Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/0b3f1c-bbef-4d35-8146-c48b25f7846f/1/sly1inTlb_lwTELk9gvJHUXaNb0.roa
File: sly1inTlb_lwTELk9gvJHUXaNb0.roa (raw, json)
Hash identifier: XBH6qeGLshkzQ4Lum8FVAYcJAAw3kg08TywbXMdIxRI=
Subject key identifier: B2:5C:B5:8A:74:E5:6F:F9:70:4C:42:E4:F6:0B:C9:1D:45:DA:35:BD
Certificate issuer: /CN=64685a6d73ff5a27e1bc1f9617dfb5508bad293b
Certificate serial: 0188B13CAC7B02024B299A38DB8E4D8F6321
Authority key identifier: 64:68:5A:6D:73:FF:5A:27:E1:BC:1F:96:17:DF:B5:50:8B:AD:29:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZGhabXP_WifhvB-WF9-1UIutKTs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3f1c-bbef-4d35-8146-c48b25f7846f/1/sly1inTlb_lwTELk9gvJHUXaNb0.roa
Signing time: Mon 12 Jun 2023 20:12:03 +0000
ROA not before: Mon 12 Jun 2023 20:12:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205000
IP address blocks: 194.30.171.0/24 maxlen: 24
5.182.104.0/23 maxlen: 23
2a0f:dc80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b1:3c:ac:7b:02:02:4b:29:9a:38:db:8e:4d:8f:63:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64685a6d73ff5a27e1bc1f9617dfb5508bad293b
Validity
Not Before: Jun 12 20:12:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b25cb58a74e56ff9704c42e4f60bc91d45da35bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:23:a5:49:7c:12:c0:41:c1:d4:18:37:9c:54:
53:6f:6e:dd:96:b9:a6:55:ae:84:01:6b:ec:1e:de:
7f:38:01:a7:81:a3:a7:17:42:c3:7b:56:a4:6b:1b:
84:bb:81:da:cf:5c:7b:6a:53:60:50:8b:81:9d:91:
dc:78:ba:08:8c:4e:62:2d:30:15:68:27:70:23:51:
d8:78:6d:b9:0c:80:d5:05:3a:b0:75:77:9f:76:7c:
4e:d5:3f:04:5a:7b:b9:5a:5d:c7:20:cf:3e:71:d5:
08:f7:30:b7:2f:0e:b2:99:c0:da:f0:2f:8b:43:e5:
4f:d8:9a:93:f1:19:c2:64:c2:c7:ba:f2:b1:cc:4e:
1d:5d:70:53:ac:ef:b8:8c:84:d2:bc:ae:1c:fe:90:
7e:5f:c9:50:f0:c4:31:91:cb:52:b1:a8:33:29:34:
6b:71:01:6c:e2:8a:2c:a4:a6:89:78:a3:30:03:0e:
a9:d0:92:b0:bc:3b:0d:56:79:4b:88:0b:7b:d0:b3:
57:89:5a:26:1c:8b:ff:6e:ed:c3:af:0c:a2:32:fa:
9d:59:34:cc:65:60:56:87:09:be:98:81:87:f4:ed:
76:36:bf:64:4c:a9:cb:cf:09:a7:61:b9:f5:d4:39:
57:ba:67:d8:5f:49:af:6b:7f:9e:de:a9:d4:b7:e0:
c6:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:5C:B5:8A:74:E5:6F:F9:70:4C:42:E4:F6:0B:C9:1D:45:DA:35:BD
X509v3 Authority Key Identifier:
keyid:64:68:5A:6D:73:FF:5A:27:E1:BC:1F:96:17:DF:B5:50:8B:AD:29:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZGhabXP_WifhvB-WF9-1UIutKTs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3f1c-bbef-4d35-8146-c48b25f7846f/1/sly1inTlb_lwTELk9gvJHUXaNb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3f1c-bbef-4d35-8146-c48b25f7846f/1/ZGhabXP_WifhvB-WF9-1UIutKTs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.104.0/23
194.30.171.0/24
IPv6:
2a0f:dc80::/29
Signature Algorithm: sha256WithRSAEncryption
25:ff:ee:43:f6:1f:23:74:44:87:8e:5b:d4:69:80:30:e3:9e:
78:f9:2b:22:71:95:18:b9:18:ea:0f:f2:e4:44:99:b4:d9:37:
c3:4b:65:11:46:5e:85:b2:c4:09:c0:3c:69:8f:75:2e:7f:3c:
bf:31:b4:87:38:e7:73:14:11:d7:a4:c0:0f:02:56:af:ce:02:
dd:9c:4d:b2:5c:55:24:e2:6a:33:04:0d:6a:00:d3:3c:dd:88:
9d:b9:2a:7b:cf:80:85:ab:30:4b:22:6a:1f:aa:22:67:5e:a4:
08:8e:ae:48:84:ad:27:92:06:f9:e2:67:53:f7:9b:89:a3:e9:
d8:95:f4:f9:56:86:4b:9b:88:2d:fb:c2:7e:90:32:08:78:a9:
e3:38:d8:a6:d3:b1:f7:45:00:3e:d3:2e:b1:a4:9c:b5:78:22:
b0:51:6c:8a:78:79:f3:90:e3:f7:1c:53:c6:e2:8a:68:0d:eb:
c8:02:5d:ed:8a:9a:55:88:88:df:ca:66:af:b6:0e:46:c7:d7:
46:48:6d:53:dd:8b:3d:0a:89:96:8c:93:4c:69:4d:69:67:3c:
5c:c0:1c:7c:17:b8:97:91:67:3c:b1:64:92:4e:7a:7c:c2:5f:
7c:62:ec:cc:e8:2d:86:9e:8e:93:a4:24:dc:1f:b2:46:32:9b:
3a:1b:32:58
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYixPKx7AgJLKZo4245Nj2MhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0Njg1YTZkNzNmZjVhMjdlMWJjMWY5NjE3ZGZiNTUwOGJh
ZDI5M2IwHhcNMjMwNjEyMjAxMjAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjVjYjU4YTc0ZTU2ZmY5NzA0YzQyZTRmNjBiYzkxZDQ1ZGEzNWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCOlSXwSwEHB1Bg3nFRTb27dlrmm
Va6EAWvsHt5/OAGngaOnF0LDe1akaxuEu4Haz1x7alNgUIuBnZHceLoIjE5iLTAV
aCdwI1HYeG25DIDVBTqwdXefdnxO1T8EWnu5Wl3HIM8+cdUI9zC3Lw6ymcDa8C+L
Q+VP2JqT8RnCZMLHuvKxzE4dXXBTrO+4jITSvK4c/pB+X8lQ8MQxkctSsagzKTRr
cQFs4oospKaJeKMwAw6p0JKwvDsNVnlLiAt70LNXiVomHIv/bu3DrwyiMvqdWTTM
ZWBWhwm+mIGH9O12Nr9kTKnLzwmnYbn11DlXumfYX0mva3+e3qnUt+DGTwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLJctYp05W/5cExC5PYLyR1F2jW9MB8GA1UdIwQY
MBaAFGRoWm1z/1on4bwflhfftVCLrSk7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkdoYWJYUF9XaWZodkItV0Y5LTFVSXV0S1RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8wYjNmMWMtYmJlZi00ZDM1LTgxNDYt
YzQ4YjI1Zjc4NDZmLzEvc2x5MWluVGxiX2x3VEVMazlndkpIVVhhTmIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8wYjNmMWMtYmJlZi00ZDM1LTgxNDYtYzQ4YjI1Zjc4NDZm
LzEvWkdoYWJYUF9XaWZodkItV0Y5LTFVSXV0S1RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBBbZoAwQA
wh6rMA0EAgACMAcDBQMqD9yAMA0GCSqGSIb3DQEBCwUAA4IBAQAl/+5D9h8jdESH
jlvUaYAw4554+SsicZUYuRjqD/LkRJm02TfDS2URRl6FssQJwDxpj3Uufzy/MbSH
OOdzFBHXpMAPAlavzgLdnE2yXFUk4mozBA1qANM83YiduSp7z4CFqzBLImofqiJn
XqQIjq5IhK0nkgb54mdT95uJo+nYlfT5VoZLm4gt+8J+kDIIeKnjONim07H3RQA+
0y6xpJy1eCKwUWyKeHnzkOP3HFPG4opoDevIAl3tippViIjfymavtg5Gx9dGSG1T
3Ys9ComWjJNMaU1pZzxcwBx8F7iXkWc8sWSSTnp8wl98YuzM6C2Gno6TpCTcH7JG
Mps6GzJY
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:50:06 2025 by rpki-client