Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ueztw8dFF5JpipIRcJebWofCJ3c.roa
File: ueztw8dFF5JpipIRcJebWofCJ3c.roa (raw, json)
Hash identifier: DqFyELHaccmi5y+Hq+plV5CaT5NYLysa40GxKZB8Swk=
Subject key identifier: B9:EC:ED:C3:C7:45:17:92:69:8A:92:11:70:97:9B:5A:87:C2:27:77
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0182B65BA807DB4D66D90DC1863177E5A018
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ueztw8dFF5JpipIRcJebWofCJ3c.roa
Signing time: Fri 19 Aug 2022 13:47:16 +0000
ROA not before: Fri 19 Aug 2022 13:47:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 393398
IP address blocks: 81.161.237.0/24 maxlen: 24
193.58.122.0/24 maxlen: 24
193.58.123.0/24 maxlen: 24
193.58.121.0/24 maxlen: 24
193.42.33.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:b6:5b:a8:07:db:4d:66:d9:0d:c1:86:31:77:e5:a0:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 19 13:47:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b9ecedc3c7451792698a921170979b5a87c22777
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:0f:e8:f6:a3:61:74:ab:6c:b0:6f:6e:c6:e6:
c5:9e:91:d1:0d:0c:ae:2f:af:bd:4b:89:f4:b5:e5:
55:1e:11:3f:0d:ad:76:15:35:67:c0:c8:b9:82:dd:
66:80:a5:d7:8c:5e:98:f1:c6:c7:1c:66:23:b7:b3:
62:ae:6a:8c:94:e2:8c:db:79:a4:49:4f:95:33:4b:
a5:f3:f0:f5:36:f8:04:c1:d1:08:85:12:6c:b5:45:
66:e8:a8:77:25:65:cb:8e:fa:14:c7:fa:ec:6e:7b:
9e:06:d3:d6:09:7a:96:23:8d:5a:93:c9:8c:fc:22:
26:31:a8:15:ce:58:c4:90:ee:2e:82:dc:77:cc:96:
5a:83:1f:11:f4:3c:3a:7e:15:89:94:a3:1d:4a:7a:
a9:c4:ba:f1:a3:ed:b4:3b:a5:fc:72:05:7a:3d:21:
77:d5:cf:5e:96:92:7b:e6:61:b7:3e:3d:58:75:c5:
c5:f7:2b:1e:51:db:55:49:44:2e:da:4c:6f:92:24:
ca:ce:b2:bc:0a:68:8f:f4:dc:ad:38:0f:62:df:a1:
0e:2b:45:f7:28:97:06:a2:fb:0d:25:5f:06:4b:94:
61:a2:b2:db:df:9a:ac:19:13:86:89:b7:b7:e9:33:
41:41:54:78:a9:2a:b2:fa:67:9a:0b:33:a4:e0:b3:
32:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:EC:ED:C3:C7:45:17:92:69:8A:92:11:70:97:9B:5A:87:C2:27:77
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ueztw8dFF5JpipIRcJebWofCJ3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.237.0/24
193.42.33.0/24
193.58.121.0-193.58.123.255
Signature Algorithm: sha256WithRSAEncryption
42:b5:11:6a:69:cd:a1:97:bb:5b:41:43:68:64:28:25:40:7f:
3a:c2:89:92:67:55:66:51:3a:8a:28:d1:74:e8:21:72:b2:86:
6a:2b:91:f1:b6:92:7b:ed:b3:e9:ba:1d:3d:e1:27:1a:f1:d9:
ca:5a:fd:0f:03:75:12:2b:6b:a2:59:07:2d:c3:f5:05:38:97:
11:7f:58:55:c1:7b:23:25:11:ac:6b:72:a5:1e:1a:12:ec:6b:
c3:06:27:fa:43:b2:ef:cc:a4:33:6d:09:48:d5:a6:2b:0a:f1:
3e:62:4c:c8:0c:82:f4:fd:de:c6:09:44:13:af:1a:1d:41:84:
d1:0e:57:e7:61:d1:cd:53:28:eb:8e:d4:09:4a:34:8e:dd:49:
c2:cb:6d:2b:e9:08:0e:88:9d:d9:dd:7a:91:0f:16:ec:5f:8c:
81:e4:f1:87:22:cb:a4:7a:d2:76:5e:ba:b1:96:da:04:cc:c4:
50:a9:b5:97:00:a0:3b:cd:ea:12:3c:7d:ac:96:30:be:ca:27:
3e:16:96:d1:fc:ff:38:e4:6b:29:8e:a8:35:64:d7:29:ff:f8:
96:e8:39:37:fa:65:f6:28:c1:47:6b:08:b4:d8:c0:7f:65:c5:
e8:d4:34:d0:7a:20:2a:4d:80:5b:4f:e1:7e:ec:2a:93:df:bd:
40:f1:5d:98
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYK2W6gH201m2Q3BhjF35aAYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIwODE5MTM0NzE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWVjZWRjM2M3NDUxNzkyNjk4YTkyMTE3MDk3OWI1YTg3YzIyNzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqA/o9qNhdKtssG9uxubFnpHRDQyu
L6+9S4n0teVVHhE/Da12FTVnwMi5gt1mgKXXjF6Y8cbHHGYjt7NirmqMlOKM23mk
SU+VM0ul8/D1NvgEwdEIhRJstUVm6Kh3JWXLjvoUx/rsbnueBtPWCXqWI41ak8mM
/CImMagVzljEkO4ugtx3zJZagx8R9Dw6fhWJlKMdSnqpxLrxo+20O6X8cgV6PSF3
1c9elpJ75mG3Pj1YdcXF9yseUdtVSUQu2kxvkiTKzrK8CmiP9NytOA9i36EOK0X3
KJcGovsNJV8GS5RhorLb35qsGROGibe36TNBQVR4qSqy+meaCzOk4LMyDQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLns7cPHRReSaYqSEXCXm1qHwid3MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdWV6dHc4ZEZGNUpwaXBJUmNKZWJXb2ZDSjNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAUaHtAwQA
wSohMAwDBADBOnkDBALBOngwDQYJKoZIhvcNAQELBQADggEBAEK1EWppzaGXu1tB
Q2hkKCVAfzrCiZJnVWZROooo0XToIXKyhmorkfG2knvts+m6HT3hJxrx2cpa/Q8D
dRIra6JZBy3D9QU4lxF/WFXBeyMlEaxrcqUeGhLsa8MGJ/pDsu/MpDNtCUjVpisK
8T5iTMgMgvT93sYJRBOvGh1BhNEOV+dh0c1TKOuO1AlKNI7dScLLbSvpCA6Indnd
epEPFuxfjIHk8Yciy6R60nZeurGW2gTMxFCptZcAoDvN6hI8fayWML7KJz4WltH8
/zjkaymOqDVk1yn/+JboOTf6ZfYowUdrCLTYwH9lxejUNNB6ICpNgFtP4X7sKpPf
vUDxXZg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:43 2023 by rpki-client on console-ams.rpki-client.org