Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/SMuWlHYmCSpTzC-EwW7-2LmoK0A.roa
File: SMuWlHYmCSpTzC-EwW7-2LmoK0A.roa (raw, json)
Hash identifier: S5LMjyi9qmLlA1+44pED759dNYVb2/ZSvZyaE9h5b5Y=
Subject key identifier: 48:CB:96:94:76:26:09:2A:53:CC:2F:84:C1:6E:FE:D8:B9:A8:2B:40
Certificate issuer: /CN=34d0ec7ac4c391e4ecba9d0a3749191b18ebf934
Certificate serial: 014062D7
Authority key identifier: 34:D0:EC:7A:C4:C3:91:E4:EC:BA:9D:0A:37:49:19:1B:18:EB:F9:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NNDsesTDkeTsup0KN0kZGxjr-TQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/SMuWlHYmCSpTzC-EwW7-2LmoK0A.roa
Signing time: Tue 19 Apr 2022 18:30:07 +0000
ROA not before: Tue 19 Apr 2022 18:30:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201986
IP address blocks: 194.61.88.0/22 maxlen: 24
109.68.127.0/24 maxlen: 24
185.150.164.0/22 maxlen: 22
185.150.166.0/24 maxlen: 24
185.150.164.0/23 maxlen: 23
185.150.167.0/24 maxlen: 24
185.57.68.0/22 maxlen: 22
2a02:5960::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20996823 (0x14062d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34d0ec7ac4c391e4ecba9d0a3749191b18ebf934
Validity
Not Before: Apr 19 18:30:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=48cb96947626092a53cc2f84c16efed8b9a82b40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:f6:05:a8:86:f5:b2:1e:b6:ed:ed:cb:83:4d:
57:3a:87:6c:9c:45:87:16:8d:6e:2e:8f:de:24:69:
3c:76:a8:93:99:a1:7d:2d:c0:ef:c0:ee:dc:01:53:
4a:23:ea:51:29:01:53:1d:a9:df:ba:5f:8e:60:0b:
16:96:6a:87:04:fe:5c:11:67:c6:92:0c:c3:46:93:
76:29:bd:26:13:22:5d:59:8e:fe:b3:92:39:19:93:
85:92:48:b9:c4:b6:07:b7:26:de:96:e1:24:f1:b4:
08:16:f5:f8:c8:6e:84:1d:7d:53:6d:c4:1b:8d:00:
07:dc:0b:ea:fb:f4:65:8e:7e:00:cc:fe:65:fb:ca:
79:16:fc:10:23:1a:f9:20:a1:c7:96:e8:4d:3c:80:
ee:fc:4d:bb:bc:b6:b9:61:b6:a4:50:1a:7e:64:29:
4c:01:0c:4b:d4:27:55:b0:b3:2d:64:1a:8a:6f:7b:
d1:dc:98:4a:9f:10:c5:1e:df:3a:7a:fc:f2:96:60:
2b:25:3c:4d:da:79:17:a0:b9:05:80:c3:e1:1c:e9:
8b:42:09:14:43:49:4f:71:06:e3:54:e8:f2:4b:50:
50:f3:6c:a3:ed:29:b0:b4:5a:80:f7:e9:03:8c:ae:
a4:01:2c:16:80:33:4f:b1:8f:41:17:da:ad:c5:bd:
63:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:CB:96:94:76:26:09:2A:53:CC:2F:84:C1:6E:FE:D8:B9:A8:2B:40
X509v3 Authority Key Identifier:
keyid:34:D0:EC:7A:C4:C3:91:E4:EC:BA:9D:0A:37:49:19:1B:18:EB:F9:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NNDsesTDkeTsup0KN0kZGxjr-TQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/SMuWlHYmCSpTzC-EwW7-2LmoK0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/NNDsesTDkeTsup0KN0kZGxjr-TQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.68.127.0/24
185.57.68.0/22
185.150.164.0/22
194.61.88.0/22
IPv6:
2a02:5960::/32
Signature Algorithm: sha256WithRSAEncryption
37:98:a8:45:29:71:e0:c0:24:d6:a8:2d:98:b7:51:a2:a1:56:
86:8c:b6:cb:58:66:49:d1:5e:d9:93:19:e9:b6:8d:ad:cf:6e:
44:f6:a0:f4:af:be:07:89:66:ce:e9:35:a2:36:b6:c2:71:8c:
a4:89:49:80:0e:d0:c3:87:a5:64:68:7c:f2:51:c9:9e:2d:0c:
37:30:69:b0:3c:64:a6:c2:ad:e5:f0:93:04:b8:18:81:1b:79:
68:f6:e6:f4:d7:a8:fb:ce:3c:e4:dd:0a:ba:6c:5d:4b:18:e4:
3c:6c:24:b2:3d:0b:e4:46:b1:2d:8e:33:fa:cd:68:41:03:62:
91:8f:c7:e7:63:0c:84:2a:82:87:d2:35:57:2c:de:77:e8:07:
99:06:28:c6:ad:2f:eb:03:f0:cf:af:bd:96:f2:86:97:36:da:
00:72:b6:cd:7d:3d:b8:86:44:5a:9e:8c:f5:d2:1e:2d:96:6e:
4a:59:79:82:c8:db:db:8e:47:be:3d:e9:5a:92:41:8d:09:b2:
ae:57:22:a0:e3:86:bc:42:9f:09:ac:26:8d:0f:9b:8d:10:56:
cf:29:42:24:9e:88:13:8c:d5:40:a1:d6:a6:b1:21:c7:ad:be:
4e:0a:73:b1:a5:1d:7f:5d:2a:93:63:d6:29:96:c7:14:14:fe:
87:26:44:43
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEAUBi1zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NGQwZWM3YWM0YzM5MWU0ZWNiYTlkMGEzNzQ5MTkxYjE4ZWJmOTM0MB4XDTIyMDQx
OTE4MzAwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDhjYjk2OTQ3NjI2
MDkyYTUzY2MyZjg0YzE2ZWZlZDhiOWE4MmI0MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM72BaiG9bIetu3ty4NNVzqHbJxFhxaNbi6P3iRpPHaok5mh
fS3A78Du3AFTSiPqUSkBUx2p37pfjmALFpZqhwT+XBFnxpIMw0aTdim9JhMiXVmO
/rOSORmThZJIucS2B7cm3pbhJPG0CBb1+MhuhB19U23EG40AB9wL6vv0ZY5+AMz+
ZfvKeRb8ECMa+SChx5boTTyA7vxNu7y2uWG2pFAafmQpTAEMS9QnVbCzLWQaim97
0dyYSp8QxR7fOnr88pZgKyU8Tdp5F6C5BYDD4Rzpi0IJFENJT3EG41To8ktQUPNs
o+0psLRagPfpA4yupAEsFoAzT7GPQRfarcW9Y0kCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBRIy5aUdiYJKlPML4TBbv7YuagrQDAfBgNVHSMEGDAWgBQ00Ox6xMOR5Oy6
nQo3SRkbGOv5NDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05ORHNlc1REa2VUc3VwMEtOMGtaR3hqci1UUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDkvZjdmNTNkLTA2OGMtNDQ0ZS1hZDFlLWI3YzI2OTZiYWU1MC8x
L1NNdVdsSFltQ1NwVHpDLUV3VzctMkxtb0swQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkv
ZjdmNTNkLTA2OGMtNDQ0ZS1hZDFlLWI3YzI2OTZiYWU1MC8xL05ORHNlc1REa2VU
c3VwMEtOMGtaR3hqci1UUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAG1EfwMEArk5RAMEArmWpAMEAsI9
WDANBAIAAjAHAwUAKgJZYDANBgkqhkiG9w0BAQsFAAOCAQEAN5ioRSlx4MAk1qgt
mLdRoqFWhoy2y1hmSdFe2ZMZ6baNrc9uRPag9K++B4lmzuk1oja2wnGMpIlJgA7Q
w4elZGh88lHJni0MNzBpsDxkpsKt5fCTBLgYgRt5aPbm9Neo+8485N0KumxdSxjk
PGwksj0L5EaxLY4z+s1oQQNikY/H52MMhCqCh9I1Vyzed+gHmQYoxq0v6wPwz6+9
lvKGlzbaAHK2zX09uIZEWp6M9dIeLZZuSll5gsjb245Hvj3pWpJBjQmyrlcioOOG
vEKfCawmjQ+bjRBWzylCJJ6IE4zVQKHWprEhx62+TgpzsaUdf10qk2PWKZbHFBT+
hyZEQw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:35 2025 by rpki-client