Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/ugMD1UZp1VO2Td50TKArZNpEUL4.roa
File: ugMD1UZp1VO2Td50TKArZNpEUL4.roa (raw, json)
Hash identifier: CjRtDs2dsqJltfz4sKy0dvJaNELRn5/gtE9k+Y79ZTs=
Subject key identifier: BA:03:03:D5:46:69:D5:53:B6:4D:DE:74:4C:A0:2B:64:DA:44:50:BE
Certificate issuer: /CN=46c98b2e4a3e060def45abc62c0e345faa80b5ec
Certificate serial: 18848C6E
Authority key identifier: 46:C9:8B:2E:4A:3E:06:0D:EF:45:AB:C6:2C:0E:34:5F:AA:80:B5:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RsmLLko-Bg3vRavGLA40X6qAtew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/ugMD1UZp1VO2Td50TKArZNpEUL4.roa
Signing time: Sat 01 Jan 2022 10:04:35 +0000
ROA not before: Sat 01 Jan 2022 10:04:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60033
IP address blocks: 185.61.136.0/24 maxlen: 24
185.61.137.0/24 maxlen: 24
185.61.138.0/24 maxlen: 24
185.61.139.0/24 maxlen: 24
2a02:7a60::/48 maxlen: 48
2a02:7a60::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 411339886 (0x18848c6e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46c98b2e4a3e060def45abc62c0e345faa80b5ec
Validity
Not Before: Jan 1 10:04:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ba0303d54669d553b64dde744ca02b64da4450be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e9:66:cf:70:fe:88:aa:37:19:76:45:6d:fa:
4b:3a:d9:df:11:3a:06:cf:cb:66:95:0b:d4:0e:f5:
b5:69:96:c0:bf:17:48:dc:22:d6:61:c0:a3:ca:8a:
9d:1e:f3:a6:66:ca:2b:79:aa:e8:8e:2d:38:11:f9:
4c:52:cf:33:51:b6:ac:86:b8:fb:48:60:a8:af:4a:
b4:b7:ae:a4:57:aa:0f:55:51:c8:4b:b9:f9:6c:1a:
4c:50:c2:34:fd:7a:85:d4:92:0d:c5:4a:a7:29:7e:
85:19:7f:20:60:35:c2:81:54:0e:a2:82:5f:2f:65:
aa:6e:19:44:33:d9:06:5f:96:a2:65:bc:69:d8:d8:
30:c8:00:eb:21:df:8d:b9:1b:b1:a4:0a:ac:73:b4:
04:a0:10:f7:a7:fe:62:64:46:45:46:e7:2b:86:6f:
fb:17:f8:85:2b:6b:ec:f5:2f:af:66:34:08:ac:3a:
f8:8b:e0:f4:ac:df:a6:f4:17:89:ab:17:83:25:b6:
51:d5:94:5e:7a:1a:8e:9b:ae:88:07:3b:cd:2f:75:
33:2e:42:5a:d7:4a:96:ac:f1:8f:89:22:a2:f2:ba:
4e:91:05:02:1c:e7:a6:4c:44:44:91:58:14:a6:18:
69:b7:32:d0:26:50:69:07:0e:26:72:d3:73:50:50:
49:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:03:03:D5:46:69:D5:53:B6:4D:DE:74:4C:A0:2B:64:DA:44:50:BE
X509v3 Authority Key Identifier:
keyid:46:C9:8B:2E:4A:3E:06:0D:EF:45:AB:C6:2C:0E:34:5F:AA:80:B5:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RsmLLko-Bg3vRavGLA40X6qAtew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/ugMD1UZp1VO2Td50TKArZNpEUL4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/RsmLLko-Bg3vRavGLA40X6qAtew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.61.136.0/22
IPv6:
2a02:7a60::/32
Signature Algorithm: sha256WithRSAEncryption
04:e5:e1:df:d9:da:fc:0e:a6:bc:95:d9:e1:b7:b8:bc:51:de:
c8:7f:5a:51:e5:33:61:16:64:fb:42:e5:ca:41:18:0d:ae:7b:
d5:b9:6b:68:56:17:d8:c8:09:91:e2:ce:16:f9:5a:4e:47:fc:
d0:ca:a5:b0:12:f1:0b:9e:55:bc:71:69:f1:15:21:23:2d:27:
9d:1b:73:75:bd:bc:f0:ab:22:3b:03:c5:59:63:37:99:f8:69:
23:8f:71:6b:82:93:6c:52:fa:39:a7:ce:f2:e3:03:94:d9:f8:
88:95:d1:7b:fd:a4:06:0f:14:a1:7f:4e:7e:2a:93:8a:4b:a9:
5d:1b:99:03:ca:60:e4:b4:53:0a:e8:81:de:8c:e2:bc:82:e7:
28:a1:a1:a1:29:ed:b1:a1:9d:76:09:3b:9d:b9:25:e3:75:a1:
4c:db:6d:80:18:21:5a:cb:b3:53:6b:b2:6c:25:50:b5:19:46:
a6:e8:ee:3e:63:0f:05:09:af:d9:06:d0:d7:41:cf:f4:f3:c1:
23:94:38:44:d3:e2:33:68:1b:e4:0f:41:9f:75:e9:9c:49:f4:
7a:d4:5b:37:de:40:54:aa:19:29:e6:d9:0e:ce:e6:f8:1a:13:
7e:d8:a0:cd:43:36:c2:79:3a:43:db:f5:60:18:cf:0d:fe:3f:
82:0e:59:79
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEGISMbjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NmM5OGIyZTRhM2UwNjBkZWY0NWFiYzYyYzBlMzQ1ZmFhODBiNWVjMB4XDTIyMDEw
MTEwMDQzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmEwMzAzZDU0NjY5
ZDU1M2I2NGRkZTc0NGNhMDJiNjRkYTQ0NTBiZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL7pZs9w/oiqNxl2RW36SzrZ3xE6Bs/LZpUL1A71tWmWwL8X
SNwi1mHAo8qKnR7zpmbKK3mq6I4tOBH5TFLPM1G2rIa4+0hgqK9KtLeupFeqD1VR
yEu5+WwaTFDCNP16hdSSDcVKpyl+hRl/IGA1woFUDqKCXy9lqm4ZRDPZBl+WomW8
adjYMMgA6yHfjbkbsaQKrHO0BKAQ96f+YmRGRUbnK4Zv+xf4hStr7PUvr2Y0CKw6
+Ivg9KzfpvQXiasXgyW2UdWUXnoajpuuiAc7zS91My5CWtdKlqzxj4kiovK6TpEF
AhznpkxERJFYFKYYabcy0CZQaQcOJnLTc1BQSdkCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBS6AwPVRmnVU7ZN3nRMoCtk2kRQvjAfBgNVHSMEGDAWgBRGyYsuSj4GDe9F
q8YsDjRfqoC17DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JzbUxMa28tQmczdlJhdkdMQTQwWDZxQXRldy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvMmFhOGQxLWNiNzEtNDkwNC1hNTkxLTM0NDk1MjI3MTBlNy8x
L3VnTUQxVVpwMVZPMlRkNTBUS0FyWk5wRVVMNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
MmFhOGQxLWNiNzEtNDkwNC1hNTkxLTM0NDk1MjI3MTBlNy8xL1JzbUxMa28tQmcz
dlJhdkdMQTQwWDZxQXRldy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArk9iDANBAIAAjAHAwUAKgJ6YDAN
BgkqhkiG9w0BAQsFAAOCAQEABOXh39na/A6mvJXZ4be4vFHeyH9aUeUzYRZk+0Ll
ykEYDa571blraFYX2MgJkeLOFvlaTkf80MqlsBLxC55VvHFp8RUhIy0nnRtzdb28
8KsiOwPFWWM3mfhpI49xa4KTbFL6OafO8uMDlNn4iJXRe/2kBg8UoX9OfiqTikup
XRuZA8pg5LRTCuiB3ozivILnKKGhoSntsaGddgk7nbkl43WhTNttgBghWsuzU2uy
bCVQtRlGpujuPmMPBQmv2QbQ10HP9PPBI5Q4RNPiM2gb5A9Bn3XpnEn0etRbN95A
VKoZKebZDs7m+BoTftigzUM2wnk6Q9v1YBjPDf4/gg5ZeQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:23 2025 by rpki-client