Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/8819e2-c4e3-4bce-a61c-305d41d53a65/1/UqIZSkK8WaQ0XTYRrq0Vm4b_3Q8.roa
File: UqIZSkK8WaQ0XTYRrq0Vm4b_3Q8.roa (raw, json)
Hash identifier: symretU1h3xOWOmkDkq1E3rmSMloddVkCFXX2zmNQWo=
Subject key identifier: 52:A2:19:4A:42:BC:59:A4:34:5D:36:11:AE:AD:15:9B:86:FF:DD:0F
Certificate issuer: /CN=b85b0c8a75893a4f8e1ef0d9a4d41478d8b33278
Certificate serial: 01856F39165F9D024C41DC1042F584A3649E
Authority key identifier: B8:5B:0C:8A:75:89:3A:4F:8E:1E:F0:D9:A4:D4:14:78:D8:B3:32:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uFsMinWJOk-OHvDZpNQUeNizMng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/8819e2-c4e3-4bce-a61c-305d41d53a65/1/UqIZSkK8WaQ0XTYRrq0Vm4b_3Q8.roa
Signing time: Sun 01 Jan 2023 21:24:50 +0000
ROA not before: Sun 01 Jan 2023 21:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13287
IP address blocks: 185.127.128.0/24 maxlen: 24
185.127.131.0/24 maxlen: 24
185.127.130.0/24 maxlen: 24
2a06:c980::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:39:16:5f:9d:02:4c:41:dc:10:42:f5:84:a3:64:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b85b0c8a75893a4f8e1ef0d9a4d41478d8b33278
Validity
Not Before: Jan 1 21:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52a2194a42bc59a4345d3611aead159b86ffdd0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b5:f6:d1:7b:1e:c8:ab:aa:1a:e6:74:8e:4b:
3f:8f:93:97:53:cb:03:7f:ca:d1:03:5d:d3:23:d3:
31:9b:ca:7e:09:87:0b:38:75:a4:5b:71:80:0c:4f:
a6:44:43:b7:86:f4:2d:81:33:b8:fd:88:f9:88:5b:
17:4b:5e:9b:48:8a:fe:fc:3a:9f:eb:a8:69:dc:0e:
86:21:11:b1:71:35:2c:e2:2e:0d:0f:a3:64:fa:f4:
dd:68:9e:b9:0d:86:8e:c3:9c:3a:cf:ba:74:fb:cf:
57:51:78:b0:ff:d3:07:18:40:6c:af:42:87:15:81:
1d:dd:4e:dc:18:fe:f2:99:6a:80:0e:2a:2a:ea:0a:
f1:60:7f:77:c4:b9:b5:61:60:5d:a7:a6:30:fc:94:
78:8c:96:4e:4b:68:e2:98:f9:78:8c:48:38:7a:c4:
85:22:2d:10:14:15:a1:fd:15:22:5a:d0:e2:0b:a6:
30:27:b6:bf:34:f1:e6:4a:9d:56:69:d1:d3:36:05:
de:2d:ab:ec:16:31:80:ba:09:38:e6:db:84:7e:35:
76:a8:1b:d6:79:ed:7a:3e:9b:03:9d:1f:09:57:e1:
98:61:f5:f1:bb:e0:24:30:17:8d:b1:61:27:0a:43:
38:e7:bc:40:ce:76:a1:f0:7a:f9:bf:df:22:e6:dd:
bd:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:A2:19:4A:42:BC:59:A4:34:5D:36:11:AE:AD:15:9B:86:FF:DD:0F
X509v3 Authority Key Identifier:
keyid:B8:5B:0C:8A:75:89:3A:4F:8E:1E:F0:D9:A4:D4:14:78:D8:B3:32:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uFsMinWJOk-OHvDZpNQUeNizMng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/8819e2-c4e3-4bce-a61c-305d41d53a65/1/UqIZSkK8WaQ0XTYRrq0Vm4b_3Q8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/8819e2-c4e3-4bce-a61c-305d41d53a65/1/uFsMinWJOk-OHvDZpNQUeNizMng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.127.128.0/24
185.127.130.0/23
IPv6:
2a06:c980::/29
Signature Algorithm: sha256WithRSAEncryption
b9:e6:66:ae:4c:6c:b2:90:d5:90:20:3d:df:1e:ee:aa:ac:9e:
30:27:dd:47:4d:92:29:f0:e4:0b:20:74:96:05:d2:0c:8b:88:
bc:d4:bd:c6:8d:fa:60:c0:8c:9a:f7:37:2f:7e:0e:cb:fb:e0:
49:de:b0:99:21:eb:67:8d:ba:1d:5c:e4:26:96:f3:c3:d9:e3:
32:01:41:52:91:46:8d:b7:48:5a:13:8d:2a:98:dd:25:a1:5f:
9f:89:2e:85:bb:48:19:d0:65:50:3a:41:ac:aa:df:85:c3:a2:
5a:73:5c:e5:8e:32:56:55:74:b7:e4:78:b0:6b:35:45:05:c5:
eb:49:fa:16:33:a9:8b:fb:08:5b:2a:a7:68:66:1c:95:d0:5e:
cd:31:fe:78:c5:7c:47:15:36:55:53:9f:78:e6:79:73:eb:2b:
dd:f2:8e:00:8f:dd:3e:e1:de:34:0c:85:fc:a1:81:43:58:b9:
77:eb:92:6f:f1:79:50:8e:b0:39:7d:c4:b4:5a:44:3a:75:4d:
40:8b:92:df:f9:2d:8a:ca:00:75:92:20:17:9c:bd:d1:82:2f:
de:f6:71:51:56:e6:66:13:0c:33:d9:36:15:b3:99:64:b9:f0:
86:67:d0:f6:6e:ed:68:71:7c:04:b1:5e:ba:62:f8:d6:34:a2:
bc:85:99:32
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvORZfnQJMQdwQQvWEo2SeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4NWIwYzhhNzU4OTNhNGY4ZTFlZjBkOWE0ZDQxNDc4ZDhi
MzMyNzgwHhcNMjMwMTAxMjEyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmEyMTk0YTQyYmM1OWE0MzQ1ZDM2MTFhZWFkMTU5Yjg2ZmZkZDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLX20XseyKuqGuZ0jks/j5OXU8sD
f8rRA13TI9Mxm8p+CYcLOHWkW3GADE+mREO3hvQtgTO4/Yj5iFsXS16bSIr+/Dqf
66hp3A6GIRGxcTUs4i4ND6Nk+vTdaJ65DYaOw5w6z7p0+89XUXiw/9MHGEBsr0KH
FYEd3U7cGP7ymWqADioq6grxYH93xLm1YWBdp6Yw/JR4jJZOS2jimPl4jEg4esSF
Ii0QFBWh/RUiWtDiC6YwJ7a/NPHmSp1WadHTNgXeLavsFjGAugk45tuEfjV2qBvW
ee16PpsDnR8JV+GYYfXxu+AkMBeNsWEnCkM457xAznah8Hr5v98i5t29gwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFKiGUpCvFmkNF02Ea6tFZuG/90PMB8GA1UdIwQY
MBaAFLhbDIp1iTpPjh7w2aTUFHjYszJ4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUZzTWluV0pPay1PSHZEWnBOUVVlTml6TW5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC84ODE5ZTItYzRlMy00YmNlLWE2MWMt
MzA1ZDQxZDUzYTY1LzEvVXFJWlNrSzhXYVEwWFRZUnJxMFZtNGJfM1E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC84ODE5ZTItYzRlMy00YmNlLWE2MWMtMzA1ZDQxZDUzYTY1
LzEvdUZzTWluV0pPay1PSHZEWnBOUVVlTml6TW5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuX+AAwQB
uX+CMA0EAgACMAcDBQMqBsmAMA0GCSqGSIb3DQEBCwUAA4IBAQC55mauTGyykNWQ
ID3fHu6qrJ4wJ91HTZIp8OQLIHSWBdIMi4i81L3GjfpgwIya9zcvfg7L++BJ3rCZ
IetnjbodXOQmlvPD2eMyAUFSkUaNt0haE40qmN0loV+fiS6Fu0gZ0GVQOkGsqt+F
w6Jac1zljjJWVXS35HiwazVFBcXrSfoWM6mL+whbKqdoZhyV0F7NMf54xXxHFTZV
U5945nlz6yvd8o4Aj90+4d40DIX8oYFDWLl365Jv8XlQjrA5fcS0WkQ6dU1Ai5Lf
+S2KygB1kiAXnL3Rgi/e9nFRVuZmEwwz2TYVs5lkufCGZ9D2bu1ocXwEsV66YvjW
NKK8hZky
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:28 2025 by rpki-client