Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/SQEn1SO5gBgsj0QP5k3LyVUpHpg.roa
File: SQEn1SO5gBgsj0QP5k3LyVUpHpg.roa (raw, json)
Hash identifier: WxPcx0dlA8ZW+e5XW9/V46WNcWkYmuJwBQZ8Ot/YiDA=
Subject key identifier: 49:01:27:D5:23:B9:80:18:2C:8F:44:0F:E6:4D:CB:C9:55:29:1E:98
Certificate issuer: /CN=56d0e3b28f2be33ec5a9d2ca00ac64155536cbc6
Certificate serial: 0188FD1F22B844D67050E354D30E0E04C44E
Authority key identifier: 56:D0:E3:B2:8F:2B:E3:3E:C5:A9:D2:CA:00:AC:64:15:55:36:CB:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VtDjso8r4z7FqdLKAKxkFVU2y8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/SQEn1SO5gBgsj0QP5k3LyVUpHpg.roa
Signing time: Tue 27 Jun 2023 13:50:56 +0000
ROA not before: Tue 27 Jun 2023 13:50:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8697
IP address blocks: 185.98.220.0/22 maxlen: 24
92.253.0.0/17 maxlen: 24
217.23.32.0/20 maxlen: 24
194.165.128.0/19 maxlen: 24
213.186.160.0/19 maxlen: 24
94.249.0.0/17 maxlen: 24
37.202.64.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:fd:1f:22:b8:44:d6:70:50:e3:54:d3:0e:0e:04:c4:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56d0e3b28f2be33ec5a9d2ca00ac64155536cbc6
Validity
Not Before: Jun 27 13:50:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=490127d523b980182c8f440fe64dcbc955291e98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:fb:61:70:0f:b3:9d:12:74:c4:96:37:95:f0:
f7:62:1f:d9:dd:14:15:df:c3:e8:07:df:59:d5:78:
2b:a1:18:5d:42:5f:92:50:0b:c1:fc:1d:e4:0e:65:
6a:f0:af:f4:8d:e9:8e:1f:45:2a:09:5a:d7:fa:b8:
70:e9:ee:48:ec:69:f3:8d:b3:e5:9d:eb:0a:0d:d4:
92:48:86:2e:5d:4a:2d:62:23:6a:ce:1a:b2:ca:c2:
92:3c:ae:5d:83:2f:8a:7a:38:f7:ab:82:83:e6:bd:
80:ee:ac:05:a8:b2:28:bf:8d:1e:8e:4c:86:0f:ad:
66:c8:e6:de:de:86:55:ba:73:b4:7b:ce:e6:bc:d9:
4d:95:d1:9c:a8:b6:5a:d2:1c:40:5a:ba:7c:07:42:
63:1b:6f:89:c9:3b:f3:f2:e3:e6:70:9c:c6:eb:94:
75:3b:34:82:5e:e3:97:36:27:eb:2f:c1:ae:8c:6e:
b9:2b:f9:39:59:e7:db:5b:e4:73:42:76:92:fe:86:
a5:cd:e3:36:c8:12:95:01:8f:24:62:b4:8b:36:ec:
84:6e:a4:63:ba:ea:20:82:74:76:3e:4d:51:70:02:
b1:dd:09:12:d8:24:84:c7:d4:b2:f1:14:16:80:85:
0b:d5:d2:0a:c1:59:03:74:52:6d:51:84:4a:e8:2a:
24:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:01:27:D5:23:B9:80:18:2C:8F:44:0F:E6:4D:CB:C9:55:29:1E:98
X509v3 Authority Key Identifier:
keyid:56:D0:E3:B2:8F:2B:E3:3E:C5:A9:D2:CA:00:AC:64:15:55:36:CB:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VtDjso8r4z7FqdLKAKxkFVU2y8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/SQEn1SO5gBgsj0QP5k3LyVUpHpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/VtDjso8r4z7FqdLKAKxkFVU2y8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.64.0/18
92.253.0.0/17
94.249.0.0/17
185.98.220.0/22
194.165.128.0/19
213.186.160.0/19
217.23.32.0/20
Signature Algorithm: sha256WithRSAEncryption
9c:39:51:47:90:2b:cc:08:74:8c:3e:80:d4:31:bf:df:51:d1:
e5:c4:db:9d:3f:68:3a:37:be:01:6d:c8:4b:df:4a:f1:24:8f:
0c:9a:77:64:98:b1:15:79:a1:50:b3:de:a1:fd:bb:63:94:15:
10:fb:54:7b:e2:25:a0:9d:9d:0b:8b:ef:c5:f7:b0:10:6d:99:
ff:46:fb:2f:09:0a:1b:d6:7b:0b:87:be:28:6d:d7:9a:cd:99:
53:c2:9c:c0:4c:80:ea:ff:2f:98:dd:b2:87:56:e5:ed:fb:de:
7a:7a:8d:23:3f:b1:66:c5:cf:f0:e4:6e:cb:4e:36:cc:ae:d0:
30:e8:c8:82:16:58:ff:6b:b7:4f:ab:7f:06:7c:a3:dd:ff:d5:
eb:3d:ea:5e:e3:eb:ee:f9:c1:b2:a2:f1:48:9c:8c:13:11:cc:
7a:0a:99:35:4a:70:49:07:4f:90:81:40:69:e6:cd:dc:99:67:
0e:86:39:71:f2:f4:1a:09:ac:1e:61:99:b1:08:40:1c:91:51:
75:1f:ee:e0:13:e9:05:14:b8:b9:a7:fd:65:33:94:58:2b:bd:
dc:4d:72:e2:6d:47:5b:8a:95:3b:6b:de:2c:2d:7e:ce:5a:99:
51:ed:57:c8:03:b5:46:fb:55:cf:61:37:bd:ce:9d:c1:5c:d4:
c1:29:3a:9f
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYj9HyK4RNZwUONU0w4OBMROMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2ZDBlM2IyOGYyYmUzM2VjNWE5ZDJjYTAwYWM2NDE1NTUz
NmNiYzYwHhcNMjMwNjI3MTM1MDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTAxMjdkNTIzYjk4MDE4MmM4ZjQ0MGZlNjRkY2JjOTU1MjkxZTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvthcA+znRJ0xJY3lfD3Yh/Z3RQV
38PoB99Z1XgroRhdQl+SUAvB/B3kDmVq8K/0jemOH0UqCVrX+rhw6e5I7GnzjbPl
nesKDdSSSIYuXUotYiNqzhqyysKSPK5dgy+Kejj3q4KD5r2A7qwFqLIov40ejkyG
D61myObe3oZVunO0e87mvNlNldGcqLZa0hxAWrp8B0JjG2+JyTvz8uPmcJzG65R1
OzSCXuOXNifrL8GujG65K/k5WefbW+RzQnaS/oalzeM2yBKVAY8kYrSLNuyEbqRj
uuoggnR2Pk1RcAKx3QkS2CSEx9Sy8RQWgIUL1dIKwVkDdFJtUYRK6CokawIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFEkBJ9UjuYAYLI9ED+ZNy8lVKR6YMB8GA1UdIwQY
MBaAFFbQ47KPK+M+xanSygCsZBVVNsvGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnREanNvOHI0ejdGcWRMS0FLeGtGVlUyeThZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9mZmJmNmEtNzJmMC00MDFmLWIyYzMt
OGI4ZDcyMTcyMDkwLzEvU1FFbjFTTzVnQmdzajBRUDVrM0x5VlVwSHBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9mZmJmNmEtNzJmMC00MDFmLWIyYzMtOGI4ZDcyMTcyMDkw
LzEvVnREanNvOHI0ejdGcWRMS0FLeGtGVlUyeThZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQGJcpAAwQH
XP0AAwQHXvkAAwQCuWLcAwQFwqWAAwQF1bqgAwQE2RcgMA0GCSqGSIb3DQEBCwUA
A4IBAQCcOVFHkCvMCHSMPoDUMb/fUdHlxNudP2g6N74BbchL30rxJI8MmndkmLEV
eaFQs96h/btjlBUQ+1R74iWgnZ0Li+/F97AQbZn/RvsvCQob1nsLh74obdeazZlT
wpzATIDq/y+Y3bKHVuXt+956eo0jP7Fmxc/w5G7LTjbMrtAw6MiCFlj/a7dPq38G
fKPd/9XrPepe4+vu+cGyovFInIwTEcx6Cpk1SnBJB0+QgUBp5s3cmWcOhjlx8vQa
CaweYZmxCEAckVF1H+7gE+kFFLi5p/1lM5RYK73cTXLibUdbipU7a94sLX7OWplR
7VfIA7VG+1XPYTe9zp3BXNTBKTqf
-----END CERTIFICATE-----
Generated at Mon May 12 05:27:21 2025 by rpki-client