Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/20cb33-e2bf-46aa-abfa-928e7bc69570/1/SA1J-zfqABAiSCSrDKfHcRRgSms.roa
File: SA1J-zfqABAiSCSrDKfHcRRgSms.roa (raw, json)
Hash identifier: /UIRIJoWHyizIHlCXV/DFWr/MxGa6T+OdnFTspr70kg=
Subject key identifier: 48:0D:49:FB:37:EA:00:10:22:48:24:AB:0C:A7:C7:71:14:60:4A:6B
Certificate issuer: /CN=de456cdb4d140345c3dcaebfc7634d4e7cdcb913
Certificate serial: 0EE8DA90
Authority key identifier: DE:45:6C:DB:4D:14:03:45:C3:DC:AE:BF:C7:63:4D:4E:7C:DC:B9:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3kVs200UA0XD3K6_x2NNTnzcuRM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/20cb33-e2bf-46aa-abfa-928e7bc69570/1/SA1J-zfqABAiSCSrDKfHcRRgSms.roa
Signing time: Sat 01 Jan 2022 11:00:35 +0000
ROA not before: Sat 01 Jan 2022 11:00:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6696
IP address blocks: 185.99.48.0/24 maxlen: 24
193.105.133.0/24 maxlen: 24
193.138.101.0/24 maxlen: 24
109.69.218.0/24 maxlen: 24
128.127.180.0/24 maxlen: 24
185.192.44.0/24 maxlen: 24
185.192.44.0/22 maxlen: 24
185.192.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 250141328 (0xee8da90)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de456cdb4d140345c3dcaebfc7634d4e7cdcb913
Validity
Not Before: Jan 1 11:00:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=480d49fb37ea0010224824ab0ca7c77114604a6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c1:f1:d0:b1:cd:02:5b:e0:7e:35:00:3d:7f:
19:25:3a:36:17:75:ff:36:03:cb:26:dd:31:2b:85:
5c:88:e6:60:54:8d:bb:1d:be:9e:9f:3d:c1:b9:aa:
5f:0e:b4:c2:f6:77:71:d5:b6:37:83:40:25:7f:e1:
d0:e0:be:6b:1a:5d:b7:ba:79:7f:19:33:e1:7e:59:
00:f6:29:33:d2:72:d1:a3:ee:67:0e:53:e4:2c:28:
8a:30:94:a8:8e:f5:83:1b:f7:71:b4:24:b9:5d:57:
e3:69:26:16:4c:45:be:8e:c6:80:a6:63:da:86:52:
63:7f:5d:2a:f6:62:b9:ec:c8:e8:6d:30:4f:ab:4c:
1a:ba:fb:68:1d:0d:9a:5e:96:f2:ce:a9:26:0c:af:
9c:f5:19:11:78:66:a2:e2:9d:a5:74:68:39:e2:8f:
6c:d2:57:5a:92:64:e9:df:39:f3:fe:a5:6c:77:9f:
92:72:a4:d4:ed:9d:08:38:9f:c9:08:e8:c9:fb:cf:
80:fe:6d:46:24:cc:33:5b:94:03:43:76:8c:41:7b:
03:5b:89:38:97:6a:ef:3f:ad:29:f2:92:6a:26:b3:
e6:f6:e9:2e:3c:38:7a:97:e5:22:84:a7:ca:6d:59:
8f:08:77:f1:71:d7:4a:b8:08:0c:9a:bc:49:45:21:
f4:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:0D:49:FB:37:EA:00:10:22:48:24:AB:0C:A7:C7:71:14:60:4A:6B
X509v3 Authority Key Identifier:
keyid:DE:45:6C:DB:4D:14:03:45:C3:DC:AE:BF:C7:63:4D:4E:7C:DC:B9:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3kVs200UA0XD3K6_x2NNTnzcuRM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/20cb33-e2bf-46aa-abfa-928e7bc69570/1/SA1J-zfqABAiSCSrDKfHcRRgSms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/20cb33-e2bf-46aa-abfa-928e7bc69570/1/3kVs200UA0XD3K6_x2NNTnzcuRM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.69.218.0/24
128.127.180.0/24
185.99.48.0/24
185.192.44.0/22
193.105.133.0/24
193.138.101.0/24
Signature Algorithm: sha256WithRSAEncryption
72:d0:98:b2:db:70:68:c6:60:ee:ff:e9:7e:aa:c4:bd:d2:4f:
0d:b1:48:cb:05:c7:f2:5e:fe:7b:e6:da:cb:d2:a7:3e:d7:aa:
2a:86:8b:99:e3:5f:4d:d1:6c:89:30:75:64:db:49:51:df:30:
53:86:b7:d9:d7:b0:9f:72:c2:d6:7a:a1:0d:a5:b0:f3:bb:22:
69:eb:76:50:b8:89:2b:35:0c:8e:93:37:2c:b0:6f:0a:40:43:
ce:aa:9f:5b:2c:55:be:10:fb:b0:04:e1:36:60:63:fd:66:1f:
75:f2:1e:2c:c8:b7:1c:72:8e:04:41:02:d1:18:51:5e:6f:d5:
c3:22:5d:38:38:d0:df:25:19:50:9d:64:b0:b1:9c:96:c6:c0:
0b:dc:f5:e9:52:64:72:5a:7f:ce:f5:d1:d5:58:f8:b2:74:eb:
53:7c:fd:b1:18:db:df:bc:d4:99:79:d8:7e:66:72:ff:f9:af:
cc:df:1e:45:50:b8:3c:42:e7:0f:4a:df:47:d0:c9:33:a6:b6:
56:3e:1c:5e:00:d9:c2:9f:49:af:1c:d1:c4:1e:16:ea:49:cf:
d8:f8:3b:a7:ae:00:a6:2b:3a:1e:d5:69:e8:a1:ad:11:94:07:
12:cb:ce:21:40:ef:5b:83:7d:40:74:27:b8:8b:4d:b5:e3:83:
0c:f0:ce:69
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEDujakDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZTQ1NmNkYjRkMTQwMzQ1YzNkY2FlYmZjNzYzNGQ0ZTdjZGNiOTEzMB4XDTIyMDEw
MTExMDAzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDgwZDQ5ZmIzN2Vh
MDAxMDIyNDgyNGFiMGNhN2M3NzExNDYwNGE2YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALDB8dCxzQJb4H41AD1/GSU6Nhd1/zYDyybdMSuFXIjmYFSN
ux2+np89wbmqXw60wvZ3cdW2N4NAJX/h0OC+axpdt7p5fxkz4X5ZAPYpM9Jy0aPu
Zw5T5CwoijCUqI71gxv3cbQkuV1X42kmFkxFvo7GgKZj2oZSY39dKvZiuezI6G0w
T6tMGrr7aB0Nml6W8s6pJgyvnPUZEXhmouKdpXRoOeKPbNJXWpJk6d858/6lbHef
knKk1O2dCDifyQjoyfvPgP5tRiTMM1uUA0N2jEF7A1uJOJdq7z+tKfKSaiaz5vbp
Ljw4epflIoSnym1Zjwh38XHXSrgIDJq8SUUh9KUCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBRIDUn7N+oAECJIJKsMp8dxFGBKazAfBgNVHSMEGDAWgBTeRWzbTRQDRcPc
rr/HY01OfNy5EzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNrVnMyMDBVQTBYRDNLNl94Mk5OVG56Y3VSTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTQvMjBjYjMzLWUyYmYtNDZhYS1hYmZhLTkyOGU3YmM2OTU3MC8x
L1NBMUotemZxQUJBaVNDU3JES2ZIY1JSZ1Ntcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTQv
MjBjYjMzLWUyYmYtNDZhYS1hYmZhLTkyOGU3YmM2OTU3MC8xLzNrVnMyMDBVQTBY
RDNLNl94Mk5OVG56Y3VSTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAG1F2gMEAIB/tAMEALljMAMEArnA
LAMEAMFphQMEAMGKZTANBgkqhkiG9w0BAQsFAAOCAQEActCYsttwaMZg7v/pfqrE
vdJPDbFIywXH8l7+e+bay9KnPteqKoaLmeNfTdFsiTB1ZNtJUd8wU4a32dewn3LC
1nqhDaWw87siaet2ULiJKzUMjpM3LLBvCkBDzqqfWyxVvhD7sAThNmBj/WYfdfIe
LMi3HHKOBEEC0RhRXm/VwyJdODjQ3yUZUJ1ksLGclsbAC9z16VJkclp/zvXR1Vj4
snTrU3z9sRjb37zUmXnYfmZy//mvzN8eRVC4PELnD0rfR9DJM6a2Vj4cXgDZwp9J
rxzRxB4W6knP2Pg7p64Apis6HtVp6KGtEZQHEsvOIUDvW4N9QHQnuItNteODDPDO
aQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:11 2025 by rpki-client