Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/52fb86-ed78-4850-b406-80a2b68c3832/1/uNKlpn7zOwGjHXAw9iFKR5D1Oik.roa
File: uNKlpn7zOwGjHXAw9iFKR5D1Oik.roa (raw, json)
Hash identifier: anMPp7UzD+A7dXbeFfGEumMIHKCnc5UB6UFnG8U3MkY=
Subject key identifier: B8:D2:A5:A6:7E:F3:3B:01:A3:1D:70:30:F6:21:4A:47:90:F5:3A:29
Certificate issuer: /CN=d5777579cc67784454bcd91a06bd6935aaef73f9
Certificate serial: 18251730
Authority key identifier: D5:77:75:79:CC:67:78:44:54:BC:D9:1A:06:BD:69:35:AA:EF:73:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Xd1ecxneERUvNkaBr1pNarvc_k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/52fb86-ed78-4850-b406-80a2b68c3832/1/uNKlpn7zOwGjHXAw9iFKR5D1Oik.roa
Signing time: Sat 01 Jan 2022 12:58:08 +0000
ROA not before: Sat 01 Jan 2022 12:58:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 28978
IP address blocks: 176.32.160.0/20 maxlen: 20
176.32.170.0/24 maxlen: 24
176.32.168.0/24 maxlen: 24
195.39.216.0/23 maxlen: 23
2a00:8a40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 405083952 (0x18251730)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5777579cc67784454bcd91a06bd6935aaef73f9
Validity
Not Before: Jan 1 12:58:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b8d2a5a67ef33b01a31d7030f6214a4790f53a29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:ec:47:59:8b:c6:12:e0:c0:9a:0f:7d:53:55:
0d:62:14:fe:ff:26:11:5a:c1:0c:86:bf:6a:93:53:
6d:b6:ed:28:27:e9:c0:46:b3:01:fb:1b:1d:a8:b4:
f6:67:74:c4:6c:bc:f7:e6:af:23:a2:17:11:19:38:
04:00:8c:2d:aa:1b:e8:8f:7c:76:81:35:a8:d6:17:
2d:0f:cc:3a:98:3d:ae:de:ee:8d:4f:4b:a7:37:67:
f5:8f:1f:2b:95:af:7a:75:a0:54:f9:c4:3d:ac:2e:
8b:36:99:de:32:8a:74:d1:16:19:20:7d:10:76:62:
92:6f:e5:b7:0e:99:c1:83:78:85:0e:5f:bc:47:8c:
6b:0b:4e:26:c4:cb:e4:4e:75:4f:9e:4a:ef:dc:b7:
71:26:4a:3a:c0:c5:17:f1:18:f2:43:c7:87:66:5a:
9c:05:79:43:b0:e7:eb:4c:28:b9:5d:1f:f1:68:1e:
af:41:4c:40:c3:f8:a9:2c:e2:78:9d:c4:31:71:4a:
64:49:31:f8:32:36:aa:22:05:f5:ed:3a:28:98:e1:
e4:89:92:5f:3f:4b:2e:b2:df:9a:b9:f6:96:78:f8:
1e:e8:77:00:bf:77:e0:20:69:4d:a7:2a:05:99:7f:
ae:1f:17:77:b3:a8:4f:83:e5:b3:71:b9:f1:b9:2a:
41:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:D2:A5:A6:7E:F3:3B:01:A3:1D:70:30:F6:21:4A:47:90:F5:3A:29
X509v3 Authority Key Identifier:
keyid:D5:77:75:79:CC:67:78:44:54:BC:D9:1A:06:BD:69:35:AA:EF:73:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Xd1ecxneERUvNkaBr1pNarvc_k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/52fb86-ed78-4850-b406-80a2b68c3832/1/uNKlpn7zOwGjHXAw9iFKR5D1Oik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/52fb86-ed78-4850-b406-80a2b68c3832/1/1Xd1ecxneERUvNkaBr1pNarvc_k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.160.0/20
195.39.216.0/23
IPv6:
2a00:8a40::/32
Signature Algorithm: sha256WithRSAEncryption
20:38:97:f3:b3:75:a3:2e:49:5c:25:19:56:72:9d:ec:42:a2:
92:8c:0b:98:10:c0:bc:fb:1c:ae:47:06:a6:01:d7:1e:e4:1a:
30:12:0c:34:07:e5:d8:97:52:23:a9:70:7e:90:c0:4c:81:77:
2b:5d:c4:af:02:1c:ac:7d:c6:b1:38:f5:71:f5:0d:3a:c4:8d:
6d:c9:ed:df:ad:23:89:9d:f5:56:6e:7e:51:79:57:e1:e8:f9:
09:5a:1a:25:55:f9:ba:f3:37:20:00:07:84:0d:a4:ab:35:59:
75:ed:8c:eb:0e:56:63:f2:89:ee:47:63:33:c3:b3:07:6c:64:
33:55:3c:6f:ad:72:3d:a2:72:0c:72:d5:91:f8:6c:3a:37:b0:
67:dc:4b:10:44:17:d0:74:ee:49:43:11:e8:18:a3:15:e9:d2:
b1:97:c5:e5:c4:8e:d1:16:93:16:a5:91:1e:f0:6f:fd:02:19:
36:7c:f6:29:fb:5e:ae:1c:31:dc:dc:b5:9b:eb:6b:0b:88:5a:
26:e6:c7:ed:40:90:0a:5c:20:e7:72:73:9b:0f:4f:28:82:8c:
af:59:87:72:c6:f1:15:43:e7:6e:1c:ea:58:cf:0e:54:95:ba:
58:c4:5c:6a:89:e6:e2:ef:2d:fa:89:08:b5:ef:a7:1a:4d:14:
38:1d:1b:45
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEGCUXMDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NTc3NzU3OWNjNjc3ODQ0NTRiY2Q5MWEwNmJkNjkzNWFhZWY3M2Y5MB4XDTIyMDEw
MTEyNTgwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjhkMmE1YTY3ZWYz
M2IwMWEzMWQ3MDMwZjYyMTRhNDc5MGY1M2EyOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANnsR1mLxhLgwJoPfVNVDWIU/v8mEVrBDIa/apNTbbbtKCfp
wEazAfsbHai09md0xGy89+avI6IXERk4BACMLaob6I98doE1qNYXLQ/MOpg9rt7u
jU9Lpzdn9Y8fK5WvenWgVPnEPawuizaZ3jKKdNEWGSB9EHZikm/ltw6ZwYN4hQ5f
vEeMawtOJsTL5E51T55K79y3cSZKOsDFF/EY8kPHh2ZanAV5Q7Dn60wouV0f8Wge
r0FMQMP4qSzieJ3EMXFKZEkx+DI2qiIF9e06KJjh5ImSXz9LLrLfmrn2lnj4Huh3
AL934CBpTacqBZl/rh8Xd7OoT4Pls3G58bkqQTkCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBS40qWmfvM7AaMdcDD2IUpHkPU6KTAfBgNVHSMEGDAWgBTVd3V5zGd4RFS8
2RoGvWk1qu9z+TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFYZDFlY3huZUVSVXZOa2FCcjFwTmFydmNfay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGYvNTJmYjg2LWVkNzgtNDg1MC1iNDA2LTgwYTJiNjhjMzgzMi8x
L3VOS2xwbjd6T3dHakhYQXc5aUZLUjVEMU9pay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGYv
NTJmYjg2LWVkNzgtNDg1MC1iNDA2LTgwYTJiNjhjMzgzMi8xLzFYZDFlY3huZUVS
VXZOa2FCcjFwTmFydmNfay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBLAgoAMEAcMn2DANBAIAAjAHAwUA
KgCKQDANBgkqhkiG9w0BAQsFAAOCAQEAIDiX87N1oy5JXCUZVnKd7EKikowLmBDA
vPscrkcGpgHXHuQaMBIMNAfl2JdSI6lwfpDATIF3K13ErwIcrH3GsTj1cfUNOsSN
bcnt360jiZ31Vm5+UXlX4ej5CVoaJVX5uvM3IAAHhA2kqzVZde2M6w5WY/KJ7kdj
M8OzB2xkM1U8b61yPaJyDHLVkfhsOjewZ9xLEEQX0HTuSUMR6BijFenSsZfF5cSO
0RaTFqWRHvBv/QIZNnz2Kfterhwx3Ny1m+trC4haJubH7UCQClwg53Jzmw9PKIKM
r1mHcsbxFUPnbhzqWM8OVJW6WMRcaonm4u8t+okIte+nGk0UOB0bRQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:28 2025 by rpki-client