Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/UZI6om2muj9lbgVAoVN3eF1KcTk.roa
File: UZI6om2muj9lbgVAoVN3eF1KcTk.roa (raw, json)
Hash identifier: EGUgldrUdQVBgWa+OZ0L66/sE18uMbr7ElONoLeKFzc=
Subject key identifier: 51:92:3A:A2:6D:A6:BA:3F:65:6E:05:40:A1:53:77:78:5D:4A:71:39
Certificate issuer: /CN=38ca3f38d8e5a301eaf6924b924fe8f57aac690d
Certificate serial: 0185FE6AC2FCFCB5492044863D15D7122B0E
Authority key identifier: 38:CA:3F:38:D8:E5:A3:01:EA:F6:92:4B:92:4F:E8:F5:7A:AC:69:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OMo_ONjlowHq9pJLkk_o9XqsaQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/UZI6om2muj9lbgVAoVN3eF1KcTk.roa
Signing time: Sun 29 Jan 2023 16:44:47 +0000
ROA not before: Sun 29 Jan 2023 16:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60268
IP address blocks: 185.97.132.0/24 maxlen: 24
185.97.133.0/24 maxlen: 24
193.19.72.0/24 maxlen: 24
193.19.73.0/24 maxlen: 24
185.33.168.0/24 maxlen: 24
185.33.171.0/24 maxlen: 24
2a00:cee7::/32 maxlen: 32
2a00:cee0::/29 maxlen: 29
2a00:cee6::/32 maxlen: 48
2a00:cee3::/32 maxlen: 48
2a00:cee0::/32 maxlen: 48
2a00:cee1::/32 maxlen: 48
2a00:cee2::/32 maxlen: 48
2a00:cee5::/32 maxlen: 48
2a00:cee4::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:fe:6a:c2:fc:fc:b5:49:20:44:86:3d:15:d7:12:2b:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38ca3f38d8e5a301eaf6924b924fe8f57aac690d
Validity
Not Before: Jan 29 16:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=51923aa26da6ba3f656e0540a15377785d4a7139
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:07:bc:7f:00:13:9f:79:86:4f:a8:c8:9a:65:
f2:82:c7:1b:3f:e6:fb:96:7d:51:76:fb:7c:5e:5b:
6e:c4:09:6b:aa:82:b1:3a:a5:43:58:e7:54:19:e7:
5f:55:cc:f0:ef:01:ea:c8:89:c6:65:96:57:73:bf:
75:55:fa:b4:1b:40:a3:1d:74:7f:fc:e9:ed:23:75:
c5:bb:c0:ed:ca:77:74:9c:38:08:38:e7:6b:77:15:
07:c1:5a:36:74:12:2d:de:a2:e6:69:83:a8:5b:99:
27:e4:03:17:f8:da:19:63:65:3a:ad:5b:a1:cf:2a:
cd:6d:71:c8:c5:b3:29:42:d0:04:d5:75:b0:59:31:
ff:62:fe:6a:24:d1:93:eb:74:d5:ef:31:72:11:b8:
d6:92:df:a4:56:32:b6:75:8f:1d:c6:5d:0d:d2:2f:
4a:fd:92:10:d1:3d:5b:e1:d9:e5:e5:b9:65:9b:06:
9e:fb:9d:b0:39:c4:4c:f6:5d:82:3a:78:c7:0c:8a:
fd:da:0a:bd:3c:71:12:0d:de:ed:60:e9:b1:29:76:
8f:29:68:6a:99:86:dc:12:18:57:8a:ff:6c:64:fa:
32:d4:be:14:62:06:22:a3:05:5e:19:29:31:7c:01:
ac:75:d5:ab:d6:e6:6a:53:04:ed:4e:f1:90:c8:fb:
8b:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:92:3A:A2:6D:A6:BA:3F:65:6E:05:40:A1:53:77:78:5D:4A:71:39
X509v3 Authority Key Identifier:
keyid:38:CA:3F:38:D8:E5:A3:01:EA:F6:92:4B:92:4F:E8:F5:7A:AC:69:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OMo_ONjlowHq9pJLkk_o9XqsaQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/UZI6om2muj9lbgVAoVN3eF1KcTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/OMo_ONjlowHq9pJLkk_o9XqsaQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.33.168.0/24
185.33.171.0/24
185.97.132.0/23
193.19.72.0/23
IPv6:
2a00:cee0::/29
Signature Algorithm: sha256WithRSAEncryption
80:b7:19:9b:b3:25:7e:9d:d4:40:67:da:e5:e0:04:94:b7:20:
3d:70:11:6b:84:22:0f:a7:2c:69:88:13:19:fa:21:5c:51:28:
27:f5:3e:49:fb:94:6c:e0:d1:55:3f:d1:39:f0:c7:0b:25:54:
f8:e0:0f:c4:14:e0:ab:cc:93:0a:50:04:df:27:14:ad:f7:39:
77:c7:17:1c:70:6c:53:04:27:e7:6e:fe:fd:0a:d3:69:4d:64:
ee:9d:38:a6:ac:e7:d0:a3:e1:e8:8f:9d:3e:82:a7:f6:bf:9d:
2a:31:da:e9:46:62:66:e4:5b:5b:3d:b6:62:4e:6c:ab:c5:0f:
81:18:6b:a7:ed:63:0d:75:f6:b5:8c:8f:07:0d:17:6a:a0:48:
b9:dc:e7:ee:4f:4c:eb:b6:3b:37:c8:f6:e8:87:db:52:70:24:
a5:0b:c3:b2:17:76:72:b7:3c:5f:ac:e8:b2:7a:65:a1:53:ed:
37:b7:98:05:e5:9a:91:63:0f:c7:bb:7c:8a:41:85:74:22:43:
7b:db:d1:6d:48:5b:6d:54:bf:d0:5b:16:69:8b:b7:7c:9b:c5:
61:56:e9:6f:ef:92:15:21:8f:88:9a:1a:80:45:46:69:cd:02:
c1:02:1d:5d:5c:c0:36:fe:ad:36:7b:a2:c2:ab:93:92:81:cb:
4d:db:f1:16
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYX+asL8/LVJIESGPRXXEisOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4Y2EzZjM4ZDhlNWEzMDFlYWY2OTI0YjkyNGZlOGY1N2Fh
YzY5MGQwHhcNMjMwMTI5MTY0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTkyM2FhMjZkYTZiYTNmNjU2ZTA1NDBhMTUzNzc3ODVkNGE3MTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQe8fwATn3mGT6jImmXygscbP+b7
ln1Rdvt8XltuxAlrqoKxOqVDWOdUGedfVczw7wHqyInGZZZXc791Vfq0G0CjHXR/
/OntI3XFu8Dtynd0nDgIOOdrdxUHwVo2dBIt3qLmaYOoW5kn5AMX+NoZY2U6rVuh
zyrNbXHIxbMpQtAE1XWwWTH/Yv5qJNGT63TV7zFyEbjWkt+kVjK2dY8dxl0N0i9K
/ZIQ0T1b4dnl5bllmwae+52wOcRM9l2COnjHDIr92gq9PHESDd7tYOmxKXaPKWhq
mYbcEhhXiv9sZPoy1L4UYgYiowVeGSkxfAGsddWr1uZqUwTtTvGQyPuLNwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFFGSOqJtpro/ZW4FQKFTd3hdSnE5MB8GA1UdIwQY
MBaAFDjKPzjY5aMB6vaSS5JP6PV6rGkNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT01vX09Oamxvd0hxOXBKTGtrX285WHFzYVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9iYTY3NTUtNDI3My00OGUxLTg1ODIt
NzEyZmE2NWEyNWJhLzEvVVpJNm9tMm11ajlsYmdWQW9WTjNlRjFLY1RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9iYTY3NTUtNDI3My00OGUxLTg1ODItNzEyZmE2NWEyNWJh
LzEvT01vX09Oamxvd0hxOXBKTGtrX285WHFzYVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAuSGoAwQA
uSGrAwQBuWGEAwQBwRNIMA0EAgACMAcDBQMqAM7gMA0GCSqGSIb3DQEBCwUAA4IB
AQCAtxmbsyV+ndRAZ9rl4ASUtyA9cBFrhCIPpyxpiBMZ+iFcUSgn9T5J+5Rs4NFV
P9E58McLJVT44A/EFOCrzJMKUATfJxSt9zl3xxcccGxTBCfnbv79CtNpTWTunTim
rOfQo+Hoj50+gqf2v50qMdrpRmJm5FtbPbZiTmyrxQ+BGGun7WMNdfa1jI8HDRdq
oEi53OfuT0zrtjs3yPboh9tScCSlC8OyF3ZytzxfrOiyemWhU+03t5gF5ZqRYw/H
u3yKQYV0IkN729FtSFttVL/QWxZpi7d8m8VhVulv75IVIY+ImhqARUZpzQLBAh1d
XMA2/q02e6LCq5OSgctN2/EW
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:18 2025 by rpki-client