Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Sb5hFhifmAGj6xYJza7GLqufcSI.roa
File: Sb5hFhifmAGj6xYJza7GLqufcSI.roa (raw, json)
Hash identifier: g/qc+QHclyEI+cdH7HNbFEsiwmYmek9RYhkTOXjdcYo=
Subject key identifier: 49:BE:61:16:18:9F:98:01:A3:EB:16:09:CD:AE:C6:2E:AB:9F:71:22
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018852213A1DAEADB2CF1650FBB5372FD6F7
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Sb5hFhifmAGj6xYJza7GLqufcSI.roa
Signing time: Thu 25 May 2023 08:58:09 +0000
ROA not before: Thu 25 May 2023 08:58:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 192.71.227.0/24 maxlen: 24
194.71.227.0/24 maxlen: 24
192.121.162.0/24 maxlen: 24
192.71.249.0/24 maxlen: 24
192.121.22.0/24 maxlen: 24
192.121.23.0/24 maxlen: 24
194.68.26.0/24 maxlen: 24
194.68.27.0/24 maxlen: 24
192.121.47.0/24 maxlen: 24
194.71.126.0/24 maxlen: 24
192.121.46.0/23 maxlen: 24
192.121.46.0/24 maxlen: 24
194.68.44.0/24 maxlen: 24
194.14.208.0/24 maxlen: 24
194.14.217.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:52:21:3a:1d:ae:ad:b2:cf:16:50:fb:b5:37:2f:d6:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: May 25 08:58:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=49be6116189f9801a3eb1609cdaec62eab9f7122
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:65:30:74:15:cd:12:4b:86:ad:c0:e8:9e:2a:
62:ae:fc:25:23:3e:95:8e:3a:fa:5b:4f:07:99:24:
5b:1f:0c:00:ad:db:8c:6f:d0:2f:ca:f0:c5:0f:49:
e1:bb:e1:7b:85:b5:2d:b3:8e:8c:e2:d8:5c:f1:06:
b6:76:9c:b4:af:46:ce:57:19:08:13:c6:72:22:41:
9c:30:44:aa:98:86:66:71:2f:1f:02:de:8c:a6:69:
69:8b:0d:5e:8c:97:de:0d:1e:8d:01:2f:47:4e:cd:
98:0f:88:bc:ed:30:f7:f8:34:b1:25:95:59:9c:d5:
7b:da:ce:a0:35:8d:31:be:f8:dc:01:08:9d:de:90:
a0:8b:97:78:ea:0a:4a:9f:aa:ee:1f:57:cf:9e:a0:
78:93:45:72:fb:77:0a:3b:4b:f2:24:9b:16:a2:c4:
9a:06:25:b9:fc:f0:f6:0c:32:2d:c6:eb:fe:aa:61:
9f:2a:00:13:14:e0:26:5e:d5:a6:c9:01:c3:70:ff:
70:8d:b0:b9:fe:f2:e5:c9:02:c3:50:1c:a8:39:84:
fe:63:fa:32:92:32:be:c8:8d:38:73:35:ce:89:7b:
e7:eb:17:3b:32:95:d4:87:1a:f7:7c:27:58:a7:92:
46:8c:00:07:73:6c:30:02:cf:70:f1:bf:dd:4b:c6:
1e:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:BE:61:16:18:9F:98:01:A3:EB:16:09:CD:AE:C6:2E:AB:9F:71:22
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Sb5hFhifmAGj6xYJza7GLqufcSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.227.0/24
192.71.249.0/24
192.121.22.0/23
192.121.46.0/23
192.121.162.0/24
194.14.208.0/24
194.14.217.0/24
194.68.26.0/23
194.68.44.0/24
194.71.126.0/24
194.71.227.0/24
Signature Algorithm: sha256WithRSAEncryption
33:36:20:5d:b0:cc:76:da:95:82:fd:3e:df:e3:ec:01:cd:0e:
90:6d:83:47:85:fa:45:8c:0d:a5:08:a5:da:c6:3b:75:67:38:
90:05:14:1a:72:28:7b:58:9e:58:87:85:0c:af:63:57:24:ca:
1d:0b:f8:f6:4d:c2:fc:08:87:c4:88:c8:95:71:e1:ce:2b:ce:
65:2b:b5:aa:a1:b3:e7:8c:de:a6:75:61:64:24:e5:fb:0b:18:
e4:0c:a6:ff:5c:a4:24:91:a1:f6:3d:5f:d5:89:73:e2:69:ce:
fb:84:83:43:23:7a:3e:c5:69:83:55:b3:d3:38:74:c8:57:fa:
84:8b:58:64:73:7a:2f:9c:ef:13:5a:df:3c:d5:12:39:bb:24:
cd:a9:d6:e0:6a:d6:72:52:f3:c1:8a:d4:ea:0d:df:f5:b2:0e:
dd:23:f8:42:9b:23:7a:fd:4a:71:af:85:4e:02:c2:9f:80:97:
a7:ee:57:02:f5:0b:74:68:40:75:42:e7:f4:a8:fa:45:63:05:
74:11:a6:b9:ae:ed:f0:43:9f:6f:fc:2f:a2:89:43:cb:94:0a:
da:75:f8:7f:df:07:14:16:a0:60:58:20:47:02:67:f9:da:67:
66:02:dd:a7:87:5d:25:5c:78:84:f7:f1:db:33:a1:bc:7d:6d:
4d:29:6e:76
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYhSITodrq2yzxZQ+7U3L9b3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwNTI1MDg1ODA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWJlNjExNjE4OWY5ODAxYTNlYjE2MDljZGFlYzYyZWFiOWY3MTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGUwdBXNEkuGrcDonipirvwlIz6V
jjr6W08HmSRbHwwArduMb9AvyvDFD0nhu+F7hbUts46M4thc8Qa2dpy0r0bOVxkI
E8ZyIkGcMESqmIZmcS8fAt6Mpmlpiw1ejJfeDR6NAS9HTs2YD4i87TD3+DSxJZVZ
nNV72s6gNY0xvvjcAQid3pCgi5d46gpKn6ruH1fPnqB4k0Vy+3cKO0vyJJsWosSa
BiW5/PD2DDItxuv+qmGfKgATFOAmXtWmyQHDcP9wjbC5/vLlyQLDUByoOYT+Y/oy
kjK+yI04czXOiXvn6xc7MpXUhxr3fCdYp5JGjAAHc2wwAs9w8b/dS8YeUQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFEm+YRYYn5gBo+sWCc2uxi6rn3EiMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvU2I1aEZoaWZtQUdqNnhZSnphN0dMcXVmY1NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAwEfjAwQA
wEf5AwQBwHkWAwQBwHkuAwQAwHmiAwQAwg7QAwQAwg7ZAwQBwkQaAwQAwkQsAwQA
wkd+AwQAwkfjMA0GCSqGSIb3DQEBCwUAA4IBAQAzNiBdsMx22pWC/T7f4+wBzQ6Q
bYNHhfpFjA2lCKXaxjt1ZziQBRQacih7WJ5Yh4UMr2NXJModC/j2TcL8CIfEiMiV
ceHOK85lK7WqobPnjN6mdWFkJOX7CxjkDKb/XKQkkaH2PV/ViXPiac77hINDI3o+
xWmDVbPTOHTIV/qEi1hkc3ovnO8TWt881RI5uyTNqdbgatZyUvPBitTqDd/1sg7d
I/hCmyN6/Upxr4VOAsKfgJen7lcC9Qt0aEB1Quf0qPpFYwV0Eaa5ru3wQ59v/C+i
iUPLlAradfh/3wcUFqBgWCBHAmf52mdmAt2nh10lXHiE9/HbM6G8fW1NKW52
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:24 2025 by rpki-client