Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/ubDrhAW91aCZNDYV5_7UCeb5Q-c.roa
File: ubDrhAW91aCZNDYV5_7UCeb5Q-c.roa (raw, json)
Hash identifier: m4l9lSAiDjesv86qm19xOzl0QF+4wB8sJ+9SeeL3n2Q=
Subject key identifier: B9:B0:EB:84:05:BD:D5:A0:99:34:36:15:E7:FE:D4:09:E6:F9:43:E7
Certificate issuer: /CN=624ad4535ac88dd534199f2a726095af71afe44e
Certificate serial: 018BA60B9B9A3F7863505243B83B02065EA2
Authority key identifier: 62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/ubDrhAW91aCZNDYV5_7UCeb5Q-c.roa
Signing time: Mon 06 Nov 2023 19:11:00 +0000
ROA not before: Mon 06 Nov 2023 19:11:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197706
IP address blocks: 185.233.124.0/24 maxlen: 24
185.233.125.0/24 maxlen: 24
185.233.127.0/24 maxlen: 24
185.233.126.0/24 maxlen: 24
185.53.100.0/22 maxlen: 24
31.171.152.0/21 maxlen: 21
31.171.152.0/22 maxlen: 22
31.171.159.0/24 maxlen: 24
31.171.158.0/24 maxlen: 24
31.171.156.0/24 maxlen: 24
31.171.157.0/24 maxlen: 24
45.66.252.0/22 maxlen: 22
109.74.31.0/24 maxlen: 24
109.74.29.0/24 maxlen: 24
109.74.30.0/24 maxlen: 24
109.74.28.0/24 maxlen: 24
109.104.135.0/24 maxlen: 24
109.104.134.0/24 maxlen: 24
109.104.138.0/24 maxlen: 24
109.104.139.0/24 maxlen: 24
109.104.136.0/24 maxlen: 24
109.104.137.0/24 maxlen: 24
109.104.143.0/24 maxlen: 24
109.104.140.0/22 maxlen: 22
109.104.142.0/24 maxlen: 24
109.104.140.0/24 maxlen: 24
109.104.141.0/24 maxlen: 24
109.104.159.0/24 maxlen: 24
109.104.156.0/24 maxlen: 24
45.142.26.0/24 maxlen: 24
45.142.27.0/24 maxlen: 24
45.142.25.0/24 maxlen: 24
194.113.80.0/23 maxlen: 23
194.113.94.0/24 maxlen: 24
194.113.95.0/24 maxlen: 24
45.142.24.0/24 maxlen: 24
2a0d:4a40::/29 maxlen: 29
2a0e:d4c0::/29 maxlen: 64
2a09:6e47::/48 maxlen: 48
2a04:27c0::/29 maxlen: 29
2a0d:42c0::/29 maxlen: 29
2a09:6e40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a6:0b:9b:9a:3f:78:63:50:52:43:b8:3b:02:06:5e:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=624ad4535ac88dd534199f2a726095af71afe44e
Validity
Not Before: Nov 6 19:11:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b9b0eb8405bdd5a099343615e7fed409e6f943e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:54:1d:42:7a:1b:f3:9c:c4:b8:bf:e8:96:fb:
ac:60:6c:ac:b4:41:76:32:36:2c:ab:96:0c:b2:01:
b2:ef:a5:5d:26:da:8b:23:40:f1:0c:7f:e1:9f:5c:
d8:52:be:87:f2:75:d1:8b:ec:95:b5:d8:cb:39:a0:
25:02:29:ad:a7:d7:1d:a7:2e:7d:17:1e:5e:8d:9a:
71:85:1e:5f:5a:eb:75:e7:2f:a6:da:58:6b:48:e5:
96:e3:53:bb:7d:a9:a1:de:8c:38:e4:dc:80:99:32:
70:67:4c:01:25:19:a7:49:53:e0:66:d2:56:89:ad:
bc:8b:35:af:2a:ae:3b:24:00:e2:70:cc:41:c0:85:
73:00:69:f6:b9:62:0f:df:19:a9:b4:4e:0d:76:cd:
fc:ff:88:c7:ce:1b:65:cc:7a:b7:b8:b4:d1:92:ee:
71:e6:e3:ca:e8:2b:2d:9c:74:f1:e2:0d:e7:6c:41:
78:57:e1:08:28:ab:34:57:0d:79:3f:77:a9:be:70:
24:be:60:43:a0:49:e4:23:48:2c:1d:94:d1:f8:7f:
fd:44:d4:97:27:57:2f:7e:71:52:33:bf:c7:22:f7:
9f:a7:b0:b4:16:ff:7b:f3:0d:79:48:98:e2:4c:e0:
1c:fa:59:be:26:aa:e7:57:36:ec:b9:af:78:32:70:
77:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:B0:EB:84:05:BD:D5:A0:99:34:36:15:E7:FE:D4:09:E6:F9:43:E7
X509v3 Authority Key Identifier:
keyid:62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/ubDrhAW91aCZNDYV5_7UCeb5Q-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.152.0/21
45.66.252.0/22
45.142.24.0/22
109.74.28.0/22
109.104.134.0-109.104.143.255
109.104.156.0/24
109.104.159.0/24
185.53.100.0/22
185.233.124.0/22
194.113.80.0/23
194.113.94.0/23
IPv6:
2a04:27c0::/29
2a09:6e40::/29
2a0d:42c0::/29
2a0d:4a40::/29
2a0e:d4c0::/29
Signature Algorithm: sha256WithRSAEncryption
47:09:c2:b6:c1:5a:63:cb:cb:51:45:8e:9b:32:16:68:f8:4b:
48:28:3d:5f:d4:14:5f:04:d4:61:35:81:ab:51:58:c4:6b:f8:
6d:05:b5:49:cc:9d:59:c4:ce:90:00:b3:93:57:02:b4:39:1b:
43:93:0a:4c:d3:c3:86:3b:70:70:9b:d5:ca:0a:9f:53:fe:52:
7a:26:37:92:b2:fe:65:35:3f:fa:bf:25:7e:56:13:8c:e4:6c:
bc:eb:28:f1:8d:56:45:04:6e:ad:29:58:50:b3:b4:43:5a:84:
2b:79:3d:c7:47:ef:db:ec:b4:c8:4a:67:f3:84:ed:86:6f:bd:
b2:13:62:23:a7:a2:9b:0c:12:7a:30:04:61:27:ce:78:ed:5d:
6a:38:f3:cd:eb:46:a6:e2:09:8b:3a:1a:54:a6:91:71:ef:47:
0f:33:df:18:f5:47:d8:0e:51:19:70:1d:53:f2:3f:cc:05:94:
49:de:ea:63:fe:a0:9e:61:e0:e7:95:d5:30:1c:d7:8c:86:98:
1f:bf:b7:82:b4:be:c0:5b:0c:d2:c2:a4:b2:99:54:6b:5d:21:
88:d3:c6:f2:51:04:0d:d5:70:c9:d2:de:cc:57:e2:f5:9b:39:
b7:f4:5b:72:de:91:f5:a0:47:a8:fa:93:ab:6e:e9:5b:16:45:
17:cf:d9:d8
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAYumC5uaP3hjUFJDuDsCBl6iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNGFkNDUzNWFjODhkZDUzNDE5OWYyYTcyNjA5NWFmNzFh
ZmU0NGUwHhcNMjMxMTA2MTkxMTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWIwZWI4NDA1YmRkNWEwOTkzNDM2MTVlN2ZlZDQwOWU2Zjk0M2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlQdQnob85zEuL/olvusYGystEF2
MjYsq5YMsgGy76VdJtqLI0DxDH/hn1zYUr6H8nXRi+yVtdjLOaAlAimtp9cdpy59
Fx5ejZpxhR5fWut15y+m2lhrSOWW41O7famh3ow45NyAmTJwZ0wBJRmnSVPgZtJW
ia28izWvKq47JADicMxBwIVzAGn2uWIP3xmptE4Nds38/4jHzhtlzHq3uLTRku5x
5uPK6CstnHTx4g3nbEF4V+EIKKs0Vw15P3epvnAkvmBDoEnkI0gsHZTR+H/9RNSX
J1cvfnFSM7/HIvefp7C0Fv978w15SJjiTOAc+lm+JqrnVzbsua94MnB3JwIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFLmw64QFvdWgmTQ2Fef+1Anm+UPnMB8GA1UdIwQY
MBaAFGJK1FNayI3VNBmfKnJgla9xr+ROMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTct
ZmI1OTQ5ODA4ZGRjLzEvdWJEcmhBVzkxYUNaTkRZVjVfN1VDZWI1US1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTctZmI1OTQ5ODA4ZGRj
LzEvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wUAQCAAEwSgMEAx+rmAME
Ai1C/AMEAi2OGAMEAm1KHDAMAwQBbWiGAwQEbWiAAwQAbWicAwQAbWifAwQCuTVk
AwQCuel8AwQBwnFQAwQBwnFeMCkEAgACMCMDBQMqBCfAAwUDKgluQAMFAyoNQsAD
BQMqDUpAAwUDKg7UwDANBgkqhkiG9w0BAQsFAAOCAQEARwnCtsFaY8vLUUWOmzIW
aPhLSCg9X9QUXwTUYTWBq1FYxGv4bQW1ScydWcTOkACzk1cCtDkbQ5MKTNPDhjtw
cJvVygqfU/5SeiY3krL+ZTU/+r8lflYTjORsvOso8Y1WRQRurSlYULO0Q1qEK3k9
x0fv2+y0yEpn84Tthm+9shNiI6eimwwSejAEYSfOeO1dajjzzetGpuIJizoaVKaR
ce9HDzPfGPVH2A5RGXAdU/I/zAWUSd7qY/6gnmHg55XVMBzXjIaYH7+3grS+wFsM
0sKksplUa10hiNPG8lEEDdVwydLezFfi9Zs5t/Rbct6R9aBHqPqTq27pWxZFF8/Z
2A==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:30:15 2025 by rpki-client