Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/sgkWReHO3PzVnHddZcO3889RWe4.roa
File: sgkWReHO3PzVnHddZcO3889RWe4.roa (raw, json)
Hash identifier: IeNdEmKHVvgd4bqQodd829RHoQrdcHxxfiGiFLNGwYk=
Subject key identifier: B2:09:16:45:E1:CE:DC:FC:D5:9C:77:5D:65:C3:B7:F3:CF:51:59:EE
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 01856ED4EF3F0BED045BEFFD4BB932ED1554
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/sgkWReHO3PzVnHddZcO3889RWe4.roa
Signing time: Sun 01 Jan 2023 19:35:26 +0000
ROA not before: Sun 01 Jan 2023 19:35:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51472
IP address blocks: 81.23.15.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:ef:3f:0b:ed:04:5b:ef:fd:4b:b9:32:ed:15:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jan 1 19:35:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b2091645e1cedcfcd59c775d65c3b7f3cf5159ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:d0:40:3c:0b:e2:fa:35:06:61:5e:38:aa:f3:
d4:99:02:f7:80:de:24:11:d4:e0:c3:0a:74:6f:11:
2e:cc:49:19:f3:81:c1:cb:3d:cd:86:7a:1b:8a:8f:
8f:ff:81:99:ab:a4:0d:03:47:f5:e0:83:f7:17:34:
b9:6e:f6:90:fd:c5:a5:87:15:82:8b:8f:6d:29:bb:
6b:57:f9:c4:8e:7c:be:14:ce:f0:3a:b5:97:2e:3d:
4c:85:e8:80:be:fd:c7:8d:18:83:87:4c:35:77:3b:
ed:e3:13:48:d6:50:7f:30:31:58:22:48:90:7f:25:
e9:96:03:90:97:2e:7e:7c:82:ca:60:67:6c:51:bd:
13:0c:64:6b:dc:7f:6c:0d:ea:cc:95:ea:17:bd:c8:
36:70:0c:13:5e:f6:de:68:15:4c:94:a9:46:20:a1:
6d:05:7a:ee:b4:4a:ef:5d:59:f1:33:fb:db:3f:48:
2f:04:92:87:ed:19:96:05:39:11:59:b3:7d:f2:18:
69:f9:29:3c:65:e4:1d:7a:06:2f:34:98:a8:4e:22:
a5:ce:ae:e2:4e:1b:8c:76:0e:c8:95:f4:bd:68:38:
93:c4:b1:ac:be:ca:73:cd:1b:77:9f:9a:76:b4:ae:
bd:b1:c4:b6:df:70:39:d0:a2:4e:8a:5f:69:fc:d2:
6c:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:09:16:45:E1:CE:DC:FC:D5:9C:77:5D:65:C3:B7:F3:CF:51:59:EE
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/sgkWReHO3PzVnHddZcO3889RWe4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.23.15.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:44:a9:73:81:43:ac:a8:75:78:da:93:21:b1:22:09:b6:67:
fa:d2:70:3b:2d:20:02:8d:30:69:87:01:48:4d:d5:b6:9e:bc:
58:12:d0:6d:24:21:24:c9:62:6d:54:ac:e4:e6:9e:41:c4:cb:
67:22:0f:19:b6:85:e7:d4:9d:65:8f:1b:22:82:0b:0f:a8:9e:
96:bd:c8:bf:86:1d:c5:ed:ab:05:b0:7c:96:38:ab:45:83:2b:
c8:54:96:7e:9c:17:bd:3f:c1:67:aa:79:e4:8d:fc:f4:10:e9:
a6:ad:78:04:8e:fd:71:44:de:b7:e3:94:41:ea:cc:27:c2:8b:
b3:b8:6c:86:fa:b2:36:d7:99:e2:de:bc:fc:02:4b:1a:50:76:
14:d7:1d:6b:5a:7a:51:34:b9:be:e4:c5:c9:f8:47:b6:e4:84:
fe:03:b4:6d:cb:2b:0f:c3:0d:25:58:dc:34:38:00:40:df:78:
93:29:f1:7c:cd:56:6e:02:3f:46:db:85:5b:64:7a:9d:e9:b5:
dd:d3:a4:e5:24:59:ff:36:8d:5f:a3:fb:7f:80:b8:bd:99:1a:
b6:6d:e7:3b:04:08:e9:3c:03:c2:6c:8e:fd:c3:10:43:5a:fe:
af:f7:75:e6:43:77:bc:90:f0:26:af:3f:84:5e:f4:06:5b:29:
c2:51:b5:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu1O8/C+0EW+/9S7ky7RVUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjMwMTAxMTkzNTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjA5MTY0NWUxY2VkY2ZjZDU5Yzc3NWQ2NWMzYjdmM2NmNTE1OWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodBAPAvi+jUGYV44qvPUmQL3gN4k
EdTgwwp0bxEuzEkZ84HByz3Nhnobio+P/4GZq6QNA0f14IP3FzS5bvaQ/cWlhxWC
i49tKbtrV/nEjny+FM7wOrWXLj1MheiAvv3HjRiDh0w1dzvt4xNI1lB/MDFYIkiQ
fyXplgOQly5+fILKYGdsUb0TDGRr3H9sDerMleoXvcg2cAwTXvbeaBVMlKlGIKFt
BXrutErvXVnxM/vbP0gvBJKH7RmWBTkRWbN98hhp+Sk8ZeQdegYvNJioTiKlzq7i
ThuMdg7IlfS9aDiTxLGsvspzzRt3n5p2tK69scS233A50KJOil9p/NJsywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLIJFkXhztz81Zx3XWXDt/PPUVnuMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvc2drV1JlSE8zUHpWbkhkZFpjTzM4ODlSV2U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAURcPMA0G
CSqGSIb3DQEBCwUAA4IBAQAKRKlzgUOsqHV42pMhsSIJtmf60nA7LSACjTBphwFI
TdW2nrxYEtBtJCEkyWJtVKzk5p5BxMtnIg8ZtoXn1J1ljxsiggsPqJ6Wvci/hh3F
7asFsHyWOKtFgyvIVJZ+nBe9P8Fnqnnkjfz0EOmmrXgEjv1xRN6345RB6swnwouz
uGyG+rI215ni3rz8AksaUHYU1x1rWnpRNLm+5MXJ+Ee25IT+A7RtyysPww0lWNw0
OABA33iTKfF8zVZuAj9G24VbZHqd6bXd06TlJFn/No1fo/t/gLi9mRq2bec7BAjp
PAPCbI79wxBDWv6v93XmQ3e8kPAmrz+EXvQGWynCUbVe
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:26 2025 by rpki-client