Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/2tcFAcWtnu28HWy7mRJ_74n_UPA.roa
File: 2tcFAcWtnu28HWy7mRJ_74n_UPA.roa (raw, json)
Hash identifier: sQEWofV5QPlWVii/MegQstUAwF+p6C2+Xj7oZZQLygA=
Subject key identifier: DA:D7:05:01:C5:AD:9E:ED:BC:1D:6C:BB:99:12:7F:EF:89:FF:50:F0
Certificate issuer: /CN=8cdcf26f74860588cac6bae17f99de22dbc49ae6
Certificate serial: 01855E8BDF8B08FA9053F2FA5FD08503CCAB
Authority key identifier: 8C:DC:F2:6F:74:86:05:88:CA:C6:BA:E1:7F:99:DE:22:DB:C4:9A:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jNzyb3SGBYjKxrrhf5neItvEmuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/2tcFAcWtnu28HWy7mRJ_74n_UPA.roa
Signing time: Thu 29 Dec 2022 15:41:43 +0000
ROA not before: Thu 29 Dec 2022 15:41:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41114
IP address blocks: 45.151.16.0/22 maxlen: 22
147.78.164.0/22 maxlen: 22
193.148.80.0/22 maxlen: 22
45.157.248.0/22 maxlen: 22
185.98.64.0/22 maxlen: 22
62.192.140.0/22 maxlen: 22
213.226.72.0/22 maxlen: 22
2a0a:7980::/32 maxlen: 32
2a0d:e6c0::/32 maxlen: 32
2a09:4380::/32 maxlen: 32
2a09:26c0::/32 maxlen: 32
2a00:7aa0::/32 maxlen: 32
2a0f:d00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:5e:8b:df:8b:08:fa:90:53:f2:fa:5f:d0:85:03:cc:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8cdcf26f74860588cac6bae17f99de22dbc49ae6
Validity
Not Before: Dec 29 15:41:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dad70501c5ad9eedbc1d6cbb99127fef89ff50f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:05:85:2a:80:3c:b2:b6:89:ea:13:8f:1f:4a:
4b:15:72:36:09:b7:e3:a8:66:14:6e:5b:4a:6d:61:
e4:05:d5:c5:e2:63:0e:24:dd:93:d2:cd:f1:4a:74:
41:4c:21:63:66:63:a1:bc:89:96:83:cd:49:d2:6b:
fd:ed:07:10:45:a4:98:b4:42:04:c9:80:ce:1d:b7:
ce:a0:6e:93:88:66:fb:4c:c9:41:d8:17:89:44:c9:
5a:f5:ab:a0:5c:e9:dc:19:57:ad:ce:26:ee:e0:7b:
17:2b:a6:48:29:8c:1b:86:f5:fa:26:51:0a:89:a9:
84:bb:a8:03:2e:70:34:c0:a4:aa:e7:0f:5c:23:6c:
b8:fd:8a:5f:21:e8:be:b5:70:1c:69:eb:2a:7d:d9:
d5:aa:68:1f:cc:72:24:0e:7b:6a:af:c1:3e:8b:8b:
6e:22:97:c2:89:67:05:0c:f3:23:3b:6e:41:28:11:
79:d1:49:db:58:ea:14:7b:d4:1a:8d:75:83:2b:dc:
7a:40:2f:3f:9f:dc:d9:a1:28:36:10:f7:b6:51:04:
1f:68:20:41:f7:dc:2f:ec:e5:54:3f:a7:67:54:c3:
bb:64:75:9a:76:84:0d:b4:a4:28:f7:f7:b6:7f:e4:
8a:c7:a4:9a:ff:38:71:33:7b:b0:5a:cb:e2:7b:fc:
fe:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:D7:05:01:C5:AD:9E:ED:BC:1D:6C:BB:99:12:7F:EF:89:FF:50:F0
X509v3 Authority Key Identifier:
keyid:8C:DC:F2:6F:74:86:05:88:CA:C6:BA:E1:7F:99:DE:22:DB:C4:9A:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jNzyb3SGBYjKxrrhf5neItvEmuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/2tcFAcWtnu28HWy7mRJ_74n_UPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/jNzyb3SGBYjKxrrhf5neItvEmuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.16.0/22
45.157.248.0/22
62.192.140.0/22
147.78.164.0/22
185.98.64.0/22
193.148.80.0/22
213.226.72.0/22
IPv6:
2a00:7aa0::/32
2a09:26c0::/32
2a09:4380::/32
2a0a:7980::/32
2a0d:e6c0::/32
2a0f:d00::/32
Signature Algorithm: sha256WithRSAEncryption
66:71:a0:dc:65:41:c9:74:5d:b2:d6:32:2b:05:77:63:69:5b:
fd:56:28:07:a2:3b:cc:ff:48:f7:65:26:4d:cf:a9:25:a9:a7:
ca:60:01:26:17:a7:bd:eb:aa:c3:09:ca:be:40:72:61:82:e8:
60:62:a7:b0:9b:80:04:2d:39:51:cf:d3:c2:cf:ff:e1:a6:61:
94:95:14:b8:ac:8b:94:00:86:70:a7:d1:f9:ca:0f:66:6a:35:
42:0f:c4:d4:31:0b:24:26:c4:dc:b1:b4:27:78:83:92:e0:ec:
bd:ef:aa:75:8f:a3:e5:31:d3:d6:69:ab:f1:83:fa:50:82:3f:
01:e2:33:94:1a:a7:55:70:af:00:9f:94:4d:b9:21:dc:1e:85:
41:3f:f8:c5:d5:48:49:d1:db:3e:41:87:da:91:bf:50:d3:3a:
83:eb:fe:9a:79:03:57:48:18:25:48:98:78:f6:fa:3c:36:0c:
5a:b8:a4:dd:17:df:fd:1a:74:da:4c:d5:8f:90:c6:fe:9b:7b:
0c:e6:ca:f1:0b:36:31:8a:e4:0e:30:fc:49:4a:b9:05:ef:ca:
b0:af:fa:ed:5d:d5:a8:f5:a1:c0:81:46:b5:96:4b:73:fa:13:
4b:f2:dd:9f:33:4e:32:ed:2e:1b:4e:1c:39:58:a1:3d:f2:13:
60:27:76:b9
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAYVei9+LCPqQU/L6X9CFA8yrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjZGNmMjZmNzQ4NjA1ODhjYWM2YmFlMTdmOTlkZTIyZGJj
NDlhZTYwHhcNMjIxMjI5MTU0MTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWQ3MDUwMWM1YWQ5ZWVkYmMxZDZjYmI5OTEyN2ZlZjg5ZmY1MGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5wWFKoA8sraJ6hOPH0pLFXI2Cbfj
qGYUbltKbWHkBdXF4mMOJN2T0s3xSnRBTCFjZmOhvImWg81J0mv97QcQRaSYtEIE
yYDOHbfOoG6TiGb7TMlB2BeJRMla9augXOncGVetzibu4HsXK6ZIKYwbhvX6JlEK
iamEu6gDLnA0wKSq5w9cI2y4/YpfIei+tXAcaesqfdnVqmgfzHIkDntqr8E+i4tu
IpfCiWcFDPMjO25BKBF50UnbWOoUe9QajXWDK9x6QC8/n9zZoSg2EPe2UQQfaCBB
99wv7OVUP6dnVMO7ZHWadoQNtKQo9/e2f+SKx6Sa/zhxM3uwWsvie/z+swIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFNrXBQHFrZ7tvB1su5kSf++J/1DwMB8GA1UdIwQY
MBaAFIzc8m90hgWIysa64X+Z3iLbxJrmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvak56eWIzU0dCWWpLeHJyaGY1bmVJdHZFbXVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9kNWIxYTctNDY2ZC00NzFjLWE3MGMt
MmZiMjVhYmZkYzUzLzEvMnRjRkFjV3RudTI4SFd5N21SSl83NG5fVVBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9kNWIxYTctNDY2ZC00NzFjLWE3MGMtMmZiMjVhYmZkYzUz
LzEvak56eWIzU0dCWWpLeHJyaGY1bmVJdHZFbXVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDAwBAIAATAqAwQCLZcQAwQC
LZ34AwQCPsCMAwQCk06kAwQCuWJAAwQCwZRQAwQC1eJIMDAEAgACMCoDBQAqAHqg
AwUAKgkmwAMFACoJQ4ADBQAqCnmAAwUAKg3mwAMFACoPDQAwDQYJKoZIhvcNAQEL
BQADggEBAGZxoNxlQcl0XbLWMisFd2NpW/1WKAeiO8z/SPdlJk3PqSWpp8pgASYX
p73rqsMJyr5AcmGC6GBip7CbgAQtOVHP08LP/+GmYZSVFLisi5QAhnCn0fnKD2Zq
NUIPxNQxCyQmxNyxtCd4g5Lg7L3vqnWPo+Ux09Zpq/GD+lCCPwHiM5Qap1VwrwCf
lE25IdwehUE/+MXVSEnR2z5Bh9qRv1DTOoPr/pp5A1dIGCVImHj2+jw2DFq4pN0X
3/0adNpM1Y+Qxv6bewzmyvELNjGK5A4w/ElKuQXvyrCv+u1d1aj1ocCBRrWWS3P6
E0vy3Z8zTjLtLhtOHDlYoT3yE2Andrk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:14 2025 by rpki-client