Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/SqDiXMbVeiyfnEItFtR0zprLPMk.roa
File: SqDiXMbVeiyfnEItFtR0zprLPMk.roa (raw, json)
Hash identifier: Z2dGWhunvMpr+k+rTrtOk4Za7UijZS7pYdxTAZiG2GA=
Subject key identifier: 4A:A0:E2:5C:C6:D5:7A:2C:9F:9C:42:2D:16:D4:74:CE:9A:CB:3C:C9
Certificate issuer: /CN=faccbb72aa9884a5bf8d0e757404a17e5e23322c
Certificate serial: 01856C4A6E5712EFF9B50929E61809B7DB03
Authority key identifier: FA:CC:BB:72:AA:98:84:A5:BF:8D:0E:75:74:04:A1:7E:5E:23:32:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/SqDiXMbVeiyfnEItFtR0zprLPMk.roa
Signing time: Sun 01 Jan 2023 07:44:55 +0000
ROA not before: Sun 01 Jan 2023 07:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209565
IP address blocks: 46.21.251.0/24 maxlen: 24
212.126.116.0/24 maxlen: 24
212.126.115.0/24 maxlen: 24
212.126.114.0/24 maxlen: 24
212.126.113.0/24 maxlen: 24
212.126.122.0/23 maxlen: 23
212.126.123.0/24 maxlen: 24
212.126.122.0/24 maxlen: 24
212.126.121.0/24 maxlen: 24
212.126.120.0/24 maxlen: 24
212.126.126.0/24 maxlen: 24
2a04:2dc0:a::/48 maxlen: 48
2a04:2dc0:8::/48 maxlen: 48
2a04:2dc0:18::/48 maxlen: 48
2a04:2dc0:e::/48 maxlen: 48
2a04:2dc0:19::/48 maxlen: 48
2a04:2dc0:22::/48 maxlen: 48
2a04:2dc0:1d::/48 maxlen: 48
2a04:2dc0:1b::/48 maxlen: 48
2a04:2dc0:21::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:4a:6e:57:12:ef:f9:b5:09:29:e6:18:09:b7:db:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=faccbb72aa9884a5bf8d0e757404a17e5e23322c
Validity
Not Before: Jan 1 07:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4aa0e25cc6d57a2c9f9c422d16d474ce9acb3cc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:c6:53:f5:22:62:3e:d2:63:02:0c:dc:a4:57:
d9:fe:af:36:1f:88:de:cd:2c:85:84:45:51:18:fa:
df:6d:ca:fc:48:f4:15:43:f2:e9:c6:82:f1:19:24:
ec:77:e2:02:d0:22:9a:74:9c:4e:1b:4a:f4:f4:dd:
2a:eb:cb:d1:ff:4e:46:03:86:67:c0:48:8b:e5:80:
5b:44:2d:9e:1c:38:cf:72:ef:5f:f7:79:c0:e4:f8:
ad:45:09:28:1d:87:2f:fc:5e:0f:12:09:2b:43:bf:
52:c4:7f:f3:08:9f:6b:64:6b:d2:8d:76:09:38:46:
8d:e9:47:1a:24:be:3e:ff:cb:f6:f9:8c:a2:c9:5f:
f4:75:59:20:41:d6:d2:e5:73:3e:b9:b3:bc:29:27:
b3:86:d5:b7:e0:03:11:4b:01:4b:cc:84:8e:d8:48:
0d:56:36:7b:9f:00:4c:a9:5d:8d:1f:36:c2:fd:1e:
14:a9:d8:75:9f:66:f1:d7:38:98:07:c4:cb:f9:5a:
21:09:31:f2:9b:2b:41:4b:7d:63:5e:07:3c:a5:4f:
e4:f9:93:30:8b:09:1b:01:fc:73:05:ff:ea:8c:0c:
7d:35:83:a8:95:6a:e6:2c:80:54:8e:27:50:bb:34:
9b:54:e5:c6:bd:4a:1f:f1:35:07:38:d3:60:82:20:
ea:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:A0:E2:5C:C6:D5:7A:2C:9F:9C:42:2D:16:D4:74:CE:9A:CB:3C:C9
X509v3 Authority Key Identifier:
keyid:FA:CC:BB:72:AA:98:84:A5:BF:8D:0E:75:74:04:A1:7E:5E:23:32:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/SqDiXMbVeiyfnEItFtR0zprLPMk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/1-sy7cqqYhKW_jQ51dAShfl4jMiw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.21.251.0/24
212.126.113.0-212.126.116.255
212.126.120.0/22
212.126.126.0/24
IPv6:
2a04:2dc0:8::/48
2a04:2dc0:a::/48
2a04:2dc0:e::/48
2a04:2dc0:18::/47
2a04:2dc0:1b::/48
2a04:2dc0:1d::/48
2a04:2dc0:21::-2a04:2dc0:22:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
ba:4a:3e:90:a2:ad:aa:f2:11:96:26:96:f8:fd:1e:97:0c:17:
52:e8:c0:56:4a:74:7e:a4:db:34:1a:ec:0e:08:26:5f:33:3a:
83:71:34:bb:d5:78:e7:7f:b5:0e:74:3f:e4:6f:c0:f3:ed:bd:
ee:8b:76:2b:a6:2f:33:d8:e8:ee:76:e1:9b:ce:72:8b:f7:45:
6d:b4:e7:a6:f6:9d:a6:75:78:8e:21:cb:f7:6b:94:92:75:a0:
29:6a:e7:84:a7:1b:d7:9d:85:9f:cc:fd:d8:37:c3:0f:8a:7b:
87:83:61:6a:70:f6:fb:4c:94:58:80:12:d7:a5:f3:a5:32:2b:
e2:a0:c9:b5:8b:4d:cd:1c:18:8a:79:31:03:57:4d:c5:70:f0:
ea:f1:bc:ac:53:9a:80:84:73:a4:a9:78:02:a6:34:96:fc:29:
64:e9:75:1d:d9:cf:47:9a:83:a6:f5:36:17:71:96:14:a2:4c:
57:27:37:76:f8:f2:3d:b6:ca:21:cc:60:7c:e3:1d:13:cc:53:
44:80:21:6f:13:2b:c9:52:b7:c3:a6:7e:01:4f:98:c9:89:b6:
b0:6b:17:59:55:e6:fa:01:2d:a5:ef:a0:9b:9e:5d:04:ac:c3:
3e:6a:56:95:1e:87:46:fe:9b:72:46:35:47:19:dd:19:b8:cd:
14:f5:79:b4
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAYVsSm5XEu/5tQkp5hgJt9sDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhY2NiYjcyYWE5ODg0YTViZjhkMGU3NTc0MDRhMTdlNWUy
MzMyMmMwHhcNMjMwMTAxMDc0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWEwZTI1Y2M2ZDU3YTJjOWY5YzQyMmQxNmQ0NzRjZTlhY2IzY2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw8ZT9SJiPtJjAgzcpFfZ/q82H4je
zSyFhEVRGPrfbcr8SPQVQ/LpxoLxGSTsd+IC0CKadJxOG0r09N0q68vR/05GA4Zn
wEiL5YBbRC2eHDjPcu9f93nA5PitRQkoHYcv/F4PEgkrQ79SxH/zCJ9rZGvSjXYJ
OEaN6UcaJL4+/8v2+YyiyV/0dVkgQdbS5XM+ubO8KSezhtW34AMRSwFLzISO2EgN
VjZ7nwBMqV2NHzbC/R4Uqdh1n2bx1ziYB8TL+VohCTHymytBS31jXgc8pU/k+ZMw
iwkbAfxzBf/qjAx9NYOolWrmLIBUjidQuzSbVOXGvUof8TUHONNggiDqSQIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFEqg4lzG1Xosn5xCLRbUdM6ayzzJMB8GA1UdIwQY
MBaAFPrMu3KqmISlv40OdXQEoX5eIzIsMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1zeTdjcXFZaEtXX2pRNTFkQVNoZmw0ak1pdy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTMvZThjYjQ0LWE5NTQtNDY3Mi1iOWE0
LWE0OWU1YzY2MzNiZC8xL1NxRGlYTWJWZWl5Zm5FSXRGdFIwenByTFBNay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTMvZThjYjQ0LWE5NTQtNDY3Mi1iOWE0LWE0OWU1YzY2MzNi
ZC8xLzEtc3k3Y3FxWWhLV19qUTUxZEFTaGZsNGpNaXcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgYsGCCsGAQUFBwEHAQH/BHwwejAmBAIAATAgAwQALhX7
MAwDBADUfnEDBADUfnQDBALUfngDBADUfn4wUAQCAAIwSgMHACoELcAACAMHACoE
LcAACgMHACoELcAADgMHASoELcAAGAMHACoELcAAGwMHACoELcAAHTASAwcAKgQt
wAAhAwcAKgQtwAAiMA0GCSqGSIb3DQEBCwUAA4IBAQC6Sj6Qoq2q8hGWJpb4/R6X
DBdS6MBWSnR+pNs0GuwOCCZfMzqDcTS71Xjnf7UOdD/kb8Dz7b3ui3Yrpi8z2Oju
duGbznKL90VttOem9p2mdXiOIcv3a5SSdaApaueEpxvXnYWfzP3YN8MPinuHg2Fq
cPb7TJRYgBLXpfOlMivioMm1i03NHBiKeTEDV03FcPDq8bysU5qAhHOkqXgCpjSW
/Clk6XUd2c9HmoOm9TYXcZYUokxXJzd2+PI9tsohzGB84x0TzFNEgCFvEyvJUrfD
pn4BT5jJibawaxdZVeb6AS2l76Cbnl0ErMM+alaVHodG/ptyRjVHGd0ZuM0U9Xm0
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:25 2025 by rpki-client