Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/S9eAxUDFxLtSSwaxO-Qm7iBn8K8.roa
File: S9eAxUDFxLtSSwaxO-Qm7iBn8K8.roa (raw, json)
Hash identifier: mZgJxcy9hM6wl0ePCamRdmDlqD7ZV+y8Th2LkyVcRF0=
Subject key identifier: 4B:D7:80:C5:40:C5:C4:BB:52:4B:06:B1:3B:E4:26:EE:20:67:F0:AF
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 018C260E508EB63DB0D71710B6E82876EB33
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/S9eAxUDFxLtSSwaxO-Qm7iBn8K8.roa
Signing time: Fri 01 Dec 2023 15:45:21 +0000
ROA not before: Fri 01 Dec 2023 15:45:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200239
IP address blocks: 194.116.237.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:26:0e:50:8e:b6:3d:b0:d7:17:10:b6:e8:28:76:eb:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Dec 1 15:45:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4bd780c540c5c4bb524b06b13be426ee2067f0af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:78:8e:05:3d:a4:f7:c4:f0:5e:68:a6:76:0a:
fb:55:94:40:0a:b4:99:dd:07:f2:7e:82:2d:c5:c8:
55:81:23:a9:e2:60:34:44:18:5b:d1:a6:fb:84:63:
1c:67:dd:85:3e:36:ff:9a:27:1f:0b:a3:51:f3:be:
49:3a:d2:9a:91:dd:54:7e:af:b2:d6:d7:a1:e8:b5:
38:3a:09:cd:c6:b1:b5:2d:a1:5e:cd:b4:d3:2b:46:
87:4b:6e:76:ed:6a:e9:5c:0c:6a:13:6a:5c:ff:14:
dd:39:4a:a2:7c:e6:70:89:08:9e:27:f2:38:f8:e4:
1f:62:5f:d9:dc:14:19:d8:1d:df:e9:b0:61:e4:6c:
30:9c:7b:fd:18:1a:71:65:9b:c1:58:e2:fb:78:5d:
f2:63:9d:86:7e:73:00:7b:ae:78:72:be:fd:b5:82:
01:8a:e5:7b:c2:2b:58:0e:ca:a0:93:f7:78:54:c2:
1e:c4:01:94:e2:ad:1d:bf:c4:c6:cf:58:c8:aa:4a:
76:0d:86:73:76:3a:85:17:ae:81:99:5a:bc:da:4e:
a7:70:34:35:4a:39:49:59:a8:57:32:4d:f1:16:79:
2b:65:43:b9:60:59:4b:52:97:40:dc:76:1c:e1:82:
91:ac:a8:26:57:d2:b7:7c:4a:09:06:bd:76:f0:17:
23:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:D7:80:C5:40:C5:C4:BB:52:4B:06:B1:3B:E4:26:EE:20:67:F0:AF
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/S9eAxUDFxLtSSwaxO-Qm7iBn8K8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.116.237.0/24
Signature Algorithm: sha256WithRSAEncryption
27:85:40:ee:d5:ea:76:37:af:d4:96:36:22:71:67:2c:80:07:
f7:67:bb:82:e4:8c:36:c7:79:db:7a:50:5d:00:10:a7:24:01:
f0:65:88:0e:d4:af:e8:55:db:32:d2:93:ea:b6:c4:72:f2:96:
47:13:9a:ec:15:ba:d6:88:96:35:05:be:4a:91:10:08:36:7d:
63:82:f0:0e:82:b0:91:ed:9f:46:0d:e9:1b:4d:b2:31:38:b6:
3d:33:4f:7d:78:01:be:9e:ae:6b:07:00:34:db:f6:41:4f:ac:
27:cb:f8:ca:db:45:b5:72:ed:5d:a5:9f:46:22:64:59:df:63:
73:bc:fd:3b:e6:c8:d9:a0:52:e2:12:67:c4:8e:a3:9b:a7:ed:
fb:6f:6a:20:d2:40:0d:5f:42:fa:41:d6:71:b5:e8:19:23:6f:
0c:3d:fe:9c:ab:0c:e2:e2:4c:d0:30:84:36:ac:9e:e0:0e:f0:
5f:d0:dc:67:f8:0c:5b:13:9b:fa:e4:5a:80:48:a4:b0:dd:b1:
67:90:a0:a1:b0:b4:20:14:ee:05:9a:cc:a9:42:c4:58:17:a1:
c1:ae:86:3d:62:4b:10:b6:b3:37:76:18:f9:b1:1f:96:3b:29:
24:92:4f:40:73:1d:21:f2:60:98:a9:ae:57:a7:27:bd:5a:bb:
3b:e0:79:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwmDlCOtj2w1xcQtugoduszMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjMxMjAxMTU0NTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmQ3ODBjNTQwYzVjNGJiNTI0YjA2YjEzYmU0MjZlZTIwNjdmMGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgniOBT2k98TwXmimdgr7VZRACrSZ
3QfyfoItxchVgSOp4mA0RBhb0ab7hGMcZ92FPjb/micfC6NR875JOtKakd1Ufq+y
1teh6LU4OgnNxrG1LaFezbTTK0aHS2527WrpXAxqE2pc/xTdOUqifOZwiQieJ/I4
+OQfYl/Z3BQZ2B3f6bBh5GwwnHv9GBpxZZvBWOL7eF3yY52GfnMAe654cr79tYIB
iuV7witYDsqgk/d4VMIexAGU4q0dv8TGz1jIqkp2DYZzdjqFF66BmVq82k6ncDQ1
SjlJWahXMk3xFnkrZUO5YFlLUpdA3HYc4YKRrKgmV9K3fEoJBr128BcjXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEvXgMVAxcS7UksGsTvkJu4gZ/CvMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvUzllQXhVREZ4THRTU3dheE8tUW03aUJuOEs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwnTtMA0G
CSqGSIb3DQEBCwUAA4IBAQAnhUDu1ep2N6/UljYicWcsgAf3Z7uC5Iw2x3nbelBd
ABCnJAHwZYgO1K/oVdsy0pPqtsRy8pZHE5rsFbrWiJY1Bb5KkRAINn1jgvAOgrCR
7Z9GDekbTbIxOLY9M099eAG+nq5rBwA02/ZBT6wny/jK20W1cu1dpZ9GImRZ32Nz
vP075sjZoFLiEmfEjqObp+37b2og0kANX0L6QdZxtegZI28MPf6cqwzi4kzQMIQ2
rJ7gDvBf0Nxn+AxbE5v65FqASKSw3bFnkKChsLQgFO4FmsypQsRYF6HBroY9YksQ
trM3dhj5sR+WOykkkk9Acx0h8mCYqa5Xpye9Wrs74Hkj
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:44:38 2025 by rpki-client