Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/c62d13-7f03-4d19-8b46-fc91433d367d/1/0Sp8l0J3D8qpYfUQQyboWIwd0A8.roa
File: 0Sp8l0J3D8qpYfUQQyboWIwd0A8.roa (raw, json)
Hash identifier: e2IPyTi8F3GPOLrWPK1QRB1jc9sd8Nyjla2Q/KA5jck=
Subject key identifier: D1:2A:7C:97:42:77:0F:CA:A9:61:F5:10:43:26:E8:58:8C:1D:D0:0F
Certificate issuer: /CN=4ca13bdea54f76b8a85712afdb615186b33838c1
Certificate serial: 01856BDC792B1899F4BF4CF5E2B172B5AEE5
Authority key identifier: 4C:A1:3B:DE:A5:4F:76:B8:A8:57:12:AF:DB:61:51:86:B3:38:38:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TKE73qVPdrioVxKv22FRhrM4OME.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/c62d13-7f03-4d19-8b46-fc91433d367d/1/0Sp8l0J3D8qpYfUQQyboWIwd0A8.roa
Signing time: Sun 01 Jan 2023 05:44:49 +0000
ROA not before: Sun 01 Jan 2023 05:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47309
IP address blocks: 194.8.90.0/23 maxlen: 23
130.0.20.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:dc:79:2b:18:99:f4:bf:4c:f5:e2:b1:72:b5:ae:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ca13bdea54f76b8a85712afdb615186b33838c1
Validity
Not Before: Jan 1 05:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d12a7c9742770fcaa961f5104326e8588c1dd00f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e5:b8:5d:3d:f7:9a:91:23:ab:d3:3a:0d:74:
ea:1e:1d:c5:e4:d9:da:0b:c6:a2:5a:9c:f0:28:87:
d8:95:8d:e0:6e:3b:93:b9:b7:75:1c:31:33:4d:6b:
6d:c1:63:d9:8b:bd:f0:2e:35:ea:c1:4e:fb:6f:bc:
4e:4a:4f:f6:38:24:43:92:1b:68:05:1c:29:31:f8:
0f:46:b7:96:bf:a8:77:1a:7e:5a:01:77:ca:16:1a:
d8:0e:2a:ee:30:bb:f2:e1:82:97:77:b1:be:15:ac:
dd:61:3f:78:23:5d:3c:1f:88:f7:cb:3c:6e:8f:07:
3a:6a:d9:ef:9c:56:bb:34:8e:12:31:e5:3d:10:3d:
5e:43:62:57:29:0c:d9:20:b6:20:fa:36:25:7d:cc:
3f:2a:cb:f3:14:6f:3b:e5:41:e3:20:4b:39:74:0c:
7b:dc:32:35:7f:e7:72:20:56:2f:c1:fb:b8:ca:a3:
96:7b:1f:1a:20:51:21:b0:77:35:4a:79:be:44:1a:
d6:24:b5:c5:2d:44:d0:b1:47:d8:e6:2e:4e:ee:88:
c9:a6:1a:67:6e:7f:c8:bb:00:2c:95:5b:2a:5c:6d:
dc:0a:c8:75:45:aa:b5:10:e1:93:5c:8c:56:07:e9:
b8:23:8a:5d:42:cc:ba:be:41:41:2e:07:dd:de:b5:
d9:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:2A:7C:97:42:77:0F:CA:A9:61:F5:10:43:26:E8:58:8C:1D:D0:0F
X509v3 Authority Key Identifier:
keyid:4C:A1:3B:DE:A5:4F:76:B8:A8:57:12:AF:DB:61:51:86:B3:38:38:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TKE73qVPdrioVxKv22FRhrM4OME.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c62d13-7f03-4d19-8b46-fc91433d367d/1/0Sp8l0J3D8qpYfUQQyboWIwd0A8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c62d13-7f03-4d19-8b46-fc91433d367d/1/TKE73qVPdrioVxKv22FRhrM4OME.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.0.20.0/23
194.8.90.0/23
Signature Algorithm: sha256WithRSAEncryption
09:2f:37:e9:5c:02:74:56:f5:8b:5b:f0:eb:b5:08:9e:77:2f:
a7:4f:99:85:ff:75:13:b0:c7:79:d7:3c:5c:bc:43:bc:83:62:
c7:b8:f1:4e:df:e7:eb:94:02:69:6a:5a:f2:39:f9:b3:bb:f6:
32:6f:4f:57:40:00:cf:cf:eb:63:65:7a:eb:ab:e3:3f:dc:33:
0b:c8:d5:db:5e:f7:17:fd:76:a4:3f:fe:1e:6b:b9:e8:8d:53:
3f:da:19:0e:17:5a:7b:38:ec:1f:c0:4b:7c:34:9f:de:54:ce:
41:a5:7c:14:95:1a:82:57:36:3e:fa:e4:aa:6d:1d:80:bb:b1:
a2:41:c8:1e:0f:63:97:40:f3:08:c0:33:9d:5b:d9:da:33:56:
dc:12:21:1e:c4:35:5e:3b:83:91:44:f4:25:d3:00:d2:73:7d:
16:40:72:d1:0f:e5:8d:84:54:fa:5a:89:be:c2:b1:33:fb:ef:
48:c9:43:d9:53:3e:5c:5c:4c:17:c0:00:2f:ff:bc:6f:d1:3f:
1e:8b:8c:6e:df:b6:a9:d4:5a:1c:9d:5a:0b:55:62:3f:8b:54:
64:c1:9e:c0:50:14:c3:14:33:c7:32:4c:6d:e6:a6:fb:93:35:
6b:73:47:53:26:74:5c:99:52:d6:b9:fe:88:a8:06:e1:80:9f:
fe:ca:d9:1c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVr3HkrGJn0v0z14rFyta7lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjYTEzYmRlYTU0Zjc2YjhhODU3MTJhZmRiNjE1MTg2YjMz
ODM4YzEwHhcNMjMwMTAxMDU0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTJhN2M5NzQyNzcwZmNhYTk2MWY1MTA0MzI2ZTg1ODhjMWRkMDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsuW4XT33mpEjq9M6DXTqHh3F5Nna
C8aiWpzwKIfYlY3gbjuTubd1HDEzTWttwWPZi73wLjXqwU77b7xOSk/2OCRDkhto
BRwpMfgPRreWv6h3Gn5aAXfKFhrYDiruMLvy4YKXd7G+FazdYT94I108H4j3yzxu
jwc6atnvnFa7NI4SMeU9ED1eQ2JXKQzZILYg+jYlfcw/KsvzFG875UHjIEs5dAx7
3DI1f+dyIFYvwfu4yqOWex8aIFEhsHc1Snm+RBrWJLXFLUTQsUfY5i5O7ojJphpn
bn/IuwAslVsqXG3cCsh1Raq1EOGTXIxWB+m4I4pdQsy6vkFBLgfd3rXZuQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNEqfJdCdw/KqWH1EEMm6FiMHdAPMB8GA1UdIwQY
MBaAFEyhO96lT3a4qFcSr9thUYazODjBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEtFNzNxVlBkcmlvVnhLdjIyRlJock00T01FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jNjJkMTMtN2YwMy00ZDE5LThiNDYt
ZmM5MTQzM2QzNjdkLzEvMFNwOGwwSjNEOHFwWWZVUVF5Ym9XSXdkMEE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9jNjJkMTMtN2YwMy00ZDE5LThiNDYtZmM5MTQzM2QzNjdk
LzEvVEtFNzNxVlBkcmlvVnhLdjIyRlJock00T01FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBggAUAwQB
wghaMA0GCSqGSIb3DQEBCwUAA4IBAQAJLzfpXAJ0VvWLW/DrtQiedy+nT5mF/3UT
sMd51zxcvEO8g2LHuPFO3+frlAJpalryOfmzu/Yyb09XQADPz+tjZXrrq+M/3DML
yNXbXvcX/XakP/4ea7nojVM/2hkOF1p7OOwfwEt8NJ/eVM5BpXwUlRqCVzY++uSq
bR2Au7GiQcgeD2OXQPMIwDOdW9naM1bcEiEexDVeO4ORRPQl0wDSc30WQHLRD+WN
hFT6Wom+wrEz++9IyUPZUz5cXEwXwAAv/7xv0T8ei4xu37ap1FocnVoLVWI/i1Rk
wZ7AUBTDFDPHMkxt5qb7kzVrc0dTJnRcmVLWuf6IqAbhgJ/+ytkc
-----END CERTIFICATE-----
Generated at Mon Apr 28 13:36:01 2025 by rpki-client