Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/97e1e2-567f-414e-9b03-c18ad36a7b30/1/SQ-CJkI40HoZt-d_Cev6t4kp2rA.roa
File: SQ-CJkI40HoZt-d_Cev6t4kp2rA.roa (raw, json)
Hash identifier: 0xc5Sdg+uREu4dk3lG2rqGqmImQH4iiif0TqYnlFKXg=
Subject key identifier: 49:0F:82:26:42:38:D0:7A:19:B7:E7:7F:09:EB:FA:B7:89:29:DA:B0
Certificate issuer: /CN=63082d6d3a1dc501795737537ca74d27a80265a2
Certificate serial: 018C5ECE95F9B3D42269A94310B9B7C8E284
Authority key identifier: 63:08:2D:6D:3A:1D:C5:01:79:57:37:53:7C:A7:4D:27:A8:02:65:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YwgtbTodxQF5VzdTfKdNJ6gCZaI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/97e1e2-567f-414e-9b03-c18ad36a7b30/1/SQ-CJkI40HoZt-d_Cev6t4kp2rA.roa
Signing time: Tue 12 Dec 2023 16:14:06 +0000
ROA not before: Tue 12 Dec 2023 16:14:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62205
IP address blocks: 79.174.184.0/21 maxlen: 21
185.44.164.0/22 maxlen: 24
185.77.228.0/22 maxlen: 22
185.77.240.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5e:ce:95:f9:b3:d4:22:69:a9:43:10:b9:b7:c8:e2:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63082d6d3a1dc501795737537ca74d27a80265a2
Validity
Not Before: Dec 12 16:14:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=490f82264238d07a19b7e77f09ebfab78929dab0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:bb:0f:77:97:e3:04:35:97:df:9e:ec:d3:9e:
76:a7:48:19:d5:a2:22:27:ea:9d:3a:2f:d8:80:53:
87:3d:60:53:af:b0:24:40:d3:93:a1:e0:18:4c:0d:
51:a9:1e:b4:4e:a1:99:69:19:57:3a:f4:2a:0c:27:
72:77:02:19:c9:3d:0c:8b:e4:8e:71:9b:c6:86:d4:
ae:78:99:78:52:63:8c:66:58:b9:3a:f8:0b:d0:8a:
70:a2:5d:6f:a9:4b:19:3a:50:4a:41:ae:c3:9c:a8:
54:55:8e:49:81:f6:12:90:07:82:cd:68:0e:9d:70:
63:54:c7:8f:7e:6b:c7:16:ca:23:c1:17:61:f0:6b:
70:3a:19:36:db:6c:aa:52:da:d1:b2:a7:d6:29:0a:
e6:1b:bd:cc:9f:08:d1:2e:84:e7:1b:6e:b8:ae:5e:
a2:6c:81:33:78:42:da:97:9e:df:87:dd:0a:60:b5:
cb:8c:f5:63:6b:78:8f:50:8a:e7:44:06:a9:1e:03:
d5:93:6d:d2:98:1a:33:54:af:94:43:76:d1:7c:d3:
a4:f2:9d:f0:8e:0e:14:02:07:16:cf:3a:db:9a:ee:
b9:f6:21:39:9e:16:72:7d:c6:60:a1:7a:63:89:92:
33:3f:c2:c9:21:e7:f1:71:94:07:82:c8:1a:20:0c:
c2:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:0F:82:26:42:38:D0:7A:19:B7:E7:7F:09:EB:FA:B7:89:29:DA:B0
X509v3 Authority Key Identifier:
keyid:63:08:2D:6D:3A:1D:C5:01:79:57:37:53:7C:A7:4D:27:A8:02:65:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YwgtbTodxQF5VzdTfKdNJ6gCZaI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/97e1e2-567f-414e-9b03-c18ad36a7b30/1/SQ-CJkI40HoZt-d_Cev6t4kp2rA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/97e1e2-567f-414e-9b03-c18ad36a7b30/1/YwgtbTodxQF5VzdTfKdNJ6gCZaI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.174.184.0/21
185.44.164.0/22
185.77.228.0/22
185.77.240.0/22
Signature Algorithm: sha256WithRSAEncryption
30:70:bd:67:4f:09:aa:73:9a:09:66:39:af:15:b9:41:6e:06:
4d:9e:5d:38:13:f5:46:b7:67:6c:49:df:40:62:cd:d9:2d:6e:
98:50:85:b7:d9:13:f9:57:8b:1d:ce:ef:b9:67:43:8e:4f:0f:
86:e5:ea:30:cf:eb:f3:4d:d3:26:49:0d:49:8a:eb:63:5e:20:
e1:a0:85:80:5b:76:5a:48:8e:1e:56:bc:68:2d:b4:af:57:19:
34:8e:e4:72:7a:9c:94:f2:db:6d:17:9e:33:8c:4b:1e:7f:a1:
7c:a8:29:fe:ea:3c:d4:c1:8e:0f:b9:7a:e0:33:b4:d5:10:10:
78:d4:aa:04:c5:f8:19:26:c5:5d:ef:17:0e:79:f6:41:c8:4c:
80:27:68:24:2e:3a:8c:74:71:b7:b3:23:32:34:18:0d:dc:68:
3d:ae:5d:ea:9b:b7:d0:8f:e3:cb:e6:c4:a1:94:69:00:68:f4:
0b:e8:9c:d8:26:5a:7e:02:ca:a4:74:06:12:bf:0e:52:00:bc:
40:09:97:e0:be:a5:5e:19:cd:80:7e:eb:0b:af:a8:06:a0:7c:
c1:77:e9:3d:ff:1f:cf:e8:3f:e6:54:0b:ff:65:96:3e:56:0e:
2c:99:08:91:c3:5f:66:b7:9d:0f:2c:3e:62:7b:bd:b6:d4:ba:
dd:d3:19:7e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYxezpX5s9QiaalDELm3yOKEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMDgyZDZkM2ExZGM1MDE3OTU3Mzc1MzdjYTc0ZDI3YTgw
MjY1YTIwHhcNMjMxMjEyMTYxNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTBmODIyNjQyMzhkMDdhMTliN2U3N2YwOWViZmFiNzg5MjlkYWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7sPd5fjBDWX357s0552p0gZ1aIi
J+qdOi/YgFOHPWBTr7AkQNOToeAYTA1RqR60TqGZaRlXOvQqDCdydwIZyT0Mi+SO
cZvGhtSueJl4UmOMZli5OvgL0Ipwol1vqUsZOlBKQa7DnKhUVY5JgfYSkAeCzWgO
nXBjVMePfmvHFsojwRdh8GtwOhk222yqUtrRsqfWKQrmG73MnwjRLoTnG264rl6i
bIEzeELal57fh90KYLXLjPVja3iPUIrnRAapHgPVk23SmBozVK+UQ3bRfNOk8p3w
jg4UAgcWzzrbmu659iE5nhZyfcZgoXpjiZIzP8LJIefxcZQHgsgaIAzCRQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEkPgiZCONB6Gbfnfwnr+reJKdqwMB8GA1UdIwQY
MBaAFGMILW06HcUBeVc3U3ynTSeoAmWiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXdndGJUb2R4UUY1VnpkVGZLZE5KNmdDWmFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85N2UxZTItNTY3Zi00MTRlLTliMDMt
YzE4YWQzNmE3YjMwLzEvU1EtQ0prSTQwSG9adC1kX0NldjZ0NGtwMnJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85N2UxZTItNTY3Zi00MTRlLTliMDMtYzE4YWQzNmE3YjMw
LzEvWXdndGJUb2R4UUY1VnpkVGZLZE5KNmdDWmFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDT664AwQC
uSykAwQCuU3kAwQCuU3wMA0GCSqGSIb3DQEBCwUAA4IBAQAwcL1nTwmqc5oJZjmv
FblBbgZNnl04E/VGt2dsSd9AYs3ZLW6YUIW32RP5V4sdzu+5Z0OOTw+G5eowz+vz
TdMmSQ1JiutjXiDhoIWAW3ZaSI4eVrxoLbSvVxk0juRyepyU8tttF54zjEsef6F8
qCn+6jzUwY4PuXrgM7TVEBB41KoExfgZJsVd7xcOefZByEyAJ2gkLjqMdHG3syMy
NBgN3Gg9rl3qm7fQj+PL5sShlGkAaPQL6JzYJlp+AsqkdAYSvw5SALxACZfgvqVe
Gc2AfusLr6gGoHzBd+k9/x/P6D/mVAv/ZZY+Vg4smQiRw19mt50PLD5ie7221Lrd
0xl+
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:36:56 2025 by rpki-client