Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/446d40-5782-4de0-a2c5-b68f5d8f651a/1/skadSbgdeJ3mM1E1dLxwmTv9WOs.roa
File: skadSbgdeJ3mM1E1dLxwmTv9WOs.roa (raw, json)
Hash identifier: r9jETMHPjgiZE6A8nn/ESah2of0BtAxwGbeuH3W8miU=
Subject key identifier: B2:46:9D:49:B8:1D:78:9D:E6:33:51:35:74:BC:70:99:3B:FD:58:EB
Certificate issuer: /CN=d737824e0ffa79f18b9fc49d6cb0dd81c9a6ca28
Certificate serial: 0185728CA1E18415682F7F361D44977B9C97
Authority key identifier: D7:37:82:4E:0F:FA:79:F1:8B:9F:C4:9D:6C:B0:DD:81:C9:A6:CA:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1zeCTg_6efGLn8SdbLDdgcmmyig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/446d40-5782-4de0-a2c5-b68f5d8f651a/1/skadSbgdeJ3mM1E1dLxwmTv9WOs.roa
Signing time: Mon 02 Jan 2023 12:54:57 +0000
ROA not before: Mon 02 Jan 2023 12:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 91.232.229.0/24 maxlen: 24
2001:7f8:66::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:8c:a1:e1:84:15:68:2f:7f:36:1d:44:97:7b:9c:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d737824e0ffa79f18b9fc49d6cb0dd81c9a6ca28
Validity
Not Before: Jan 2 12:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b2469d49b81d789de633513574bc70993bfd58eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:79:16:a8:aa:15:db:8a:40:36:e2:d7:8c:45:
e2:f9:5a:7e:9e:31:a6:d8:1b:66:a7:c8:af:a2:9b:
3c:dd:e3:a7:32:c4:81:b7:bf:ca:6f:05:c6:02:55:
c0:f9:c5:75:fa:81:2a:10:24:07:bb:e3:29:53:ff:
19:c1:99:53:b5:f6:75:7e:19:00:e0:3b:24:46:cd:
89:e4:92:52:a9:26:cc:4f:2e:c2:79:83:6f:b0:0b:
75:8e:c0:71:b1:e6:6e:45:9a:da:f1:19:54:1a:0a:
d6:43:2b:b8:bb:8a:4c:29:1d:55:e1:39:7b:da:c4:
98:8c:85:5d:ab:b0:eb:36:58:6c:88:23:7f:23:ac:
e0:ba:61:de:c0:ae:43:23:a9:76:a5:b5:2b:59:97:
70:f5:ab:c3:70:a5:fd:be:35:1c:e5:f4:c5:13:d0:
0a:5d:85:ab:60:0f:cf:52:83:14:c4:f4:8b:78:8c:
74:44:cf:d9:d5:b1:f9:9d:59:19:97:45:44:d1:8b:
68:85:62:44:46:d5:7f:c1:62:79:2a:56:a0:c2:dc:
ef:1c:aa:d4:21:92:55:c8:75:40:00:48:d2:87:71:
5d:14:20:e3:a7:27:8f:2e:78:6e:9c:88:be:3d:e4:
5a:cb:0e:bf:b3:31:c8:d8:b3:ff:59:74:83:77:b4:
c3:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:46:9D:49:B8:1D:78:9D:E6:33:51:35:74:BC:70:99:3B:FD:58:EB
X509v3 Authority Key Identifier:
keyid:D7:37:82:4E:0F:FA:79:F1:8B:9F:C4:9D:6C:B0:DD:81:C9:A6:CA:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1zeCTg_6efGLn8SdbLDdgcmmyig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/446d40-5782-4de0-a2c5-b68f5d8f651a/1/skadSbgdeJ3mM1E1dLxwmTv9WOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/446d40-5782-4de0-a2c5-b68f5d8f651a/1/1zeCTg_6efGLn8SdbLDdgcmmyig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.229.0/24
IPv6:
2001:7f8:66::/48
Signature Algorithm: sha256WithRSAEncryption
62:fa:bb:83:90:97:06:a4:1f:d2:f0:c8:1e:3e:3f:e6:e0:b6:
59:8a:30:0a:5b:a0:97:83:ac:93:bb:95:7b:87:25:ce:9c:f6:
51:e6:be:f4:b3:ac:59:f1:24:05:e9:50:b9:c1:02:76:2a:96:
b0:aa:16:fc:fd:bd:75:19:03:18:49:93:80:b3:68:36:0f:17:
89:b4:73:42:e8:b2:da:cd:01:e9:c1:92:6a:c6:55:9f:9a:60:
a0:8e:b9:7b:3f:3e:5a:0b:71:5e:ee:4d:89:31:64:e6:c0:26:
b3:19:f4:38:3c:b4:0f:e7:5b:f4:21:c4:28:c9:ad:46:6b:0e:
be:59:b1:4e:8f:25:88:ee:aa:a1:93:d5:e0:0d:fa:a3:ce:7c:
ff:1f:8c:4d:f0:bd:c8:91:57:31:c6:45:0a:4e:ac:6b:35:63:
64:d0:e6:ee:2b:16:0c:b2:ba:2b:13:14:9f:99:34:a5:f7:b7:
f4:57:70:fb:fe:db:52:c9:64:02:16:26:9f:47:f3:7e:0c:f7:
f3:c4:bc:b3:ce:0d:f1:94:95:bf:51:e7:40:50:77:4a:f6:8e:
ee:0a:64:89:e1:aa:e2:06:cd:b6:ba:37:6e:40:e8:e7:21:ae:
24:ca:21:3d:14:cb:26:a1:e6:33:2a:76:2f:9e:12:73:61:f8:
b1:dc:e9:63
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVyjKHhhBVoL382HUSXe5yXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3Mzc4MjRlMGZmYTc5ZjE4YjlmYzQ5ZDZjYjBkZDgxYzlh
NmNhMjgwHhcNMjMwMTAyMTI1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjQ2OWQ0OWI4MWQ3ODlkZTYzMzUxMzU3NGJjNzA5OTNiZmQ1OGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnkWqKoV24pANuLXjEXi+Vp+njGm
2Btmp8ivops83eOnMsSBt7/KbwXGAlXA+cV1+oEqECQHu+MpU/8ZwZlTtfZ1fhkA
4DskRs2J5JJSqSbMTy7CeYNvsAt1jsBxseZuRZra8RlUGgrWQyu4u4pMKR1V4Tl7
2sSYjIVdq7DrNlhsiCN/I6zgumHewK5DI6l2pbUrWZdw9avDcKX9vjUc5fTFE9AK
XYWrYA/PUoMUxPSLeIx0RM/Z1bH5nVkZl0VE0YtohWJERtV/wWJ5KlagwtzvHKrU
IZJVyHVAAEjSh3FdFCDjpyePLnhunIi+PeRayw6/szHI2LP/WXSDd7TDtwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLJGnUm4HXid5jNRNXS8cJk7/VjrMB8GA1UdIwQY
MBaAFNc3gk4P+nnxi5/EnWyw3YHJpsooMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXplQ1RnXzZlZkdMbjhTZGJMRGRnY21teWlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC80NDZkNDAtNTc4Mi00ZGUwLWEyYzUt
YjY4ZjVkOGY2NTFhLzEvc2thZFNiZ2RlSjNtTTFFMWRMeHdtVHY5V09zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC80NDZkNDAtNTc4Mi00ZGUwLWEyYzUtYjY4ZjVkOGY2NTFh
LzEvMXplQ1RnXzZlZkdMbjhTZGJMRGRnY21teWlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW+jlMA8E
AgACMAkDBwAgAQf4AGYwDQYJKoZIhvcNAQELBQADggEBAGL6u4OQlwakH9LwyB4+
P+bgtlmKMApboJeDrJO7lXuHJc6c9lHmvvSzrFnxJAXpULnBAnYqlrCqFvz9vXUZ
AxhJk4CzaDYPF4m0c0LostrNAenBkmrGVZ+aYKCOuXs/PloLcV7uTYkxZObAJrMZ
9Dg8tA/nW/QhxCjJrUZrDr5ZsU6PJYjuqqGT1eAN+qPOfP8fjE3wvciRVzHGRQpO
rGs1Y2TQ5u4rFgyyuisTFJ+ZNKX3t/RXcPv+21LJZAIWJp9H834M9/PEvLPODfGU
lb9R50BQd0r2ju4KZInhquIGzba6N25A6OchriTKIT0Uyyah5jMqdi+eEnNh+LHc
6WM=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:15 2025 by rpki-client