Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/S1R1B8ianXRkRV6vjwJ1yNzEdOk.roa
File: S1R1B8ianXRkRV6vjwJ1yNzEdOk.roa (raw, json)
Hash identifier: hB8ONpY+Pu7PI5V6vO0EztjOt6YtdGCUVqZexI1u3Iw=
Subject key identifier: 4B:54:75:07:C8:9A:9D:74:64:45:5E:AF:8F:02:75:C8:DC:C4:74:E9
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01884781734819AE1F973A98D8CD08EF3C90
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/S1R1B8ianXRkRV6vjwJ1yNzEdOk.roa
Signing time: Tue 23 May 2023 07:27:25 +0000
ROA not before: Tue 23 May 2023 07:27:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56630
IP address blocks: 194.68.225.0/24 maxlen: 24
194.71.107.0/24 maxlen: 24
192.71.26.0/24 maxlen: 24
192.121.171.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:47:81:73:48:19:ae:1f:97:3a:98:d8:cd:08:ef:3c:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: May 23 07:27:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b547507c89a9d7464455eaf8f0275c8dcc474e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:83:11:51:f6:cf:f3:1b:95:21:16:c0:49:18:
a3:dd:b1:a1:3a:c0:f4:07:81:d5:b5:44:4a:45:96:
9f:cf:0c:1d:cf:90:99:30:8f:f5:a0:8e:e7:31:e1:
34:00:8e:47:02:d0:5c:a2:a8:2e:2e:1d:b9:4b:d6:
23:27:32:ee:14:b1:c1:67:ee:f1:a4:da:48:62:69:
82:bf:d3:66:d3:45:79:83:ef:46:32:99:fb:6e:9c:
ec:26:c7:8b:7a:0e:82:76:58:d6:12:42:9a:d5:0d:
20:a9:17:57:68:25:67:b7:9f:aa:6e:24:b7:9c:d5:
ce:c3:5c:f3:01:3a:ca:13:82:76:23:49:5f:e0:11:
28:1b:cb:00:5c:4c:b4:3c:d4:d8:f5:76:88:f1:af:
1a:09:0f:5a:d9:01:39:4f:68:07:82:7d:b8:27:f4:
b3:50:58:05:93:43:6a:7e:0b:3a:a6:22:d9:c6:92:
4d:70:0b:15:d6:81:0d:01:a7:ba:0b:c0:a0:51:46:
6f:e4:38:0d:30:6b:59:31:1c:be:85:c6:47:cb:7d:
3f:da:1f:a6:2a:e5:42:30:bf:cc:d4:02:4f:4b:d3:
51:35:07:8c:6e:a2:73:38:8f:a3:f4:21:7a:ee:1a:
56:8f:91:c3:e2:3e:61:9f:96:0c:25:f5:17:c6:51:
56:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:54:75:07:C8:9A:9D:74:64:45:5E:AF:8F:02:75:C8:DC:C4:74:E9
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/S1R1B8ianXRkRV6vjwJ1yNzEdOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.26.0/24
192.121.171.0/24
194.68.225.0/24
194.71.107.0/24
Signature Algorithm: sha256WithRSAEncryption
87:cc:3b:90:77:50:1e:45:94:9f:2b:9e:db:63:a6:6f:06:91:
be:95:f4:fa:55:ba:d3:e4:7b:4b:06:4d:c2:fa:af:c8:c5:1f:
5b:55:2b:26:e3:b1:b2:40:b2:87:a6:3f:c9:cf:d9:95:27:c4:
25:75:93:cb:22:dc:4f:96:95:34:b2:d7:3a:cf:c9:f0:f4:19:
17:dc:ed:78:2a:dd:19:c8:54:79:c7:4c:88:39:b9:d8:b4:5b:
64:0c:4b:25:ec:b7:d5:ba:04:76:8f:fb:05:3f:83:8b:30:b9:
30:92:9f:79:33:cc:cd:64:e1:9f:80:71:c3:7a:87:42:db:6e:
10:89:b3:77:7b:0d:12:8c:9d:aa:af:b5:53:71:cf:f4:16:57:
4c:54:40:d9:0e:c1:03:5f:e8:37:71:ca:f8:9a:fa:a3:8a:ae:
34:38:bc:fb:7c:a6:1f:73:a3:e9:ef:9b:b3:35:6b:76:64:84:
9b:ae:65:ad:60:7c:8a:bf:d4:d9:d6:b9:7c:2b:94:cb:f3:8b:
33:01:1f:8d:d0:54:fc:2e:1c:0f:95:ba:7b:2f:89:d8:e7:62:
a1:b8:75:02:d7:75:72:25:c9:8f:0c:30:40:5b:f9:12:cb:d7:
48:02:14:f2:8b:92:4e:4f:b2:d5:6b:d6:c6:c0:07:9a:87:48:
3a:7f:27:63
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYhHgXNIGa4flzqY2M0I7zyQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwNTIzMDcyNzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjU0NzUwN2M4OWE5ZDc0NjQ0NTVlYWY4ZjAyNzVjOGRjYzQ3NGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsoMRUfbP8xuVIRbASRij3bGhOsD0
B4HVtURKRZafzwwdz5CZMI/1oI7nMeE0AI5HAtBcoqguLh25S9YjJzLuFLHBZ+7x
pNpIYmmCv9Nm00V5g+9GMpn7bpzsJseLeg6CdljWEkKa1Q0gqRdXaCVnt5+qbiS3
nNXOw1zzATrKE4J2I0lf4BEoG8sAXEy0PNTY9XaI8a8aCQ9a2QE5T2gHgn24J/Sz
UFgFk0Nqfgs6piLZxpJNcAsV1oENAae6C8CgUUZv5DgNMGtZMRy+hcZHy30/2h+m
KuVCML/M1AJPS9NRNQeMbqJzOI+j9CF67hpWj5HD4j5hn5YMJfUXxlFWZQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEtUdQfImp10ZEVer48CdcjcxHTpMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvUzFSMUI4aWFuWFJrUlY2dmp3SjF5TnpFZE9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwEcaAwQA
wHmrAwQAwkThAwQAwkdrMA0GCSqGSIb3DQEBCwUAA4IBAQCHzDuQd1AeRZSfK57b
Y6ZvBpG+lfT6VbrT5HtLBk3C+q/IxR9bVSsm47GyQLKHpj/Jz9mVJ8QldZPLItxP
lpU0stc6z8nw9BkX3O14Kt0ZyFR5x0yIObnYtFtkDEsl7LfVugR2j/sFP4OLMLkw
kp95M8zNZOGfgHHDeodC224QibN3ew0SjJ2qr7VTcc/0FldMVEDZDsEDX+g3ccr4
mvqjiq40OLz7fKYfc6Pp75uzNWt2ZISbrmWtYHyKv9TZ1rl8K5TL84szAR+N0FT8
LhwPlbp7L4nY52KhuHUC13VyJcmPDDBAW/kSy9dIAhTyi5JOT7LVa9bGwAeah0g6
fydj
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:15:42 2025 by rpki-client