Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/SBXDZdkbqn-9pRlnIZZsTmEIqY8.roa
File: SBXDZdkbqn-9pRlnIZZsTmEIqY8.roa (raw, json)
Hash identifier: Dj8s9fPfyu/ja3F9QdVuF7FE7wzVGSwEHXTGpy9D7x0=
Subject key identifier: 48:15:C3:65:D9:1B:AA:7F:BD:A5:19:67:21:96:6C:4E:61:08:A9:8F
Certificate issuer: /CN=6fccdffda6a4c48914b5e8cde7da5d820b9c9718
Certificate serial: 0187912B86307AAFA0616619362F84CB7C7D
Authority key identifier: 6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/SBXDZdkbqn-9pRlnIZZsTmEIqY8.roa
Signing time: Mon 17 Apr 2023 21:42:41 +0000
ROA not before: Mon 17 Apr 2023 21:42:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21100
IP address blocks: 91.90.192.0/24 maxlen: 24
91.90.194.0/24 maxlen: 24
91.223.123.0/24 maxlen: 24
185.198.164.0/22 maxlen: 22
195.245.112.0/23 maxlen: 23
2001:67c:2f5c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:91:2b:86:30:7a:af:a0:61:66:19:36:2f:84:cb:7c:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fccdffda6a4c48914b5e8cde7da5d820b9c9718
Validity
Not Before: Apr 17 21:42:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4815c365d91baa7fbda5196721966c4e6108a98f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:71:db:05:4f:ef:b5:79:0d:18:62:42:ee:e7:
79:11:1c:73:00:fb:44:cc:83:55:7f:51:3a:c0:e1:
02:7f:b3:16:d3:85:85:b3:4e:bb:e2:fa:47:fb:31:
24:aa:5b:88:7a:b0:d9:a4:36:0b:a4:df:b4:7d:f3:
a2:10:12:c0:3b:6d:a0:40:69:a0:6a:4b:90:cb:46:
d3:bb:87:24:90:98:b6:ac:be:37:dc:ad:33:eb:a4:
66:c1:13:db:86:d7:d4:7e:58:35:02:84:9a:12:d3:
3d:05:37:12:6d:63:e5:1d:dd:d8:a5:8b:50:d6:05:
12:e6:bd:c4:87:79:d8:25:62:9f:1d:f1:99:bb:05:
5e:ae:75:29:4c:3e:76:94:a5:b2:a1:a9:09:46:95:
e5:69:ec:42:38:a9:b4:93:77:08:ee:ef:23:20:11:
42:94:ef:5a:13:97:59:bb:4b:dc:6e:91:c2:48:ba:
0a:5f:d3:ff:f3:0e:1d:d9:a6:a2:58:9f:89:f8:df:
d8:36:5f:d5:74:93:e5:7b:e7:0f:cd:6f:d2:85:73:
67:5a:a9:83:09:c9:a4:a5:6a:5b:f0:4b:47:3c:2a:
f1:29:89:eb:6e:80:2d:61:20:33:cb:b3:ca:56:27:
28:dd:ff:34:d3:50:39:aa:31:40:7d:bc:12:d4:53:
05:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:15:C3:65:D9:1B:AA:7F:BD:A5:19:67:21:96:6C:4E:61:08:A9:8F
X509v3 Authority Key Identifier:
keyid:6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/SBXDZdkbqn-9pRlnIZZsTmEIqY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/b8zf_aakxIkUtejN59pdgguclxg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.90.192.0/24
91.90.194.0/24
91.223.123.0/24
185.198.164.0/22
195.245.112.0/23
IPv6:
2001:67c:2f5c::/48
Signature Algorithm: sha256WithRSAEncryption
3b:64:c0:3b:b2:67:90:89:f0:46:e7:20:16:36:c5:7b:62:fd:
90:a3:cc:ab:03:27:12:29:d4:28:d3:f1:95:4e:3e:92:78:39:
ef:d0:64:e4:bf:0b:9e:34:0f:96:2e:ba:78:b1:65:9f:a9:fd:
fe:75:53:f3:5e:25:e8:b7:de:ac:89:2e:17:48:be:16:60:40:
a7:7f:56:13:a5:1b:f2:b1:13:8e:dd:cb:bf:be:d3:a0:1b:0e:
c0:67:38:77:d8:1f:94:6a:35:c7:59:77:45:ab:1f:e4:c0:ab:
0e:7f:72:68:b4:f2:e5:6b:92:61:0d:2e:b4:fb:cb:1d:9e:bc:
26:6c:7b:84:7c:f2:a3:e4:5c:0e:cc:71:fd:8e:47:84:35:71:
14:6e:62:c1:af:39:71:1f:b7:1f:2b:52:24:77:f3:4b:6f:79:
ff:d2:13:4c:d4:ae:45:97:38:a2:26:6a:d8:a5:90:1e:6c:ea:
a4:7f:14:a2:ab:a9:f5:de:9d:4c:b1:18:72:e0:b3:d2:bc:81:
00:03:71:d0:31:3b:1d:ac:5d:b9:f9:ea:0a:5e:7b:1a:7b:88:
1f:e9:93:28:36:6b:62:78:07:34:eb:5b:41:fe:e9:4c:4d:9d:
76:06:d7:ae:df:9e:6d:60:73:d7:34:d2:82:a1:7e:68:62:c3:
b2:a3:7b:5a
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYeRK4Yweq+gYWYZNi+Ey3x9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmY2NkZmZkYTZhNGM0ODkxNGI1ZThjZGU3ZGE1ZDgyMGI5
Yzk3MTgwHhcNMjMwNDE3MjE0MjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODE1YzM2NWQ5MWJhYTdmYmRhNTE5NjcyMTk2NmM0ZTYxMDhhOThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3HbBU/vtXkNGGJC7ud5ERxzAPtE
zINVf1E6wOECf7MW04WFs0674vpH+zEkqluIerDZpDYLpN+0ffOiEBLAO22gQGmg
akuQy0bTu4ckkJi2rL433K0z66RmwRPbhtfUflg1AoSaEtM9BTcSbWPlHd3YpYtQ
1gUS5r3Eh3nYJWKfHfGZuwVernUpTD52lKWyoakJRpXlaexCOKm0k3cI7u8jIBFC
lO9aE5dZu0vcbpHCSLoKX9P/8w4d2aaiWJ+J+N/YNl/VdJPle+cPzW/ShXNnWqmD
CcmkpWpb8EtHPCrxKYnrboAtYSAzy7PKVico3f8001A5qjFAfbwS1FMFrwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFEgVw2XZG6p/vaUZZyGWbE5hCKmPMB8GA1UdIwQY
MBaAFG/M3/2mpMSJFLXozefaXYILnJcYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjh6Zl9hYWt4SWtVdGVqTjU5cGRnZ3VjbHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9jYjAxNTMtODAzYS00YmI2LWIxOWQt
YTc3NGU0MWQyNjRjLzEvU0JYRFpka2Jxbi05cFJsbklaWnNUbUVJcVk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9jYjAxNTMtODAzYS00YmI2LWIxOWQtYTc3NGU0MWQyNjRj
LzEvYjh6Zl9hYWt4SWtVdGVqTjU5cGRnZ3VjbHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQAW1rAAwQA
W1rCAwQAW997AwQCucakAwQBw/VwMA8EAgACMAkDBwAgAQZ8L1wwDQYJKoZIhvcN
AQELBQADggEBADtkwDuyZ5CJ8EbnIBY2xXti/ZCjzKsDJxIp1CjT8ZVOPpJ4Oe/Q
ZOS/C540D5YuunixZZ+p/f51U/NeJei33qyJLhdIvhZgQKd/VhOlG/KxE47dy7++
06AbDsBnOHfYH5RqNcdZd0WrH+TAqw5/cmi08uVrkmENLrT7yx2evCZse4R88qPk
XA7Mcf2OR4Q1cRRuYsGvOXEftx8rUiR380tvef/SE0zUrkWXOKImatilkB5s6qR/
FKKrqfXenUyxGHLgs9K8gQADcdAxOx2sXbn56gpeexp7iB/pkyg2a2J4BzTrW0H+
6UxNnXYG167fnm1gc9c00oKhfmhiw7Kje1o=
-----END CERTIFICATE-----
Generated at Fri May 2 13:18:54 2025 by rpki-client