Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/b88c86-9629-43c6-821e-7a72e26c8918/1/SzT3edckhr1_6DB6Z4fIpg1GJEs.roa
File: SzT3edckhr1_6DB6Z4fIpg1GJEs.roa (raw, json)
Hash identifier: P3lQHxou7GpZKl+leHGoWW/+oHF80moFvni8hu1J+WM=
Subject key identifier: 4B:34:F7:79:D7:24:86:BD:7F:E8:30:7A:67:87:C8:A6:0D:46:24:4B
Certificate issuer: /CN=42512561fc4ee54b799c5af428fffbcbafd454ef
Certificate serial: 01856EA67DD44311DC3DAD5983295B89CD42
Authority key identifier: 42:51:25:61:FC:4E:E5:4B:79:9C:5A:F4:28:FF:FB:CB:AF:D4:54:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QlElYfxO5Ut5nFr0KP_7y6_UVO8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/b88c86-9629-43c6-821e-7a72e26c8918/1/SzT3edckhr1_6DB6Z4fIpg1GJEs.roa
Signing time: Sun 01 Jan 2023 18:44:42 +0000
ROA not before: Sun 01 Jan 2023 18:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203968
IP address blocks: 109.109.192.0/21 maxlen: 24
185.114.212.0/22 maxlen: 24
2a06:71c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:a6:7d:d4:43:11:dc:3d:ad:59:83:29:5b:89:cd:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42512561fc4ee54b799c5af428fffbcbafd454ef
Validity
Not Before: Jan 1 18:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b34f779d72486bd7fe8307a6787c8a60d46244b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:2c:8d:6f:29:47:00:12:39:74:af:83:47:52:
22:0b:e0:4b:9e:48:94:4d:6d:69:3f:7c:9a:38:5d:
ef:a6:44:96:52:87:45:ff:6c:cc:b9:8d:8a:a7:1f:
fd:71:cb:40:c7:24:60:29:68:9f:50:bd:5e:88:88:
32:22:b1:d0:7c:19:7e:52:3f:ce:be:b1:5a:fe:72:
04:28:b2:fa:57:54:11:0b:63:e3:ea:31:35:76:c0:
0a:e4:0e:ef:20:1b:f1:89:0e:a4:40:d2:6d:02:40:
31:78:91:3b:df:d4:5c:1b:49:0e:19:c0:b9:1f:f5:
01:23:a2:8b:74:df:27:73:c5:9e:7b:f3:4e:32:a8:
8a:c0:27:ff:c4:14:21:c6:c5:71:0a:2c:59:b1:70:
0b:5d:9b:9a:3d:a5:f2:19:fa:41:15:f6:15:9e:85:
d9:33:f9:23:f5:ba:e7:a1:95:82:7b:ad:53:8e:fc:
b1:6d:e8:dc:51:cd:e4:95:46:e7:d9:b5:a4:53:b3:
c5:79:83:02:22:d3:dd:0c:88:5b:9b:99:8e:c7:f6:
ad:53:d8:a4:a0:05:93:6e:e5:f7:04:8f:a3:ab:34:
ab:1d:eb:24:af:22:1d:de:7a:f3:59:25:ac:ae:27:
e4:ee:34:ff:b2:0f:16:23:53:1c:22:99:5a:61:f2:
01:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:34:F7:79:D7:24:86:BD:7F:E8:30:7A:67:87:C8:A6:0D:46:24:4B
X509v3 Authority Key Identifier:
keyid:42:51:25:61:FC:4E:E5:4B:79:9C:5A:F4:28:FF:FB:CB:AF:D4:54:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QlElYfxO5Ut5nFr0KP_7y6_UVO8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/b88c86-9629-43c6-821e-7a72e26c8918/1/SzT3edckhr1_6DB6Z4fIpg1GJEs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/b88c86-9629-43c6-821e-7a72e26c8918/1/QlElYfxO5Ut5nFr0KP_7y6_UVO8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.109.192.0/21
185.114.212.0/22
IPv6:
2a06:71c0::/29
Signature Algorithm: sha256WithRSAEncryption
80:8d:d3:f2:33:48:91:54:d2:ef:ed:c8:50:8f:dc:25:e3:dc:
88:c0:5f:bb:f4:33:31:cb:04:f5:55:63:94:3e:b9:3f:44:d8:
e0:aa:46:23:65:99:b8:7c:2d:8d:33:1d:c5:89:4a:05:d2:84:
47:03:bd:b1:da:cc:9d:df:f8:a5:9a:dd:59:b5:0a:71:6b:2c:
1a:e7:e1:31:1d:6c:94:ec:ae:8e:ed:40:52:88:dd:83:2c:8b:
fe:60:cb:e3:b2:87:3c:46:59:08:32:b2:a0:d0:58:c8:58:59:
09:61:31:4e:a1:f8:bc:83:5b:5b:be:15:77:13:97:7a:4c:a2:
f7:98:a5:cb:51:d9:a4:e8:55:b1:8b:20:c4:f8:ef:8e:ea:c9:
35:72:77:b1:ad:2d:13:df:bc:1b:57:48:53:29:e7:30:cf:39:
37:9a:6f:de:43:bc:f9:5c:c1:b7:41:91:9f:7e:39:fb:2d:86:
69:5f:98:b5:92:37:00:42:1b:03:05:33:e4:e7:95:c4:27:72:
8a:5b:ca:65:4e:55:57:91:45:94:94:b7:6b:6c:8a:7f:12:71:
ab:e7:f7:53:27:99:9e:51:14:ec:e3:7e:5a:d7:49:64:ed:37:
7e:ed:df:fc:77:f6:6b:59:5e:b9:f8:df:b4:86:c0:03:fe:dc:
53:88:9b:d6
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVupn3UQxHcPa1Zgylbic1CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyNTEyNTYxZmM0ZWU1NGI3OTljNWFmNDI4ZmZmYmNiYWZk
NDU0ZWYwHhcNMjMwMTAxMTg0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjM0Zjc3OWQ3MjQ4NmJkN2ZlODMwN2E2Nzg3YzhhNjBkNDYyNDRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtiyNbylHABI5dK+DR1IiC+BLnkiU
TW1pP3yaOF3vpkSWUodF/2zMuY2Kpx/9cctAxyRgKWifUL1eiIgyIrHQfBl+Uj/O
vrFa/nIEKLL6V1QRC2Pj6jE1dsAK5A7vIBvxiQ6kQNJtAkAxeJE739RcG0kOGcC5
H/UBI6KLdN8nc8Wee/NOMqiKwCf/xBQhxsVxCixZsXALXZuaPaXyGfpBFfYVnoXZ
M/kj9brnoZWCe61TjvyxbejcUc3klUbn2bWkU7PFeYMCItPdDIhbm5mOx/atU9ik
oAWTbuX3BI+jqzSrHeskryId3nrzWSWsrifk7jT/sg8WI1McIplaYfIBmwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEs093nXJIa9f+gwemeHyKYNRiRLMB8GA1UdIwQY
MBaAFEJRJWH8TuVLeZxa9Cj/+8uv1FTvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWxFbFlmeE81VXQ1bkZyMEtQXzd5Nl9VVk84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9iODhjODYtOTYyOS00M2M2LTgyMWUt
N2E3MmUyNmM4OTE4LzEvU3pUM2VkY2tocjFfNkRCNlo0ZklwZzFHSkVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9iODhjODYtOTYyOS00M2M2LTgyMWUtN2E3MmUyNmM4OTE4
LzEvUWxFbFlmeE81VXQ1bkZyMEtQXzd5Nl9VVk84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDbW3AAwQC
uXLUMA0EAgACMAcDBQMqBnHAMA0GCSqGSIb3DQEBCwUAA4IBAQCAjdPyM0iRVNLv
7chQj9wl49yIwF+79DMxywT1VWOUPrk/RNjgqkYjZZm4fC2NMx3FiUoF0oRHA72x
2syd3/ilmt1ZtQpxaywa5+ExHWyU7K6O7UBSiN2DLIv+YMvjsoc8RlkIMrKg0FjI
WFkJYTFOofi8g1tbvhV3E5d6TKL3mKXLUdmk6FWxiyDE+O+O6sk1cnexrS0T37wb
V0hTKecwzzk3mm/eQ7z5XMG3QZGffjn7LYZpX5i1kjcAQhsDBTPk55XEJ3KKW8pl
TlVXkUWUlLdrbIp/EnGr5/dTJ5meURTs435a10lk7Td+7d/8d/ZrWV65+N+0hsAD
/txTiJvW
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:34:44 2025 by rpki-client