.227.0/24 maxlen: 24
195.78.116.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:91:0d:4a:6c:d1:49:69:9f:91:a5:92:3f:3c:4c:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 09:01:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4a32009b28d87fc26fd65ef597ecb5c1cf00f778
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:2b:c7:43:36:50:8d:95:5c:55:4d:e0:35:fe:
39:b4:53:70:8f:cb:4e:08:2f:24:43:98:b4:08:89:
22:0b:6b:76:b6:38:7a:3d:96:b6:e9:d1:0b:43:3a:
6a:10:71:91:99:ed:20:f8:83:2c:e2:6c:cb:60:bd:
a1:90:ff:d2:4f:a4:e3:ef:4d:57:53:41:c2:68:2f:
a6:e3:af:e8:ce:11:79:72:14:ff:0a:04:7b:f7:d1:
cb:65:e4:a4:5d:81:d5:db:da:65:bb:5b:b9:b7:83:
e8:81:37:e7:92:56:d8:b3:8f:47:e3:da:2f:da:26:
18:a3:7c:85:4b:d8:fe:29:49:34:e4:ed:84:f8:23:
a6:8e:11:8b:44:73:d7:44:c9:6e:7e:57:97:f3:e5:
bc:7a:b2:fa:a7:54:82:e9:66:f7:e2:35:d5:a0:be:
ba:08:af:71:c3:21:9f:1b:33:17:cd:64:41:e4:c0:
09:d4:6d:ea:d6:a9:fe:81:f0:92:39:8c:0a:9d:be:
4a:12:07:a0:90:90:19:1e:6b:2d:98:2b:bb:3e:44:
d0:9c:58:2b:87:c2:9e:f9:fd:24:96:4e:54:eb:38:
f0:7e:8d:ff:7d:6b:8d:bc:04:c4:29:9f:f3:ce:3d:
d8:ef:db:c8:dc:26:00:d2:78:a9:ab:15:c6:9a:48:
f4:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:32:00:9B:28:D8:7F:C2:6F:D6:5E:F5:97:EC:B5:C1:CF:00:F7:78
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/SjIAmyjYf8Jv1l71l-y1wc8A93g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.176.227.0-178.176.229.255
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
Signature Algorithm: sha256WithRSAEncryption
05:1d:6c:b3:1d:17:9a:54:62:6e:51:60:8c:7e:cc:a8:35:92:
5d:33:57:d6:ab:aa:74:77:f5:60:72:54:ea:63:24:21:ed:33:
db:eb:57:31:ea:bf:b2:92:62:53:7f:a2:60:0e:53:3e:6e:1a:
fe:27:24:0b:d6:de:ec:b2:53:78:27:10:e0:63:df:93:e3:8a:
98:13:ca:4f:9f:54:12:50:9e:4d:58:fe:ff:fc:16:2c:77:24:
3c:ff:36:52:60:72:4c:fe:e7:f0:f9:42:ca:83:0b:f0:c8:c4:
1e:6e:0c:d9:ef:fb:3c:e5:66:57:b6:f8:ce:47:4d:c4:f6:b9:
70:aa:75:91:b7:d0:2a:c6:df:22:b4:43:f5:24:f2:61:8c:a2:
9d:82:50:15:10:9e:aa:20:a6:6a:fc:73:91:c3:56:b8:5d:d2:
00:73:a7:ae:c9:91:e0:29:57:bc:98:7f:98:31:ae:7f:9a:97:
80:64:dc:af:65:0f:17:9e:5d:61:0a:f5:68:e5:65:92:14:3c:
2a:d0:cb:e2:e4:6a:c9:6d:5d:24:05:c8:fc:95:9e:6f:16:d1:
5b:23:54:8e:70:b9:49:09:b9:93:45:1f:64:4f:00:a4:46:2e:
27:1b:f7:e6:ac:62:33:12:60:5c:09:7b:7c:5c:10:10:5e:4c:
39:03:6c:13
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAYUFkQ1KbNFJaZ+RpZI/PEzjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMDkwMTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTMyMDA5YjI4ZDg3ZmMyNmZkNjVlZjU5N2VjYjVjMWNmMDBmNzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyvHQzZQjZVcVU3gNf45tFNwj8tO
CC8kQ5i0CIkiC2t2tjh6PZa26dELQzpqEHGRme0g+IMs4mzLYL2hkP/ST6Tj701X
U0HCaC+m46/ozhF5chT/CgR799HLZeSkXYHV29plu1u5t4PogTfnklbYs49H49ov
2iYYo3yFS9j+KUk05O2E+COmjhGLRHPXRMlufleX8+W8erL6p1SC6Wb34jXVoL66
CK9xwyGfGzMXzWRB5MAJ1G3q1qn+gfCSOYwKnb5KEgegkJAZHmstmCu7PkTQnFgr
h8Ke+f0klk5U6zjwfo3/fWuNvATEKZ/zzj3Y79vI3CYA0nipqxXGmkj0mQIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFEoyAJso2H/Cb9Ze9ZfstcHPAPd4MB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvU2pJQW15allmOEp2MWw3MWwteTF3YzhBOTNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTBDBAIAATA9MAwDBACysOMD
BAGysOQDAwC8ogMEAsHJ5AMEBcMFgAMEBcMQYAMEAcNOdAMEAMOVbwMEBcPmQAME
BdQOoDANBgkqhkiG9w0BAQsFAAOCAQEABR1ssx0XmlRiblFgjH7MqDWSXTNX1quq
dHf1YHJU6mMkIe0z2+tXMeq/spJiU3+iYA5TPm4a/ickC9be7LJTeCcQ4GPfk+OK
mBPKT59UElCeTVj+//wWLHckPP82UmByTP7n8PlCyoML8MjEHm4M2e/7POVmV7b4
zkdNxPa5cKp1kbfQKsbfIrRD9STyYYyinYJQFRCeqiCmavxzkcNWuF3SAHOnrsmR
4ClXvJh/mDGuf5qXgGTcr2UPF55dYQr1aOVlkhQ8KtDL4uRqyW1dJAXI/JWebxbR
WyNUjnC5SQm5k0UfZE8ApEYuJxv35qxiMxJgXAl7fFwQEF5MOQNsEw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:12 2025 by rpki-client