Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/cd8206-764e-4a31-ace7-d308542a1d86/1/SxMmDzAA7832MMBr0lNvlOmxdIw.roa
File: SxMmDzAA7832MMBr0lNvlOmxdIw.roa (raw, json)
Hash identifier: bYlmatsgPTY2Bl6xG2fKpBBLKATVhg5PwwvbRNu/OOU=
Subject key identifier: 4B:13:26:0F:30:00:EF:CD:F6:30:C0:6B:D2:53:6F:94:E9:B1:74:8C
Certificate issuer: /CN=3646142ce3290ab6786d3d30f26b5e41fd684dde
Certificate serial: 0185B99BB894F1A3396694086280EF1C3725
Authority key identifier: 36:46:14:2C:E3:29:0A:B6:78:6D:3D:30:F2:6B:5E:41:FD:68:4D:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NkYULOMpCrZ4bT0w8mteQf1oTd4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/cd8206-764e-4a31-ace7-d308542a1d86/1/SxMmDzAA7832MMBr0lNvlOmxdIw.roa
Signing time: Mon 16 Jan 2023 08:04:28 +0000
ROA not before: Mon 16 Jan 2023 08:04:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56416
IP address blocks: 91.224.112.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:b9:9b:b8:94:f1:a3:39:66:94:08:62:80:ef:1c:37:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3646142ce3290ab6786d3d30f26b5e41fd684dde
Validity
Not Before: Jan 16 08:04:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b13260f3000efcdf630c06bd2536f94e9b1748c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:d9:43:ef:5d:76:b3:96:84:bf:1d:46:65:38:
05:4e:cb:92:b7:7a:38:f8:a7:d4:a3:d8:8a:5d:e7:
07:18:ce:cf:cb:c2:77:4d:06:0b:f5:55:9c:d1:c4:
32:61:9d:66:c4:71:d7:92:c2:d1:9d:b8:80:8d:22:
fe:a0:96:0e:b3:a4:80:e1:1e:bf:a2:6f:52:ee:bd:
68:8a:77:2d:e2:72:0c:c3:d6:d0:23:22:c2:3a:81:
19:e2:bd:bf:9f:fa:f3:fb:09:ee:c6:9c:18:cd:a6:
92:2e:6e:ac:49:da:dd:7a:1d:1e:45:00:c2:e1:09:
ee:65:88:43:56:fd:51:f9:77:be:f4:ce:42:90:53:
c5:e5:bc:e6:76:ee:bb:b0:98:86:5a:ac:7a:4e:37:
b0:d6:2f:4d:ba:52:63:3c:23:bd:36:40:23:b3:88:
03:2e:7a:67:27:24:90:fc:e4:57:10:01:a7:ca:83:
bd:45:6a:59:d7:9c:09:8f:6c:10:0d:b7:53:c6:8a:
ea:a4:e1:a1:df:0b:36:8c:83:93:24:d6:c5:ab:94:
35:f1:8a:8b:00:a1:ef:27:52:9b:82:22:85:ab:69:
0a:1a:fd:60:97:09:d7:93:f9:2c:cc:d8:6f:fd:bc:
62:55:d9:90:34:cc:60:73:fe:47:14:19:be:f8:fc:
2b:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:13:26:0F:30:00:EF:CD:F6:30:C0:6B:D2:53:6F:94:E9:B1:74:8C
X509v3 Authority Key Identifier:
keyid:36:46:14:2C:E3:29:0A:B6:78:6D:3D:30:F2:6B:5E:41:FD:68:4D:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NkYULOMpCrZ4bT0w8mteQf1oTd4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/cd8206-764e-4a31-ace7-d308542a1d86/1/SxMmDzAA7832MMBr0lNvlOmxdIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/cd8206-764e-4a31-ace7-d308542a1d86/1/NkYULOMpCrZ4bT0w8mteQf1oTd4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.224.112.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:51:d5:2f:fa:09:cb:1e:d5:e2:41:5f:61:5d:e6:8a:0e:d9:
f5:8d:63:72:bb:d6:0c:a4:ca:b0:ac:78:89:cf:e1:83:aa:8f:
2c:90:45:02:6c:d3:ad:d5:74:83:b8:ca:15:37:d4:82:51:6a:
a0:cd:3f:7c:90:ea:99:5a:ae:4e:86:a6:92:7a:0b:e0:fb:d5:
3a:54:72:c7:ba:79:2c:5a:f2:1e:4a:8d:ce:dc:c6:68:d8:70:
5c:78:b2:5b:f8:dc:0e:bc:31:1c:09:33:ad:ab:b5:93:79:16:
33:51:af:6c:35:8c:6d:59:f6:1b:fe:8e:08:9d:c9:a9:ce:9f:
3e:d5:43:85:e9:fc:b4:fa:5b:b1:ec:ff:8a:19:b0:43:19:54:
bb:82:26:72:8e:12:b0:93:c2:ea:37:84:71:e4:74:d0:43:fb:
ff:3b:7e:69:88:c3:a2:61:61:5c:04:81:f3:66:51:a2:52:4b:
d3:35:df:39:6f:79:f3:3f:a1:60:fe:71:af:af:2a:35:a4:69:
bf:6c:c5:99:a2:53:77:5b:d3:30:db:35:80:77:30:e7:4e:4f:
88:19:89:98:ea:cf:af:16:f8:b3:a0:07:94:ce:eb:13:55:3a:
9b:d3:f0:63:5b:1d:25:23:4a:37:ff:dd:56:01:63:88:9b:12:
d2:b3:11:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYW5m7iU8aM5ZpQIYoDvHDclMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2NDYxNDJjZTMyOTBhYjY3ODZkM2QzMGYyNmI1ZTQxZmQ2
ODRkZGUwHhcNMjMwMTE2MDgwNDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjEzMjYwZjMwMDBlZmNkZjYzMGMwNmJkMjUzNmY5NGU5YjE3NDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhNlD7112s5aEvx1GZTgFTsuSt3o4
+KfUo9iKXecHGM7Py8J3TQYL9VWc0cQyYZ1mxHHXksLRnbiAjSL+oJYOs6SA4R6/
om9S7r1oinct4nIMw9bQIyLCOoEZ4r2/n/rz+wnuxpwYzaaSLm6sSdrdeh0eRQDC
4QnuZYhDVv1R+Xe+9M5CkFPF5bzmdu67sJiGWqx6Tjew1i9NulJjPCO9NkAjs4gD
LnpnJySQ/ORXEAGnyoO9RWpZ15wJj2wQDbdTxorqpOGh3ws2jIOTJNbFq5Q18YqL
AKHvJ1KbgiKFq2kKGv1glwnXk/kszNhv/bxiVdmQNMxgc/5HFBm++PwryQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEsTJg8wAO/N9jDAa9JTb5TpsXSMMB8GA1UdIwQY
MBaAFDZGFCzjKQq2eG09MPJrXkH9aE3eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmtZVUxPTXBDclo0YlQwdzhtdGVRZjFvVGQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9jZDgyMDYtNzY0ZS00YTMxLWFjZTct
ZDMwODU0MmExZDg2LzEvU3hNbUR6QUE3ODMyTU1CcjBsTnZsT214ZEl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9jZDgyMDYtNzY0ZS00YTMxLWFjZTctZDMwODU0MmExZDg2
LzEvTmtZVUxPTXBDclo0YlQwdzhtdGVRZjFvVGQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+BwMA0G
CSqGSIb3DQEBCwUAA4IBAQBKUdUv+gnLHtXiQV9hXeaKDtn1jWNyu9YMpMqwrHiJ
z+GDqo8skEUCbNOt1XSDuMoVN9SCUWqgzT98kOqZWq5OhqaSegvg+9U6VHLHunks
WvIeSo3O3MZo2HBceLJb+NwOvDEcCTOtq7WTeRYzUa9sNYxtWfYb/o4Incmpzp8+
1UOF6fy0+lux7P+KGbBDGVS7giZyjhKwk8LqN4Rx5HTQQ/v/O35piMOiYWFcBIHz
ZlGiUkvTNd85b3nzP6Fg/nGvryo1pGm/bMWZolN3W9Mw2zWAdzDnTk+IGYmY6s+v
FvizoAeUzusTVTqb0/BjWx0lI0o3/91WAWOImxLSsxH0
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:21:48 2025 by rpki-client