Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/31081a-8b5a-49ec-9036-862e99973fc3/1/SGqAdcl3S4nigC8whRiqGGouw1Q.roa
File: SGqAdcl3S4nigC8whRiqGGouw1Q.roa (raw, json)
Hash identifier: Qm3B3LC2UkZmSmYJ/6L2F07PLvoND3WoF2fYkYV4wq0=
Subject key identifier: 48:6A:80:75:C9:77:4B:89:E2:80:2F:30:85:18:AA:18:6A:2E:C3:54
Certificate issuer: /CN=f7822d4597e5493d15178bfb10e6841dd17e5897
Certificate serial: 06E67297
Authority key identifier: F7:82:2D:45:97:E5:49:3D:15:17:8B:FB:10:E6:84:1D:D1:7E:58:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/94ItRZflST0VF4v7EOaEHdF-WJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/31081a-8b5a-49ec-9036-862e99973fc3/1/SGqAdcl3S4nigC8whRiqGGouw1Q.roa
Signing time: Sat 01 Jan 2022 14:08:45 +0000
ROA not before: Sat 01 Jan 2022 14:08:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 146.133.124.0/24 maxlen: 24
146.133.127.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115765911 (0x6e67297)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7822d4597e5493d15178bfb10e6841dd17e5897
Validity
Not Before: Jan 1 14:08:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=486a8075c9774b89e2802f308518aa186a2ec354
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:19:c0:23:a7:9b:ba:cd:3e:53:a1:47:a9:0c:
59:ca:b7:49:91:0d:46:93:a9:43:a3:d1:63:71:d2:
4d:29:15:40:64:70:09:35:ea:42:45:7b:dd:47:b8:
0c:6a:ca:5c:83:bd:ed:67:54:b4:de:f8:df:75:e4:
45:79:c7:c7:60:d0:e9:f6:ee:d9:d3:95:e1:c5:76:
49:67:90:65:51:ed:ea:a7:22:7c:e1:37:84:ad:e6:
d7:0b:b0:44:5e:2d:09:05:e0:86:ac:2e:09:fd:cd:
6a:c5:89:32:47:75:5c:f5:16:15:bf:9a:89:a7:4a:
d3:da:86:54:4c:a7:a8:85:a5:41:fc:c1:00:7e:f9:
82:4a:1e:12:c9:8c:40:84:c3:f3:42:83:36:bd:b9:
e4:e1:47:46:ca:2c:3c:6e:09:ba:81:9b:1f:82:3f:
34:1b:ff:ff:37:b0:b1:17:ca:68:4e:81:53:62:5c:
ba:74:8c:96:9e:47:69:a8:76:14:95:18:f5:f9:5c:
ea:4e:5a:41:4d:99:10:07:83:94:ef:c9:65:66:a2:
3a:95:d6:4e:cb:1a:c6:75:81:14:81:d5:bc:25:5c:
0f:e0:fb:90:d3:28:f0:60:a1:e6:1c:a6:21:2e:b1:
2f:95:9b:c8:f4:91:11:b5:be:d6:37:aa:39:be:e5:
cf:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:6A:80:75:C9:77:4B:89:E2:80:2F:30:85:18:AA:18:6A:2E:C3:54
X509v3 Authority Key Identifier:
keyid:F7:82:2D:45:97:E5:49:3D:15:17:8B:FB:10:E6:84:1D:D1:7E:58:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/94ItRZflST0VF4v7EOaEHdF-WJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/31081a-8b5a-49ec-9036-862e99973fc3/1/SGqAdcl3S4nigC8whRiqGGouw1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/31081a-8b5a-49ec-9036-862e99973fc3/1/94ItRZflST0VF4v7EOaEHdF-WJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.133.124.0/24
146.133.127.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:eb:87:69:11:0c:87:09:e3:71:b9:1c:ee:d9:59:c4:61:a5:
ab:41:02:9a:55:30:71:0a:63:3f:f0:05:c1:e1:fa:5c:19:38:
c1:76:f8:22:fb:db:32:50:ce:70:cf:70:3a:e8:33:52:52:79:
51:04:d1:c0:55:57:74:0c:a6:d0:e6:ed:9d:90:18:36:0a:d4:
da:3f:8f:52:c6:6f:ae:f4:5c:3f:6a:c1:2e:75:78:ab:87:72:
b4:17:ec:a5:e7:df:5f:f1:0e:97:d4:d2:1d:ca:38:11:3e:72:
99:48:99:ea:5f:12:26:e2:7b:79:9c:e3:fd:45:16:e8:cc:93:
a2:43:d0:24:81:79:b3:39:db:1c:ed:03:d4:1e:98:a4:f1:4c:
46:6b:55:5b:41:cf:47:60:e3:c9:0d:2b:4b:92:9c:47:f7:b6:
de:9a:4d:35:3a:b2:73:98:4e:e0:73:3f:8c:f2:9a:a6:9b:55:
c9:e5:10:aa:46:a5:c7:fa:82:e2:cd:cd:9f:b0:24:ce:0a:19:
a4:35:61:70:e7:0c:07:3b:07:c7:b2:ed:35:22:5a:36:38:d2:
04:c2:1a:5e:82:d4:c6:32:17:b8:f7:91:94:17:21:51:a6:90:
46:41:1e:02:aa:32:f1:f7:dc:c2:db:5b:8f:17:7d:18:b7:b5:
6e:57:ac:79
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBuZylzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NzgyMmQ0NTk3ZTU0OTNkMTUxNzhiZmIxMGU2ODQxZGQxN2U1ODk3MB4XDTIyMDEw
MTE0MDg0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDg2YTgwNzVjOTc3
NGI4OWUyODAyZjMwODUxOGFhMTg2YTJlYzM1NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM4ZwCOnm7rNPlOhR6kMWcq3SZENRpOpQ6PRY3HSTSkVQGRw
CTXqQkV73Ue4DGrKXIO97WdUtN7433XkRXnHx2DQ6fbu2dOV4cV2SWeQZVHt6qci
fOE3hK3m1wuwRF4tCQXghqwuCf3NasWJMkd1XPUWFb+aiadK09qGVEynqIWlQfzB
AH75gkoeEsmMQITD80KDNr255OFHRsosPG4JuoGbH4I/NBv//zewsRfKaE6BU2Jc
unSMlp5Haah2FJUY9flc6k5aQU2ZEAeDlO/JZWaiOpXWTssaxnWBFIHVvCVcD+D7
kNMo8GCh5hymIS6xL5WbyPSREbW+1jeqOb7lz1sCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRIaoB1yXdLieKALzCFGKoYai7DVDAfBgNVHSMEGDAWgBT3gi1Fl+VJPRUX
i/sQ5oQd0X5YlzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzk0SXRSWmZsU1QwVkY0djdFT2FFSGRGLVdKYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjMvMzEwODFhLThiNWEtNDllYy05MDM2LTg2MmU5OTk3M2ZjMy8x
L1NHcUFkY2wzUzRuaWdDOHdoUmlxR0dvdXcxUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjMv
MzEwODFhLThiNWEtNDllYy05MDM2LTg2MmU5OTk3M2ZjMy8xLzk0SXRSWmZsU1Qw
VkY0djdFT2FFSGRGLVdKYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAJKFfAMEAJKFfzANBgkqhkiG9w0B
AQsFAAOCAQEAS+uHaREMhwnjcbkc7tlZxGGlq0ECmlUwcQpjP/AFweH6XBk4wXb4
IvvbMlDOcM9wOugzUlJ5UQTRwFVXdAym0ObtnZAYNgrU2j+PUsZvrvRcP2rBLnV4
q4dytBfspeffX/EOl9TSHco4ET5ymUiZ6l8SJuJ7eZzj/UUW6MyTokPQJIF5sznb
HO0D1B6YpPFMRmtVW0HPR2DjyQ0rS5KcR/e23ppNNTqyc5hO4HM/jPKapptVyeUQ
qkalx/qC4s3Nn7AkzgoZpDVhcOcMBzsHx7LtNSJaNjjSBMIaXoLUxjIXuPeRlBch
UaaQRkEeAqoy8ffcwttbjxd9GLe1bleseQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:57 2025 by rpki-client