Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/UYnZ-2ic6zMhaOmhp292E7md2mQ.roa
File: UYnZ-2ic6zMhaOmhp292E7md2mQ.roa (raw, json)
Hash identifier: 5Fq007bTOfqpY+oOPHXdK3l194435qsgz/a50yBKZRI=
Subject key identifier: 51:89:D9:FB:68:9C:EB:33:21:68:E9:A1:A7:6F:76:13:B9:9D:DA:64
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 01850AF089D626C4279C249CB01E8E79859A
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/UYnZ-2ic6zMhaOmhp292E7md2mQ.roa
Signing time: Tue 13 Dec 2022 10:03:34 +0000
ROA not before: Tue 13 Dec 2022 10:03:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34549
IP address blocks: 62.60.220.0/22 maxlen: 24
213.176.68.0/22 maxlen: 24
62.60.164.0/22 maxlen: 24
62.60.168.0/21 maxlen: 24
62.60.172.0/22 maxlen: 24
62.60.176.0/22 maxlen: 24
62.60.180.0/22 maxlen: 24
62.60.184.0/22 maxlen: 24
62.60.188.0/22 maxlen: 24
62.60.192.0/22 maxlen: 24
62.60.212.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0a:f0:89:d6:26:c4:27:9c:24:9c:b0:1e:8e:79:85:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Dec 13 10:03:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5189d9fb689ceb332168e9a1a76f7613b99dda64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:fa:67:86:96:42:61:61:95:26:4f:09:43:df:
7e:75:78:30:3b:61:b1:00:dc:f8:49:29:97:93:86:
69:c6:8f:58:38:aa:25:0e:37:e6:78:c1:10:40:ca:
0f:6f:01:28:5c:b5:02:79:ae:09:3d:08:87:d5:c8:
12:31:5c:7e:f7:76:2d:34:5e:59:5b:e5:24:00:fd:
37:52:17:b4:ac:34:c2:e2:a9:94:12:53:5f:cd:95:
7f:d3:6b:1a:17:d0:e8:7e:78:b3:f4:48:e7:51:3b:
46:ce:fe:46:ff:6a:d8:b4:fb:a5:62:26:9e:65:3b:
77:7c:50:b6:da:e4:da:83:50:80:b9:d7:c3:af:b8:
e0:b3:23:f0:ef:d6:d4:38:cf:f6:e0:59:6e:30:f2:
ea:cf:ac:b3:1c:0b:77:a0:6b:0c:a6:e7:29:52:50:
c6:14:fc:31:77:a5:42:26:8c:ed:8f:4f:5f:30:30:
92:32:db:ef:db:ce:ae:fe:12:3c:e8:10:60:69:f4:
8d:d4:e3:93:75:03:17:c2:e3:53:7d:c0:b3:3b:e4:
d8:bc:aa:f3:85:85:7d:75:9b:01:71:3f:f7:69:31:
66:27:76:71:70:64:a3:d1:62:59:ae:4f:a7:d3:9f:
1a:a1:6e:44:86:80:e1:c8:ff:32:72:6d:71:27:6a:
ed:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:89:D9:FB:68:9C:EB:33:21:68:E9:A1:A7:6F:76:13:B9:9D:DA:64
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/UYnZ-2ic6zMhaOmhp292E7md2mQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.164.0-62.60.195.255
62.60.212.0/22
62.60.220.0/22
213.176.68.0/22
Signature Algorithm: sha256WithRSAEncryption
9d:0b:be:8e:75:51:e6:89:a1:f3:0d:c4:22:3d:ac:9f:e3:c2:
26:c9:54:26:89:cc:e4:d7:10:76:a7:f9:84:13:8f:32:5e:1f:
b3:68:20:ba:94:5e:9e:4e:92:0c:19:30:eb:74:2c:26:78:7f:
b2:d5:37:c1:5a:28:63:4b:d4:63:35:c9:4a:90:ef:22:78:11:
ff:4a:4d:5e:dc:a6:a5:a9:95:89:3e:b5:cf:5e:98:7e:f2:23:
ed:f1:79:07:fd:1a:7e:38:ee:85:b3:7d:40:f5:11:ce:b5:db:
f8:7c:4f:0f:49:15:f3:83:70:0d:17:e8:b8:8b:c4:36:03:dd:
67:6c:11:ef:57:e4:1b:b4:74:75:d6:40:41:55:2b:30:a9:14:
80:a8:7b:2d:8c:bd:99:d3:20:a7:82:8c:f9:d6:e5:1a:68:41:
79:8e:2e:45:dc:9b:16:d2:64:e0:3d:11:a7:52:2e:ba:f6:98:
f1:19:0c:dd:7f:99:97:6b:20:80:6a:db:d0:00:18:ce:b7:53:
a1:eb:05:95:16:9d:71:fd:7f:e6:7d:4b:34:c2:21:98:c0:84:
23:da:5b:c2:75:a2:4a:87:04:87:8e:f0:d4:01:de:b0:32:74:
8f:96:b4:38:ce:a4:e2:86:72:a7:75:4d:1f:52:1f:da:3c:09:
6e:7f:23:78
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYUK8InWJsQnnCScsB6OeYWaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjIxMjEzMTAwMzM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTg5ZDlmYjY4OWNlYjMzMjE2OGU5YTFhNzZmNzYxM2I5OWRkYTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkfpnhpZCYWGVJk8JQ99+dXgwO2Gx
ANz4SSmXk4Zpxo9YOKolDjfmeMEQQMoPbwEoXLUCea4JPQiH1cgSMVx+93YtNF5Z
W+UkAP03Uhe0rDTC4qmUElNfzZV/02saF9Dofniz9EjnUTtGzv5G/2rYtPulYiae
ZTt3fFC22uTag1CAudfDr7jgsyPw79bUOM/24FluMPLqz6yzHAt3oGsMpucpUlDG
FPwxd6VCJoztj09fMDCSMtvv286u/hI86BBgafSN1OOTdQMXwuNTfcCzO+TYvKrz
hYV9dZsBcT/3aTFmJ3ZxcGSj0WJZrk+n058aoW5EhoDhyP8ycm1xJ2rtlwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFFGJ2ftonOszIWjpoadvdhO5ndpkMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvVVluWi0yaWM2ek1oYU9taHAyOTJFN21kMm1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAI+PKQD
BAI+PMADBAI+PNQDBAI+PNwDBALVsEQwDQYJKoZIhvcNAQELBQADggEBAJ0Lvo51
UeaJofMNxCI9rJ/jwibJVCaJzOTXEHan+YQTjzJeH7NoILqUXp5OkgwZMOt0LCZ4
f7LVN8FaKGNL1GM1yUqQ7yJ4Ef9KTV7cpqWplYk+tc9emH7yI+3xeQf9Gn447oWz
fUD1Ec612/h8Tw9JFfODcA0X6LiLxDYD3WdsEe9X5Bu0dHXWQEFVKzCpFICoey2M
vZnTIKeCjPnW5RpoQXmOLkXcmxbSZOA9EadSLrr2mPEZDN1/mZdrIIBq29AAGM63
U6HrBZUWnXH9f+Z9SzTCIZjAhCPaW8J1okqHBIeO8NQB3rAydI+WtDjOpOKGcqd1
TR9SH9o8CW5/I3g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:39 2024 by rpki-client on console-fra.rpki-client.org