Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/UeJLQbR6prWvVykvfC_6O81los0.roa
File: UeJLQbR6prWvVykvfC_6O81los0.roa (raw, json)
Hash identifier: PxZIJwFwpYxmUG0M6aZALMi3BFt4eDN8J512A/17g8Y=
Subject key identifier: 51:E2:4B:41:B4:7A:A6:B5:AF:57:29:2F:7C:2F:FA:3B:CD:65:A2:CD
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 01857039A1E8AC72F5497CFEB7CD73DD4DA8
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/UeJLQbR6prWvVykvfC_6O81los0.roa
Signing time: Mon 02 Jan 2023 02:05:03 +0000
ROA not before: Mon 02 Jan 2023 02:05:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34549
IP address blocks: 195.179.44.0/22 maxlen: 22
194.64.172.0/22 maxlen: 22
195.180.140.0/22 maxlen: 22
194.163.72.0/22 maxlen: 22
195.179.80.0/22 maxlen: 22
212.224.0.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:a1:e8:ac:72:f5:49:7c:fe:b7:cd:73:dd:4d:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: Jan 2 02:05:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=51e24b41b47aa6b5af57292f7c2ffa3bcd65a2cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:2a:ad:bf:82:cc:55:76:63:4b:34:55:4f:70:
f8:5a:4b:5f:65:a6:1b:36:08:3c:86:03:78:82:a1:
75:20:0b:0b:8e:a5:49:e0:83:36:30:7d:8a:56:98:
c1:b0:e4:97:f3:b8:c4:37:c7:d5:1a:d8:22:e7:b0:
44:4a:7c:0c:0d:a1:82:b1:71:b1:6a:0f:cb:fd:9c:
91:a3:ec:05:75:2a:dc:2a:6a:fe:54:08:a6:3d:90:
93:5e:15:85:7c:75:6f:69:3f:f2:37:69:0a:9d:30:
1c:a9:84:e7:71:c2:4c:5c:5e:e4:5d:dc:b1:ae:02:
fc:11:7d:18:58:c0:19:50:48:d6:89:c9:c8:8b:07:
6d:38:4e:ba:b7:70:26:11:c1:f6:a8:65:86:61:83:
78:55:f8:d6:9d:31:b9:43:51:ba:cf:5a:46:b0:d5:
e4:fa:02:63:ed:df:3b:30:3a:9c:0a:f0:6e:18:60:
17:52:e7:bc:d5:68:27:aa:5e:de:ae:f7:03:b4:06:
5d:70:72:94:13:4e:b8:b2:79:52:cf:f0:3c:6f:e4:
2c:ed:85:14:17:16:bc:44:dd:ee:f0:a6:f9:06:11:
7e:4d:6d:1a:9e:92:dd:ab:e1:21:f0:47:f9:00:8d:
db:9a:89:2b:58:a3:23:b5:a5:87:76:c1:d7:7d:ce:
22:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:E2:4B:41:B4:7A:A6:B5:AF:57:29:2F:7C:2F:FA:3B:CD:65:A2:CD
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/UeJLQbR6prWvVykvfC_6O81los0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.64.172.0/22
194.163.72.0/22
195.179.44.0/22
195.179.80.0/22
195.180.140.0/22
212.224.0.0/22
Signature Algorithm: sha256WithRSAEncryption
b2:ad:04:26:1c:3a:b2:c0:1a:64:82:9d:64:9b:28:61:cf:18:
f5:17:83:f2:07:70:50:71:0d:08:72:66:c6:51:fc:f2:f7:77:
85:5e:25:ee:80:62:10:81:b9:45:bf:cf:1c:34:a0:cf:30:66:
d9:72:d4:ce:88:ca:79:18:6b:c3:42:95:0f:42:78:89:2e:8f:
08:39:87:77:a4:1a:a4:1f:ae:9c:e9:c2:62:40:c4:4d:07:bc:
92:8f:19:08:40:66:91:80:99:95:ec:2b:39:df:46:91:10:f8:
9f:90:6e:71:4b:04:90:ae:db:49:4e:52:27:8b:f2:e2:15:68:
71:7d:7d:f1:35:c5:df:04:ca:23:fe:c7:1f:9e:04:2f:ae:37:
80:d2:7a:74:c9:43:a4:d3:05:6c:c7:ac:9e:12:15:d8:cc:bf:
8c:ce:ba:bc:85:61:06:05:2c:59:7c:bb:6d:46:3d:39:ef:64:
1c:56:07:8a:68:53:a0:f7:9d:c1:16:e9:97:06:d4:75:6d:16:
81:e4:5b:d1:10:a0:74:0e:8b:9a:85:b5:bb:9f:cc:92:bf:9a:
0b:f5:bb:1c:6b:ad:07:7f:83:66:01:c0:00:8b:55:de:0b:ad:
5e:e5:33:25:dc:5a:3d:ae:61:2e:cd:45:48:60:d9:ea:c1:d1:
00:d5:40:10
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVwOaHorHL1SXz+t81z3U2oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDcwMTc1NjRjNzExYmNiZDU3NjgwYTBkZmQwMGYyYTVk
MDk5ZGIwHhcNMjMwMTAyMDIwNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWUyNGI0MWI0N2FhNmI1YWY1NzI5MmY3YzJmZmEzYmNkNjVhMmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiqtv4LMVXZjSzRVT3D4WktfZaYb
Ngg8hgN4gqF1IAsLjqVJ4IM2MH2KVpjBsOSX87jEN8fVGtgi57BESnwMDaGCsXGx
ag/L/ZyRo+wFdSrcKmr+VAimPZCTXhWFfHVvaT/yN2kKnTAcqYTnccJMXF7kXdyx
rgL8EX0YWMAZUEjWicnIiwdtOE66t3AmEcH2qGWGYYN4VfjWnTG5Q1G6z1pGsNXk
+gJj7d87MDqcCvBuGGAXUue81Wgnql7ervcDtAZdcHKUE064snlSz/A8b+Qs7YUU
Fxa8RN3u8Kb5BhF+TW0anpLdq+Eh8Ef5AI3bmokrWKMjtaWHdsHXfc4iZwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFHiS0G0eqa1r1cpL3wv+jvNZaLNMB8GA1UdIwQY
MBaAFNdHAXVkxxG8vVdoCg39APKl0JnbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjIt
NGYwZThjZTExYTdkLzEvVWVKTFFiUjZwcld2VnlrdmZDXzZPODFsb3MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjItNGYwZThjZTExYTdk
LzEvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCwkCsAwQC
wqNIAwQCw7MsAwQCw7NQAwQCw7SMAwQC1OAAMA0GCSqGSIb3DQEBCwUAA4IBAQCy
rQQmHDqywBpkgp1kmyhhzxj1F4PyB3BQcQ0IcmbGUfzy93eFXiXugGIQgblFv88c
NKDPMGbZctTOiMp5GGvDQpUPQniJLo8IOYd3pBqkH66c6cJiQMRNB7ySjxkIQGaR
gJmV7Cs530aREPifkG5xSwSQrttJTlIni/LiFWhxfX3xNcXfBMoj/scfngQvrjeA
0np0yUOk0wVsx6yeEhXYzL+Mzrq8hWEGBSxZfLttRj0572QcVgeKaFOg953BFumX
BtR1bRaB5FvREKB0DouahbW7n8ySv5oL9bsca60Hf4NmAcAAi1XeC61e5TMl3Fo9
rmEuzUVIYNnqwdEA1UAQ
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:09:00 2025 by rpki-client