Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/uVkjoRtSC_aumbsGQUczPEQ992M.roa
File: uVkjoRtSC_aumbsGQUczPEQ992M.roa (raw, json)
Hash identifier: lq7y3LriKrCDMI4rxhIWT+yDzknyKYGxzfjI5zEKPZs=
Subject key identifier: B9:59:23:A1:1B:52:0B:F6:AE:99:BB:06:41:47:33:3C:44:3D:F7:63
Certificate issuer: /CN=d17bf4fbea894f43eeb3db1b216e57766e01ab81
Certificate serial: 0182E8FF5D7B0CB56B97AD37445E9D899AAC
Authority key identifier: D1:7B:F4:FB:EA:89:4F:43:EE:B3:DB:1B:21:6E:57:76:6E:01:AB:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Xv0--qJT0Pus9sbIW5Xdm4Bq4E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/uVkjoRtSC_aumbsGQUczPEQ992M.roa
Signing time: Mon 29 Aug 2022 09:47:05 +0000
ROA not before: Mon 29 Aug 2022 09:47:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210055
IP address blocks: 185.214.170.0/24 maxlen: 24
185.214.171.0/24 maxlen: 24
176.119.132.0/22 maxlen: 22
176.119.132.0/24 maxlen: 24
176.119.135.0/24 maxlen: 24
176.119.134.0/24 maxlen: 24
176.119.133.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:e8:ff:5d:7b:0c:b5:6b:97:ad:37:44:5e:9d:89:9a:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d17bf4fbea894f43eeb3db1b216e57766e01ab81
Validity
Not Before: Aug 29 09:47:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b95923a11b520bf6ae99bb064147333c443df763
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:40:61:5b:72:ee:21:9c:b9:8d:f1:0c:81:08:
4b:3c:e4:af:c6:54:bf:93:69:c5:59:3a:b7:0e:62:
df:55:ed:e5:b0:50:18:bc:f5:05:1d:88:20:be:bf:
93:bb:c0:9a:1c:75:dd:48:b3:42:f2:c0:d8:17:4d:
59:cc:20:5e:52:85:c4:dd:b7:b9:1e:1c:9a:e0:81:
dd:41:13:ae:88:84:8e:06:39:a9:df:95:2f:71:8d:
54:13:04:28:51:94:58:01:75:b8:84:d7:7e:33:e4:
29:6a:de:09:ea:61:ce:81:95:ab:0d:ef:0e:94:a8:
10:a9:26:3a:76:80:11:89:90:4a:1f:73:db:06:dd:
9a:41:b3:3c:4b:f9:94:9d:a1:7e:df:16:ad:79:3b:
49:eb:e4:df:4b:1f:61:60:99:ee:a9:52:00:42:3b:
23:9c:e4:61:64:c4:25:29:0a:af:03:e1:43:6b:c9:
80:0e:90:7f:b1:fb:21:35:2a:92:85:a7:43:b3:e8:
15:43:48:8d:4f:d8:4a:97:5e:67:1b:d6:d0:48:ff:
91:f0:74:1e:0f:4f:75:f9:ac:79:81:05:87:74:da:
19:a4:b7:1b:d1:9e:2d:ce:d4:2f:6c:ea:24:00:fd:
71:43:f8:60:24:71:5f:02:50:0d:52:d4:a5:96:6c:
95:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:59:23:A1:1B:52:0B:F6:AE:99:BB:06:41:47:33:3C:44:3D:F7:63
X509v3 Authority Key Identifier:
keyid:D1:7B:F4:FB:EA:89:4F:43:EE:B3:DB:1B:21:6E:57:76:6E:01:AB:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Xv0--qJT0Pus9sbIW5Xdm4Bq4E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/uVkjoRtSC_aumbsGQUczPEQ992M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/0Xv0--qJT0Pus9sbIW5Xdm4Bq4E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.119.132.0/22
185.214.170.0/23
Signature Algorithm: sha256WithRSAEncryption
56:8f:d0:85:da:9c:af:4f:16:ba:18:78:82:fc:9c:96:1a:21:
2b:72:11:d0:20:2e:32:7e:5f:29:a4:7d:0b:a1:4a:45:4c:91:
e1:f9:2f:0f:75:48:19:c9:6e:b8:32:a8:f5:2e:bd:b2:72:e7:
bc:88:4a:bb:67:ed:9d:39:ba:cc:79:67:c8:f2:a2:39:11:c1:
de:a3:ad:4f:05:6a:df:da:16:9f:26:2d:b9:fc:86:36:98:24:
85:aa:14:95:94:41:5f:1e:7c:b4:5a:91:2b:71:56:6d:47:e2:
de:c1:72:8c:9f:22:71:f4:82:79:c6:f1:c8:3e:1e:39:0d:02:
c5:ae:d3:9a:e0:57:0b:6f:66:61:66:1e:85:02:7c:1a:d5:97:
25:76:96:36:39:83:9b:6e:32:fe:af:8a:e6:c3:3a:ea:86:18:
f6:17:8d:a7:e0:ed:5b:53:7c:95:bf:06:5f:a9:61:b1:01:ca:
7e:50:d7:0a:cd:2f:bf:fe:a9:2b:5b:f2:b8:f2:59:51:34:62:
2d:f8:db:c3:b9:cc:98:57:8b:54:40:c8:bf:96:70:9d:a5:2d:
af:50:0e:17:c2:1b:c7:32:fa:cb:84:3a:49:87:83:b7:59:7e:
70:ff:b3:1e:f9:37:de:e6:46:2c:84:dd:40:bd:04:99:ff:12:
43:3d:6e:3f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYLo/117DLVrl603RF6diZqsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxN2JmNGZiZWE4OTRmNDNlZWIzZGIxYjIxNmU1Nzc2NmUw
MWFiODEwHhcNMjIwODI5MDk0NzA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTU5MjNhMTFiNTIwYmY2YWU5OWJiMDY0MTQ3MzMzYzQ0M2RmNzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnEBhW3LuIZy5jfEMgQhLPOSvxlS/
k2nFWTq3DmLfVe3lsFAYvPUFHYggvr+Tu8CaHHXdSLNC8sDYF01ZzCBeUoXE3be5
Hhya4IHdQROuiISOBjmp35UvcY1UEwQoUZRYAXW4hNd+M+Qpat4J6mHOgZWrDe8O
lKgQqSY6doARiZBKH3PbBt2aQbM8S/mUnaF+3xateTtJ6+TfSx9hYJnuqVIAQjsj
nORhZMQlKQqvA+FDa8mADpB/sfshNSqShadDs+gVQ0iNT9hKl15nG9bQSP+R8HQe
D091+ax5gQWHdNoZpLcb0Z4tztQvbOokAP1xQ/hgJHFfAlANUtSllmyVRQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLlZI6EbUgv2rpm7BkFHMzxEPfdjMB8GA1UdIwQY
MBaAFNF79PvqiU9D7rPbGyFuV3ZuAauBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFh2MC0tcUpUMFB1czlzYklXNVhkbTRCcTRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy80MjE1MjktNzNlMi00OTE2LThiZDIt
MmMyMDFkMzBhZTA1LzEvdVZram9SdFNDX2F1bWJzR1FVY3pQRVE5OTJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy80MjE1MjktNzNlMi00OTE2LThiZDItMmMyMDFkMzBhZTA1
LzEvMFh2MC0tcUpUMFB1czlzYklXNVhkbTRCcTRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCsHeEAwQB
udaqMA0GCSqGSIb3DQEBCwUAA4IBAQBWj9CF2pyvTxa6GHiC/JyWGiErchHQIC4y
fl8ppH0LoUpFTJHh+S8PdUgZyW64Mqj1Lr2ycue8iEq7Z+2dObrMeWfI8qI5EcHe
o61PBWrf2hafJi25/IY2mCSFqhSVlEFfHny0WpErcVZtR+LewXKMnyJx9IJ5xvHI
Ph45DQLFrtOa4FcLb2ZhZh6FAnwa1ZcldpY2OYObbjL+r4rmwzrqhhj2F42n4O1b
U3yVvwZfqWGxAcp+UNcKzS+//qkrW/K48llRNGIt+NvDucyYV4tUQMi/lnCdpS2v
UA4XwhvHMvrLhDpJh4O3WX5w/7Me+Tfe5kYshN1AvQSZ/xJDPW4/
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:57 2024 by rpki-client on console-ams.rpki-client.org