Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/52be56-ec7b-4434-93eb-09feaa14e31e/1/UFg-26j13RVCReWS8nUGvbqZ8tA.roa
File: UFg-26j13RVCReWS8nUGvbqZ8tA.roa (raw, json)
Hash identifier: 0UdJlOb0vEWqE2ALZXYjn0vhA2p9SwLTQPcp2W2Yq6o=
Subject key identifier: 50:58:3E:DB:A8:F5:DD:15:42:45:E5:92:F2:75:06:BD:BA:99:F2:D0
Certificate issuer: /CN=1012216458bd7605ff95540fd204eb93a477f393
Certificate serial: 01856C9CAD2B08B65768DCF61DA1C21CEBA8
Authority key identifier: 10:12:21:64:58:BD:76:05:FF:95:54:0F:D2:04:EB:93:A4:77:F3:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EBIhZFi9dgX_lVQP0gTrk6R385M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/52be56-ec7b-4434-93eb-09feaa14e31e/1/UFg-26j13RVCReWS8nUGvbqZ8tA.roa
Signing time: Sun 01 Jan 2023 09:14:45 +0000
ROA not before: Sun 01 Jan 2023 09:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51086
IP address blocks: 194.28.240.0/22 maxlen: 22
194.28.240.0/24 maxlen: 24
194.28.243.0/24 maxlen: 24
194.28.242.0/24 maxlen: 24
194.28.241.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:9c:ad:2b:08:b6:57:68:dc:f6:1d:a1:c2:1c:eb:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1012216458bd7605ff95540fd204eb93a477f393
Validity
Not Before: Jan 1 09:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=50583edba8f5dd154245e592f27506bdba99f2d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:80:53:87:5c:68:6c:45:ed:ce:3a:a6:32:a1:
6b:d7:27:71:d9:0b:a4:55:d7:7a:bd:0b:2a:87:96:
a3:99:7c:32:1d:43:5d:b9:d1:c5:9d:8a:07:fb:f3:
b0:65:ec:d1:49:8a:ea:1f:24:0e:05:6c:4d:af:c1:
e7:fc:c2:f0:a0:00:db:83:36:b1:f7:a1:50:bd:3e:
e6:d9:7b:68:c2:80:41:22:f7:bd:e7:2a:dd:24:07:
eb:9b:5c:c1:7a:f1:fb:0f:86:b6:38:1d:e9:ae:a2:
02:29:7e:ef:27:9c:7a:ff:41:0e:54:cb:ed:c7:84:
35:bb:58:7f:b1:08:51:c2:9d:e0:8b:dc:df:56:07:
f7:02:63:47:ab:a3:e4:7a:eb:71:51:9e:4b:ee:d7:
a4:0e:69:c9:19:10:20:de:d1:bc:0e:a0:4a:89:5c:
e0:be:61:60:24:4c:cb:f1:8a:17:80:a0:41:84:80:
6c:7f:82:6d:1a:2d:da:e0:40:97:4e:d5:99:cc:c6:
3b:34:78:ca:0f:4f:b5:63:f4:0b:bd:34:af:94:8b:
ce:87:ee:01:0e:9c:7d:ec:7a:49:54:10:2f:76:51:
7f:24:db:ff:68:47:94:c7:c4:f3:c7:c6:0f:50:59:
b3:cf:50:fb:be:8a:7d:3e:4d:ae:cf:42:b8:10:64:
c3:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:58:3E:DB:A8:F5:DD:15:42:45:E5:92:F2:75:06:BD:BA:99:F2:D0
X509v3 Authority Key Identifier:
keyid:10:12:21:64:58:BD:76:05:FF:95:54:0F:D2:04:EB:93:A4:77:F3:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EBIhZFi9dgX_lVQP0gTrk6R385M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/52be56-ec7b-4434-93eb-09feaa14e31e/1/UFg-26j13RVCReWS8nUGvbqZ8tA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/52be56-ec7b-4434-93eb-09feaa14e31e/1/EBIhZFi9dgX_lVQP0gTrk6R385M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.28.240.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:2d:fd:e8:08:a7:e3:e4:50:e1:9a:29:f4:86:e2:a2:60:36:
bd:6b:b5:86:52:b0:02:9c:3c:d6:fa:a3:f9:28:32:8c:85:cb:
40:ea:5c:5c:6f:f1:ed:67:e6:71:e5:60:85:aa:0a:36:07:94:
d7:82:a9:f7:b1:f1:ef:a0:b2:0e:bb:59:e5:87:f4:c5:cb:7d:
6d:0b:4a:b2:de:48:66:ca:8a:84:65:d0:a8:6f:e6:9c:7b:70:
59:14:58:b9:65:11:89:c0:3f:6c:8c:0e:b4:6c:2b:86:c2:b9:
aa:df:58:13:70:13:e5:7d:f8:bf:aa:7f:72:b1:74:29:21:ca:
76:0f:bc:bc:c2:65:70:44:1a:cd:02:4c:e2:4c:8d:cd:ae:a7:
ab:54:15:02:84:b5:f0:7d:90:16:9b:ea:80:b0:47:77:05:14:
c1:58:80:ee:ba:8b:37:b1:65:59:f3:c0:d9:92:30:04:b0:6b:
61:4a:a6:08:5c:42:13:7e:f7:cd:a5:26:bd:1c:2a:8f:22:93:
df:d0:73:35:9c:3a:55:ec:2c:28:4e:1a:6d:69:e3:7c:96:c2:
40:55:9e:90:f0:52:c5:1e:e5:f3:e5:52:29:b4:71:3e:59:69:
56:9e:5d:09:8f:e4:2d:3f:b9:90:1f:5e:e0:ef:58:2a:5f:95:
0e:e1:0f:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsnK0rCLZXaNz2HaHCHOuoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwMTIyMTY0NThiZDc2MDVmZjk1NTQwZmQyMDRlYjkzYTQ3
N2YzOTMwHhcNMjMwMTAxMDkxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDU4M2VkYmE4ZjVkZDE1NDI0NWU1OTJmMjc1MDZiZGJhOTlmMmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4BTh1xobEXtzjqmMqFr1ydx2Quk
Vdd6vQsqh5ajmXwyHUNdudHFnYoH+/OwZezRSYrqHyQOBWxNr8Hn/MLwoADbgzax
96FQvT7m2XtowoBBIve95yrdJAfrm1zBevH7D4a2OB3prqICKX7vJ5x6/0EOVMvt
x4Q1u1h/sQhRwp3gi9zfVgf3AmNHq6PkeutxUZ5L7tekDmnJGRAg3tG8DqBKiVzg
vmFgJEzL8YoXgKBBhIBsf4JtGi3a4ECXTtWZzMY7NHjKD0+1Y/QLvTSvlIvOh+4B
Dpx97HpJVBAvdlF/JNv/aEeUx8Tzx8YPUFmzz1D7vop9Pk2uz0K4EGTDqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFBYPtuo9d0VQkXlkvJ1Br26mfLQMB8GA1UdIwQY
MBaAFBASIWRYvXYF/5VUD9IE65Okd/OTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUJJaFpGaTlkZ1hfbFZRUDBnVHJrNlIzODVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi81MmJlNTYtZWM3Yi00NDM0LTkzZWIt
MDlmZWFhMTRlMzFlLzEvVUZnLTI2ajEzUlZDUmVXUzhuVUd2YnFaOHRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi81MmJlNTYtZWM3Yi00NDM0LTkzZWItMDlmZWFhMTRlMzFl
LzEvRUJJaFpGaTlkZ1hfbFZRUDBnVHJrNlIzODVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwhzwMA0G
CSqGSIb3DQEBCwUAA4IBAQBaLf3oCKfj5FDhmin0huKiYDa9a7WGUrACnDzW+qP5
KDKMhctA6lxcb/HtZ+Zx5WCFqgo2B5TXgqn3sfHvoLIOu1nlh/TFy31tC0qy3khm
yoqEZdCob+ace3BZFFi5ZRGJwD9sjA60bCuGwrmq31gTcBPlffi/qn9ysXQpIcp2
D7y8wmVwRBrNAkziTI3NrqerVBUChLXwfZAWm+qAsEd3BRTBWIDuuos3sWVZ88DZ
kjAEsGthSqYIXEITfvfNpSa9HCqPIpPf0HM1nDpV7CwoThptaeN8lsJAVZ6Q8FLF
HuXz5VIptHE+WWlWnl0Jj+QtP7mQH17g71gqX5UO4Q9g
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:19 2025 by rpki-client