Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/d3856f-029c-446a-ae7d-d7c5da7c1676/1/UbmnIdyF2hVl6qoj8mq-b2gbjC4.roa
File: UbmnIdyF2hVl6qoj8mq-b2gbjC4.roa (raw, json)
Hash identifier: vrfFxrKTqWIJwJ+bGmComLpWo8S8sKeDGldVy1CLS4Y=
Subject key identifier: 51:B9:A7:21:DC:85:DA:15:65:EA:AA:23:F2:6A:BE:6F:68:1B:8C:2E
Certificate issuer: /CN=1c39d57936dd2d1521443e68dadd9d0949cde33f
Certificate serial: 3F1F1A2F
Authority key identifier: 1C:39:D5:79:36:DD:2D:15:21:44:3E:68:DA:DD:9D:09:49:CD:E3:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HDnVeTbdLRUhRD5o2t2dCUnN4z8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/d3856f-029c-446a-ae7d-d7c5da7c1676/1/UbmnIdyF2hVl6qoj8mq-b2gbjC4.roa
Signing time: Sat 01 Jan 2022 09:06:30 +0000
ROA not before: Sat 01 Jan 2022 09:06:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48284
IP address blocks: 94.125.72.0/21 maxlen: 21
130.255.104.0/21 maxlen: 21
109.70.192.0/21 maxlen: 21
185.35.208.0/22 maxlen: 22
88.133.240.0/21 maxlen: 30
109.235.224.0/21 maxlen: 21
5.199.176.0/21 maxlen: 21
212.237.168.0/21 maxlen: 21
2a02:778::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1059002927 (0x3f1f1a2f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c39d57936dd2d1521443e68dadd9d0949cde33f
Validity
Not Before: Jan 1 09:06:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=51b9a721dc85da1565eaaa23f26abe6f681b8c2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:58:bf:42:ad:c7:9a:f2:a6:80:73:4c:c5:cd:
d7:bf:00:ef:0f:dd:d7:1e:da:1b:4c:66:1c:d9:28:
f0:a2:7e:fb:45:0e:92:b8:ac:b3:32:db:96:5d:22:
c4:e7:f6:71:90:37:5d:a9:ff:a2:71:38:3f:24:5c:
c0:9e:35:d6:e3:2b:4c:14:9d:26:a3:23:f4:cb:12:
ef:46:d6:2e:65:eb:ae:ab:ff:ba:82:46:eb:7f:04:
68:ba:62:a8:2a:6c:b5:b8:00:66:c7:8f:6d:f3:be:
e9:a7:84:88:61:1f:ce:3d:32:bf:0b:ae:b9:33:04:
06:0d:07:ad:c1:7c:30:bf:6b:19:b3:bc:7e:90:bf:
88:25:9f:29:11:ff:13:a2:a4:75:66:0c:08:e2:f7:
1b:10:e7:23:2d:b0:5f:1d:a2:3c:22:80:41:cb:03:
85:fa:cb:16:88:6e:fc:b7:56:05:d1:04:3e:ce:73:
00:38:e7:10:ed:9e:4d:e3:18:e3:64:93:70:f2:f8:
58:56:63:9e:8a:50:49:22:42:36:07:42:d5:65:a5:
fa:a5:76:62:1e:a3:72:60:71:01:01:71:e6:04:5b:
02:c4:20:c4:be:84:0b:f1:f7:37:25:22:e4:52:5d:
2c:92:3a:1a:7d:15:c6:39:ff:34:f3:fa:c1:d8:79:
8b:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:B9:A7:21:DC:85:DA:15:65:EA:AA:23:F2:6A:BE:6F:68:1B:8C:2E
X509v3 Authority Key Identifier:
keyid:1C:39:D5:79:36:DD:2D:15:21:44:3E:68:DA:DD:9D:09:49:CD:E3:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HDnVeTbdLRUhRD5o2t2dCUnN4z8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/d3856f-029c-446a-ae7d-d7c5da7c1676/1/UbmnIdyF2hVl6qoj8mq-b2gbjC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/d3856f-029c-446a-ae7d-d7c5da7c1676/1/HDnVeTbdLRUhRD5o2t2dCUnN4z8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.199.176.0/21
88.133.240.0/21
94.125.72.0/21
109.70.192.0/21
109.235.224.0/21
130.255.104.0/21
185.35.208.0/22
212.237.168.0/21
IPv6:
2a02:778::/32
Signature Algorithm: sha256WithRSAEncryption
41:fc:11:8f:f7:f6:ef:9a:7c:ad:7d:b8:61:00:9b:05:0e:95:
ee:ee:70:9e:d6:08:5d:4d:dc:62:38:98:df:af:a5:91:ec:fd:
de:37:fd:e0:fd:dd:6c:09:f1:68:72:a3:fe:d2:64:4e:d1:e2:
44:75:d7:4e:d2:b9:ce:b2:ce:54:17:b6:4d:df:08:23:4b:e2:
f7:dd:40:33:e3:dd:8d:4b:d0:bc:0f:33:d7:28:5f:34:cf:98:
34:0b:80:d1:b5:dc:8b:fe:53:aa:b1:cb:d1:37:d8:c1:c4:a2:
b5:1d:e7:c0:cd:90:6e:1f:f2:d0:df:af:6b:88:c0:5f:2d:05:
5a:c2:a0:e7:9a:44:d0:97:ac:83:aa:55:2b:67:36:8c:ce:36:
89:a9:60:aa:81:a9:70:44:e5:bb:a9:f3:b5:0c:b7:3d:0e:a6:
66:e3:dc:9a:83:2b:b4:48:7e:19:29:22:c4:80:19:6e:d1:58:
de:43:a1:0a:cb:6c:b6:d7:49:e1:fb:73:b9:ad:50:0f:b4:62:
ba:d7:9f:52:60:4d:c7:96:70:24:ae:24:4b:fa:f2:40:4b:a3:
0d:7b:23:86:38:3f:26:67:25:25:0d:2a:d5:4f:b5:c7:64:3d:
bf:1e:f2:66:c1:72:f5:f0:fb:d7:30:64:6a:5a:5a:44:6b:50:
7c:b4:e8:91
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIEPx8aLzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YzM5ZDU3OTM2ZGQyZDE1MjE0NDNlNjhkYWRkOWQwOTQ5Y2RlMzNmMB4XDTIyMDEw
MTA5MDYzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTFiOWE3MjFkYzg1
ZGExNTY1ZWFhYTIzZjI2YWJlNmY2ODFiOGMyZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKVYv0Ktx5rypoBzTMXN178A7w/d1x7aG0xmHNko8KJ++0UO
krisszLbll0ixOf2cZA3Xan/onE4PyRcwJ411uMrTBSdJqMj9MsS70bWLmXrrqv/
uoJG638EaLpiqCpstbgAZsePbfO+6aeEiGEfzj0yvwuuuTMEBg0HrcF8ML9rGbO8
fpC/iCWfKRH/E6KkdWYMCOL3GxDnIy2wXx2iPCKAQcsDhfrLFohu/LdWBdEEPs5z
ADjnEO2eTeMY42STcPL4WFZjnopQSSJCNgdC1WWl+qV2Yh6jcmBxAQFx5gRbAsQg
xL6EC/H3NyUi5FJdLJI6Gn0Vxjn/NPP6wdh5i8kCAwEAAaOCAkIwggI+MB0GA1Ud
DgQWBBRRuach3IXaFWXqqiPyar5vaBuMLjAfBgNVHSMEGDAWgBQcOdV5Nt0tFSFE
Pmja3Z0JSc3jPzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hEblZlVGJkTFJVaFJENW8ydDJkQ1VuTjR6OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjcvZDM4NTZmLTAyOWMtNDQ2YS1hZTdkLWQ3YzVkYTdjMTY3Ni8x
L1VibW5JZHlGMmhWbDZxb2o4bXEtYjJnYmpDNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjcv
ZDM4NTZmLTAyOWMtNDQ2YS1hZTdkLWQ3YzVkYTdjMTY3Ni8xL0hEblZlVGJkTFJV
aFJENW8ydDJkQ1VuTjR6OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBY
BggrBgEFBQcBBwEB/wRJMEcwNgQCAAEwMAMEAwXHsAMEA1iF8AMEA159SAMEA21G
wAMEA23r4AMEA4L/aAMEArkj0AMEA9TtqDANBAIAAjAHAwUAKgIHeDANBgkqhkiG
9w0BAQsFAAOCAQEAQfwRj/f275p8rX24YQCbBQ6V7u5wntYIXU3cYjiY36+lkez9
3jf94P3dbAnxaHKj/tJkTtHiRHXXTtK5zrLOVBe2Td8II0vi991AM+PdjUvQvA8z
1yhfNM+YNAuA0bXci/5TqrHL0TfYwcSitR3nwM2Qbh/y0N+va4jAXy0FWsKg55pE
0Jesg6pVK2c2jM42ialgqoGpcETlu6nztQy3PQ6mZuPcmoMrtEh+GSkixIAZbtFY
3kOhCststtdJ4ftzua1QD7RiutefUmBNx5ZwJK4kS/ryQEujDXsjhjg/JmclJQ0q
1U+1x2Q9vx7yZsFy9fD71zBkalpaRGtQfLTokQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:20 2023 by rpki-client on console-ams.rpki-client.org