Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/f77d51-ee1c-47a9-90bc-e0d2a1b6e8ac/1/Ug4e8Kp790374knWj4z_LWBcPAc.roa
File: Ug4e8Kp790374knWj4z_LWBcPAc.roa (raw, json)
Hash identifier: +yJlYdesYe1qKOfxwLvzBauDE0HB1LQe1fVVQiuqyH4=
Subject key identifier: 52:0E:1E:F0:AA:7B:F7:4D:FB:E2:49:D6:8F:8C:FF:2D:60:5C:3C:07
Certificate issuer: /CN=83bf36eb18ef9a57c5fb603ada400fe6b6688e6e
Certificate serial: 0184CD1DEA06B0729506617EEB2B7C9E8954
Authority key identifier: 83:BF:36:EB:18:EF:9A:57:C5:FB:60:3A:DA:40:0F:E6:B6:68:8E:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g7826xjvmlfF-2A62kAP5rZojm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/f77d51-ee1c-47a9-90bc-e0d2a1b6e8ac/1/Ug4e8Kp790374knWj4z_LWBcPAc.roa
Signing time: Thu 01 Dec 2022 09:56:40 +0000
ROA not before: Thu 01 Dec 2022 09:56:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25591
IP address blocks: 93.190.176.0/22 maxlen: 22
93.190.180.0/22 maxlen: 22
37.75.216.0/22 maxlen: 22
37.75.220.0/22 maxlen: 22
80.242.96.0/20 maxlen: 20
80.242.96.0/22 maxlen: 22
217.175.4.0/22 maxlen: 22
80.242.100.0/22 maxlen: 22
217.175.8.0/22 maxlen: 22
80.242.104.0/22 maxlen: 22
80.242.108.0/22 maxlen: 22
31.3.24.0/22 maxlen: 22
31.3.28.0/22 maxlen: 22
185.14.16.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:cd:1d:ea:06:b0:72:95:06:61:7e:eb:2b:7c:9e:89:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83bf36eb18ef9a57c5fb603ada400fe6b6688e6e
Validity
Not Before: Dec 1 09:56:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=520e1ef0aa7bf74dfbe249d68f8cff2d605c3c07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:54:fb:c5:08:22:aa:e4:44:28:6b:f0:47:72:
14:90:f4:8c:42:b4:67:a8:b9:93:3c:05:f2:04:32:
cf:43:5a:8f:b4:de:b8:16:30:fc:46:86:95:d2:a6:
bd:29:34:62:e4:62:e2:ab:c4:a4:62:25:cb:90:7f:
67:e0:54:3b:67:4c:25:6e:ca:3f:4c:b7:72:67:35:
29:51:e2:46:82:77:80:4a:8d:b8:f5:dd:f5:48:ad:
90:bc:84:d0:b3:71:c1:25:be:64:b4:7f:3d:98:ec:
83:57:70:2f:28:f5:dc:1f:db:70:e2:03:66:8f:78:
67:d0:02:33:fd:6f:95:b5:b2:71:25:76:08:c7:03:
7c:d8:ea:c0:7e:a8:ef:63:9c:16:0c:09:7c:9b:38:
e3:00:c0:fb:8f:e8:b3:c7:79:98:17:a1:48:9b:25:
de:1c:24:4e:6e:25:e4:d9:e2:55:55:f8:f6:4d:3f:
c3:d1:fa:54:73:b8:b1:63:8b:51:b1:07:0f:8d:52:
a8:41:64:7c:8d:18:5c:ba:12:cb:8c:84:1f:3e:b9:
80:48:a2:a5:6a:c1:1f:03:2e:9a:23:33:14:4d:04:
b1:1d:c9:16:3a:6e:8b:26:e4:f7:6a:a0:2d:bf:2d:
8b:13:0c:d0:cb:bf:9c:10:39:5b:52:2a:a3:43:9f:
fa:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:0E:1E:F0:AA:7B:F7:4D:FB:E2:49:D6:8F:8C:FF:2D:60:5C:3C:07
X509v3 Authority Key Identifier:
keyid:83:BF:36:EB:18:EF:9A:57:C5:FB:60:3A:DA:40:0F:E6:B6:68:8E:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g7826xjvmlfF-2A62kAP5rZojm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/f77d51-ee1c-47a9-90bc-e0d2a1b6e8ac/1/Ug4e8Kp790374knWj4z_LWBcPAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/f77d51-ee1c-47a9-90bc-e0d2a1b6e8ac/1/g7826xjvmlfF-2A62kAP5rZojm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.24.0/21
37.75.216.0/21
80.242.96.0/20
93.190.176.0/21
185.14.16.0/22
217.175.4.0-217.175.11.255
Signature Algorithm: sha256WithRSAEncryption
7d:0f:b5:7a:da:8f:0d:c8:99:95:e4:71:36:ea:76:2d:01:97:
ce:a6:f5:b5:ec:66:c3:2e:64:99:68:0d:cd:a6:f3:23:67:70:
09:43:38:0c:84:5b:b2:e3:7a:6f:40:a8:b5:c1:fc:4a:c6:10:
7d:0e:bc:31:7f:19:fa:a7:97:2e:0d:5c:eb:4a:87:fd:2c:0f:
6f:44:52:6a:24:91:36:e2:47:b8:41:bc:94:00:84:23:3e:ba:
bb:dd:6f:1a:0a:a9:74:40:45:e5:32:55:6c:5a:eb:c3:41:85:
7f:63:ef:a4:3a:61:4e:51:d6:97:d9:fd:35:b6:29:7a:06:e9:
19:7a:1d:1b:0f:b5:83:23:16:f2:e0:2a:d0:51:7d:fc:ba:e0:
ea:aa:3d:b2:32:b8:66:64:76:77:dd:77:53:ab:19:e7:36:ee:
b8:a3:b5:8c:75:9f:57:f8:a5:1f:0c:8d:0e:85:d1:06:57:fe:
7c:59:f4:31:10:3c:7c:8d:37:92:bf:f8:fa:a7:57:b1:4e:8d:
f0:2a:70:ed:db:44:32:4a:07:fb:0d:9b:d7:a9:13:74:9d:fc:
b3:10:7a:99:35:d3:98:ba:d6:d0:b5:f8:29:e3:bb:37:67:0d:
96:fc:4e:b7:07:8d:31:76:b5:a9:80:c7:28:86:f3:42:70:44:
92:3f:23:c4
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYTNHeoGsHKVBmF+6yt8nolUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzYmYzNmViMThlZjlhNTdjNWZiNjAzYWRhNDAwZmU2YjY2
ODhlNmUwHhcNMjIxMjAxMDk1NjQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjBlMWVmMGFhN2JmNzRkZmJlMjQ5ZDY4ZjhjZmYyZDYwNWMzYzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlT7xQgiquREKGvwR3IUkPSMQrRn
qLmTPAXyBDLPQ1qPtN64FjD8RoaV0qa9KTRi5GLiq8SkYiXLkH9n4FQ7Z0wlbso/
TLdyZzUpUeJGgneASo249d31SK2QvITQs3HBJb5ktH89mOyDV3AvKPXcH9tw4gNm
j3hn0AIz/W+VtbJxJXYIxwN82OrAfqjvY5wWDAl8mzjjAMD7j+izx3mYF6FImyXe
HCRObiXk2eJVVfj2TT/D0fpUc7ixY4tRsQcPjVKoQWR8jRhcuhLLjIQfPrmASKKl
asEfAy6aIzMUTQSxHckWOm6LJuT3aqAtvy2LEwzQy7+cEDlbUiqjQ5/6mQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFFIOHvCqe/dN++JJ1o+M/y1gXDwHMB8GA1UdIwQY
MBaAFIO/NusY75pXxftgOtpAD+a2aI5uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzc4MjZ4anZtbGZGLTJBNjJrQVA1clpvam00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9mNzdkNTEtZWUxYy00N2E5LTkwYmMt
ZTBkMmExYjZlOGFjLzEvVWc0ZThLcDc5MDM3NGtuV2o0el9MV0JjUEFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9mNzdkNTEtZWUxYy00N2E5LTkwYmMtZTBkMmExYjZlOGFj
LzEvZzc4MjZ4anZtbGZGLTJBNjJrQVA1clpvam00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQDHwMYAwQD
JUvYAwQEUPJgAwQDXb6wAwQCuQ4QMAwDBALZrwQDBALZrwgwDQYJKoZIhvcNAQEL
BQADggEBAH0PtXrajw3ImZXkcTbqdi0Bl86m9bXsZsMuZJloDc2m8yNncAlDOAyE
W7Ljem9AqLXB/ErGEH0OvDF/Gfqnly4NXOtKh/0sD29EUmokkTbiR7hBvJQAhCM+
urvdbxoKqXRAReUyVWxa68NBhX9j76Q6YU5R1pfZ/TW2KXoG6Rl6HRsPtYMjFvLg
KtBRffy64OqqPbIyuGZkdnfdd1OrGec27rijtYx1n1f4pR8MjQ6F0QZX/nxZ9DEQ
PHyNN5K/+PqnV7FOjfAqcO3bRDJKB/sNm9epE3Sd/LMQepk105i61tC1+Cnjuzdn
DZb8TrcHjTF2tamAxyiG80JwRJI/I8Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:46 2024 by rpki-client on console-fra.rpki-client.org