Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/aed381-45cc-44bc-a5c3-fe7963bec7d3/1/uQmr7ggxurH2IVb4vUgZEOeM2oM.roa
File: uQmr7ggxurH2IVb4vUgZEOeM2oM.roa (raw, json)
Hash identifier: nHQcOelQCHPBXtimxxZ0XpIM6cm/BV4wWCI2WvFBbfQ=
Subject key identifier: B9:09:AB:EE:08:31:BA:B1:F6:21:56:F8:BD:48:19:10:E7:8C:DA:83
Certificate issuer: /CN=f779f5f0288985abde09827e03d787a52149e7ec
Certificate serial: 018314AE2F7507D8C17115C663D1CB8B475B
Authority key identifier: F7:79:F5:F0:28:89:85:AB:DE:09:82:7E:03:D7:87:A5:21:49:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/93n18CiJhaveCYJ-A9eHpSFJ5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/aed381-45cc-44bc-a5c3-fe7963bec7d3/1/uQmr7ggxurH2IVb4vUgZEOeM2oM.roa
Signing time: Tue 06 Sep 2022 21:21:43 +0000
ROA not before: Tue 06 Sep 2022 21:21:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29467
IP address blocks: 178.251.160.0/21 maxlen: 24
185.97.244.0/22 maxlen: 22
185.4.124.0/22 maxlen: 22
5.149.112.0/21 maxlen: 24
2a03:2f00::/32 maxlen: 32
2a02:70c0::/32 maxlen: 32
2a03:92e0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:14:ae:2f:75:07:d8:c1:71:15:c6:63:d1:cb:8b:47:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f779f5f0288985abde09827e03d787a52149e7ec
Validity
Not Before: Sep 6 21:21:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b909abee0831bab1f62156f8bd481910e78cda83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:a5:59:bc:f0:ec:74:78:5b:98:85:8e:7a:61:
98:2f:41:bc:dd:30:f2:c2:40:f8:95:2f:4b:6d:f1:
af:85:65:b7:23:d7:23:2a:32:ff:a5:eb:7b:1a:e2:
d0:1a:f9:43:94:b3:2b:1f:16:ed:ee:47:2d:1e:3d:
bf:e9:ce:d0:7e:dc:f9:d1:69:90:b0:be:6d:d7:5b:
29:8e:59:62:24:0c:17:5d:dd:e9:a0:9b:30:56:ad:
0d:be:c4:c9:9c:f1:1b:81:f7:bc:e7:e3:07:83:b1:
b7:27:ef:09:8a:a7:5d:0e:69:5d:16:d9:46:0d:b2:
a1:30:da:a2:0a:5a:30:49:df:44:8d:91:af:00:4e:
ab:a5:76:0a:9b:c4:85:23:59:7c:02:cc:92:8f:f9:
5b:8a:e7:1f:55:0a:a6:50:2b:09:f7:8b:5e:16:85:
a9:61:76:ef:3e:08:e3:b9:b7:e4:7b:6d:30:7f:d7:
d0:89:d0:29:95:e6:a9:fe:8d:d4:d8:c8:99:0a:f9:
ed:f7:6f:80:61:3b:62:fe:40:26:60:24:9c:27:1d:
55:78:83:85:45:38:a0:08:2f:60:a6:ed:61:74:be:
b0:b5:ca:cd:05:69:d9:db:b8:a3:a4:57:49:19:95:
cc:d0:ae:70:02:61:b1:14:30:24:ec:54:bd:b9:a1:
c5:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:09:AB:EE:08:31:BA:B1:F6:21:56:F8:BD:48:19:10:E7:8C:DA:83
X509v3 Authority Key Identifier:
keyid:F7:79:F5:F0:28:89:85:AB:DE:09:82:7E:03:D7:87:A5:21:49:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/93n18CiJhaveCYJ-A9eHpSFJ5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/aed381-45cc-44bc-a5c3-fe7963bec7d3/1/uQmr7ggxurH2IVb4vUgZEOeM2oM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/aed381-45cc-44bc-a5c3-fe7963bec7d3/1/93n18CiJhaveCYJ-A9eHpSFJ5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.112.0/21
178.251.160.0/21
185.4.124.0/22
185.97.244.0/22
IPv6:
2a02:70c0::/32
2a03:2f00::/32
2a03:92e0::/32
Signature Algorithm: sha256WithRSAEncryption
bf:8a:49:3f:20:4a:56:56:a8:6f:1e:89:58:3f:a8:61:0e:0e:
a3:d5:97:61:8b:5f:5f:1f:fd:d0:c9:e7:b8:6f:ba:6c:69:59:
51:77:14:7a:d3:29:4c:6c:8a:e8:58:70:f5:a6:a0:2a:e7:fd:
7d:15:e9:da:87:be:dd:6c:49:94:46:88:91:4b:b4:db:9a:59:
74:ef:ac:2f:50:52:06:94:93:d7:52:5c:20:88:e6:a1:a2:e4:
be:ce:9a:2e:dc:71:0a:0c:03:3c:04:43:61:c1:e7:97:36:04:
e9:e9:c2:85:08:ae:35:c9:44:9b:36:b6:d5:9b:d5:4d:6f:d9:
c7:37:f7:20:89:71:cf:0c:4c:e0:d2:cb:68:a7:09:bc:3a:6f:
01:a7:60:99:7c:5c:41:65:ce:44:6d:a6:c5:69:4c:01:58:a0:
93:46:41:31:17:8a:63:ad:39:b6:dc:93:2e:80:5e:cd:ba:e9:
4c:08:04:cf:85:96:81:aa:85:cc:45:75:3c:cd:d2:6f:98:72:
26:ee:50:40:11:b6:37:db:d9:15:be:6a:3e:0f:46:43:91:3c:
10:5f:16:67:64:e7:6a:9d:78:ea:09:d7:46:e6:e8:69:41:2a:
a2:d8:b5:65:92:58:75:77:31:ed:a0:5a:0e:9a:0f:df:3e:04:
25:7f:86:e7
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYMUri91B9jBcRXGY9HLi0dbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NzlmNWYwMjg4OTg1YWJkZTA5ODI3ZTAzZDc4N2E1MjE0
OWU3ZWMwHhcNMjIwOTA2MjEyMTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTA5YWJlZTA4MzFiYWIxZjYyMTU2ZjhiZDQ4MTkxMGU3OGNkYTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKVZvPDsdHhbmIWOemGYL0G83TDy
wkD4lS9LbfGvhWW3I9cjKjL/pet7GuLQGvlDlLMrHxbt7kctHj2/6c7Qftz50WmQ
sL5t11spjlliJAwXXd3poJswVq0NvsTJnPEbgfe85+MHg7G3J+8JiqddDmldFtlG
DbKhMNqiClowSd9EjZGvAE6rpXYKm8SFI1l8AsySj/lbiucfVQqmUCsJ94teFoWp
YXbvPgjjubfke20wf9fQidApleap/o3U2MiZCvnt92+AYTti/kAmYCScJx1VeIOF
RTigCC9gpu1hdL6wtcrNBWnZ27ijpFdJGZXM0K5wAmGxFDAk7FS9uaHFJQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFLkJq+4IMbqx9iFW+L1IGRDnjNqDMB8GA1UdIwQY
MBaAFPd59fAoiYWr3gmCfgPXh6UhSefsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTNuMThDaUpoYXZlQ1lKLUE5ZUhwU0ZKNS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9hZWQzODEtNDVjYy00NGJjLWE1YzMt
ZmU3OTYzYmVjN2QzLzEvdVFtcjdnZ3h1ckgySVZiNHZVZ1pFT2VNMm9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9hZWQzODEtNDVjYy00NGJjLWE1YzMtZmU3OTYzYmVjN2Qz
LzEvOTNuMThDaUpoYXZlQ1lKLUE5ZUhwU0ZKNS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAeBAIAATAYAwQDBZVwAwQD
svugAwQCuQR8AwQCuWH0MBsEAgACMBUDBQAqAnDAAwUAKgMvAAMFACoDkuAwDQYJ
KoZIhvcNAQELBQADggEBAL+KST8gSlZWqG8eiVg/qGEODqPVl2GLX18f/dDJ57hv
umxpWVF3FHrTKUxsiuhYcPWmoCrn/X0V6dqHvt1sSZRGiJFLtNuaWXTvrC9QUgaU
k9dSXCCI5qGi5L7Omi7ccQoMAzwEQ2HB55c2BOnpwoUIrjXJRJs2ttWb1U1v2cc3
9yCJcc8MTODSy2inCbw6bwGnYJl8XEFlzkRtpsVpTAFYoJNGQTEXimOtObbcky6A
Xs266UwIBM+FloGqhcxFdTzN0m+YcibuUEARtjfb2RW+aj4PRkORPBBfFmdk52qd
eOoJ10bm6GlBKqLYtWWSWHV3Me2gWg6aD98+BCV/huc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:45 2023 by rpki-client on console-ams.rpki-client.org