Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/a6592e-b1c1-407c-8f04-301df272152e/1/u-RQU9gFNDS4eyj_7vt5QSWBUss.roa
File: u-RQU9gFNDS4eyj_7vt5QSWBUss.roa (raw, json)
Hash identifier: Isk2WlbPT/4Eogx6tgWXOZvmR7Ajm5iXhl2Wvcl+qHg=
Subject key identifier: BB:E4:50:53:D8:05:34:34:B8:7B:28:FF:EE:FB:79:41:25:81:52:CB
Certificate issuer: /CN=87d7f7d2fc1348914c006b55ab93f2d2e3390de6
Certificate serial: 040A71B0
Authority key identifier: 87:D7:F7:D2:FC:13:48:91:4C:00:6B:55:AB:93:F2:D2:E3:39:0D:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h9f30vwTSJFMAGtVq5Py0uM5DeY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/a6592e-b1c1-407c-8f04-301df272152e/1/u-RQU9gFNDS4eyj_7vt5QSWBUss.roa
Signing time: Sat 01 Jan 2022 01:53:03 +0000
ROA not before: Sat 01 Jan 2022 01:53:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 52080
IP address blocks: 185.249.152.0/22 maxlen: 22
185.249.152.0/24 maxlen: 24
193.162.107.0/24 maxlen: 24
185.249.155.0/24 maxlen: 24
185.249.154.0/24 maxlen: 24
185.249.153.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67793328 (0x40a71b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87d7f7d2fc1348914c006b55ab93f2d2e3390de6
Validity
Not Before: Jan 1 01:53:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bbe45053d8053434b87b28ffeefb7941258152cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:7d:23:24:4c:c1:a0:df:64:8d:65:72:de:cb:
1d:10:94:7f:0a:00:93:6d:5c:32:72:76:05:f7:df:
a7:13:10:65:2d:fb:fa:d4:dd:c8:17:d2:aa:2d:ce:
6d:17:49:b7:8d:9c:4b:c5:e0:24:e4:d8:7f:0c:f1:
65:2d:6c:e9:ff:d2:34:21:d5:45:0c:30:66:53:55:
3e:53:bb:7e:f6:cf:66:20:dc:8a:7e:c8:53:c0:67:
eb:56:f6:f2:f0:a0:63:7b:fd:2b:4f:a3:ad:78:6b:
fe:14:36:8c:f6:12:54:ec:c4:be:1f:d7:6a:c0:12:
f5:14:01:e5:29:77:b7:ae:1a:38:2b:ba:30:d0:46:
a9:d7:ef:79:0e:76:2d:94:9e:7f:4b:95:0d:03:a1:
84:b2:6d:44:f2:7a:94:28:4c:42:5c:d1:40:8f:1e:
38:71:9e:e9:2f:e8:9d:8e:c3:c5:e5:0e:fe:f8:02:
c8:a6:a2:8a:3b:00:c0:f7:4c:10:3e:89:5d:57:e4:
60:5a:32:83:4f:db:c6:21:6b:ef:b9:c8:be:f2:d5:
e6:a3:78:80:e1:97:a4:82:43:fe:22:c4:41:40:44:
84:f8:3f:78:5a:58:00:e8:d3:c0:75:b4:1b:63:7b:
42:07:22:8c:7a:42:c9:9b:38:c1:ab:d8:d3:cf:76:
3c:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:E4:50:53:D8:05:34:34:B8:7B:28:FF:EE:FB:79:41:25:81:52:CB
X509v3 Authority Key Identifier:
keyid:87:D7:F7:D2:FC:13:48:91:4C:00:6B:55:AB:93:F2:D2:E3:39:0D:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h9f30vwTSJFMAGtVq5Py0uM5DeY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/a6592e-b1c1-407c-8f04-301df272152e/1/u-RQU9gFNDS4eyj_7vt5QSWBUss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/a6592e-b1c1-407c-8f04-301df272152e/1/h9f30vwTSJFMAGtVq5Py0uM5DeY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.249.152.0/22
193.162.107.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:d9:f3:75:f7:ef:5a:79:85:0d:c2:6f:a9:22:52:8d:a7:89:
80:c9:15:85:ae:78:cd:32:42:9c:48:dc:c2:a3:53:d9:eb:72:
9a:05:3d:e0:a7:f9:68:28:f4:93:57:8a:0e:2c:e2:b1:9c:e0:
bf:ce:e8:2f:26:8e:e2:df:14:48:b0:c6:b9:92:5b:1b:8d:1d:
7b:21:78:89:86:2e:53:d3:a8:0b:e9:77:d0:0e:68:a7:77:07:
1d:eb:b2:b8:09:dc:d0:80:72:ec:e0:1d:7b:bf:af:a0:d9:f3:
51:63:42:a5:88:6f:b7:c4:1a:d5:95:29:26:bc:eb:87:fe:4c:
db:77:9a:53:40:97:8d:e7:3b:70:19:0f:9f:83:73:55:70:49:
67:05:32:35:39:8b:5a:f4:34:c8:bc:85:62:6c:ff:b2:8d:41:
29:31:6b:e4:11:95:36:e8:ef:8d:40:98:65:07:f8:1f:7d:58:
6e:a0:5b:77:ba:51:bb:b0:29:d8:9a:e0:d1:4a:f3:af:88:30:
89:85:2e:a6:19:25:24:b9:ea:59:ff:50:47:b6:5f:69:49:f2:
92:2e:0a:b4:70:c2:bb:8e:aa:34:6c:a7:85:be:f2:3e:fc:55:
d2:bc:9f:2c:a2:08:9d:56:3b:3e:73:c2:b0:2a:9a:b5:7d:b9:
b0:b3:5a:3e
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBApxsDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
N2Q3ZjdkMmZjMTM0ODkxNGMwMDZiNTVhYjkzZjJkMmUzMzkwZGU2MB4XDTIyMDEw
MTAxNTMwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmJlNDUwNTNkODA1
MzQzNGI4N2IyOGZmZWVmYjc5NDEyNTgxNTJjYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIt9IyRMwaDfZI1lct7LHRCUfwoAk21cMnJ2BfffpxMQZS37
+tTdyBfSqi3ObRdJt42cS8XgJOTYfwzxZS1s6f/SNCHVRQwwZlNVPlO7fvbPZiDc
in7IU8Bn61b28vCgY3v9K0+jrXhr/hQ2jPYSVOzEvh/XasAS9RQB5Sl3t64aOCu6
MNBGqdfveQ52LZSef0uVDQOhhLJtRPJ6lChMQlzRQI8eOHGe6S/onY7DxeUO/vgC
yKaiijsAwPdMED6JXVfkYFoyg0/bxiFr77nIvvLV5qN4gOGXpIJD/iLEQUBEhPg/
eFpYAOjTwHW0G2N7QgcijHpCyZs4wavY0892PDsCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBS75FBT2AU0NLh7KP/u+3lBJYFSyzAfBgNVHSMEGDAWgBSH1/fS/BNIkUwA
a1Wrk/LS4zkN5jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2g5ZjMwdndUU0pGTUFHdFZxNVB5MHVNNURlWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGYvYTY1OTJlLWIxYzEtNDA3Yy04ZjA0LTMwMWRmMjcyMTUyZS8x
L3UtUlFVOWdGTkRTNGV5al83dnQ1UVNXQlVzcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGYv
YTY1OTJlLWIxYzEtNDA3Yy04ZjA0LTMwMWRmMjcyMTUyZS8xL2g5ZjMwdndUU0pG
TUFHdFZxNVB5MHVNNURlWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArn5mAMEAMGiazANBgkqhkiG9w0B
AQsFAAOCAQEAHNnzdffvWnmFDcJvqSJSjaeJgMkVha54zTJCnEjcwqNT2etymgU9
4Kf5aCj0k1eKDizisZzgv87oLyaO4t8USLDGuZJbG40deyF4iYYuU9OoC+l30A5o
p3cHHeuyuAnc0IBy7OAde7+voNnzUWNCpYhvt8Qa1ZUpJrzrh/5M23eaU0CXjec7
cBkPn4NzVXBJZwUyNTmLWvQ0yLyFYmz/so1BKTFr5BGVNujvjUCYZQf4H31YbqBb
d7pRu7Ap2Jrg0Urzr4gwiYUuphklJLnqWf9QR7ZfaUnyki4KtHDCu46qNGynhb7y
PvxV0ryfLKIInVY7PnPCsCqatX25sLNaPg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:04 2024 by rpki-client on console-fra.rpki-client.org