Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/9c70e9-3df3-4bc7-82e6-006e9bb8ed59/1/SQYPUHUJQ15ky9g7qIi_A3YjpuM.roa
File: SQYPUHUJQ15ky9g7qIi_A3YjpuM.roa (raw, json)
Hash identifier: KZSKrxv09+65pTxZ4tDnMfe5ID1Ams0Lx7tZSGJ7d3c=
Subject key identifier: 49:06:0F:50:75:09:43:5E:64:CB:D8:3B:A8:88:BF:03:76:23:A6:E3
Certificate issuer: /CN=71c1690ef57afcffae73bdb9934309f8b70ebb61
Certificate serial: 01841842861DD1E8A84D51AEAF7225E1EDAF
Authority key identifier: 71:C1:69:0E:F5:7A:FC:FF:AE:73:BD:B9:93:43:09:F8:B7:0E:BB:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ccFpDvV6_P-uc725k0MJ-LcOu2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/9c70e9-3df3-4bc7-82e6-006e9bb8ed59/1/SQYPUHUJQ15ky9g7qIi_A3YjpuM.roa
Signing time: Thu 27 Oct 2022 07:05:23 +0000
ROA not before: Thu 27 Oct 2022 07:05:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203210
IP address blocks: 91.196.49.0/24 maxlen: 24
91.196.48.0/22 maxlen: 22
91.196.50.0/24 maxlen: 24
91.196.48.0/24 maxlen: 24
91.196.51.0/24 maxlen: 24
77.87.74.0/24 maxlen: 24
77.87.73.0/24 maxlen: 24
195.22.125.0/24 maxlen: 24
195.22.124.0/24 maxlen: 24
195.22.124.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:18:42:86:1d:d1:e8:a8:4d:51:ae:af:72:25:e1:ed:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71c1690ef57afcffae73bdb9934309f8b70ebb61
Validity
Not Before: Oct 27 07:05:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=49060f507509435e64cbd83ba888bf037623a6e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:80:c1:dc:32:8a:7b:20:dc:99:72:d5:ee:a8:
1e:96:f7:81:59:a1:e5:aa:f2:c2:b2:66:36:82:25:
7c:c5:20:79:d9:16:38:8d:b0:dc:97:af:ce:10:b5:
8f:e1:47:cc:b0:fd:42:9c:a8:65:b0:98:7b:30:12:
19:c9:0e:8a:74:70:87:90:f1:c5:fa:b9:d0:fe:d3:
1c:4e:c7:a3:c5:a7:ba:2d:30:75:3f:b6:70:1e:82:
31:93:8d:23:e3:f2:43:18:20:9f:f7:61:b2:07:ae:
c5:3e:65:56:0b:b8:12:a4:ed:29:5f:86:25:38:e1:
0a:1b:6c:f1:d4:77:d9:0b:f5:a8:29:40:32:5d:91:
a0:e2:ec:42:ee:c6:d9:a5:5b:57:2e:ce:84:d9:9d:
64:7e:63:9b:0b:75:c7:80:62:d0:53:b5:bf:aa:46:
b7:47:c8:08:98:e7:e5:3c:04:d6:08:f5:10:62:53:
12:59:3d:6d:8b:d9:ef:f2:b3:c7:fb:37:4c:4d:92:
8c:eb:96:e7:78:37:01:cf:67:a4:b7:ab:62:ce:b9:
65:33:eb:ff:50:53:2c:38:b7:c0:58:6b:d4:25:3d:
6b:8d:46:85:13:68:1d:7e:85:af:67:8b:4f:62:7c:
42:ce:22:6d:35:fb:c1:a4:1e:9f:4f:4f:ea:94:71:
dc:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:06:0F:50:75:09:43:5E:64:CB:D8:3B:A8:88:BF:03:76:23:A6:E3
X509v3 Authority Key Identifier:
keyid:71:C1:69:0E:F5:7A:FC:FF:AE:73:BD:B9:93:43:09:F8:B7:0E:BB:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ccFpDvV6_P-uc725k0MJ-LcOu2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/9c70e9-3df3-4bc7-82e6-006e9bb8ed59/1/SQYPUHUJQ15ky9g7qIi_A3YjpuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/9c70e9-3df3-4bc7-82e6-006e9bb8ed59/1/ccFpDvV6_P-uc725k0MJ-LcOu2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.87.73.0-77.87.74.255
91.196.48.0/22
195.22.124.0/23
Signature Algorithm: sha256WithRSAEncryption
95:63:30:be:18:a2:be:06:8b:f9:12:53:c8:e4:5a:9d:bd:7d:
f3:7d:0f:68:eb:82:a9:ae:34:b3:f9:b3:63:97:ee:a2:5c:64:
99:bd:86:0a:00:4a:d4:65:8b:3e:53:77:3e:dd:79:9c:3d:86:
65:61:d3:63:2a:34:6b:00:c5:97:fb:e2:a0:4a:89:24:ad:48:
52:33:d3:95:62:90:e3:c4:a9:3f:e7:d2:36:77:4c:1a:e9:2c:
fc:50:2b:c5:22:4d:54:ab:ff:dd:f8:b2:7f:18:02:c4:04:66:
6f:e6:58:e7:c4:f8:f5:9c:df:c0:ea:01:cf:c4:c5:47:58:29:
b6:6c:fb:8e:09:cd:5b:4c:98:e3:6e:3b:f4:2e:fa:97:b2:c2:
b3:ae:39:18:14:76:f1:08:72:da:8a:ff:1d:c8:09:2a:f6:b2:
0f:38:68:9c:41:85:de:c6:41:3c:94:be:57:62:14:12:3a:45:
a6:85:6d:28:1d:86:45:ae:a3:db:b9:70:d5:1d:fe:d8:a0:0d:
eb:95:0e:dc:e6:5e:43:a7:71:f7:d6:e9:af:d9:43:04:61:67:
0c:d9:f7:d1:02:8b:67:85:a9:5a:eb:bc:6f:31:ee:69:39:08:
92:01:f9:a9:cc:06:c3:dc:54:fc:05:d7:77:68:9f:87:85:fd:
44:74:f1:e9
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYQYQoYd0eioTVGur3Il4e2vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYzE2OTBlZjU3YWZjZmZhZTczYmRiOTkzNDMwOWY4Yjcw
ZWJiNjEwHhcNMjIxMDI3MDcwNTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTA2MGY1MDc1MDk0MzVlNjRjYmQ4M2JhODg4YmYwMzc2MjNhNmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIDB3DKKeyDcmXLV7qgelveBWaHl
qvLCsmY2giV8xSB52RY4jbDcl6/OELWP4UfMsP1CnKhlsJh7MBIZyQ6KdHCHkPHF
+rnQ/tMcTsejxae6LTB1P7ZwHoIxk40j4/JDGCCf92GyB67FPmVWC7gSpO0pX4Yl
OOEKG2zx1HfZC/WoKUAyXZGg4uxC7sbZpVtXLs6E2Z1kfmObC3XHgGLQU7W/qka3
R8gImOflPATWCPUQYlMSWT1ti9nv8rPH+zdMTZKM65bneDcBz2ekt6tizrllM+v/
UFMsOLfAWGvUJT1rjUaFE2gdfoWvZ4tPYnxCziJtNfvBpB6fT0/qlHHcgwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFEkGD1B1CUNeZMvYO6iIvwN2I6bjMB8GA1UdIwQY
MBaAFHHBaQ71evz/rnO9uZNDCfi3DrthMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2NGcER2VjZfUC11YzcyNWswTUotTGNPdTJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS85YzcwZTktM2RmMy00YmM3LTgyZTYt
MDA2ZTliYjhlZDU5LzEvU1FZUFVIVUpRMTVreTlnN3FJaV9BM1lqcHVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS85YzcwZTktM2RmMy00YmM3LTgyZTYtMDA2ZTliYjhlZDU5
LzEvY2NGcER2VjZfUC11YzcyNWswTUotTGNPdTJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABNV0kD
BABNV0oDBAJbxDADBAHDFnwwDQYJKoZIhvcNAQELBQADggEBAJVjML4Yor4Gi/kS
U8jkWp29ffN9D2jrgqmuNLP5s2OX7qJcZJm9hgoAStRliz5Tdz7deZw9hmVh02Mq
NGsAxZf74qBKiSStSFIz05VikOPEqT/n0jZ3TBrpLPxQK8UiTVSr/934sn8YAsQE
Zm/mWOfE+PWc38DqAc/ExUdYKbZs+44JzVtMmONuO/Qu+peywrOuORgUdvEIctqK
/x3ICSr2sg84aJxBhd7GQTyUvldiFBI6RaaFbSgdhkWuo9u5cNUd/tigDeuVDtzm
XkOncffW6a/ZQwRhZwzZ99ECi2eFqVrrvG8x7mk5CJIB+anMBsPcVPwF13don4eF
/UR08ek=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:23 2024 by rpki-client on console-ams.rpki-client.org