Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/abac14-6eab-4985-867a-c8e863c1a8d1/1/UpBN9BW-McJfRqVKAySJmREmKBo.roa
File: UpBN9BW-McJfRqVKAySJmREmKBo.roa (raw, json)
Hash identifier: a/GikRf5MqXc5Bubi7l/n6w39/hc3sTlKNMmwbYoDj8=
Subject key identifier: 52:90:4D:F4:15:BE:31:C2:5F:46:A5:4A:03:24:89:99:11:26:28:1A
Certificate issuer: /CN=d2c2b0ee187928409065d19ee9c0858e8c17ea13
Certificate serial: 162926E0
Authority key identifier: D2:C2:B0:EE:18:79:28:40:90:65:D1:9E:E9:C0:85:8E:8C:17:EA:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0sKw7hh5KECQZdGe6cCFjowX6hM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/abac14-6eab-4985-867a-c8e863c1a8d1/1/UpBN9BW-McJfRqVKAySJmREmKBo.roa
Signing time: Sat 01 Jan 2022 14:06:21 +0000
ROA not before: Sat 01 Jan 2022 14:06:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1140
IP address blocks: 94.198.152.0/24 maxlen: 24
94.198.152.0/21 maxlen: 21
94.198.155.0/24 maxlen: 24
94.198.156.0/24 maxlen: 24
94.198.157.0/24 maxlen: 24
94.198.158.0/24 maxlen: 24
94.198.159.0/24 maxlen: 24
94.198.153.0/24 maxlen: 24
94.198.154.0/24 maxlen: 24
193.176.144.0/24 maxlen: 24
185.76.132.0/24 maxlen: 24
185.76.132.0/22 maxlen: 22
185.76.135.0/24 maxlen: 24
185.76.133.0/24 maxlen: 24
185.76.134.0/24 maxlen: 24
2a00:d78::/32 maxlen: 32
2a00:d78::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 371795680 (0x162926e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2c2b0ee187928409065d19ee9c0858e8c17ea13
Validity
Not Before: Jan 1 14:06:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=52904df415be31c25f46a54a032489991126281a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:f1:50:f4:4f:0b:38:ae:9d:7a:67:74:77:56:
a5:74:e3:19:2f:04:c0:c4:b6:c1:f4:e8:e9:05:28:
a9:fb:15:a3:51:3a:d9:e5:90:49:d3:62:b3:67:d4:
e4:ae:05:ab:64:0e:b0:f5:6c:e6:11:23:81:01:ad:
f9:77:14:28:ff:05:c5:da:f7:ac:e4:c6:67:81:0e:
0a:d1:6c:93:1c:7a:15:ef:f8:a7:e8:11:44:62:85:
22:43:5b:29:0e:d9:76:bf:36:c4:35:36:67:34:d2:
13:a7:87:7f:8a:cc:86:a8:5a:3f:4e:79:a8:55:5d:
47:50:09:29:4c:fd:ed:0c:7e:2c:b2:8e:c1:47:bc:
b0:fe:bd:1c:4b:cc:cf:8d:f8:30:50:82:6b:0b:c2:
85:66:fe:1f:24:22:52:14:9f:68:a1:ee:05:45:fd:
0a:ba:0f:8d:e2:03:91:68:08:50:ed:bc:54:2f:70:
f0:7d:ce:a1:5f:c8:9a:a4:f9:bb:32:de:40:9c:bd:
54:47:ba:87:17:2b:f2:01:ab:dd:7c:fd:87:a1:c7:
78:ef:d4:5b:76:43:bd:2b:25:3c:37:00:2f:f3:fe:
b6:eb:f9:eb:48:eb:f6:f7:e1:03:4a:dd:a1:44:8f:
3f:3a:54:3d:24:2c:ea:28:9e:66:c3:02:14:36:1a:
00:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:90:4D:F4:15:BE:31:C2:5F:46:A5:4A:03:24:89:99:11:26:28:1A
X509v3 Authority Key Identifier:
keyid:D2:C2:B0:EE:18:79:28:40:90:65:D1:9E:E9:C0:85:8E:8C:17:EA:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0sKw7hh5KECQZdGe6cCFjowX6hM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/abac14-6eab-4985-867a-c8e863c1a8d1/1/UpBN9BW-McJfRqVKAySJmREmKBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/abac14-6eab-4985-867a-c8e863c1a8d1/1/0sKw7hh5KECQZdGe6cCFjowX6hM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.198.152.0/21
185.76.132.0/22
193.176.144.0/24
IPv6:
2a00:d78::/32
Signature Algorithm: sha256WithRSAEncryption
0d:6b:18:8e:3e:6c:f0:a7:ec:e9:af:29:a6:ca:9a:d2:8b:7a:
01:31:f3:a0:46:b1:4e:1d:76:de:e4:be:db:d5:d8:82:8d:5f:
f9:03:d1:5f:62:85:11:80:9d:94:26:56:7d:5c:fd:54:60:e2:
e9:7b:cc:0f:01:b6:5b:85:ca:82:5c:02:60:bb:89:12:a2:01:
94:1c:e1:61:e7:21:04:ad:8b:5c:a9:2a:1c:0a:7b:7f:eb:c1:
5a:01:e3:93:4b:06:06:0f:81:fb:04:18:ef:8e:6b:cd:87:11:
51:44:3f:b3:78:72:19:f3:03:22:ae:70:73:76:67:b4:f6:fd:
23:fa:02:63:36:09:6d:fc:c9:1a:61:23:de:9c:ca:14:68:37:
4e:74:a9:80:cb:f7:4e:08:30:33:8b:29:26:ac:17:7f:b6:5c:
37:77:9b:47:89:73:e8:32:97:e4:ed:5a:92:37:61:f7:e1:2c:
b4:1b:3d:12:cf:b7:72:83:fe:f5:d6:9d:26:99:83:23:11:db:
20:38:91:b3:b8:07:e0:5c:9c:1f:c7:ad:13:4c:b4:86:0c:bc:
5e:84:98:c2:59:93:6f:a8:c2:22:dc:9c:be:07:8b:20:92:54:
07:e7:0e:f0:95:7f:50:e5:4c:ef:ed:3a:7a:52:35:7d:10:da:
88:f9:41:ab
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEFikm4DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MmMyYjBlZTE4NzkyODQwOTA2NWQxOWVlOWMwODU4ZThjMTdlYTEzMB4XDTIyMDEw
MTE0MDYyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTI5MDRkZjQxNWJl
MzFjMjVmNDZhNTRhMDMyNDg5OTkxMTI2MjgxYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKvxUPRPCziunXpndHdWpXTjGS8EwMS2wfTo6QUoqfsVo1E6
2eWQSdNis2fU5K4Fq2QOsPVs5hEjgQGt+XcUKP8Fxdr3rOTGZ4EOCtFskxx6Fe/4
p+gRRGKFIkNbKQ7Zdr82xDU2ZzTSE6eHf4rMhqhaP055qFVdR1AJKUz97Qx+LLKO
wUe8sP69HEvMz434MFCCawvChWb+HyQiUhSfaKHuBUX9CroPjeIDkWgIUO28VC9w
8H3OoV/ImqT5uzLeQJy9VEe6hxcr8gGr3Xz9h6HHeO/UW3ZDvSslPDcAL/P+tuv5
60jr9vfhA0rdoUSPPzpUPSQs6iieZsMCFDYaAL8CAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBRSkE30Fb4xwl9GpUoDJImZESYoGjAfBgNVHSMEGDAWgBTSwrDuGHkoQJBl
0Z7pwIWOjBfqEzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBzS3c3aGg1S0VDUVpkR2U2Y0NGam93WDZoTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvYWJhYzE0LTZlYWItNDk4NS04NjdhLWM4ZTg2M2MxYThkMS8x
L1VwQk45QlctTWNKZlJxVktBeVNKbVJFbUtCby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
YWJhYzE0LTZlYWItNDk4NS04NjdhLWM4ZTg2M2MxYThkMS8xLzBzS3c3aGg1S0VD
UVpkR2U2Y0NGam93WDZoTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEA17GmAMEArlMhAMEAMGwkDANBAIA
AjAHAwUAKgANeDANBgkqhkiG9w0BAQsFAAOCAQEADWsYjj5s8Kfs6a8ppsqa0ot6
ATHzoEaxTh123uS+29XYgo1f+QPRX2KFEYCdlCZWfVz9VGDi6XvMDwG2W4XKglwC
YLuJEqIBlBzhYechBK2LXKkqHAp7f+vBWgHjk0sGBg+B+wQY745rzYcRUUQ/s3hy
GfMDIq5wc3ZntPb9I/oCYzYJbfzJGmEj3pzKFGg3TnSpgMv3TggwM4spJqwXf7Zc
N3ebR4lz6DKX5O1akjdh9+EstBs9Es+3coP+9dadJpmDIxHbIDiRs7gH4FycH8et
E0y0hgy8XoSYwlmTb6jCItycvgeLIJJUB+cO8JV/UOVM7+06elI1fRDaiPlBqw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:03 2024 by rpki-client on console-ams.rpki-client.org