Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/ca9274-3a94-4f1a-bee2-266fe2737b8f/1/sCmzBlCpXSEbFIYQhGMAnwj-rP0.roa
File: sCmzBlCpXSEbFIYQhGMAnwj-rP0.roa (raw, json)
Hash identifier: iTLBZpOhXQur+T1TepvBzOqAZMafgQMsQTjc569L3HQ=
Subject key identifier: B0:29:B3:06:50:A9:5D:21:1B:14:86:10:84:63:00:9F:08:FE:AC:FD
Certificate issuer: /CN=dcbcab4859536cf996596ef19d2a64611d036fe4
Certificate serial: 05880EB3
Authority key identifier: DC:BC:AB:48:59:53:6C:F9:96:59:6E:F1:9D:2A:64:61:1D:03:6F:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3LyrSFlTbPmWWW7xnSpkYR0Db-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/ca9274-3a94-4f1a-bee2-266fe2737b8f/1/sCmzBlCpXSEbFIYQhGMAnwj-rP0.roa
Signing time: Sat 01 Jan 2022 08:56:03 +0000
ROA not before: Sat 01 Jan 2022 08:56:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6681
IP address blocks: 193.200.64.0/24 maxlen: 24
193.200.65.0/24 maxlen: 24
195.191.234.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92802739 (0x5880eb3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcbcab4859536cf996596ef19d2a64611d036fe4
Validity
Not Before: Jan 1 08:56:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b029b30650a95d211b1486108463009f08feacfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:02:e8:0b:b9:7c:b5:38:45:f7:4d:c4:31:6a:
f6:2d:e7:e1:d3:7f:c7:fc:f5:95:aa:18:9d:c1:a6:
5d:5f:1e:cc:55:4f:ad:1b:d8:ad:14:19:80:37:fe:
78:71:3d:d3:9c:ca:07:31:0b:72:a0:22:aa:77:89:
50:1a:f0:5c:71:80:90:02:03:49:ed:92:20:3e:23:
d4:10:36:e9:d2:83:de:c2:6e:ce:a7:ff:4e:fe:0d:
56:20:3c:9a:b9:7a:cc:4d:01:ac:0d:22:1f:28:72:
ec:ab:f9:6f:74:16:94:03:ac:c4:b1:6a:bb:b3:d6:
8c:c1:87:85:85:9c:27:81:fd:03:aa:81:1c:b9:dc:
9d:29:89:84:82:c0:94:d7:42:fb:08:bc:46:ee:59:
a0:0d:01:e4:7c:e4:e6:ef:4a:ec:8f:69:55:65:83:
93:56:62:85:0a:93:83:4a:18:75:82:20:bf:97:22:
81:38:18:60:fb:8e:ed:1d:1e:c0:4d:14:5b:74:e7:
d6:81:2e:63:68:00:da:11:2f:88:98:5e:22:03:3f:
bf:ad:6d:52:7b:ed:93:c1:0b:3b:54:f1:f7:4b:7e:
9f:c3:3e:1b:a8:78:81:f3:48:32:3f:94:ff:ac:1c:
21:01:80:0a:40:f1:ae:c7:d8:99:77:60:1f:b0:c2:
f9:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:29:B3:06:50:A9:5D:21:1B:14:86:10:84:63:00:9F:08:FE:AC:FD
X509v3 Authority Key Identifier:
keyid:DC:BC:AB:48:59:53:6C:F9:96:59:6E:F1:9D:2A:64:61:1D:03:6F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3LyrSFlTbPmWWW7xnSpkYR0Db-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/ca9274-3a94-4f1a-bee2-266fe2737b8f/1/sCmzBlCpXSEbFIYQhGMAnwj-rP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/ca9274-3a94-4f1a-bee2-266fe2737b8f/1/3LyrSFlTbPmWWW7xnSpkYR0Db-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.200.64.0/23
195.191.234.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:18:4d:62:e8:79:46:ec:ef:a0:f5:99:ba:06:88:10:ac:88:
be:87:31:23:87:47:3e:cd:e5:a7:a4:2d:7f:5c:2f:20:30:a8:
1e:5c:f8:5f:13:6e:64:32:f9:97:03:8f:dc:98:10:31:f3:2c:
3d:76:38:8a:71:69:30:7a:57:70:a0:f0:e4:b5:bb:f2:7d:65:
93:ed:92:e1:89:b1:03:ab:9b:09:30:9d:ae:e6:ba:f6:ad:9f:
4f:da:48:69:3f:e9:4a:a3:ef:0f:20:e1:dd:3d:38:5e:cf:e2:
09:92:be:e0:8b:66:33:24:0b:1c:3d:74:2d:53:56:e6:19:ec:
74:ce:f3:fd:b1:67:e7:72:c1:49:e4:69:11:bf:b6:89:69:9c:
c6:51:7c:37:a0:b3:c3:f6:af:3d:ba:81:10:f8:c8:04:b8:42:
91:d8:e1:8a:f6:f9:1d:d9:5a:98:cf:c0:2d:b5:ae:80:45:ca:
dc:05:1e:89:aa:ff:b4:71:90:22:79:9f:1e:38:38:e2:c9:24:
3a:30:d7:1a:4c:8a:91:20:eb:4e:5d:86:b1:77:9c:32:80:4e:
de:5e:92:11:f8:70:f4:da:f4:23:ac:bb:b2:47:15:25:d0:be:
6a:ab:a5:a9:7c:fc:64:15:3f:56:3e:a2:e3:f6:b7:2b:4a:8b:
7f:d7:89:1c
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBYgOszANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
Y2JjYWI0ODU5NTM2Y2Y5OTY1OTZlZjE5ZDJhNjQ2MTFkMDM2ZmU0MB4XDTIyMDEw
MTA4NTYwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjAyOWIzMDY1MGE5
NWQyMTFiMTQ4NjEwODQ2MzAwOWYwOGZlYWNmZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALcC6Au5fLU4RfdNxDFq9i3n4dN/x/z1laoYncGmXV8ezFVP
rRvYrRQZgDf+eHE905zKBzELcqAiqneJUBrwXHGAkAIDSe2SID4j1BA26dKD3sJu
zqf/Tv4NViA8mrl6zE0BrA0iHyhy7Kv5b3QWlAOsxLFqu7PWjMGHhYWcJ4H9A6qB
HLncnSmJhILAlNdC+wi8Ru5ZoA0B5Hzk5u9K7I9pVWWDk1ZihQqTg0oYdYIgv5ci
gTgYYPuO7R0ewE0UW3Tn1oEuY2gA2hEviJheIgM/v61tUnvtk8ELO1Tx90t+n8M+
G6h4gfNIMj+U/6wcIQGACkDxrsfYmXdgH7DC+fECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSwKbMGUKldIRsUhhCEYwCfCP6s/TAfBgNVHSMEGDAWgBTcvKtIWVNs+ZZZ
bvGdKmRhHQNv5DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNMeXJTRmxUYlBtV1dXN3huU3BrWVIwRGItUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGQvY2E5Mjc0LTNhOTQtNGYxYS1iZWUyLTI2NmZlMjczN2I4Zi8x
L3NDbXpCbENwWFNFYkZJWVFoR01BbndqLXJQMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGQv
Y2E5Mjc0LTNhOTQtNGYxYS1iZWUyLTI2NmZlMjczN2I4Zi8xLzNMeXJTRmxUYlBt
V1dXN3huU3BrWVIwRGItUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAcHIQAMEAMO/6jANBgkqhkiG9w0B
AQsFAAOCAQEAOhhNYuh5RuzvoPWZugaIEKyIvocxI4dHPs3lp6Qtf1wvIDCoHlz4
XxNuZDL5lwOP3JgQMfMsPXY4inFpMHpXcKDw5LW78n1lk+2S4YmxA6ubCTCdrua6
9q2fT9pIaT/pSqPvDyDh3T04Xs/iCZK+4ItmMyQLHD10LVNW5hnsdM7z/bFn53LB
SeRpEb+2iWmcxlF8N6Czw/avPbqBEPjIBLhCkdjhivb5HdlamM/ALbWugEXK3AUe
iar/tHGQInmfHjg44skkOjDXGkyKkSDrTl2GsXecMoBO3l6SEfhw9Nr0I6y7skcV
JdC+aqulqXz8ZBU/Vj6i4/a3K0qLf9eJHA==
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:03:56 2025 by rpki-client