Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/1UcBC_4lxGP9mXqtckwEnWYmpOs.roa
File: 1UcBC_4lxGP9mXqtckwEnWYmpOs.roa (raw, json)
Hash identifier: rPuGlAT2sIvDFwFAizOPvG49Hm1y7Rc5YAI2OdkQsz0=
Subject key identifier: D5:47:01:0B:FE:25:C4:63:FD:99:7A:AD:72:4C:04:9D:66:26:A4:EB
Certificate issuer: /CN=bda96d02a822f46253c2aee680441d5ac27c3df5
Certificate serial: 41909D1A
Authority key identifier: BD:A9:6D:02:A8:22:F4:62:53:C2:AE:E6:80:44:1D:5A:C2:7C:3D:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/valtAqgi9GJTwq7mgEQdWsJ8PfU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/1UcBC_4lxGP9mXqtckwEnWYmpOs.roa
Signing time: Sat 01 Jan 2022 11:54:57 +0000
ROA not before: Sat 01 Jan 2022 11:54:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5413
IP address blocks: 95.172.224.0/19 maxlen: 24
212.105.160.0/19 maxlen: 24
2a00:10ef::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1099996442 (0x41909d1a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bda96d02a822f46253c2aee680441d5ac27c3df5
Validity
Not Before: Jan 1 11:54:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d547010bfe25c463fd997aad724c049d6626a4eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:4d:44:f8:74:37:85:dd:1a:a5:13:9c:21:6d:
09:9d:0b:5c:60:aa:27:e6:0d:59:07:97:4d:4b:44:
99:04:bf:a7:44:10:33:b8:20:64:3f:a8:2d:f0:3a:
fa:97:c7:73:56:67:7f:39:02:9e:c9:44:a8:8e:4d:
ec:44:9e:91:12:77:5f:20:90:2e:a1:7a:58:21:73:
a8:44:8c:da:72:25:56:9f:c6:cf:cb:cd:5d:06:4e:
99:33:d0:b1:58:49:08:4e:74:15:31:bb:3f:f2:1d:
c5:72:cd:1f:e6:68:db:d7:6d:73:47:6b:5b:21:ac:
66:92:d4:30:ea:e8:eb:83:79:6e:85:0a:3e:b3:ca:
b2:f9:42:db:ea:18:40:86:e7:12:85:b4:87:75:b1:
ee:37:9a:29:1f:ba:f5:0a:4a:81:a1:d5:0a:7a:47:
b5:13:a6:92:36:4a:bb:82:7f:75:3b:ae:bd:22:28:
12:a1:38:4e:ba:de:c2:20:a6:8e:05:43:38:1f:2a:
ef:92:c0:e7:c6:35:07:87:d8:21:44:54:7f:0f:43:
1d:82:aa:cb:37:1e:91:65:4e:fb:c8:4b:f2:ed:71:
ca:82:36:b2:ac:f4:98:f2:f3:a0:13:94:44:4b:f5:
bd:66:cf:9b:41:d8:a6:34:7a:46:eb:1f:84:46:4e:
d1:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:47:01:0B:FE:25:C4:63:FD:99:7A:AD:72:4C:04:9D:66:26:A4:EB
X509v3 Authority Key Identifier:
keyid:BD:A9:6D:02:A8:22:F4:62:53:C2:AE:E6:80:44:1D:5A:C2:7C:3D:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/valtAqgi9GJTwq7mgEQdWsJ8PfU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/1UcBC_4lxGP9mXqtckwEnWYmpOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/valtAqgi9GJTwq7mgEQdWsJ8PfU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.172.224.0/19
212.105.160.0/19
IPv6:
2a00:10ef::/32
Signature Algorithm: sha256WithRSAEncryption
33:a7:1e:59:bf:21:6f:4c:3f:ad:30:4c:0f:c2:78:53:f0:14:
b2:5e:f7:f8:f2:46:1d:31:ba:11:73:41:e5:8b:c3:3d:d3:ea:
8c:a0:d9:03:cd:57:91:ec:d2:b2:f4:2e:b6:f2:64:39:97:92:
c2:4c:c9:1a:48:51:b6:fa:de:e7:88:42:0c:08:b1:fd:8b:7c:
27:ce:3a:fe:16:00:43:56:92:22:09:2e:c2:3b:39:64:3a:0a:
6c:b1:07:1c:1d:9d:cf:93:b8:d7:f1:6f:b1:59:66:a0:26:9d:
a3:14:c8:6a:e4:7b:25:23:79:93:5e:66:50:df:9f:d4:2b:16:
aa:05:02:2b:d8:45:87:25:82:fa:eb:4e:39:3c:a8:38:0c:77:
49:ae:36:c9:74:e4:63:76:56:91:a5:8d:98:8a:af:5a:0a:48:
b8:1d:80:db:9e:a5:05:c2:0b:19:43:bf:b8:c7:81:3b:e2:2e:
d7:77:7f:e6:46:90:92:10:0d:b6:73:54:db:57:70:14:0c:18:
a3:b3:49:17:b1:8a:c8:1d:a6:12:30:1c:16:e2:6b:58:78:5e:
3b:0b:a1:19:a5:82:93:91:8e:a1:70:a1:a0:4b:44:f4:8e:17:
96:99:2d:27:7c:8a:17:f3:4c:91:14:16:07:3a:5d:5b:5b:10:
cb:39:9c:c3
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEQZCdGjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZGE5NmQwMmE4MjJmNDYyNTNjMmFlZTY4MDQ0MWQ1YWMyN2MzZGY1MB4XDTIyMDEw
MTExNTQ1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDU0NzAxMGJmZTI1
YzQ2M2ZkOTk3YWFkNzI0YzA0OWQ2NjI2YTRlYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALJNRPh0N4XdGqUTnCFtCZ0LXGCqJ+YNWQeXTUtEmQS/p0QQ
M7ggZD+oLfA6+pfHc1ZnfzkCnslEqI5N7ESekRJ3XyCQLqF6WCFzqESM2nIlVp/G
z8vNXQZOmTPQsVhJCE50FTG7P/IdxXLNH+Zo29dtc0drWyGsZpLUMOro64N5boUK
PrPKsvlC2+oYQIbnEoW0h3Wx7jeaKR+69QpKgaHVCnpHtROmkjZKu4J/dTuuvSIo
EqE4TrrewiCmjgVDOB8q75LA58Y1B4fYIURUfw9DHYKqyzcekWVO+8hL8u1xyoI2
sqz0mPLzoBOUREv1vWbPm0HYpjR6RusfhEZO0V0CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBTVRwEL/iXEY/2Zeq1yTASdZiak6zAfBgNVHSMEGDAWgBS9qW0CqCL0YlPC
ruaARB1awnw99TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZhbHRBcWdpOUdKVHdxN21nRVFkV3NKOFBmVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvYTI3YjM5LTgwMTEtNDE0Mi04NmMyLWNmODNkNmU0MDU1OC8x
LzFVY0JDXzRseEdQOW1YcXRja3dFbldZbXBPcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
YTI3YjM5LTgwMTEtNDE0Mi04NmMyLWNmODNkNmU0MDU1OC8xL3ZhbHRBcWdpOUdK
VHdxN21nRVFkV3NKOFBmVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBV+s4AMEBdRpoDANBAIAAjAHAwUA
KgAQ7zANBgkqhkiG9w0BAQsFAAOCAQEAM6ceWb8hb0w/rTBMD8J4U/AUsl73+PJG
HTG6EXNB5YvDPdPqjKDZA81XkezSsvQutvJkOZeSwkzJGkhRtvre54hCDAix/Yt8
J846/hYAQ1aSIgkuwjs5ZDoKbLEHHB2dz5O41/FvsVlmoCadoxTIauR7JSN5k15m
UN+f1CsWqgUCK9hFhyWC+utOOTyoOAx3Sa42yXTkY3ZWkaWNmIqvWgpIuB2A256l
BcILGUO/uMeBO+Iu13d/5kaQkhANtnNU21dwFAwYo7NJF7GKyB2mEjAcFuJrWHhe
OwuhGaWCk5GOoXChoEtE9I4XlpktJ3yKF/NMkRQWBzpdW1sQyzmcww==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:33 2023 by rpki-client on console-fra.rpki-client.org