Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/8f0180-2b5b-4419-ad36-f4b8ca37a1fb/1/STqc1vXE-L9P1PmtsvcZNC3kovI.roa
File: STqc1vXE-L9P1PmtsvcZNC3kovI.roa (raw, json)
Hash identifier: SCa5VtA2eKqiQZAWXAqrlLfaKpDtnTaMPaRMwR4yK0M=
Subject key identifier: 49:3A:9C:D6:F5:C4:F8:BF:4F:D4:F9:AD:B2:F7:19:34:2D:E4:A2:F2
Certificate issuer: /CN=fa81dc46cce39c16c24396f55e6263a669c7e769
Certificate serial: 543CFA
Authority key identifier: FA:81:DC:46:CC:E3:9C:16:C2:43:96:F5:5E:62:63:A6:69:C7:E7:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-oHcRszjnBbCQ5b1XmJjpmnH52k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/8f0180-2b5b-4419-ad36-f4b8ca37a1fb/1/STqc1vXE-L9P1PmtsvcZNC3kovI.roa
Signing time: Mon 27 Jun 2022 08:11:40 +0000
ROA not before: Mon 27 Jun 2022 08:11:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47610
IP address blocks: 134.130.0.0/16 maxlen: 16
137.226.0.0/16 maxlen: 16
134.61.0.0/16 maxlen: 16
194.35.108.0/22 maxlen: 22
192.35.229.0/24 maxlen: 24
2a00:8a60::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5520634 (0x543cfa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa81dc46cce39c16c24396f55e6263a669c7e769
Validity
Not Before: Jun 27 08:11:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=493a9cd6f5c4f8bf4fd4f9adb2f719342de4a2f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:44:53:f9:26:03:9e:3f:a3:82:8d:36:1f:07:
28:9d:a2:b3:d2:24:02:10:24:aa:1e:49:bb:2e:47:
39:7c:7a:a5:76:9d:d6:05:9a:09:5f:7b:9c:6e:a4:
f7:01:d9:5c:10:bc:31:84:36:5a:80:35:cf:0a:b5:
9e:b9:2c:ed:bf:64:6f:b3:b8:4d:44:07:22:4c:65:
63:ff:ab:18:2a:ac:34:be:9c:d4:83:f9:bf:08:6a:
59:c9:00:49:09:65:3b:1c:0f:7c:d4:5c:0f:09:e5:
f1:90:c2:58:ca:1d:84:e6:bd:78:ee:4b:39:0a:83:
54:f5:23:2b:a1:72:fe:57:d1:de:8e:ae:8f:27:7a:
27:b2:22:f4:6e:b0:0c:75:fb:be:66:99:ea:43:9f:
de:20:14:a9:56:c7:a9:d0:10:ea:13:64:97:9c:c7:
8c:cc:1a:05:58:f7:f9:94:65:47:5f:97:02:ce:7a:
7f:e1:ba:33:14:1a:06:c7:b3:71:81:26:f9:cb:6c:
16:31:df:74:0e:ab:f0:73:2a:b3:f5:fe:2b:ad:60:
68:55:16:b2:29:6f:98:81:04:9c:33:6f:80:63:83:
85:bd:88:c3:6d:b0:76:1d:60:fe:17:ae:95:bd:5f:
4a:1f:48:54:29:1d:f4:5e:e1:a2:06:34:13:16:95:
9a:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:3A:9C:D6:F5:C4:F8:BF:4F:D4:F9:AD:B2:F7:19:34:2D:E4:A2:F2
X509v3 Authority Key Identifier:
keyid:FA:81:DC:46:CC:E3:9C:16:C2:43:96:F5:5E:62:63:A6:69:C7:E7:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-oHcRszjnBbCQ5b1XmJjpmnH52k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/8f0180-2b5b-4419-ad36-f4b8ca37a1fb/1/STqc1vXE-L9P1PmtsvcZNC3kovI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/8f0180-2b5b-4419-ad36-f4b8ca37a1fb/1/1-oHcRszjnBbCQ5b1XmJjpmnH52k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.61.0.0/16
134.130.0.0/16
137.226.0.0/16
192.35.229.0/24
194.35.108.0/22
IPv6:
2a00:8a60::/29
Signature Algorithm: sha256WithRSAEncryption
ac:5e:a7:8f:c0:a3:df:b9:38:be:79:b0:42:a3:2e:43:8d:ff:
c2:df:9d:ef:34:69:73:df:19:76:0e:bc:09:8f:da:54:48:f1:
8a:86:36:21:dc:ea:45:97:cb:96:da:d1:47:31:c9:1c:9b:43:
47:7e:e2:df:1b:6e:95:77:55:c4:df:01:74:10:07:41:29:e7:
71:d9:78:9f:c2:d3:ea:fe:61:12:d9:2a:d3:98:81:96:fd:81:
5f:d0:88:d7:8c:cb:de:b2:4e:51:59:a1:0c:ae:70:59:f0:93:
49:28:14:8d:3c:6e:14:95:8e:0c:ca:a0:24:e5:80:cf:a4:83:
59:e1:92:bb:d9:30:fb:f4:ab:6a:ab:25:61:b6:22:c1:b3:fa:
e1:88:f8:59:4d:d7:39:7d:ac:2a:94:53:98:3c:8d:38:98:a0:
63:b3:9c:de:a7:dd:f8:80:1b:67:4d:91:63:89:63:87:c6:6b:
85:f2:7d:ac:2e:33:7f:9d:ad:74:d4:98:0e:3a:f8:5e:49:48:
9b:58:15:e1:d3:f0:51:89:8a:d4:49:07:34:2a:3c:f6:e4:2c:
a1:ff:d7:6c:49:15:b7:90:b4:6c:da:0b:19:c0:bc:17:ae:cf:
f2:4c:d0:85:1b:30:22:d5:0d:6f:a4:f5:56:e0:54:d5:c5:a3:
d9:b4:7e:41
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgIDVDz6MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGZh
ODFkYzQ2Y2NlMzljMTZjMjQzOTZmNTVlNjI2M2E2NjljN2U3NjkwHhcNMjIwNjI3
MDgxMTQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg0OTNhOWNkNmY1YzRm
OGJmNGZkNGY5YWRiMmY3MTkzNDJkZTRhMmYyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAxURT+SYDnj+jgo02HwconaKz0iQCECSqHkm7Lkc5fHqldp3W
BZoJX3ucbqT3AdlcELwxhDZagDXPCrWeuSztv2Rvs7hNRAciTGVj/6sYKqw0vpzU
g/m/CGpZyQBJCWU7HA981FwPCeXxkMJYyh2E5r147ks5CoNU9SMroXL+V9Hejq6P
J3onsiL0brAMdfu+ZpnqQ5/eIBSpVsep0BDqE2SXnMeMzBoFWPf5lGVHX5cCznp/
4bozFBoGx7NxgSb5y2wWMd90Dqvwcyqz9f4rrWBoVRayKW+YgQScM2+AY4OFvYjD
bbB2HWD+F66VvV9KH0hUKR30XuGiBjQTFpWaWQIDAQABo4ICLzCCAiswHQYDVR0O
BBYEFEk6nNb1xPi/T9T5rbL3GTQt5KLyMB8GA1UdIwQYMBaAFPqB3EbM45wWwkOW
9V5iY6Zpx+dpMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEFBQcBAQRZMFcwVQYIKwYB
BQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
MS1vSGNSc3pqbkJiQ1E1YjFYbUpqcG1uSDUyay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2MvOGYwMTgwLTJiNWItNDQxOS1hZDM2LWY0YjhjYTM3YTFmYi8x
L1NUcWMxdlhFLUw5UDFQbXRzdmNaTkMza292SS5yb2EwgYIGA1UdHwR7MHkwd6B1
oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Mv
OGYwMTgwLTJiNWItNDQxOS1hZDM2LWY0YjhjYTM3YTFmYi8xLzEtb0hjUnN6am5C
YkNRNWIxWG1KanBtbkg1MmsuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
QwYIKwYBBQUHAQcBAf8ENDAyMCEEAgABMBsDAwCGPQMDAIaCAwMAieIDBADAI+UD
BALCI2wwDQQCAAIwBwMFAyoAimAwDQYJKoZIhvcNAQELBQADggEBAKxep4/Ao9+5
OL55sEKjLkON/8Lfne80aXPfGXYOvAmP2lRI8YqGNiHc6kWXy5ba0UcxyRybQ0d+
4t8bbpV3VcTfAXQQB0Ep53HZeJ/C0+r+YRLZKtOYgZb9gV/QiNeMy96yTlFZoQyu
cFnwk0koFI08bhSVjgzKoCTlgM+kg1nhkrvZMPv0q2qrJWG2IsGz+uGI+FlN1zl9
rCqUU5g8jTiYoGOznN6n3fiAG2dNkWOJY4fGa4XyfawuM3+drXTUmA46+F5JSJtY
FeHT8FGJitRJBzQqPPbkLKH/12xJFbeQtGzaCxnAvBeuz/JM0IUbMCLVDW+k9Vbg
VNXFo9m0fkE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:33 2025 by rpki-client