Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/sgTNbAHmTD2K8E0-NuHHKQ5JQag.roa
File: sgTNbAHmTD2K8E0-NuHHKQ5JQag.roa (raw, json)
Hash identifier: +4SXuU3g79bvvFZq9r+9a4asrEG84VEC79loDtvmGYI=
Subject key identifier: B2:04:CD:6C:01:E6:4C:3D:8A:F0:4D:3E:36:E1:C7:29:0E:49:41:A8
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0185708CD6B1D1910874E0C940CDE1F867B4
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/sgTNbAHmTD2K8E0-NuHHKQ5JQag.roa
Signing time: Mon 02 Jan 2023 03:35:56 +0000
ROA not before: Mon 02 Jan 2023 03:35:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16054
IP address blocks: 213.228.96.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:d6:b1:d1:91:08:74:e0:c9:40:cd:e1:f8:67:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 03:35:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b204cd6c01e64c3d8af04d3e36e1c7290e4941a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:dd:ea:a5:4a:7c:aa:57:db:67:b5:3d:23:bc:
60:23:b7:c3:49:c6:d3:b7:9a:63:10:bc:8f:66:23:
22:9f:be:d3:2a:70:e9:6e:f1:66:7c:74:ee:7c:6b:
c4:8e:c7:e6:8b:94:0d:68:eb:44:8d:83:5b:46:67:
29:d6:32:8c:f2:87:31:68:d0:36:0b:24:6a:33:2f:
e4:d7:2a:7e:89:7f:86:4b:98:d0:43:71:97:60:5f:
8c:d1:4d:af:68:6e:1d:cf:8f:8c:06:49:bd:c5:ce:
d6:bf:98:9e:07:1c:71:d1:cf:c7:0e:a6:07:cb:9c:
05:3f:af:fe:f5:15:5f:99:73:a2:dc:09:83:cc:33:
b5:40:10:5f:69:89:70:56:6d:f9:70:89:bf:8c:6d:
db:4a:a0:c0:b9:82:92:30:da:77:7d:f1:c4:89:2a:
8e:87:8b:74:77:47:76:46:36:53:b0:37:e8:3d:4a:
57:0e:ec:69:cf:62:20:5a:11:2a:b0:91:e0:0c:71:
96:7d:ab:32:e9:67:09:47:58:18:be:50:10:e2:14:
7f:99:3b:1a:80:84:cb:33:26:28:8d:93:29:51:1f:
54:05:ca:1b:f7:98:9a:7b:e8:db:7b:c2:d7:ed:b0:
80:ef:d3:be:80:2b:31:f7:4b:af:aa:de:ab:24:b5:
10:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:04:CD:6C:01:E6:4C:3D:8A:F0:4D:3E:36:E1:C7:29:0E:49:41:A8
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/sgTNbAHmTD2K8E0-NuHHKQ5JQag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.228.96.0/21
Signature Algorithm: sha256WithRSAEncryption
48:2c:f0:ca:51:0b:a6:63:6a:26:f0:10:c3:1d:00:09:88:ac:
ce:cd:43:0f:f8:a4:a7:53:a7:ec:3c:7e:91:48:6c:38:46:83:
72:c5:6f:0e:04:96:94:ff:9c:14:06:55:98:33:4b:87:c9:4a:
b1:7b:24:a3:c3:2a:77:ff:61:92:d1:0a:ef:2d:1e:1c:fc:0a:
24:0b:4a:3b:b3:53:1e:b5:e3:8c:bb:da:e8:51:dc:70:76:bb:
3a:36:71:90:5a:d9:ba:16:fb:77:83:2f:33:12:ec:dd:25:dc:
a2:99:92:46:10:b1:5b:8e:cc:e6:2f:16:d9:da:5e:1e:4b:ee:
a1:24:e3:44:5c:92:d3:05:54:8d:82:1f:00:5e:c6:78:bd:39:
9b:db:43:bc:7f:54:b9:09:c0:0c:ea:9e:42:08:06:52:5e:e2:
bb:91:3c:3e:01:01:71:1d:e5:9f:a0:2c:8e:d6:e5:8f:d3:58:
46:f4:cd:df:2d:32:aa:11:c8:92:e5:d9:57:ef:fe:69:74:62:
ac:64:11:85:d1:f6:e3:ea:6e:5a:4c:67:c7:08:93:a5:31:c2:
bc:d5:b0:36:41:70:5c:6b:65:20:2b:f4:78:f4:4a:43:bb:71:
61:91:ab:63:11:dc:aa:d8:64:14:08:3d:80:fb:b2:c0:d9:ad:
8b:20:a5:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwjNax0ZEIdODJQM3h+Ge0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjMwMTAyMDMzNTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjA0Y2Q2YzAxZTY0YzNkOGFmMDRkM2UzNmUxYzcyOTBlNDk0MWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs93qpUp8qlfbZ7U9I7xgI7fDScbT
t5pjELyPZiMin77TKnDpbvFmfHTufGvEjsfmi5QNaOtEjYNbRmcp1jKM8ocxaNA2
CyRqMy/k1yp+iX+GS5jQQ3GXYF+M0U2vaG4dz4+MBkm9xc7Wv5ieBxxx0c/HDqYH
y5wFP6/+9RVfmXOi3AmDzDO1QBBfaYlwVm35cIm/jG3bSqDAuYKSMNp3ffHEiSqO
h4t0d0d2RjZTsDfoPUpXDuxpz2IgWhEqsJHgDHGWfasy6WcJR1gYvlAQ4hR/mTsa
gITLMyYojZMpUR9UBcob95iae+jbe8LX7bCA79O+gCsx90uvqt6rJLUQPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLIEzWwB5kw9ivBNPjbhxykOSUGoMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvc2dUTmJBSG1URDJLOEUwLU51SEhLUTVKUWFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD1eRgMA0G
CSqGSIb3DQEBCwUAA4IBAQBILPDKUQumY2om8BDDHQAJiKzOzUMP+KSnU6fsPH6R
SGw4RoNyxW8OBJaU/5wUBlWYM0uHyUqxeySjwyp3/2GS0QrvLR4c/AokC0o7s1Me
teOMu9roUdxwdrs6NnGQWtm6Fvt3gy8zEuzdJdyimZJGELFbjszmLxbZ2l4eS+6h
JONEXJLTBVSNgh8AXsZ4vTmb20O8f1S5CcAM6p5CCAZSXuK7kTw+AQFxHeWfoCyO
1uWP01hG9M3fLTKqEciS5dlX7/5pdGKsZBGF0fbj6m5aTGfHCJOlMcK81bA2QXBc
a2UgK/R49EpDu3FhkatjEdyq2GQUCD2A+7LA2a2LIKVE
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:55:09 2025 by rpki-client