Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/dacb92-ff70-49fe-b4b8-8989b4caa206/1/ujIADru3sCNKYC32HrnX9TjjS5s.roa
File: ujIADru3sCNKYC32HrnX9TjjS5s.roa (raw, json)
Hash identifier: ApCr3cymXn7QxIzfFUzpGu8BsFykcgKUQmAQAiG7ADM=
Subject key identifier: BA:32:00:0E:BB:B7:B0:23:4A:60:2D:F6:1E:B9:D7:F5:38:E3:4B:9B
Certificate issuer: /CN=6315dd0ba11fdaf74d53b956fc1c846a7e2f61fe
Certificate serial: 0184137A9C1BC04D75F73D85DD19DA318F77
Authority key identifier: 63:15:DD:0B:A1:1F:DA:F7:4D:53:B9:56:FC:1C:84:6A:7E:2F:61:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YxXdC6Ef2vdNU7lW_ByEan4vYf4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/dacb92-ff70-49fe-b4b8-8989b4caa206/1/ujIADru3sCNKYC32HrnX9TjjS5s.roa
Signing time: Wed 26 Oct 2022 08:48:33 +0000
ROA not before: Wed 26 Oct 2022 08:48:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200653
IP address blocks: 185.100.30.0/24 maxlen: 24
185.100.30.0/23 maxlen: 23
185.100.28.0/23 maxlen: 23
185.100.28.0/22 maxlen: 22
185.100.29.0/24 maxlen: 24
185.100.31.0/24 maxlen: 24
185.100.28.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:13:7a:9c:1b:c0:4d:75:f7:3d:85:dd:19:da:31:8f:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6315dd0ba11fdaf74d53b956fc1c846a7e2f61fe
Validity
Not Before: Oct 26 08:48:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ba32000ebbb7b0234a602df61eb9d7f538e34b9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:f2:a9:e6:53:c7:01:45:d4:d0:af:86:79:71:
e2:e2:b6:4b:87:c7:a5:e1:90:ae:d8:c3:7c:48:b5:
e7:0a:df:44:cf:94:4f:4d:33:b8:32:7e:c7:d9:ea:
cd:78:bc:56:6f:83:bc:d6:63:fe:bc:16:44:45:84:
a1:70:20:f9:24:38:00:c1:f8:1e:e3:1e:6e:ab:0f:
99:88:bb:eb:16:97:dc:3b:36:c6:f1:4e:d3:04:25:
14:8f:d7:98:0c:d7:65:a4:47:69:1c:29:1a:90:8f:
82:21:94:7c:03:7e:ca:aa:4f:c4:7c:b0:9f:34:58:
09:2b:57:d2:fb:55:3f:89:c3:13:e5:70:b6:18:82:
2d:15:62:88:70:d3:7b:98:99:fc:89:3a:81:95:d3:
53:94:9f:6b:42:e3:a0:06:35:81:15:3d:ab:68:83:
de:63:35:7d:68:fa:26:8b:2e:82:cf:9f:e3:e6:29:
ee:ab:02:75:9f:ee:4b:c4:0f:9e:1b:d4:2a:b1:66:
41:46:5a:42:c8:da:45:31:98:55:da:56:e5:25:1b:
8a:8c:2c:5d:19:a9:c9:cd:3e:63:54:9e:91:e6:c3:
a9:46:90:9d:93:23:60:ce:98:c9:76:5e:81:cb:2b:
d5:12:12:8a:ec:97:da:1e:ac:c6:a0:7b:e2:67:9d:
05:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:32:00:0E:BB:B7:B0:23:4A:60:2D:F6:1E:B9:D7:F5:38:E3:4B:9B
X509v3 Authority Key Identifier:
keyid:63:15:DD:0B:A1:1F:DA:F7:4D:53:B9:56:FC:1C:84:6A:7E:2F:61:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YxXdC6Ef2vdNU7lW_ByEan4vYf4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/dacb92-ff70-49fe-b4b8-8989b4caa206/1/ujIADru3sCNKYC32HrnX9TjjS5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/dacb92-ff70-49fe-b4b8-8989b4caa206/1/YxXdC6Ef2vdNU7lW_ByEan4vYf4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.100.28.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:01:d5:b2:9f:13:80:95:89:be:3a:fe:32:60:cf:d4:7a:84:
5c:ea:fd:6b:42:71:20:80:0b:74:b3:42:aa:2f:d6:a4:9a:16:
2f:9b:69:b9:3a:c1:3e:8b:22:a8:dd:c8:55:82:2b:ad:ee:ff:
52:bf:23:59:94:2c:8b:04:69:cd:c6:21:4b:01:29:8a:c6:56:
2a:33:af:d4:db:bb:13:8e:83:85:e3:ab:37:77:3a:4c:40:9b:
16:38:12:a1:86:a6:70:11:76:da:0a:aa:fc:6c:fa:dd:32:93:
cc:31:f8:2b:db:73:f3:e9:42:5f:a8:b3:a4:93:00:bd:81:39:
7c:69:21:34:a2:12:2e:79:aa:cf:e2:64:6f:c8:25:e1:47:d8:
8a:42:d1:50:b7:d6:df:a1:78:65:1f:da:fd:94:92:99:d3:1c:
83:ad:54:54:0a:50:59:4c:27:01:02:15:16:ca:8c:2d:d8:84:
11:f3:42:22:e8:52:dd:69:37:d6:88:b4:56:dc:58:20:7b:13:
bb:9a:d5:3d:6f:94:b0:be:36:ef:bc:85:fc:1e:e6:65:93:cb:
91:74:a7:33:b1:1f:f8:9e:fd:7e:61:97:80:31:93:bf:ac:7a:
1a:cf:11:32:b7:c1:fe:61:75:26:99:dc:01:fd:86:44:f8:99:
01:df:e5:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQTepwbwE119z2F3RnaMY93MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMTVkZDBiYTExZmRhZjc0ZDUzYjk1NmZjMWM4NDZhN2Uy
ZjYxZmUwHhcNMjIxMDI2MDg0ODMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTMyMDAwZWJiYjdiMDIzNGE2MDJkZjYxZWI5ZDdmNTM4ZTM0YjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgvKp5lPHAUXU0K+GeXHi4rZLh8el
4ZCu2MN8SLXnCt9Ez5RPTTO4Mn7H2erNeLxWb4O81mP+vBZERYShcCD5JDgAwfge
4x5uqw+ZiLvrFpfcOzbG8U7TBCUUj9eYDNdlpEdpHCkakI+CIZR8A37Kqk/EfLCf
NFgJK1fS+1U/icMT5XC2GIItFWKIcNN7mJn8iTqBldNTlJ9rQuOgBjWBFT2raIPe
YzV9aPomiy6Cz5/j5inuqwJ1n+5LxA+eG9QqsWZBRlpCyNpFMZhV2lblJRuKjCxd
GanJzT5jVJ6R5sOpRpCdkyNgzpjJdl6ByyvVEhKK7JfaHqzGoHviZ50FBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLoyAA67t7AjSmAt9h651/U440ubMB8GA1UdIwQY
MBaAFGMV3QuhH9r3TVO5VvwchGp+L2H+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXhYZEM2RWYydmROVTdsV19CeUVhbjR2WWY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9kYWNiOTItZmY3MC00OWZlLWI0Yjgt
ODk4OWI0Y2FhMjA2LzEvdWpJQURydTNzQ05LWUMzMkhyblg5VGpqUzVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9kYWNiOTItZmY3MC00OWZlLWI0YjgtODk4OWI0Y2FhMjA2
LzEvWXhYZEM2RWYydmROVTdsV19CeUVhbjR2WWY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWQcMA0G
CSqGSIb3DQEBCwUAA4IBAQBvAdWynxOAlYm+Ov4yYM/UeoRc6v1rQnEggAt0s0Kq
L9akmhYvm2m5OsE+iyKo3chVgiut7v9SvyNZlCyLBGnNxiFLASmKxlYqM6/U27sT
joOF46s3dzpMQJsWOBKhhqZwEXbaCqr8bPrdMpPMMfgr23Pz6UJfqLOkkwC9gTl8
aSE0ohIuearP4mRvyCXhR9iKQtFQt9bfoXhlH9r9lJKZ0xyDrVRUClBZTCcBAhUW
yowt2IQR80Ii6FLdaTfWiLRW3FggexO7mtU9b5SwvjbvvIX8HuZlk8uRdKczsR/4
nv1+YZeAMZO/rHoazxEyt8H+YXUmmdwB/YZE+JkB3+Vg
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:49 2024 by rpki-client on console-fra.rpki-client.org