Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/011ef2-7012-4a6e-8a1c-0e0e137e5591/1/uBQ78Q9-z83DoBFaNqTP6YnOf0M.roa
File: uBQ78Q9-z83DoBFaNqTP6YnOf0M.roa (raw, json)
Hash identifier: xFGkWtDyHtMC9c0NI7uU2MlD+AqdaQzzZ6sAvzHpkDI=
Subject key identifier: B8:14:3B:F1:0F:7E:CF:CD:C3:A0:11:5A:36:A4:CF:E9:89:CE:7F:43
Certificate issuer: /CN=e520446f79ffc2d7c3a9ef340ce9de25723a719a
Certificate serial: 018337512CD2FD6DF3B89AB215E4A7A8C655
Authority key identifier: E5:20:44:6F:79:FF:C2:D7:C3:A9:EF:34:0C:E9:DE:25:72:3A:71:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5SBEb3n_wtfDqe80DOneJXI6cZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/011ef2-7012-4a6e-8a1c-0e0e137e5591/1/uBQ78Q9-z83DoBFaNqTP6YnOf0M.roa
Signing time: Tue 13 Sep 2022 14:46:50 +0000
ROA not before: Tue 13 Sep 2022 14:46:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35539
IP address blocks: 46.160.224.0/21 maxlen: 21
95.131.208.0/21 maxlen: 21
93.95.160.0/21 maxlen: 21
46.160.232.0/21 maxlen: 21
46.160.240.0/21 maxlen: 21
93.123.128.0/17 maxlen: 17
46.160.248.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:37:51:2c:d2:fd:6d:f3:b8:9a:b2:15:e4:a7:a8:c6:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e520446f79ffc2d7c3a9ef340ce9de25723a719a
Validity
Not Before: Sep 13 14:46:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b8143bf10f7ecfcdc3a0115a36a4cfe989ce7f43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:a1:4b:2d:3c:97:0e:3b:66:b3:bc:12:5b:e7:
f8:33:89:a5:8f:48:b2:73:34:24:6c:c5:44:a8:33:
11:c0:3c:07:77:cf:1a:28:cd:f2:fa:9f:2b:59:b5:
6c:80:64:8c:a4:9b:fb:67:2c:23:38:84:e3:45:d2:
cb:f2:72:06:94:e7:ac:e3:df:3d:6d:39:3f:35:d7:
80:98:4b:ff:31:d6:60:88:f1:65:98:f9:87:e7:1e:
c1:f0:57:55:5e:10:33:7d:41:52:bf:cd:12:86:ac:
26:6d:1d:2f:d4:fd:24:6c:03:6b:44:d8:38:1b:77:
37:44:9b:2a:e5:89:ee:95:da:9a:bb:ae:41:7e:52:
ac:8f:70:e8:02:7a:f1:7b:da:30:a9:d4:5e:7a:a2:
41:b1:5d:ca:3b:50:9c:8d:62:71:54:0b:ce:34:df:
97:e7:36:1b:eb:ce:59:15:d2:61:58:00:c0:20:db:
d5:3b:58:de:e8:5d:00:59:16:07:98:86:ba:6e:2a:
21:55:72:2e:61:9e:87:5c:9b:3b:4d:7c:3a:04:6d:
80:68:7d:1b:cc:6a:8c:8d:be:46:17:12:b9:28:f5:
b2:09:e7:1a:cf:ee:07:02:bb:a0:14:51:33:6f:8f:
7e:58:55:e6:f7:b8:56:74:e3:6d:b1:bb:6c:6b:f4:
8b:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:14:3B:F1:0F:7E:CF:CD:C3:A0:11:5A:36:A4:CF:E9:89:CE:7F:43
X509v3 Authority Key Identifier:
keyid:E5:20:44:6F:79:FF:C2:D7:C3:A9:EF:34:0C:E9:DE:25:72:3A:71:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5SBEb3n_wtfDqe80DOneJXI6cZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/011ef2-7012-4a6e-8a1c-0e0e137e5591/1/uBQ78Q9-z83DoBFaNqTP6YnOf0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/011ef2-7012-4a6e-8a1c-0e0e137e5591/1/5SBEb3n_wtfDqe80DOneJXI6cZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.160.224.0/19
93.95.160.0/21
93.123.128.0/17
95.131.208.0/21
Signature Algorithm: sha256WithRSAEncryption
2c:4a:62:09:87:46:d5:76:e5:c7:12:08:e4:26:cc:77:49:17:
22:31:7e:e2:9d:72:48:bd:d7:7f:af:bf:58:04:ff:5b:58:f4:
c3:6e:69:00:78:89:7a:80:23:88:db:2e:7b:24:40:73:32:52:
11:a5:ae:cd:9a:f4:df:95:82:53:9b:a4:28:d9:73:ff:83:1a:
42:6e:92:c9:aa:34:19:70:dd:fc:e6:f4:07:2c:95:16:ef:51:
5d:2b:65:9d:29:78:66:91:83:b1:93:5c:2a:4e:53:38:9c:4c:
e5:36:a9:18:62:3d:27:3a:89:22:27:af:84:3a:94:5e:64:a3:
b2:8b:5d:15:95:c1:fb:8b:ae:96:ca:c8:5b:1b:08:5f:c8:58:
ff:48:6b:ba:11:fe:34:cf:43:72:d7:84:46:a9:27:84:6c:22:
94:b9:2f:61:29:3f:ed:92:30:be:1a:bc:00:55:7f:43:a4:6d:
04:c0:78:02:54:b6:a7:42:7e:ab:3d:62:2b:cc:9c:b3:2b:a9:
eb:95:65:75:b5:ae:8c:f5:23:0e:5e:06:68:9b:66:00:47:9c:
7c:d8:c1:a2:11:cb:f0:6c:0e:f9:c0:2c:2b:dc:54:17:b6:07:
fe:25:cc:51:10:67:af:6b:33:bd:00:35:ac:99:c3:43:53:73:
04:fd:7a:9e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYM3USzS/W3zuJqyFeSnqMZVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MjA0NDZmNzlmZmMyZDdjM2E5ZWYzNDBjZTlkZTI1NzIz
YTcxOWEwHhcNMjIwOTEzMTQ0NjUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODE0M2JmMTBmN2VjZmNkYzNhMDExNWEzNmE0Y2ZlOTg5Y2U3ZjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjaFLLTyXDjtms7wSW+f4M4mlj0iy
czQkbMVEqDMRwDwHd88aKM3y+p8rWbVsgGSMpJv7ZywjOITjRdLL8nIGlOes4989
bTk/NdeAmEv/MdZgiPFlmPmH5x7B8FdVXhAzfUFSv80ShqwmbR0v1P0kbANrRNg4
G3c3RJsq5Ynuldqau65BflKsj3DoAnrxe9owqdReeqJBsV3KO1CcjWJxVAvONN+X
5zYb685ZFdJhWADAINvVO1je6F0AWRYHmIa6biohVXIuYZ6HXJs7TXw6BG2AaH0b
zGqMjb5GFxK5KPWyCecaz+4HArugFFEzb49+WFXm97hWdONtsbtsa/SL+wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLgUO/EPfs/Nw6ARWjakz+mJzn9DMB8GA1UdIwQY
MBaAFOUgRG95/8LXw6nvNAzp3iVyOnGaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVNCRWIzbl93dGZEcWU4MERPbmVKWEk2Y1pvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8wMTFlZjItNzAxMi00YTZlLThhMWMt
MGUwZTEzN2U1NTkxLzEvdUJRNzhROS16ODNEb0JGYU5xVFA2WW5PZjBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8wMTFlZjItNzAxMi00YTZlLThhMWMtMGUwZTEzN2U1NTkx
LzEvNVNCRWIzbl93dGZEcWU4MERPbmVKWEk2Y1pvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFLqDgAwQD
XV+gAwQHXXuAAwQDX4PQMA0GCSqGSIb3DQEBCwUAA4IBAQAsSmIJh0bVduXHEgjk
Jsx3SRciMX7inXJIvdd/r79YBP9bWPTDbmkAeIl6gCOI2y57JEBzMlIRpa7NmvTf
lYJTm6Qo2XP/gxpCbpLJqjQZcN385vQHLJUW71FdK2WdKXhmkYOxk1wqTlM4nEzl
NqkYYj0nOokiJ6+EOpReZKOyi10VlcH7i66WyshbGwhfyFj/SGu6Ef40z0Ny14RG
qSeEbCKUuS9hKT/tkjC+GrwAVX9DpG0EwHgCVLanQn6rPWIrzJyzK6nrlWV1ta6M
9SMOXgZom2YAR5x82MGiEcvwbA75wCwr3FQXtgf+JcxREGevazO9ADWsmcNDU3ME
/Xqe
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:34:17 2025 by rpki-client