Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/ea41e0-7b51-490f-8d1f-77d65ef305b0/1/uBaidq5gyIfFod0jy0owPQWwrKI.roa
File: uBaidq5gyIfFod0jy0owPQWwrKI.roa (raw, json)
Hash identifier: pP6p0iTMe0pJR316mCMmEtOCf8oAz1PHe80q/Ao8XKU=
Subject key identifier: B8:16:A2:76:AE:60:C8:87:C5:A1:DD:23:CB:4A:30:3D:05:B0:AC:A2
Certificate issuer: /CN=5904abeb0ed4ff866c065fe36c2c6284e2520b42
Certificate serial: 01856D3862D7D66810F0FB0030552F6966BC
Authority key identifier: 59:04:AB:EB:0E:D4:FF:86:6C:06:5F:E3:6C:2C:62:84:E2:52:0B:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WQSr6w7U_4ZsBl_jbCxihOJSC0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/ea41e0-7b51-490f-8d1f-77d65ef305b0/1/uBaidq5gyIfFod0jy0owPQWwrKI.roa
Signing time: Sun 01 Jan 2023 12:04:49 +0000
ROA not before: Sun 01 Jan 2023 12:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199562
IP address blocks: 185.10.224.0/22 maxlen: 24
185.10.227.0/24 maxlen: 24
2a03:6640::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:38:62:d7:d6:68:10:f0:fb:00:30:55:2f:69:66:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5904abeb0ed4ff866c065fe36c2c6284e2520b42
Validity
Not Before: Jan 1 12:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b816a276ae60c887c5a1dd23cb4a303d05b0aca2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:db:12:8c:d6:f8:db:06:b7:73:4a:84:ba:1e:
05:d5:85:c5:64:87:14:34:92:30:fe:ce:8e:05:4e:
20:cc:9e:a0:45:98:31:0d:73:4e:f3:37:34:f3:4b:
0d:81:c4:26:0e:a3:43:6a:f9:63:a3:f0:65:cb:49:
a6:52:e4:24:ac:6e:b6:b7:39:d0:23:14:94:49:7d:
98:1d:78:1e:45:df:0a:ab:51:7e:46:8e:d1:8d:ae:
3a:46:2c:d1:e0:cd:2c:76:65:1f:29:0b:02:e9:4c:
27:a9:d2:78:ca:2e:cd:67:5b:3e:4b:18:ba:aa:bc:
e2:9b:88:81:d9:6c:56:07:2d:e4:90:56:6e:e0:9f:
25:82:07:8f:29:01:da:f5:d9:74:2e:5d:9a:0a:c5:
2d:f8:c9:26:c3:4c:a7:d8:6f:eb:c2:3b:66:86:ee:
78:12:f3:27:ef:7c:e7:89:d8:a1:8a:e0:07:5f:d4:
0e:bf:c6:39:1d:44:4f:dc:93:8d:4e:7b:e4:43:c7:
99:1c:75:77:b6:0c:09:5f:1a:1d:fb:1f:a8:be:cd:
aa:2a:92:ea:48:73:a1:dd:c5:03:77:78:ed:43:62:
68:cd:24:e8:c1:d7:03:52:36:19:63:69:ed:48:48:
10:45:0d:18:bf:6f:1d:b8:c7:e1:22:b6:92:36:0f:
d1:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:16:A2:76:AE:60:C8:87:C5:A1:DD:23:CB:4A:30:3D:05:B0:AC:A2
X509v3 Authority Key Identifier:
keyid:59:04:AB:EB:0E:D4:FF:86:6C:06:5F:E3:6C:2C:62:84:E2:52:0B:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WQSr6w7U_4ZsBl_jbCxihOJSC0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/ea41e0-7b51-490f-8d1f-77d65ef305b0/1/uBaidq5gyIfFod0jy0owPQWwrKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/ea41e0-7b51-490f-8d1f-77d65ef305b0/1/WQSr6w7U_4ZsBl_jbCxihOJSC0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.10.224.0/22
IPv6:
2a03:6640::/32
Signature Algorithm: sha256WithRSAEncryption
6c:03:87:8d:48:01:35:ea:c5:8e:8e:d6:0e:3c:bd:1a:a3:c6:
a2:da:de:5f:14:13:35:2e:44:b6:b5:7a:72:81:2f:d2:93:27:
b0:f8:ba:fc:27:db:c2:dc:e1:54:66:54:bf:11:f6:7e:0a:b7:
c7:ac:5f:c3:4e:2c:98:0c:ec:85:a6:7a:80:ac:37:9e:88:c8:
f7:bc:93:78:81:5e:94:98:55:3a:f7:88:e0:e1:62:4f:5c:69:
8a:a0:01:78:92:e5:7c:b0:0a:b6:20:ce:98:67:e2:0a:96:7b:
70:96:3b:44:96:bf:0e:a6:9e:9f:45:3a:d1:01:ae:70:e8:eb:
f5:a2:ba:97:e3:9f:f6:1a:f6:67:0d:c0:77:75:53:80:0a:86:
b2:93:92:f6:b8:f0:cf:20:b3:ea:13:0d:94:98:b0:89:14:e3:
af:bf:3e:fa:d4:4b:e3:94:34:6b:ec:de:d0:a3:59:b8:38:8b:
3b:ef:18:2a:a6:f4:1c:4b:53:54:b2:6f:c1:e9:12:2e:1a:97:
d0:6d:62:7d:bf:ab:68:84:7f:2a:56:bc:87:86:9c:90:fe:9b:
b1:2f:07:16:cf:5c:b4:7d:10:ef:a2:e7:c4:89:65:2d:b1:6e:
0f:85:a6:3e:88:2a:2a:6a:95:17:3f:4a:f6:fd:91:af:3b:e8:
6b:02:6f:32
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtOGLX1mgQ8PsAMFUvaWa8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5MDRhYmViMGVkNGZmODY2YzA2NWZlMzZjMmM2Mjg0ZTI1
MjBiNDIwHhcNMjMwMTAxMTIwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODE2YTI3NmFlNjBjODg3YzVhMWRkMjNjYjRhMzAzZDA1YjBhY2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9sSjNb42wa3c0qEuh4F1YXFZIcU
NJIw/s6OBU4gzJ6gRZgxDXNO8zc080sNgcQmDqNDavljo/Bly0mmUuQkrG62tznQ
IxSUSX2YHXgeRd8Kq1F+Ro7Rja46RizR4M0sdmUfKQsC6UwnqdJ4yi7NZ1s+Sxi6
qrzim4iB2WxWBy3kkFZu4J8lggePKQHa9dl0Ll2aCsUt+Mkmw0yn2G/rwjtmhu54
EvMn73znidihiuAHX9QOv8Y5HURP3JONTnvkQ8eZHHV3tgwJXxod+x+ovs2qKpLq
SHOh3cUDd3jtQ2JozSTowdcDUjYZY2ntSEgQRQ0Yv28duMfhIraSNg/R8QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLgWonauYMiHxaHdI8tKMD0FsKyiMB8GA1UdIwQY
MBaAFFkEq+sO1P+GbAZf42wsYoTiUgtCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1FTcjZ3N1VfNFpzQmxfamJDeGloT0pTQzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9lYTQxZTAtN2I1MS00OTBmLThkMWYt
NzdkNjVlZjMwNWIwLzEvdUJhaWRxNWd5SWZGb2Qwankwb3dQUVd3cktJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9lYTQxZTAtN2I1MS00OTBmLThkMWYtNzdkNjVlZjMwNWIw
LzEvV1FTcjZ3N1VfNFpzQmxfamJDeGloT0pTQzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQrgMA0E
AgACMAcDBQAqA2ZAMA0GCSqGSIb3DQEBCwUAA4IBAQBsA4eNSAE16sWOjtYOPL0a
o8ai2t5fFBM1LkS2tXpygS/Skyew+Lr8J9vC3OFUZlS/EfZ+CrfHrF/DTiyYDOyF
pnqArDeeiMj3vJN4gV6UmFU694jg4WJPXGmKoAF4kuV8sAq2IM6YZ+IKlntwljtE
lr8Opp6fRTrRAa5w6Ov1orqX45/2GvZnDcB3dVOACoayk5L2uPDPILPqEw2UmLCJ
FOOvvz761EvjlDRr7N7Qo1m4OIs77xgqpvQcS1NUsm/B6RIuGpfQbWJ9v6tohH8q
VryHhpyQ/puxLwcWz1y0fRDvoufEiWUtsW4PhaY+iCoqapUXP0r2/ZGvO+hrAm8y
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:02:21 2025 by rpki-client