Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/309bfd-cbe7-4144-a630-2f80a0a0206a/1/uQXxR9eNt3YZx8NdgcSOtPtu09I.roa
File: uQXxR9eNt3YZx8NdgcSOtPtu09I.roa (raw, json)
Hash identifier: yticMyRPVD8wEpCm99FLAuNJXPgwjBQbAFC8i6k9yf8=
Subject key identifier: B9:05:F1:47:D7:8D:B7:76:19:C7:C3:5D:81:C4:8E:B4:FB:6E:D3:D2
Certificate issuer: /CN=f19a5d5cb7949ce1bd209dc213993520e02d1085
Certificate serial: 01864AFF9B39A91B1348772D84E5D1A93B28
Authority key identifier: F1:9A:5D:5C:B7:94:9C:E1:BD:20:9D:C2:13:99:35:20:E0:2D:10:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8ZpdXLeUnOG9IJ3CE5k1IOAtEIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/309bfd-cbe7-4144-a630-2f80a0a0206a/1/uQXxR9eNt3YZx8NdgcSOtPtu09I.roa
Signing time: Mon 13 Feb 2023 13:38:30 +0000
ROA not before: Mon 13 Feb 2023 13:38:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61211
IP address blocks: 148.163.184.0/22 maxlen: 24
185.15.28.0/22 maxlen: 24
185.62.72.0/22 maxlen: 24
185.203.16.0/22 maxlen: 24
2a03:bb40::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4a:ff:9b:39:a9:1b:13:48:77:2d:84:e5:d1:a9:3b:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f19a5d5cb7949ce1bd209dc213993520e02d1085
Validity
Not Before: Feb 13 13:38:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b905f147d78db77619c7c35d81c48eb4fb6ed3d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f7:5e:b6:e7:de:42:b8:4d:12:4c:6c:8c:fe:
32:1c:09:c4:92:16:f8:b7:8c:33:ce:ba:ca:1c:e1:
95:35:d6:ba:99:f2:0f:39:fe:5c:44:07:8d:5c:df:
2b:df:a5:ae:4c:72:ad:59:ec:7b:b3:d7:5a:70:c7:
46:10:95:4b:80:41:ef:bd:c4:85:ab:a8:0d:56:fa:
02:16:0d:d2:9e:08:fd:85:9d:09:c4:63:50:1d:14:
f5:0e:54:e4:ab:ba:7c:20:42:2b:3d:9a:e5:83:c9:
ff:1a:3e:82:65:18:50:ef:3d:8d:90:40:f6:7d:0d:
31:ac:17:05:ae:af:76:6c:b1:7d:e8:4d:ee:81:a4:
eb:99:36:f7:69:79:ac:3f:45:47:70:2a:d7:55:5c:
d1:22:39:cb:95:14:92:bb:94:ed:86:8d:36:eb:2e:
62:e6:71:e1:25:5f:35:20:f1:e1:93:51:35:21:7e:
43:67:b1:a6:9e:d8:11:8b:93:a4:1d:db:0d:13:b7:
dd:27:3d:b4:61:2f:17:a4:42:24:ed:1a:56:1c:40:
f4:29:19:95:37:20:f3:b6:0a:3a:eb:ab:9f:9b:4e:
05:cd:3c:ec:ba:58:86:67:b4:bb:d1:d5:87:9a:31:
41:90:fc:1e:19:46:75:ba:0e:69:0b:e4:3a:d6:4d:
f0:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:05:F1:47:D7:8D:B7:76:19:C7:C3:5D:81:C4:8E:B4:FB:6E:D3:D2
X509v3 Authority Key Identifier:
keyid:F1:9A:5D:5C:B7:94:9C:E1:BD:20:9D:C2:13:99:35:20:E0:2D:10:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8ZpdXLeUnOG9IJ3CE5k1IOAtEIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/309bfd-cbe7-4144-a630-2f80a0a0206a/1/uQXxR9eNt3YZx8NdgcSOtPtu09I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/309bfd-cbe7-4144-a630-2f80a0a0206a/1/8ZpdXLeUnOG9IJ3CE5k1IOAtEIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.163.184.0/22
185.15.28.0/22
185.62.72.0/22
185.203.16.0/22
IPv6:
2a03:bb40::/32
Signature Algorithm: sha256WithRSAEncryption
17:54:bf:42:57:27:05:e2:e2:e6:7d:74:97:eb:35:b1:ec:94:
34:a3:16:ab:71:6e:60:d1:76:2e:56:f6:b7:7a:d8:65:a4:ff:
29:1c:a9:9c:12:73:56:70:d4:12:31:1d:4e:2a:9a:47:b4:a4:
28:32:c1:b2:30:eb:47:0e:99:75:eb:90:4d:fd:cb:0e:a6:4c:
e5:fd:58:a7:c4:a6:8a:b5:78:d3:24:ab:0f:21:a6:fc:5b:1b:
d0:34:e6:dc:7c:67:60:0c:cd:21:71:a4:6d:9b:fb:ce:16:c9:
9f:42:7b:4a:bb:7a:cf:46:bd:ac:0b:71:fa:5f:c0:98:99:5e:
fb:37:b6:91:d6:42:20:32:f2:71:ab:28:91:4f:56:d5:41:9d:
44:72:1a:f4:85:d5:0b:a2:63:49:d0:4d:4b:f8:49:e5:d6:83:
10:56:3a:f9:f9:85:1c:bb:d7:63:56:5d:d8:b0:88:0e:2f:78:
92:e3:95:a2:40:48:e2:1b:0b:d5:e4:28:0c:fc:de:5b:a5:fd:
9d:ee:3b:70:8a:88:ad:78:b6:81:55:c4:63:2d:2f:5c:6d:be:
fa:9f:1b:8d:21:2d:3a:9f:86:65:31:c0:e1:d9:85:c7:a8:76:
a9:d4:a3:c5:87:c0:c7:54:50:5c:dd:54:52:30:5f:45:9c:3a:
60:1b:d3:e8
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYZK/5s5qRsTSHcthOXRqTsoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxOWE1ZDVjYjc5NDljZTFiZDIwOWRjMjEzOTkzNTIwZTAy
ZDEwODUwHhcNMjMwMjEzMTMzODMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTA1ZjE0N2Q3OGRiNzc2MTljN2MzNWQ4MWM0OGViNGZiNmVkM2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfdetufeQrhNEkxsjP4yHAnEkhb4
t4wzzrrKHOGVNda6mfIPOf5cRAeNXN8r36WuTHKtWex7s9dacMdGEJVLgEHvvcSF
q6gNVvoCFg3Sngj9hZ0JxGNQHRT1DlTkq7p8IEIrPZrlg8n/Gj6CZRhQ7z2NkED2
fQ0xrBcFrq92bLF96E3ugaTrmTb3aXmsP0VHcCrXVVzRIjnLlRSSu5Ttho026y5i
5nHhJV81IPHhk1E1IX5DZ7GmntgRi5OkHdsNE7fdJz20YS8XpEIk7RpWHED0KRmV
NyDztgo666ufm04FzTzsuliGZ7S70dWHmjFBkPweGUZ1ug5pC+Q61k3weQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFLkF8UfXjbd2GcfDXYHEjrT7btPSMB8GA1UdIwQY
MBaAFPGaXVy3lJzhvSCdwhOZNSDgLRCFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFpwZFhMZVVuT0c5SUozQ0U1azFJT0F0RUlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8zMDliZmQtY2JlNy00MTQ0LWE2MzAt
MmY4MGEwYTAyMDZhLzEvdVFYeFI5ZU50M1laeDhOZGdjU090UHR1MDlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8zMDliZmQtY2JlNy00MTQ0LWE2MzAtMmY4MGEwYTAyMDZh
LzEvOFpwZFhMZVVuT0c5SUozQ0U1azFJT0F0RUlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQClKO4AwQC
uQ8cAwQCuT5IAwQCucsQMA0EAgACMAcDBQAqA7tAMA0GCSqGSIb3DQEBCwUAA4IB
AQAXVL9CVycF4uLmfXSX6zWx7JQ0oxarcW5g0XYuVva3ethlpP8pHKmcEnNWcNQS
MR1OKppHtKQoMsGyMOtHDpl165BN/csOpkzl/VinxKaKtXjTJKsPIab8WxvQNObc
fGdgDM0hcaRtm/vOFsmfQntKu3rPRr2sC3H6X8CYmV77N7aR1kIgMvJxqyiRT1bV
QZ1Echr0hdULomNJ0E1L+Enl1oMQVjr5+YUcu9djVl3YsIgOL3iS45WiQEjiGwvV
5CgM/N5bpf2d7jtwioiteLaBVcRjLS9cbb76nxuNIS06n4ZlMcDh2YXHqHap1KPF
h8DHVFBc3VRSMF9FnDpgG9Po
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:46 2025 by rpki-client