Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/b3f2e4-5177-48ae-955e-5d816a82c283/1/UJqesEmiV9L4fxHiP8mnxLpHlts.roa
File: UJqesEmiV9L4fxHiP8mnxLpHlts.roa (raw, json)
Hash identifier: sSDPFIm7uDZDdWtYq3BqmnTedDiaZf/UU0VT2bJQx/8=
Subject key identifier: 50:9A:9E:B0:49:A2:57:D2:F8:7F:11:E2:3F:C9:A7:C4:BA:47:96:DB
Certificate issuer: /CN=344f5eb0efc517d6caaeb7c74a847f965c0e14d9
Certificate serial: 053F5D25
Authority key identifier: 34:4F:5E:B0:EF:C5:17:D6:CA:AE:B7:C7:4A:84:7F:96:5C:0E:14:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NE9esO_FF9bKrrfHSoR_llwOFNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/b3f2e4-5177-48ae-955e-5d816a82c283/1/UJqesEmiV9L4fxHiP8mnxLpHlts.roa
Signing time: Wed 08 Jun 2022 19:18:02 +0000
ROA not before: Wed 08 Jun 2022 19:18:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201295
IP address blocks: 185.252.28.0/24 maxlen: 24
185.252.30.0/24 maxlen: 24
185.252.29.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88038693 (0x53f5d25)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=344f5eb0efc517d6caaeb7c74a847f965c0e14d9
Validity
Not Before: Jun 8 19:18:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=509a9eb049a257d2f87f11e23fc9a7c4ba4796db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:1f:e7:46:38:b9:9d:2c:03:2e:f6:18:8f:4e:
8c:0a:8f:e2:d7:2e:9e:01:96:cc:b9:dd:76:a2:b5:
c7:8d:41:07:2d:83:51:79:39:b5:18:b6:b5:5d:ae:
7c:92:c1:88:ac:c8:5f:23:fa:03:21:e5:d5:d2:3e:
bc:2c:e1:e7:8f:8b:72:2d:31:df:c1:c1:f1:61:74:
17:46:a1:ca:06:15:cb:68:02:59:fa:6f:2d:58:e8:
94:e5:94:b6:04:56:d0:31:b6:39:5f:31:7d:04:79:
63:26:d1:6b:1a:98:55:b7:74:b7:07:64:05:44:e7:
e7:f4:6f:a6:b7:0f:77:c0:a3:87:c9:81:55:2c:2a:
a3:1e:0a:a1:96:92:7a:cd:84:8c:db:c9:93:ff:3c:
dd:6f:37:a7:ce:85:a3:d4:d7:97:60:ed:07:17:63:
c5:81:3a:de:dc:df:3f:d7:de:5d:6c:1e:fc:ec:d3:
56:98:20:73:b8:9b:5c:87:e2:34:06:3f:59:5b:c4:
56:be:96:43:a6:dd:be:a7:15:17:98:3b:ed:07:56:
5a:7c:01:48:b4:89:5d:02:f1:5a:d6:24:0c:0b:40:
62:72:e5:09:59:51:60:a2:c4:ba:2f:bf:25:0e:22:
bc:77:25:2d:01:05:1f:d1:0d:38:40:cb:f7:7d:db:
be:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:9A:9E:B0:49:A2:57:D2:F8:7F:11:E2:3F:C9:A7:C4:BA:47:96:DB
X509v3 Authority Key Identifier:
keyid:34:4F:5E:B0:EF:C5:17:D6:CA:AE:B7:C7:4A:84:7F:96:5C:0E:14:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NE9esO_FF9bKrrfHSoR_llwOFNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b3f2e4-5177-48ae-955e-5d816a82c283/1/UJqesEmiV9L4fxHiP8mnxLpHlts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b3f2e4-5177-48ae-955e-5d816a82c283/1/NE9esO_FF9bKrrfHSoR_llwOFNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.252.28.0-185.252.30.255
Signature Algorithm: sha256WithRSAEncryption
8d:fb:84:4e:8f:f2:b5:0a:b7:09:4e:66:af:fa:a6:46:e6:c0:
f0:49:33:ea:86:a2:31:84:49:17:c4:36:3c:88:fb:dc:ce:ae:
2c:96:a3:aa:9a:10:79:b6:3c:2b:9d:4a:cd:42:9c:cc:b2:04:
96:34:8c:3f:7d:52:b7:2c:76:a0:f1:6f:97:2f:9c:03:89:b6:
8f:33:a8:50:3d:c4:12:96:21:d6:64:37:13:1c:38:22:36:14:
49:63:2f:f4:50:38:f2:b0:14:cd:d3:43:41:94:c8:09:b9:98:
73:5e:46:d5:f1:c6:ed:ef:cd:7c:33:32:9a:88:c9:9e:0d:92:
7c:0c:ea:55:b0:f9:48:d5:f9:7a:36:dc:c0:3c:f6:3f:ab:72:
5f:d4:51:f0:29:54:80:e2:20:85:62:2b:8c:6e:03:8f:c3:50:
9e:4a:67:92:63:a4:65:15:25:70:99:a6:35:07:6a:50:35:f6:
4e:f9:1f:99:66:67:57:22:0f:27:27:39:0d:ab:d2:5b:55:54:
4a:33:b1:a8:d6:0e:2f:d8:e6:20:48:08:d3:0a:ab:c7:88:25:
62:3a:17:d8:02:1a:10:42:3d:b1:bc:c9:39:45:5b:7b:ae:e3:
a1:5a:07:f0:af:92:9e:5d:76:7d:b9:7a:1b:18:40:18:f6:0a:
df:a4:8a:5c
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEBT9dJTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDRmNWViMGVmYzUxN2Q2Y2FhZWI3Yzc0YTg0N2Y5NjVjMGUxNGQ5MB4XDTIyMDYw
ODE5MTgwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTA5YTllYjA0OWEy
NTdkMmY4N2YxMWUyM2ZjOWE3YzRiYTQ3OTZkYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALkf50Y4uZ0sAy72GI9OjAqP4tcungGWzLnddqK1x41BBy2D
UXk5tRi2tV2ufJLBiKzIXyP6AyHl1dI+vCzh54+Lci0x38HB8WF0F0ahygYVy2gC
WfpvLVjolOWUtgRW0DG2OV8xfQR5YybRaxqYVbd0twdkBUTn5/RvprcPd8Cjh8mB
VSwqox4KoZaSes2EjNvJk/883W83p86Fo9TXl2DtBxdjxYE63tzfP9feXWwe/OzT
Vpggc7ibXIfiNAY/WVvEVr6WQ6bdvqcVF5g77QdWWnwBSLSJXQLxWtYkDAtAYnLl
CVlRYKLEui+/JQ4ivHclLQEFH9ENOEDL933bvm0CAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBRQmp6wSaJX0vh/EeI/yafEukeW2zAfBgNVHSMEGDAWgBQ0T16w78UX1squ
t8dKhH+WXA4U2TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05FOWVzT19GRjliS3JyZkhTb1JfbGx3T0ZOay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTEvYjNmMmU0LTUxNzctNDhhZS05NTVlLTVkODE2YTgyYzI4My8x
L1VKcWVzRW1pVjlMNGZ4SGlQOG1ueExwSGx0cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTEv
YjNmMmU0LTUxNzctNDhhZS05NTVlLTVkODE2YTgyYzI4My8xL05FOWVzT19GRjli
S3JyZkhTb1JfbGx3T0ZOay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQCufwcAwQAufweMA0GCSqGSIb3
DQEBCwUAA4IBAQCN+4ROj/K1CrcJTmav+qZG5sDwSTPqhqIxhEkXxDY8iPvczq4s
lqOqmhB5tjwrnUrNQpzMsgSWNIw/fVK3LHag8W+XL5wDibaPM6hQPcQSliHWZDcT
HDgiNhRJYy/0UDjysBTN00NBlMgJuZhzXkbV8cbt7818MzKaiMmeDZJ8DOpVsPlI
1fl6NtzAPPY/q3Jf1FHwKVSA4iCFYiuMbgOPw1CeSmeSY6RlFSVwmaY1B2pQNfZO
+R+ZZmdXIg8nJzkNq9JbVVRKM7Go1g4v2OYgSAjTCqvHiCViOhfYAhoQQj2xvMk5
RVt7ruOhWgfwr5KeXXZ9uXobGEAY9grfpIpc
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:01 2023 by rpki-client on console-ams.rpki-client.org