Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/sx6euSsVrPaAvKYv-m90t9VKy3I.roa
File: sx6euSsVrPaAvKYv-m90t9VKy3I.roa (raw, json)
Hash identifier: +yv9rB9o26YtsqAMeSXfICjARwvsxF5Ybik8NfAlQUU=
Subject key identifier: B3:1E:9E:B9:2B:15:AC:F6:80:BC:A6:2F:FA:6F:74:B7:D5:4A:CB:72
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018BB01F844CBEF0A1B6C39F460454D6AFCF
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/sx6euSsVrPaAvKYv-m90t9VKy3I.roa
Signing time: Wed 08 Nov 2023 18:08:57 +0000
ROA not before: Wed 08 Nov 2023 18:08:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 109.203.161.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b0:1f:84:4c:be:f0:a1:b6:c3:9f:46:04:54:d6:af:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Nov 8 18:08:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b31e9eb92b15acf680bca62ffa6f74b7d54acb72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:cd:3d:34:aa:0b:24:05:e6:69:fa:b0:a0:af:
ea:cc:38:12:00:44:0d:71:c2:ef:7b:9f:12:31:b0:
fd:e5:54:40:5d:c6:c5:4a:cc:7e:4a:6d:4c:ac:55:
13:23:e2:f8:ac:5a:83:9e:b6:4a:b2:88:93:7f:ee:
e7:ca:10:27:86:60:5c:62:21:71:a2:d3:87:d3:b7:
e6:b5:43:3a:f9:f6:0e:a0:04:58:9e:cb:43:87:08:
f4:3c:99:ea:3f:9b:7f:86:2f:fb:cb:b0:46:40:5e:
05:54:e6:b3:84:0e:b3:d1:21:ee:57:58:81:65:e9:
6c:b2:a2:49:c2:02:19:b1:fb:2b:a4:33:38:17:05:
28:38:0c:81:02:9d:ce:0f:85:a8:81:2d:fe:40:b1:
31:3f:09:bd:a9:d2:0c:4b:d6:98:98:44:9b:23:45:
ed:de:3a:f3:0f:54:b4:d9:6f:64:46:e6:d0:02:ef:
c3:df:13:22:5c:ce:d0:2d:91:e6:b2:a8:0a:19:c0:
3b:cc:16:d0:88:78:77:f7:23:91:38:2d:2c:39:48:
98:69:46:aa:1d:fc:0a:f0:ec:ad:ba:a3:b6:82:0d:
03:53:4f:ac:e2:37:ca:c1:b1:1b:a5:0f:1e:cb:fd:
7a:fc:81:06:7d:39:0f:87:94:03:a8:6a:57:1f:18:
f6:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:1E:9E:B9:2B:15:AC:F6:80:BC:A6:2F:FA:6F:74:B7:D5:4A:CB:72
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/sx6euSsVrPaAvKYv-m90t9VKy3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.203.161.0/24
Signature Algorithm: sha256WithRSAEncryption
54:ba:a1:51:41:26:9a:b9:5c:54:53:41:6d:16:d1:b1:54:ee:
cb:b9:86:39:43:a6:38:af:c2:29:dd:83:e9:2b:ac:64:bb:a2:
e0:5c:b1:b3:e1:43:9a:10:96:aa:52:eb:4f:85:4d:d7:57:38:
3f:f6:23:27:d1:29:2d:fb:55:d6:9a:7f:3f:9c:aa:7f:7a:2a:
64:eb:1b:5a:a4:a7:d6:ab:c8:35:f8:55:00:b0:b8:5c:b1:4f:
e8:d6:2f:4d:cc:39:77:7e:86:a7:7e:b7:17:47:81:9a:1d:8f:
1e:2b:d2:74:6f:ea:ba:39:98:b3:e2:9f:5b:2f:5a:9e:81:5a:
0c:11:c1:f2:f2:49:07:c9:3c:30:5c:77:22:b2:6b:81:94:d5:
dc:2f:e9:8f:5d:d4:1a:bd:69:ad:ea:b6:2e:6e:05:d4:8a:79:
1b:f1:00:e3:4e:fe:8e:bc:cd:ca:a6:41:18:30:7e:67:25:93:
05:57:11:b7:6b:42:06:4a:3e:f0:7e:33:eb:c1:b5:f1:bd:4a:
3a:89:41:3f:c3:54:32:60:d7:e2:ad:4d:10:16:f2:98:12:1a:
59:fc:42:0c:f1:17:25:16:eb:62:bc:f1:81:c1:4c:93:d3:40:
fd:1d:81:53:81:9e:6b:0f:cd:81:b5:79:a9:3f:48:b1:51:bc:
e1:db:97:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuwH4RMvvChtsOfRgRU1q/PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjMxMTA4MTgwODU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzFlOWViOTJiMTVhY2Y2ODBiY2E2MmZmYTZmNzRiN2Q1NGFjYjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp809NKoLJAXmafqwoK/qzDgSAEQN
ccLve58SMbD95VRAXcbFSsx+Sm1MrFUTI+L4rFqDnrZKsoiTf+7nyhAnhmBcYiFx
otOH07fmtUM6+fYOoARYnstDhwj0PJnqP5t/hi/7y7BGQF4FVOazhA6z0SHuV1iB
ZelssqJJwgIZsfsrpDM4FwUoOAyBAp3OD4WogS3+QLExPwm9qdIMS9aYmESbI0Xt
3jrzD1S02W9kRubQAu/D3xMiXM7QLZHmsqgKGcA7zBbQiHh39yOROC0sOUiYaUaq
HfwK8OytuqO2gg0DU0+s4jfKwbEbpQ8ey/16/IEGfTkPh5QDqGpXHxj2SQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLMenrkrFaz2gLymL/pvdLfVSstyMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvc3g2ZXVTc1ZyUGFBdktZdi1tOTB0OVZLeTNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbcuhMA0G
CSqGSIb3DQEBCwUAA4IBAQBUuqFRQSaauVxUU0FtFtGxVO7LuYY5Q6Y4r8Ip3YPp
K6xku6LgXLGz4UOaEJaqUutPhU3XVzg/9iMn0Skt+1XWmn8/nKp/eipk6xtapKfW
q8g1+FUAsLhcsU/o1i9NzDl3foanfrcXR4GaHY8eK9J0b+q6OZiz4p9bL1qegVoM
EcHy8kkHyTwwXHcismuBlNXcL+mPXdQavWmt6rYubgXUinkb8QDjTv6OvM3KpkEY
MH5nJZMFVxG3a0IGSj7wfjPrwbXxvUo6iUE/w1QyYNfirU0QFvKYEhpZ/EIM8Rcl
FutivPGBwUyT00D9HYFTgZ5rD82BtXmpP0ixUbzh25eU
-----END CERTIFICATE-----
Generated at Fri May 16 05:13:32 2025 by rpki-client