Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/ef2216-7c1f-4f6d-85c5-f53ad46caf3c/1/SB2osX4O23cjJPPu0urXIpRARhM.roa
File: SB2osX4O23cjJPPu0urXIpRARhM.roa (raw, json)
Hash identifier: yQhxI6UbcE7BTXOw1tAAK7Ro8llIRXDRLArNXam+OIk=
Subject key identifier: 48:1D:A8:B1:7E:0E:DB:77:23:24:F3:EE:D2:EA:D7:22:94:40:46:13
Certificate issuer: /CN=ec3ce4e2b1ad290867ddc77f31e5f153e9b20887
Certificate serial: 139B7ACB
Authority key identifier: EC:3C:E4:E2:B1:AD:29:08:67:DD:C7:7F:31:E5:F1:53:E9:B2:08:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7Dzk4rGtKQhn3cd_MeXxU-myCIc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/ef2216-7c1f-4f6d-85c5-f53ad46caf3c/1/SB2osX4O23cjJPPu0urXIpRARhM.roa
Signing time: Sat 01 Jan 2022 16:04:09 +0000
ROA not before: Sat 01 Jan 2022 16:04:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203055
IP address blocks: 2001:678:25c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 328956619 (0x139b7acb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec3ce4e2b1ad290867ddc77f31e5f153e9b20887
Validity
Not Before: Jan 1 16:04:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=481da8b17e0edb772324f3eed2ead72294404613
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:84:1b:4e:67:a2:b3:30:60:3f:de:51:84:37:
27:35:88:07:2f:a5:50:11:49:da:a5:52:20:c1:bc:
bf:43:e1:27:90:93:28:35:3a:01:a8:8e:e8:23:a2:
78:23:d6:c0:1f:8e:ce:eb:f6:2d:bd:05:23:18:4b:
d8:3c:b1:66:62:48:7a:1c:b6:66:6a:88:fb:c7:d5:
01:e0:4a:7c:bd:a2:1d:fe:91:77:47:6a:b4:38:63:
7c:b3:3d:3f:68:ee:b3:5e:a9:0a:d0:b9:a4:7f:43:
9d:f4:0e:9d:5b:d9:5c:98:8e:92:1d:3c:43:86:11:
b5:9f:0b:64:43:21:8e:14:3d:d4:7e:b8:a7:3c:50:
66:60:0a:92:81:2d:0f:7c:ab:9f:f5:d7:c0:86:2a:
cd:32:42:18:05:04:8e:9e:ff:c7:2b:75:ad:1a:f6:
d6:de:de:57:3c:7a:2c:0e:ff:0f:4a:ff:7c:17:e1:
4a:df:0e:68:a9:aa:20:a4:db:29:a3:ef:5c:cd:be:
0e:47:d1:3d:ae:9a:9b:1a:5b:08:ce:cd:33:9a:b2:
94:e5:6f:3f:a1:b1:f7:ad:d9:eb:ab:36:e5:c0:7e:
7d:49:51:c4:c1:de:fc:35:3b:f4:a4:7c:ea:2e:0b:
fa:fa:f5:a6:31:c7:30:57:97:af:53:dd:b0:74:07:
e1:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:1D:A8:B1:7E:0E:DB:77:23:24:F3:EE:D2:EA:D7:22:94:40:46:13
X509v3 Authority Key Identifier:
keyid:EC:3C:E4:E2:B1:AD:29:08:67:DD:C7:7F:31:E5:F1:53:E9:B2:08:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7Dzk4rGtKQhn3cd_MeXxU-myCIc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/ef2216-7c1f-4f6d-85c5-f53ad46caf3c/1/SB2osX4O23cjJPPu0urXIpRARhM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/ef2216-7c1f-4f6d-85c5-f53ad46caf3c/1/7Dzk4rGtKQhn3cd_MeXxU-myCIc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:25c::/48
Signature Algorithm: sha256WithRSAEncryption
94:2d:f3:db:35:ca:cd:7d:de:c2:c1:c0:14:fb:67:47:55:98:
53:d7:7b:d6:c0:f5:23:12:5a:90:00:4b:a0:52:f0:df:53:02:
6d:2c:59:81:55:4f:c4:6a:bf:26:96:4d:0a:6e:75:e7:58:bc:
5e:b6:12:31:90:36:eb:84:77:3b:de:8e:00:27:16:7f:12:53:
85:e4:d8:11:ba:a2:71:53:70:f3:3c:f8:82:65:43:8c:53:d5:
bd:01:71:06:bc:3a:45:e4:70:b9:1a:1c:72:68:16:cd:55:1f:
e2:15:97:36:b6:5e:ba:43:2d:7c:c0:e8:2f:a5:04:c7:2e:ac:
6d:ef:42:3e:bf:f7:34:cd:58:51:23:91:e4:a1:44:73:a7:da:
4d:0d:c7:17:54:77:14:32:39:c8:22:a7:a1:9a:3c:70:6f:29:
c7:d6:f6:7e:70:bc:1b:d5:08:6a:9e:09:ad:a2:88:fa:b3:8c:
ca:e1:03:7a:20:79:10:46:7b:1b:17:33:86:24:1c:9b:3b:fb:
6b:4a:9b:d9:9c:91:51:8b:c6:d3:91:0d:cf:a6:5b:6b:ff:b8:
f4:da:0a:36:23:c3:66:03:ad:e2:53:6c:ff:d0:c3:5e:5a:7e:
6e:a9:15:08:15:38:55:88:16:48:3c:82:ef:55:4a:e4:63:17:
a1:91:95:a7
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEE5t6yzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YzNjZTRlMmIxYWQyOTA4NjdkZGM3N2YzMWU1ZjE1M2U5YjIwODg3MB4XDTIyMDEw
MTE2MDQwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDgxZGE4YjE3ZTBl
ZGI3NzIzMjRmM2VlZDJlYWQ3MjI5NDQwNDYxMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMOEG05norMwYD/eUYQ3JzWIBy+lUBFJ2qVSIMG8v0PhJ5CT
KDU6AaiO6COieCPWwB+Ozuv2Lb0FIxhL2DyxZmJIehy2ZmqI+8fVAeBKfL2iHf6R
d0dqtDhjfLM9P2jus16pCtC5pH9DnfQOnVvZXJiOkh08Q4YRtZ8LZEMhjhQ91H64
pzxQZmAKkoEtD3yrn/XXwIYqzTJCGAUEjp7/xyt1rRr21t7eVzx6LA7/D0r/fBfh
St8OaKmqIKTbKaPvXM2+DkfRPa6amxpbCM7NM5qylOVvP6Gx963Z66s25cB+fUlR
xMHe/DU79KR86i4L+vr1pjHHMFeXr1PdsHQH4bECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRIHaixfg7bdyMk8+7S6tcilEBGEzAfBgNVHSMEGDAWgBTsPOTisa0pCGfd
x38x5fFT6bIIhzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdEems0ckd0S1FobjNjZF9NZVh4VS1teUNJYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjMvZWYyMjE2LTdjMWYtNGY2ZC04NWM1LWY1M2FkNDZjYWYzYy8x
L1NCMm9zWDRPMjNjakpQUHUwdXJYSXBSQVJoTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjMv
ZWYyMjE2LTdjMWYtNGY2ZC04NWM1LWY1M2FkNDZjYWYzYy8xLzdEems0ckd0S1Fo
bjNjZF9NZVh4VS1teUNJYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngCXDANBgkqhkiG9w0BAQsF
AAOCAQEAlC3z2zXKzX3ewsHAFPtnR1WYU9d71sD1IxJakABLoFLw31MCbSxZgVVP
xGq/JpZNCm5151i8XrYSMZA264R3O96OACcWfxJTheTYEbqicVNw8zz4gmVDjFPV
vQFxBrw6ReRwuRoccmgWzVUf4hWXNrZeukMtfMDoL6UExy6sbe9CPr/3NM1YUSOR
5KFEc6faTQ3HF1R3FDI5yCKnoZo8cG8px9b2fnC8G9UIap4JraKI+rOMyuEDeiB5
EEZ7GxczhiQcmzv7a0qb2ZyRUYvG05ENz6Zba/+49NoKNiPDZgOt4lNs/9DDXlp+
bqkVCBU4VYgWSDyC71VK5GMXoZGVpw==
-----END CERTIFICATE-----
Generated at Sun Apr 27 19:09:50 2025 by rpki-client