Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/28e9cb-8ef3-482a-8ed1-2f50708ac57f/1/0UICSS4gvQbs2w_7J-I-HGhSBT4.roa
File: 0UICSS4gvQbs2w_7J-I-HGhSBT4.roa (raw, json)
Hash identifier: wuDPUSd2KvhYJuMnDLDtUqmMcOBNexSruSncEs46o8s=
Subject key identifier: D1:42:02:49:2E:20:BD:06:EC:DB:0F:FB:27:E2:3E:1C:68:52:05:3E
Certificate issuer: /CN=08175e0a36c789d31420b33303fbc7324c7c574b
Certificate serial: 0C3DA4FE
Authority key identifier: 08:17:5E:0A:36:C7:89:D3:14:20:B3:33:03:FB:C7:32:4C:7C:57:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CBdeCjbHidMUILMzA_vHMkx8V0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/28e9cb-8ef3-482a-8ed1-2f50708ac57f/1/0UICSS4gvQbs2w_7J-I-HGhSBT4.roa
Signing time: Sat 01 Jan 2022 04:58:36 +0000
ROA not before: Sat 01 Jan 2022 04:58:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62248
IP address blocks: 185.42.168.0/24 maxlen: 24
185.42.171.0/24 maxlen: 24
185.42.170.0/24 maxlen: 24
185.42.169.0/24 maxlen: 24
2a01:6560::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 205366526 (0xc3da4fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08175e0a36c789d31420b33303fbc7324c7c574b
Validity
Not Before: Jan 1 04:58:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d14202492e20bd06ecdb0ffb27e23e1c6852053e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e1:5d:0e:cf:e6:04:99:9a:92:5f:51:ce:2d:
cf:c3:f0:f6:35:db:7e:39:55:96:a0:74:a1:e6:5d:
98:dc:e9:c1:31:2e:b6:f8:e6:c8:b0:c1:79:2f:69:
4b:bc:09:2a:13:45:75:e5:e0:f7:c1:5d:16:65:77:
37:27:7a:03:28:fd:c0:5a:af:5c:3f:2d:50:76:54:
6d:12:64:78:e0:9f:63:65:a0:80:17:3a:a5:cd:22:
06:91:e0:7d:ee:9b:29:ea:61:33:8f:a8:01:0e:f3:
30:ef:64:24:86:34:94:8a:20:c3:0c:cd:5e:b2:07:
8d:79:f2:a6:17:93:8f:ca:9a:a3:d6:ff:05:c8:f1:
74:79:45:a3:76:26:a6:82:02:41:ee:6a:22:6b:45:
97:35:54:6b:ad:10:4d:31:83:ff:82:f3:5c:6b:ee:
df:81:38:27:36:1d:38:9d:4d:9d:5e:37:4c:df:f3:
bd:10:eb:87:2d:aa:e2:03:e5:a3:22:a2:93:51:c8:
b9:01:4c:7c:12:e5:d4:3f:ff:9e:5b:2f:85:63:46:
74:1b:0a:5d:80:47:d7:b9:e5:41:7f:1e:18:f4:7e:
b0:b5:24:76:a3:67:74:31:d4:b1:4a:d9:66:d1:8c:
70:0a:5e:f6:4d:8a:45:5a:e9:86:a0:71:68:d6:5e:
58:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:42:02:49:2E:20:BD:06:EC:DB:0F:FB:27:E2:3E:1C:68:52:05:3E
X509v3 Authority Key Identifier:
keyid:08:17:5E:0A:36:C7:89:D3:14:20:B3:33:03:FB:C7:32:4C:7C:57:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CBdeCjbHidMUILMzA_vHMkx8V0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/28e9cb-8ef3-482a-8ed1-2f50708ac57f/1/0UICSS4gvQbs2w_7J-I-HGhSBT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/28e9cb-8ef3-482a-8ed1-2f50708ac57f/1/CBdeCjbHidMUILMzA_vHMkx8V0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.42.168.0/22
IPv6:
2a01:6560::/32
Signature Algorithm: sha256WithRSAEncryption
0a:6e:72:cf:ae:72:43:e6:e9:fd:64:51:0e:18:cd:69:ab:77:
7b:94:1a:8e:0a:a9:42:77:8c:2d:7f:d5:20:85:ac:f8:21:92:
a3:c6:df:fe:e0:e0:38:b3:12:68:5f:1e:dc:ee:26:80:a0:af:
83:71:2c:03:dc:ea:75:78:39:a6:65:b1:9c:ee:49:5c:92:4c:
a6:3e:8c:35:45:94:5f:a5:bc:6a:58:77:b0:f6:2f:14:b0:2e:
74:72:74:27:ce:d9:ec:e5:92:f0:3b:92:8d:47:3a:5d:37:3c:
db:50:be:f0:83:d5:3f:ec:b3:1c:a9:a6:3b:42:4f:e3:0e:cc:
b0:d8:40:fd:0f:2d:1b:1b:32:73:45:e5:20:b5:15:a2:18:f4:
c2:a0:8b:84:bd:92:b9:18:3c:da:81:27:5b:9f:85:f8:9d:90:
f9:7e:52:9e:e0:21:d6:b9:42:34:48:ca:e8:0b:fe:2d:e5:46:
51:df:2d:b0:fb:ad:35:6a:30:79:87:e1:1e:40:91:f2:cb:d3:
a1:32:b0:4c:65:c5:b2:67:5e:77:fc:e1:51:06:00:84:84:75:
09:bf:ac:52:cf:39:a1:ac:ad:7f:9f:52:eb:6f:29:03:c3:b3:
7a:0f:61:66:5c:01:09:99:cf:40:c3:fb:b2:04:39:fa:23:c4:
40:1b:f4:68
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEDD2k/jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ODE3NWUwYTM2Yzc4OWQzMTQyMGIzMzMwM2ZiYzczMjRjN2M1NzRiMB4XDTIyMDEw
MTA0NTgzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDE0MjAyNDkyZTIw
YmQwNmVjZGIwZmZiMjdlMjNlMWM2ODUyMDUzZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKXhXQ7P5gSZmpJfUc4tz8Pw9jXbfjlVlqB0oeZdmNzpwTEu
tvjmyLDBeS9pS7wJKhNFdeXg98FdFmV3Nyd6Ayj9wFqvXD8tUHZUbRJkeOCfY2Wg
gBc6pc0iBpHgfe6bKephM4+oAQ7zMO9kJIY0lIogwwzNXrIHjXnypheTj8qao9b/
BcjxdHlFo3YmpoICQe5qImtFlzVUa60QTTGD/4LzXGvu34E4JzYdOJ1NnV43TN/z
vRDrhy2q4gPloyKik1HIuQFMfBLl1D//nlsvhWNGdBsKXYBH17nlQX8eGPR+sLUk
dqNndDHUsUrZZtGMcApe9k2KRVrphqBxaNZeWCsCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTRQgJJLiC9BuzbD/sn4j4caFIFPjAfBgNVHSMEGDAWgBQIF14KNseJ0xQg
szMD+8cyTHxXSzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NCZGVDamJIaWRNVUlMTXpBX3ZITWt4OFYwcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvMjhlOWNiLThlZjMtNDgyYS04ZWQxLTJmNTA3MDhhYzU3Zi8x
LzBVSUNTUzRndlFiczJ3XzdKLUktSEdoU0JUNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
MjhlOWNiLThlZjMtNDgyYS04ZWQxLTJmNTA3MDhhYzU3Zi8xL0NCZGVDamJIaWRN
VUlMTXpBX3ZITWt4OFYwcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArkqqDANBAIAAjAHAwUAKgFlYDAN
BgkqhkiG9w0BAQsFAAOCAQEACm5yz65yQ+bp/WRRDhjNaat3e5QajgqpQneMLX/V
IIWs+CGSo8bf/uDgOLMSaF8e3O4mgKCvg3EsA9zqdXg5pmWxnO5JXJJMpj6MNUWU
X6W8alh3sPYvFLAudHJ0J87Z7OWS8DuSjUc6XTc821C+8IPVP+yzHKmmO0JP4w7M
sNhA/Q8tGxsyc0XlILUVohj0wqCLhL2SuRg82oEnW5+F+J2Q+X5SnuAh1rlCNEjK
6Av+LeVGUd8tsPutNWoweYfhHkCR8svToTKwTGXFsmded/zhUQYAhIR1Cb+sUs85
oaytf59S628pA8Ozeg9hZlwBCZnPQMP7sgQ5+iPEQBv0aA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:15 2024 by rpki-client on console-ams.rpki-client.org