Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/Sq4ZU9DTXP80c3N1N_jGOSM7jeI.roa
File: Sq4ZU9DTXP80c3N1N_jGOSM7jeI.roa (raw, json)
Hash identifier: zu9XK5M2YffN+JvwGuPjza6pyoSCnEth/m58iMyyIgQ=
Subject key identifier: 4A:AE:19:53:D0:D3:5C:FF:34:73:73:75:37:F8:C6:39:23:3B:8D:E2
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 018571B9F1E48653C2EACA06307542BCE34E
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/Sq4ZU9DTXP80c3N1N_jGOSM7jeI.roa
Signing time: Mon 02 Jan 2023 09:04:49 +0000
ROA not before: Mon 02 Jan 2023 09:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49666
IP address blocks: 2.188.0.0/24 maxlen: 24
2.188.1.0/24 maxlen: 24
2.188.9.0/24 maxlen: 24
2.188.7.0/24 maxlen: 24
2.188.17.0/24 maxlen: 24
2.188.12.0/22 maxlen: 22
2.188.22.0/24 maxlen: 24
2.188.23.0/24 maxlen: 24
2.188.30.0/24 maxlen: 24
2.188.28.0/24 maxlen: 24
2.176.0.0/17 maxlen: 17
217.218.67.0/24 maxlen: 24
2.188.64.0/21 maxlen: 21
2.176.128.0/17 maxlen: 17
2.188.76.0/24 maxlen: 24
195.146.63.0/24 maxlen: 24
2.185.0.0/16 maxlen: 16
78.38.245.0/24 maxlen: 24
78.38.253.0/24 maxlen: 24
2.189.3.0/24 maxlen: 24
2.189.1.0/24 maxlen: 24
2.188.179.0/24 maxlen: 24
2.188.181.0/24 maxlen: 24
2.188.185.0/24 maxlen: 24
2.188.184.0/24 maxlen: 24
2.188.187.0/24 maxlen: 24
2.177.0.0/16 maxlen: 16
2.189.72.0/24 maxlen: 24
2.189.44.0/24 maxlen: 24
2.189.63.0/24 maxlen: 24
2001:4188:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b9:f1:e4:86:53:c2:ea:ca:06:30:75:42:bc:e3:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Jan 2 09:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4aae1953d0d35cff3473737537f8c639233b8de2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:23:08:4d:71:bf:7e:ef:b5:50:d3:76:a1:d6:
c1:38:d2:6b:ab:da:2e:19:93:50:51:5f:1e:ec:34:
13:58:08:8e:8b:38:26:3f:84:a5:6f:53:0d:b0:ac:
2b:fc:14:e1:92:c5:a1:15:95:7f:7d:fa:e7:7e:2f:
3b:50:1c:a8:32:cf:f2:14:94:7e:7c:82:e5:df:4a:
94:e3:b7:92:9e:f6:58:63:06:8b:19:69:77:94:62:
1f:d5:77:71:a8:3a:c0:d7:d3:c5:0d:15:44:6a:61:
51:b3:31:5e:87:34:cf:6f:27:0d:8c:98:3f:c3:8f:
47:43:65:93:59:ee:36:b9:e9:ea:3a:a4:9f:1b:cf:
1c:9b:2f:cc:8b:e4:33:ed:41:a6:11:93:d3:81:59:
fb:b2:7a:62:90:ac:9d:30:30:91:cf:12:0a:2c:27:
7f:d4:3f:da:31:a4:39:0a:b2:36:e4:b9:ef:bd:65:
80:b1:86:50:e8:4c:4e:a8:9f:fa:f3:20:59:76:02:
fe:cf:11:31:9e:43:63:8b:75:1c:cd:25:26:8e:80:
0c:c2:41:69:65:b6:ac:a9:45:a9:5f:14:51:d9:92:
8c:42:a6:a0:a7:e6:ec:53:0f:65:d0:97:a3:0c:1b:
9b:3b:2b:27:a3:73:01:ac:55:82:7b:91:2e:c3:48:
66:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:AE:19:53:D0:D3:5C:FF:34:73:73:75:37:F8:C6:39:23:3B:8D:E2
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/Sq4ZU9DTXP80c3N1N_jGOSM7jeI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.176.0.0/15
2.185.0.0/16
2.188.0.0/23
2.188.7.0/24
2.188.9.0/24
2.188.12.0/22
2.188.17.0/24
2.188.22.0/23
2.188.28.0/24
2.188.30.0/24
2.188.64.0/21
2.188.76.0/24
2.188.179.0/24
2.188.181.0/24
2.188.184.0/23
2.188.187.0/24
2.189.1.0/24
2.189.3.0/24
2.189.44.0/24
2.189.63.0/24
2.189.72.0/24
78.38.245.0/24
78.38.253.0/24
195.146.63.0/24
217.218.67.0/24
IPv6:
2001:4188:2::/48
Signature Algorithm: sha256WithRSAEncryption
a6:c1:de:fd:fe:e1:55:e1:23:39:a8:e5:e1:b7:00:a2:f9:a3:
05:57:c7:00:71:11:e8:9f:c5:89:66:12:db:d0:5a:20:66:40:
62:33:3e:6e:0b:7c:09:5e:21:f4:f4:a9:d5:04:14:0b:83:81:
8c:4b:c0:bd:5a:1f:7c:99:a4:d5:13:89:5b:47:bb:46:7e:83:
03:ec:1c:06:53:78:a2:36:3e:27:52:af:bd:17:eb:b2:87:52:
ec:8d:3f:69:65:0e:4c:ad:be:90:10:27:f3:0b:2f:39:87:fb:
0b:cd:3d:b1:0d:a9:4f:1a:84:a4:de:ae:c1:26:d5:94:80:15:
4b:86:05:56:a4:07:60:f4:e1:98:aa:e9:cb:c6:00:69:fd:ff:
98:22:81:6c:9c:d9:c2:34:e5:24:5f:20:8a:41:88:d3:0d:4e:
2b:41:9d:95:91:73:1a:ab:69:19:68:02:22:0e:14:b3:8f:25:
7f:e3:a5:16:fa:6a:a9:fd:22:27:3a:c1:62:53:31:22:8c:f9:
8f:6a:1b:9b:8c:27:5a:5c:a0:95:2d:0b:bf:3b:c2:c1:18:5d:
ff:ef:64:0b:d2:f5:88:64:d2:0c:24:68:dc:3f:e6:ac:72:d7:
ef:09:e8:be:9a:f6:60:db:c3:14:eb:c4:7a:24:dd:27:1b:2e:
84:6d:ff:15
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgISAYVxufHkhlPC6soGMHVCvONOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjMwMTAyMDkwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWFlMTk1M2QwZDM1Y2ZmMzQ3MzczNzUzN2Y4YzYzOTIzM2I4ZGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhyMITXG/fu+1UNN2odbBONJrq9ou
GZNQUV8e7DQTWAiOizgmP4Slb1MNsKwr/BThksWhFZV/ffrnfi87UByoMs/yFJR+
fILl30qU47eSnvZYYwaLGWl3lGIf1XdxqDrA19PFDRVEamFRszFehzTPbycNjJg/
w49HQ2WTWe42uenqOqSfG88cmy/Mi+Qz7UGmEZPTgVn7snpikKydMDCRzxIKLCd/
1D/aMaQ5CrI25LnvvWWAsYZQ6ExOqJ/68yBZdgL+zxExnkNji3UczSUmjoAMwkFp
ZbasqUWpXxRR2ZKMQqagp+bsUw9l0JejDBubOysno3MBrFWCe5Euw0hmYwIDAQAB
o4ICrTCCAqkwHQYDVR0OBBYEFEquGVPQ01z/NHNzdTf4xjkjO43iMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvU3E0WlU5RFRYUDgwYzNOMU5fakdPU003amVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHCBggrBgEFBQcBBwEB/wSBsjCBrzCBmwQCAAEwgZQDAwEC
sAMDAAK5AwQBArwAAwQAArwHAwQAArwJAwQCArwMAwQAArwRAwQBArwWAwQAArwc
AwQAArweAwQDArxAAwQAArxMAwQAAryzAwQAAry1AwQBAry4AwQAAry7AwQAAr0B
AwQAAr0DAwQAAr0sAwQAAr0/AwQAAr1IAwQATib1AwQATib9AwQAw5I/AwQA2dpD
MA8EAgACMAkDBwAgAUGIAAIwDQYJKoZIhvcNAQELBQADggEBAKbB3v3+4VXhIzmo
5eG3AKL5owVXxwBxEeifxYlmEtvQWiBmQGIzPm4LfAleIfT0qdUEFAuDgYxLwL1a
H3yZpNUTiVtHu0Z+gwPsHAZTeKI2PidSr70X67KHUuyNP2llDkytvpAQJ/MLLzmH
+wvNPbENqU8ahKTersEm1ZSAFUuGBVakB2D04Ziq6cvGAGn9/5gigWyc2cI05SRf
IIpBiNMNTitBnZWRcxqraRloAiIOFLOPJX/jpRb6aqn9Iic6wWJTMSKM+Y9qG5uM
J1pcoJUtC787wsEYXf/vZAvS9Yhk0gwkaNw/5qxy1+8J6L6a9mDbwxTrxHok3Scb
LoRt/xU=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:18:41 2025 by rpki-client