Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/2c0d80-3937-4455-b9cf-2b4a3538c5e3/1/UafXrpUEkPR-avif7C1RAT9AzK8.roa
File: UafXrpUEkPR-avif7C1RAT9AzK8.roa (raw, json)
Hash identifier: SJwoIFM+vr1qOUjnhYcVS2xeZZq5vpIxoZyD0kxTp9I=
Subject key identifier: 51:A7:D7:AE:95:04:90:F4:7E:6A:F8:9F:EC:2D:51:01:3F:40:CC:AF
Certificate issuer: /CN=f8dd7ae12d2a37f21aac6f81b6af67d6617ca28e
Certificate serial: 01836A275E57006DD79E2F880A09EBC486B0
Authority key identifier: F8:DD:7A:E1:2D:2A:37:F2:1A:AC:6F:81:B6:AF:67:D6:61:7C:A2:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-N164S0qN_IarG-Btq9n1mF8oo4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/2c0d80-3937-4455-b9cf-2b4a3538c5e3/1/UafXrpUEkPR-avif7C1RAT9AzK8.roa
Signing time: Fri 23 Sep 2022 11:41:48 +0000
ROA not before: Fri 23 Sep 2022 11:41:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60781
IP address blocks: 185.145.60.0/22 maxlen: 22
195.93.238.0/23 maxlen: 23
91.199.58.0/24 maxlen: 24
87.236.96.0/21 maxlen: 21
2a02:cc8::/32 maxlen: 32
2a02:cc9::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:6a:27:5e:57:00:6d:d7:9e:2f:88:0a:09:eb:c4:86:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8dd7ae12d2a37f21aac6f81b6af67d6617ca28e
Validity
Not Before: Sep 23 11:41:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=51a7d7ae950490f47e6af89fec2d51013f40ccaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:27:29:de:04:86:92:22:09:da:fd:34:d8:45:
b4:3c:a9:9d:1b:7c:ff:55:dd:f9:89:78:58:d4:d3:
b7:17:4e:04:0a:1d:d4:a2:3b:a5:4b:39:ed:fd:4e:
9e:c7:50:61:00:4b:3c:79:c3:83:1f:39:67:0c:78:
7e:6a:a3:fe:f5:71:c5:30:dd:a6:a4:7b:4c:fe:ab:
2a:cc:63:06:69:04:25:df:cb:8a:cc:8b:df:26:61:
6b:35:ec:47:3f:9b:a1:9c:27:2e:01:c7:cb:79:13:
ae:aa:d0:42:f9:c2:42:7b:a6:02:d8:8c:e9:6d:53:
26:d1:3f:33:d4:cc:4f:3e:0d:94:12:42:af:b3:7a:
d8:51:b0:19:dd:af:de:4f:7f:eb:d1:e2:2e:46:bf:
53:68:70:14:ef:72:46:76:2e:26:38:a1:de:85:f4:
39:d9:37:16:b1:1b:39:ce:4d:4c:15:02:6c:c3:02:
05:6c:12:46:23:4d:f5:19:1b:c1:15:c0:84:76:cf:
e8:40:59:67:c5:41:f5:5e:6e:a2:5e:39:25:d6:9f:
89:07:d6:9e:7d:e0:96:9a:40:6e:f1:5b:15:c5:0d:
24:98:9e:36:51:d7:ca:3f:01:d9:93:0b:84:05:8a:
3a:f3:73:57:34:c7:67:f7:eb:4c:1c:65:4c:57:b0:
bd:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:A7:D7:AE:95:04:90:F4:7E:6A:F8:9F:EC:2D:51:01:3F:40:CC:AF
X509v3 Authority Key Identifier:
keyid:F8:DD:7A:E1:2D:2A:37:F2:1A:AC:6F:81:B6:AF:67:D6:61:7C:A2:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-N164S0qN_IarG-Btq9n1mF8oo4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/2c0d80-3937-4455-b9cf-2b4a3538c5e3/1/UafXrpUEkPR-avif7C1RAT9AzK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/2c0d80-3937-4455-b9cf-2b4a3538c5e3/1/1-N164S0qN_IarG-Btq9n1mF8oo4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.236.96.0/21
91.199.58.0/24
185.145.60.0/22
195.93.238.0/23
IPv6:
2a02:cc8::/31
Signature Algorithm: sha256WithRSAEncryption
ad:70:0c:eb:35:90:2a:e1:52:0c:68:37:0c:68:99:61:f7:bb:
29:83:bb:1c:e1:86:02:63:f1:a8:be:e3:7a:0f:22:d1:19:0a:
23:f1:62:b0:ec:6a:79:a2:d0:4d:4d:d9:5b:5b:41:ec:4e:26:
a9:22:1a:c6:56:79:28:c9:17:eb:8a:50:e7:cc:df:3c:2d:be:
36:e6:4f:c3:cf:55:65:63:1a:e9:87:17:99:55:18:0f:e8:3f:
31:ea:94:8b:cc:4a:c5:f9:53:64:4e:57:3a:ae:00:ca:c9:ca:
05:74:8a:34:03:24:24:e0:e5:e8:32:8e:88:a2:7c:e6:b1:fd:
63:72:0f:e2:71:2d:db:52:c5:2d:d6:45:80:8b:0e:12:e0:f4:
78:75:7d:af:da:d4:74:2d:74:5d:5f:76:69:90:1f:ca:e9:be:
48:34:56:d1:be:b6:a4:83:bd:60:6c:85:5b:5d:69:27:b9:ea:
6b:90:5a:e2:f7:b4:37:91:e6:42:fe:b2:f7:3b:85:80:b2:85:
ff:43:00:9a:08:c7:ab:51:de:93:1a:92:cc:2d:67:33:64:c3:
48:ca:8a:d1:23:8b:99:31:bc:ba:1d:2a:3b:a0:64:72:74:bc:
68:de:eb:7a:6b:b4:27:d2:7f:fc:00:1b:7d:e2:59:cd:3d:b3:
2a:be:50:51
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYNqJ15XAG3Xni+ICgnrxIawMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZGQ3YWUxMmQyYTM3ZjIxYWFjNmY4MWI2YWY2N2Q2NjE3
Y2EyOGUwHhcNMjIwOTIzMTE0MTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWE3ZDdhZTk1MDQ5MGY0N2U2YWY4OWZlYzJkNTEwMTNmNDBjY2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtScp3gSGkiIJ2v002EW0PKmdG3z/
Vd35iXhY1NO3F04ECh3UojulSznt/U6ex1BhAEs8ecODHzlnDHh+aqP+9XHFMN2m
pHtM/qsqzGMGaQQl38uKzIvfJmFrNexHP5uhnCcuAcfLeROuqtBC+cJCe6YC2Izp
bVMm0T8z1MxPPg2UEkKvs3rYUbAZ3a/eT3/r0eIuRr9TaHAU73JGdi4mOKHehfQ5
2TcWsRs5zk1MFQJswwIFbBJGI031GRvBFcCEds/oQFlnxUH1Xm6iXjkl1p+JB9ae
feCWmkBu8VsVxQ0kmJ42UdfKPwHZkwuEBYo683NXNMdn9+tMHGVMV7C9ZQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFFGn166VBJD0fmr4n+wtUQE/QMyvMB8GA1UdIwQY
MBaAFPjdeuEtKjfyGqxvgbavZ9ZhfKKOMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1OMTY0UzBxTl9JYXJHLUJ0cTluMW1GOG9vNC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDYvMmMwZDgwLTM5MzctNDQ1NS1iOWNm
LTJiNGEzNTM4YzVlMy8xL1VhZlhycFVFa1BSLWF2aWY3QzFSQVQ5QXpLOC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDYvMmMwZDgwLTM5MzctNDQ1NS1iOWNmLTJiNGEzNTM4YzVl
My8xLzEtTjE2NFMwcU5fSWFyRy1CdHE5bjFtRjhvbzQuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQAYIKwYBBQUHAQcBAf8EMTAvMB4EAgABMBgDBANX7GAD
BABbxzoDBAK5kTwDBAHDXe4wDQQCAAIwBwMFASoCDMgwDQYJKoZIhvcNAQELBQAD
ggEBAK1wDOs1kCrhUgxoNwxomWH3uymDuxzhhgJj8ai+43oPItEZCiPxYrDsanmi
0E1N2VtbQexOJqkiGsZWeSjJF+uKUOfM3zwtvjbmT8PPVWVjGumHF5lVGA/oPzHq
lIvMSsX5U2ROVzquAMrJygV0ijQDJCTg5egyjoiifOax/WNyD+JxLdtSxS3WRYCL
DhLg9Hh1fa/a1HQtdF1fdmmQH8rpvkg0VtG+tqSDvWBshVtdaSe56muQWuL3tDeR
5kL+svc7hYCyhf9DAJoIx6tR3pMakswtZzNkw0jKitEji5kxvLodKjugZHJ0vGje
63prtCfSf/wAG33iWc09syq+UFE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:02 2023 by rpki-client on console-fra.rpki-client.org