Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/c2f61a-15f9-4c6b-90e5-ef4b659eff8d/1/SGgyqw4vrrPKj60Wwn5O5PXC900.roa
File: SGgyqw4vrrPKj60Wwn5O5PXC900.roa (raw, json)
Hash identifier: yG5KZn1tlqCpzq78as28OQca0HnNUiaiSh5TRpP0f2Q=
Subject key identifier: 48:68:32:AB:0E:2F:AE:B3:CA:8F:AD:16:C2:7E:4E:E4:F5:C2:F7:4D
Certificate issuer: /CN=ced755733e91203a17c3093ca5d9cb0392d94f61
Certificate serial: 1C9AED02
Authority key identifier: CE:D7:55:73:3E:91:20:3A:17:C3:09:3C:A5:D9:CB:03:92:D9:4F:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ztdVcz6RIDoXwwk8pdnLA5LZT2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/c2f61a-15f9-4c6b-90e5-ef4b659eff8d/1/SGgyqw4vrrPKj60Wwn5O5PXC900.roa
Signing time: Sat 01 Jan 2022 13:56:03 +0000
ROA not before: Sat 01 Jan 2022 13:56:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20965
IP address blocks: 62.40.96.0/19 maxlen: 19
83.97.92.0/22 maxlen: 22
2001:799::/32 maxlen: 32
2001:798::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 479915266 (0x1c9aed02)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ced755733e91203a17c3093ca5d9cb0392d94f61
Validity
Not Before: Jan 1 13:56:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=486832ab0e2faeb3ca8fad16c27e4ee4f5c2f74d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:29:5c:ef:d6:ad:ed:eb:2d:c5:2c:11:d1:e4:
bb:fc:0e:67:32:e3:41:86:c9:85:0d:a3:6d:52:71:
3e:e4:71:dd:3b:32:1a:41:0f:4c:99:70:23:9c:45:
b5:99:c9:f3:9c:a2:7b:85:76:61:19:fd:73:0a:d5:
b2:51:c5:a3:3a:a2:f3:ae:ff:f5:75:c8:a1:4d:0f:
0b:a0:b9:92:07:bd:c6:fe:ab:83:fb:2c:0e:02:43:
d6:ae:20:65:62:a3:3b:a8:5a:8e:78:4e:53:d6:b9:
c1:1e:88:d8:c0:22:df:83:78:2b:ac:b0:aa:61:d3:
af:9c:71:d9:58:c7:9c:17:a8:a4:75:d6:a1:eb:85:
d1:15:06:52:94:8c:99:4b:47:52:ff:b5:cd:e7:0d:
7b:22:b5:62:0c:49:ec:79:c8:32:84:37:34:29:f9:
e4:9f:4a:73:68:b5:ea:53:20:6b:22:7e:b9:ca:8c:
d6:bf:e2:7d:3d:06:8e:ac:0f:9d:e7:2b:64:26:fd:
59:f7:73:23:eb:8e:d5:ac:60:d0:72:7c:0d:8c:0a:
7c:af:d7:81:9b:f5:13:28:92:e4:a0:a5:d8:76:fe:
2d:76:67:b3:f6:9c:97:5c:60:db:47:ba:ef:5d:9c:
d8:71:c4:ea:b0:a8:38:93:43:d2:c6:84:21:ba:b7:
35:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:68:32:AB:0E:2F:AE:B3:CA:8F:AD:16:C2:7E:4E:E4:F5:C2:F7:4D
X509v3 Authority Key Identifier:
keyid:CE:D7:55:73:3E:91:20:3A:17:C3:09:3C:A5:D9:CB:03:92:D9:4F:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ztdVcz6RIDoXwwk8pdnLA5LZT2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c2f61a-15f9-4c6b-90e5-ef4b659eff8d/1/SGgyqw4vrrPKj60Wwn5O5PXC900.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c2f61a-15f9-4c6b-90e5-ef4b659eff8d/1/ztdVcz6RIDoXwwk8pdnLA5LZT2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.40.96.0/19
83.97.92.0/22
IPv6:
2001:798::/31
Signature Algorithm: sha256WithRSAEncryption
30:32:de:4a:8e:22:d3:dd:6d:d7:36:ce:3c:08:d6:4c:94:97:
c6:f4:5a:5c:fe:45:a7:f5:a0:a6:fb:3e:fa:a5:14:e3:e9:6e:
82:d6:fb:f5:fe:ad:c0:a3:89:6e:9d:70:e6:d3:7b:b0:61:93:
f9:1e:b3:35:04:95:9a:e2:14:4e:d4:73:60:39:b6:f8:4a:b1:
97:fc:f4:97:4a:8c:2c:67:62:54:b6:2c:b5:f5:b5:db:fa:71:
a5:31:91:d3:5c:ab:65:a7:14:1c:dc:b5:3c:26:3d:90:67:8a:
6f:ca:56:c2:32:60:73:37:db:18:fe:1e:d0:61:ae:ce:64:16:
18:25:75:3e:f2:07:cf:74:b1:6c:02:62:b3:a2:05:aa:6e:69:
e5:36:4d:6b:65:af:11:08:2b:d5:98:61:59:ea:82:ba:71:12:
c2:85:62:cd:3e:4e:b5:0d:fb:9b:12:cb:81:73:b3:a1:ec:3a:
f2:5c:b0:33:0b:f5:f9:7e:d7:67:c6:75:82:ea:40:75:5c:eb:
f3:9d:df:f9:62:08:59:3c:f6:93:33:16:17:98:8d:a5:f6:d9:
bd:b9:5f:e3:bc:57:37:b3:0a:d4:75:b2:c0:5d:f1:cc:dd:a2:
b9:08:90:c0:14:fb:dd:9e:c2:21:e5:24:ed:76:bc:ee:22:ee:
f4:f5:f1:2c
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEHJrtAjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZWQ3NTU3MzNlOTEyMDNhMTdjMzA5M2NhNWQ5Y2IwMzkyZDk0ZjYxMB4XDTIyMDEw
MTEzNTYwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDg2ODMyYWIwZTJm
YWViM2NhOGZhZDE2YzI3ZTRlZTRmNWMyZjc0ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMYpXO/Wre3rLcUsEdHku/wOZzLjQYbJhQ2jbVJxPuRx3Tsy
GkEPTJlwI5xFtZnJ85yie4V2YRn9cwrVslHFozqi867/9XXIoU0PC6C5kge9xv6r
g/ssDgJD1q4gZWKjO6hajnhOU9a5wR6I2MAi34N4K6ywqmHTr5xx2VjHnBeopHXW
oeuF0RUGUpSMmUtHUv+1zecNeyK1YgxJ7HnIMoQ3NCn55J9Kc2i16lMgayJ+ucqM
1r/ifT0GjqwPnecrZCb9WfdzI+uO1axg0HJ8DYwKfK/XgZv1EyiS5KCl2Hb+LXZn
s/acl1xg20e6712c2HHE6rCoOJND0saEIbq3NUcCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBRIaDKrDi+us8qPrRbCfk7k9cL3TTAfBgNVHSMEGDAWgBTO11VzPpEgOhfD
CTyl2csDktlPYTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3p0ZFZjejZSSURvWHd3azhwZG5MQTVMWlQyRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmIvYzJmNjFhLTE1ZjktNGM2Yi05MGU1LWVmNGI2NTllZmY4ZC8x
L1NHZ3lxdzR2cnJQS2o2MFd3bjVPNVBYQzkwMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmIv
YzJmNjFhLTE1ZjktNGM2Yi05MGU1LWVmNGI2NTllZmY4ZC8xL3p0ZFZjejZSSURv
WHd3azhwZG5MQTVMWlQyRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBT4oYAMEAlNhXDANBAIAAjAHAwUB
IAEHmDANBgkqhkiG9w0BAQsFAAOCAQEAMDLeSo4i091t1zbOPAjWTJSXxvRaXP5F
p/Wgpvs++qUU4+lugtb79f6twKOJbp1w5tN7sGGT+R6zNQSVmuIUTtRzYDm2+Eqx
l/z0l0qMLGdiVLYstfW12/pxpTGR01yrZacUHNy1PCY9kGeKb8pWwjJgczfbGP4e
0GGuzmQWGCV1PvIHz3SxbAJis6IFqm5p5TZNa2WvEQgr1ZhhWeqCunESwoVizT5O
tQ37mxLLgXOzoew68lywMwv1+X7XZ8Z1gupAdVzr853f+WIIWTz2kzMWF5iNpfbZ
vblf47xXN7MK1HWywF3xzN2iuQiQwBT73Z7CIeUk7Xa87iLu9PXxLA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:31:46 2025 by rpki-client