Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/UqI3E8t9J1W6oPVFoTDlYPnPOp0.roa
File: UqI3E8t9J1W6oPVFoTDlYPnPOp0.roa (raw, json)
Hash identifier: 2zo6bTj8VtfCTlZd4txWAJ4mr9iBHGbwyr4DkAUL5fc=
Subject key identifier: 52:A2:37:13:CB:7D:27:55:BA:A0:F5:45:A1:30:E5:60:F9:CF:3A:9D
Certificate issuer: /CN=a9b75b64d5da17d70bbabd811a39a602ddaf963a
Certificate serial: 42101461
Authority key identifier: A9:B7:5B:64:D5:DA:17:D7:0B:BA:BD:81:1A:39:A6:02:DD:AF:96:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qbdbZNXaF9cLur2BGjmmAt2vljo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/UqI3E8t9J1W6oPVFoTDlYPnPOp0.roa
Signing time: Sat 01 Jan 2022 10:03:43 +0000
ROA not before: Sat 01 Jan 2022 10:03:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 33891
IP address blocks: 92.43.104.0/21 maxlen: 21
92.43.109.0/24 maxlen: 24
92.43.110.0/24 maxlen: 24
92.43.106.0/24 maxlen: 24
92.43.107.0/24 maxlen: 24
92.43.108.0/24 maxlen: 24
80.255.0.0/20 maxlen: 20
5.56.16.0/21 maxlen: 21
82.199.149.0/24 maxlen: 24
82.199.151.0/24 maxlen: 24
82.199.152.0/24 maxlen: 24
82.199.146.0/24 maxlen: 24
82.199.147.0/24 maxlen: 24
82.199.148.0/24 maxlen: 24
83.142.80.0/21 maxlen: 21
82.199.153.0/24 maxlen: 24
82.199.154.0/24 maxlen: 24
195.138.249.0/24 maxlen: 24
195.138.250.0/24 maxlen: 24
195.138.248.0/21 maxlen: 21
82.199.157.0/24 maxlen: 24
82.199.158.0/24 maxlen: 24
82.199.159.0/24 maxlen: 24
31.7.176.0/20 maxlen: 20
31.7.182.0/24 maxlen: 24
31.7.183.0/24 maxlen: 24
81.95.0.0/20 maxlen: 20
81.95.8.0/24 maxlen: 24
81.95.9.0/24 maxlen: 24
82.199.128.0/19 maxlen: 19
82.199.130.0/24 maxlen: 24
82.199.131.0/24 maxlen: 24
82.199.128.0/24 maxlen: 24
82.199.138.0/24 maxlen: 24
82.199.141.0/24 maxlen: 24
82.199.142.0/24 maxlen: 24
82.199.143.0/24 maxlen: 24
82.199.144.0/24 maxlen: 24
82.199.145.0/24 maxlen: 24
2a01:4a0:47::/48 maxlen: 48
2a01:4a0:62::/48 maxlen: 48
2a01:4a0:30::/48 maxlen: 48
2a01:4a0:e::/48 maxlen: 48
2a01:4a0:48::/48 maxlen: 48
2a01:4a0:b::/48 maxlen: 48
2a01:4a0:5::/48 maxlen: 48
2a01:4a0:45::/48 maxlen: 48
2a01:4a0::/32 maxlen: 32
2a01:4a0:42::/48 maxlen: 48
2a01:4a0:38::/48 maxlen: 48
2a01:4a0:56::/48 maxlen: 48
2a01:4a0:50::/48 maxlen: 48
2a01:4a0::/29 maxlen: 29
2a01:4a0:17::/48 maxlen: 48
2a01:4a0:46::/48 maxlen: 48
2a01:4a0:43::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1108350049 (0x42101461)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9b75b64d5da17d70bbabd811a39a602ddaf963a
Validity
Not Before: Jan 1 10:03:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=52a23713cb7d2755baa0f545a130e560f9cf3a9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:fd:85:45:d5:7e:81:38:4d:17:ab:4e:ac:85:
f0:0c:41:fd:48:11:4c:42:a8:6e:4c:8b:d2:85:62:
e3:b8:4f:31:83:92:30:50:d1:eb:33:a8:f4:16:c0:
4a:24:1a:3b:bf:89:57:f1:35:01:74:e2:b3:3c:1e:
75:f4:06:71:6b:13:4d:18:75:2e:ea:18:49:66:75:
7c:7f:13:ff:b7:b8:84:2f:9c:5f:da:0d:34:1e:3c:
d9:56:30:1d:2d:5c:02:90:af:22:d2:c4:f1:63:12:
2f:5a:3c:13:37:7b:bf:77:58:d0:e3:75:51:84:27:
23:10:1a:86:66:6a:99:b3:ad:56:b7:75:2d:a0:98:
4a:28:70:1b:bd:1b:b2:e1:a4:df:45:92:3b:14:44:
68:5b:7b:f6:8b:4a:ff:f9:49:10:9f:92:06:c8:ec:
06:f8:64:98:6a:f8:39:4b:da:28:47:32:02:a5:89:
4d:72:df:d5:f8:4f:d4:19:03:09:89:3b:de:36:88:
c7:25:1a:87:0d:ba:16:f9:58:2c:df:64:82:e8:ca:
b3:3e:86:23:38:99:ea:9e:cc:f0:02:e0:f6:77:05:
d7:e6:fe:a2:4d:d4:d5:ce:5e:17:78:39:6a:cd:69:
70:98:3f:eb:c9:57:2b:75:8f:7b:2e:c0:3f:a8:9c:
eb:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:A2:37:13:CB:7D:27:55:BA:A0:F5:45:A1:30:E5:60:F9:CF:3A:9D
X509v3 Authority Key Identifier:
keyid:A9:B7:5B:64:D5:DA:17:D7:0B:BA:BD:81:1A:39:A6:02:DD:AF:96:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qbdbZNXaF9cLur2BGjmmAt2vljo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/UqI3E8t9J1W6oPVFoTDlYPnPOp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/qbdbZNXaF9cLur2BGjmmAt2vljo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.16.0/21
31.7.176.0/20
80.255.0.0/20
81.95.0.0/20
82.199.128.0/19
83.142.80.0/21
92.43.104.0/21
195.138.248.0/21
IPv6:
2a01:4a0::/29
Signature Algorithm: sha256WithRSAEncryption
97:3a:dd:d6:c2:1f:db:ef:5c:80:96:ec:41:07:56:96:46:90:
01:a8:b5:ef:7d:81:a5:73:fb:00:34:a5:fb:69:a0:e5:bb:8c:
0b:3c:71:1a:ab:f3:dd:a7:ee:fd:e9:c0:da:08:a8:63:cd:a2:
a0:27:2f:55:42:70:52:ce:4e:57:2a:aa:15:7c:5e:54:e9:1c:
0a:d9:36:d4:c1:3d:d9:66:3a:f6:7d:0a:21:f2:0a:8c:6f:5b:
d2:f5:61:d3:76:20:78:7e:ed:51:a2:e5:90:ea:4b:0c:69:31:
0e:40:0d:2a:45:95:9e:36:af:99:8a:a3:b1:be:97:37:97:5e:
9a:38:40:c8:87:0a:3a:a6:d0:9b:d1:5c:6e:b9:27:77:ec:0a:
22:ae:ad:7c:8c:d3:9a:eb:50:1c:db:97:1b:94:b7:17:a8:f6:
dd:6c:21:33:d5:4d:e1:43:59:cf:ec:ac:c5:5e:0a:83:72:6a:
8b:1d:00:19:07:cf:e2:e8:08:9a:6f:d5:6a:7a:90:86:35:c4:
95:b1:b9:e6:12:1f:69:48:74:0e:02:f7:82:35:fb:d1:ff:88:
b7:8b:86:14:2e:08:5d:08:d7:56:0b:74:a2:cf:42:b1:da:cb:
ec:37:a2:2f:39:0e:8f:bd:83:d0:32:0a:62:a8:76:e1:97:a1:
8c:11:8c:a2
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIEQhAUYTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
OWI3NWI2NGQ1ZGExN2Q3MGJiYWJkODExYTM5YTYwMmRkYWY5NjNhMB4XDTIyMDEw
MTEwMDM0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTJhMjM3MTNjYjdk
Mjc1NWJhYTBmNTQ1YTEzMGU1NjBmOWNmM2E5ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANr9hUXVfoE4TRerTqyF8AxB/UgRTEKobkyL0oVi47hPMYOS
MFDR6zOo9BbASiQaO7+JV/E1AXTiszwedfQGcWsTTRh1LuoYSWZ1fH8T/7e4hC+c
X9oNNB482VYwHS1cApCvItLE8WMSL1o8Ezd7v3dY0ON1UYQnIxAahmZqmbOtVrd1
LaCYSihwG70bsuGk30WSOxREaFt79otK//lJEJ+SBsjsBvhkmGr4OUvaKEcyAqWJ
TXLf1fhP1BkDCYk73jaIxyUahw26FvlYLN9kgujKsz6GIziZ6p7M8ALg9ncF1+b+
ok3U1c5eF3g5as1pcJg/68lXK3WPey7AP6ic6xkCAwEAAaOCAkIwggI+MB0GA1Ud
DgQWBBRSojcTy30nVbqg9UWhMOVg+c86nTAfBgNVHSMEGDAWgBSpt1tk1doX1wu6
vYEaOaYC3a+WOjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FiZGJaTlhhRjljTHVyMkJHam1tQXQydmxqby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjUvZGE4NWU3LWE0NTItNGIxZC1iNWFlLTliMTE4MDRlY2QzOS8x
L1VxSTNFOHQ5SjFXNm9QVkZvVERsWVBuUE9wMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUv
ZGE4NWU3LWE0NTItNGIxZC1iNWFlLTliMTE4MDRlY2QzOS8xL3FiZGJaTlhhRjlj
THVyMkJHam1tQXQydmxqby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBY
BggrBgEFBQcBBwEB/wRJMEcwNgQCAAEwMAMEAwU4EAMEBB8HsAMEBFD/AAMEBFFf
AAMEBVLHgAMEA1OOUAMEA1wraAMEA8OK+DANBAIAAjAHAwUDKgEEoDANBgkqhkiG
9w0BAQsFAAOCAQEAlzrd1sIf2+9cgJbsQQdWlkaQAai1732BpXP7ADSl+2mg5buM
CzxxGqvz3afu/enA2gioY82ioCcvVUJwUs5OVyqqFXxeVOkcCtk21ME92WY69n0K
IfIKjG9b0vVh03YgeH7tUaLlkOpLDGkxDkANKkWVnjavmYqjsb6XN5demjhAyIcK
OqbQm9Fcbrknd+wKIq6tfIzTmutQHNuXG5S3F6j23WwhM9VN4UNZz+ysxV4Kg3Jq
ix0AGQfP4ugImm/VanqQhjXElbG55hIfaUh0DgL3gjX70f+It4uGFC4IXQjXVgt0
os9CsdrL7DeiLzkOj72D0DIKYqh24ZehjBGMog==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:44 2024 by rpki-client on console-fra.rpki-client.org