Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/e65ada-4d4a-404d-8700-c2256804e922/1/uGn3MZYaKu7wDl3D7m63UZzFTy8.roa
File: uGn3MZYaKu7wDl3D7m63UZzFTy8.roa (raw, json)
Hash identifier: Ssd2lDjZqsZKcrnpNEDSnGYz7xNgC++BitWH6gpnals=
Subject key identifier: B8:69:F7:31:96:1A:2A:EE:F0:0E:5D:C3:EE:6E:B7:51:9C:C5:4F:2F
Certificate issuer: /CN=3ecd53c66424c3f369ca88ee7af76adb25e18451
Certificate serial: 024B0941
Authority key identifier: 3E:CD:53:C6:64:24:C3:F3:69:CA:88:EE:7A:F7:6A:DB:25:E1:84:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ps1TxmQkw_Npyojuevdq2yXhhFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/e65ada-4d4a-404d-8700-c2256804e922/1/uGn3MZYaKu7wDl3D7m63UZzFTy8.roa
Signing time: Wed 04 May 2022 14:04:57 +0000
ROA not before: Wed 04 May 2022 14:04:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59437
IP address blocks: 87.121.28.0/22 maxlen: 22
94.156.254.0/23 maxlen: 23
87.120.208.0/21 maxlen: 21
185.159.86.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 38472001 (0x24b0941)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ecd53c66424c3f369ca88ee7af76adb25e18451
Validity
Not Before: May 4 14:04:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b869f731961a2aeef00e5dc3ee6eb7519cc54f2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:17:01:d2:0c:d1:83:c6:c7:94:05:ee:3e:1f:
51:b9:dc:dd:2a:c4:29:a5:dd:61:3e:a4:9e:79:1e:
33:c7:eb:1b:3b:93:d0:81:73:42:1f:0c:bd:98:fc:
46:09:4a:45:b7:e9:4e:88:e1:72:c7:78:c1:46:02:
83:e9:94:0a:03:83:56:12:88:dd:c5:b2:40:b2:38:
b6:ba:df:d5:5b:34:55:63:5c:05:ca:9e:9f:fb:61:
05:fe:1f:dd:92:2d:f0:ed:4b:70:33:fc:c1:7b:fe:
a3:f2:8e:25:b5:87:8a:c8:89:1e:7b:7f:9f:b7:df:
f9:19:ab:1a:ca:7c:7e:da:67:e5:39:20:af:1b:4e:
66:f9:6f:c6:ca:70:6b:0f:85:36:4c:4a:bb:6b:02:
22:ba:da:3f:2d:87:43:48:64:3d:fa:56:14:fe:36:
03:93:b5:54:66:05:cf:e9:e5:0d:4e:8d:dd:2a:37:
62:9f:42:c0:d2:22:f3:de:04:fa:b2:de:3e:d3:73:
58:2a:d4:ff:6c:41:9c:3b:4d:2b:cb:7d:cd:b2:ef:
5a:58:21:06:44:c5:0f:48:f9:61:5c:e0:c7:e2:8d:
31:b1:52:74:d1:fc:7a:11:07:8e:8b:98:ed:3d:09:
60:2f:52:e9:8c:03:e6:59:b7:a0:13:eb:a3:c0:c4:
66:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:69:F7:31:96:1A:2A:EE:F0:0E:5D:C3:EE:6E:B7:51:9C:C5:4F:2F
X509v3 Authority Key Identifier:
keyid:3E:CD:53:C6:64:24:C3:F3:69:CA:88:EE:7A:F7:6A:DB:25:E1:84:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ps1TxmQkw_Npyojuevdq2yXhhFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/e65ada-4d4a-404d-8700-c2256804e922/1/uGn3MZYaKu7wDl3D7m63UZzFTy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/e65ada-4d4a-404d-8700-c2256804e922/1/Ps1TxmQkw_Npyojuevdq2yXhhFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.208.0/21
87.121.28.0/22
94.156.254.0/23
185.159.86.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:bf:05:27:ea:c1:d8:d6:77:f6:1a:02:fb:5d:e4:94:19:db:
74:e1:2e:c3:dc:e6:b4:43:b0:9b:73:95:6a:22:21:b9:f2:63:
0f:ac:68:91:f3:d3:0b:3c:c2:5f:cf:af:f4:0b:6c:a2:40:ab:
b8:45:31:ca:a4:98:2f:58:b3:49:1f:00:6e:ad:4a:7c:d8:d8:
1e:47:08:2f:46:b5:d4:50:d9:45:58:3e:0a:a9:3c:e9:ce:89:
36:a4:3f:5f:55:de:99:66:25:11:1f:db:aa:18:b5:ce:09:51:
ac:e9:95:fb:ae:e1:1f:0d:0f:76:b3:e8:f1:be:49:37:3b:e9:
82:10:00:b0:8f:11:f8:14:39:11:30:cd:cc:ac:ce:bb:4a:a9:
62:0b:e5:4c:4c:cb:2e:27:aa:63:09:78:28:0b:71:08:eb:01:
f3:fe:9d:c8:91:9d:24:b6:63:cf:aa:7e:03:e3:06:7e:99:1d:
c5:c2:6d:0c:b3:74:63:f7:20:45:c3:a1:a4:ba:8e:89:fd:b8:
d6:c1:d2:7a:22:99:3c:ef:9d:1d:84:45:b9:83:d4:fa:bd:eb:
5b:8c:86:f7:12:1d:a1:80:bf:00:a7:d2:64:5c:82:4a:a2:18:
1a:63:9a:50:f5:2a:0c:b5:7c:e4:1b:37:ff:b7:07:8a:a6:ec:
1e:f2:9a:73
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEAksJQTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZWNkNTNjNjY0MjRjM2YzNjljYTg4ZWU3YWY3NmFkYjI1ZTE4NDUxMB4XDTIyMDUw
NDE0MDQ1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjg2OWY3MzE5NjFh
MmFlZWYwMGU1ZGMzZWU2ZWI3NTE5Y2M1NGYyZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALMXAdIM0YPGx5QF7j4fUbnc3SrEKaXdYT6knnkeM8frGzuT
0IFzQh8MvZj8RglKRbfpTojhcsd4wUYCg+mUCgODVhKI3cWyQLI4trrf1Vs0VWNc
Bcqen/thBf4f3ZIt8O1LcDP8wXv+o/KOJbWHisiJHnt/n7ff+RmrGsp8ftpn5Tkg
rxtOZvlvxspwaw+FNkxKu2sCIrraPy2HQ0hkPfpWFP42A5O1VGYFz+nlDU6N3So3
Yp9CwNIi894E+rLePtNzWCrU/2xBnDtNK8t9zbLvWlghBkTFD0j5YVzgx+KNMbFS
dNH8ehEHjouY7T0JYC9S6YwD5lm3oBPro8DEZqUCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBS4afcxlhoq7vAOXcPubrdRnMVPLzAfBgNVHSMEGDAWgBQ+zVPGZCTD82nK
iO5692rbJeGEUTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BzMVR4bVFrd19OcHlvanVldmRxMnlYaGhGRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDkvZTY1YWRhLTRkNGEtNDA0ZC04NzAwLWMyMjU2ODA0ZTkyMi8x
L3VHbjNNWllhS3U3d0RsM0Q3bTYzVVp6RlR5OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkv
ZTY1YWRhLTRkNGEtNDA0ZC04NzAwLWMyMjU2ODA0ZTkyMi8xL1BzMVR4bVFrd19O
cHlvanVldmRxMnlYaGhGRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEA1d40AMEAld5HAMEAV6c/gMEALmf
VjANBgkqhkiG9w0BAQsFAAOCAQEAvL8FJ+rB2NZ39hoC+13klBnbdOEuw9zmtEOw
m3OVaiIhufJjD6xokfPTCzzCX8+v9AtsokCruEUxyqSYL1izSR8Abq1KfNjYHkcI
L0a11FDZRVg+Cqk86c6JNqQ/X1XemWYlER/bqhi1zglRrOmV+67hHw0PdrPo8b5J
NzvpghAAsI8R+BQ5ETDNzKzOu0qpYgvlTEzLLieqYwl4KAtxCOsB8/6dyJGdJLZj
z6p+A+MGfpkdxcJtDLN0Y/cgRcOhpLqOif241sHSeiKZPO+dHYRFuYPU+r3rW4yG
9xIdoYC/AKfSZFyCSqIYGmOaUPUqDLV85Bs3/7cHiqbsHvKacw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:53 2025 by rpki-client