Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/a3ede6-bc31-4d00-925c-3d612f324996/1/bUCQdzKsF_Jgofl9am-D5FreW_s.roa
File: bUCQdzKsF_Jgofl9am-D5FreW_s.roa (raw, json)
Hash identifier: NaNTIqoo5a608fmfD7i85zuhQ6db4Wq8x5CuBxTra3A=
Subject key identifier: 6D:40:90:77:32:AC:17:F2:60:A1:F9:7D:6A:6F:83:E4:5A:DE:5B:FB
Certificate issuer: /CN=b87b766968716296e5bba0bce83856ae7165b8b8
Certificate serial: 0A97C999
Authority key identifier: B8:7B:76:69:68:71:62:96:E5:BB:A0:BC:E8:38:56:AE:71:65:B8:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uHt2aWhxYpblu6C86DhWrnFluLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/a3ede6-bc31-4d00-925c-3d612f324996/1/bUCQdzKsF_Jgofl9am-D5FreW_s.roa
Signing time: Sat 01 Jan 2022 08:54:13 +0000
ROA not before: Sat 01 Jan 2022 08:54:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20473
IP address blocks: 185.92.220.0/22 maxlen: 24
78.141.192.0/19 maxlen: 24
199.247.0.0/19 maxlen: 24
78.141.224.0/19 maxlen: 24
80.240.16.0/20 maxlen: 24
192.248.128.0/18 maxlen: 24
95.179.128.0/17 maxlen: 24
209.250.224.0/19 maxlen: 24
217.69.0.0/20 maxlen: 24
2a05:f480:2000::/38 maxlen: 38
2a05:f480:1c00::/38 maxlen: 38
2a05:f480:1800::/38 maxlen: 38
2a05:f480:1400::/38 maxlen: 38
2a05:f480:1000::/38 maxlen: 38
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 177719705 (0xa97c999)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b87b766968716296e5bba0bce83856ae7165b8b8
Validity
Not Before: Jan 1 08:54:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6d40907732ac17f260a1f97d6a6f83e45ade5bfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:1b:d6:1e:85:cf:6e:9a:53:8b:50:35:6a:f2:
f3:25:7f:05:a9:6d:27:0c:3f:c8:7d:7b:59:9b:cc:
15:28:fc:54:9b:40:5b:77:8e:f6:3d:b5:c4:db:46:
30:3d:79:f4:11:09:45:57:31:48:51:0a:b1:35:fc:
5c:14:44:d2:90:41:73:88:cd:94:15:88:68:7d:5f:
c1:96:fe:cf:c6:4e:1d:b4:38:e5:31:38:00:9a:2a:
23:93:aa:73:b8:16:c6:0d:a0:51:52:28:bd:62:66:
81:fa:91:f8:7e:df:eb:78:f5:da:f3:01:a9:2a:39:
6e:09:f3:cf:9c:f2:da:ef:af:18:4d:50:03:ad:85:
17:99:2e:f7:20:74:e4:8f:19:91:2a:e2:b2:37:b0:
77:4f:48:d5:62:d8:5c:73:0d:97:80:38:b9:9b:f7:
68:10:0a:53:94:62:94:28:ba:6c:1e:54:ac:f9:c8:
ac:76:4b:42:01:62:ab:48:11:c1:72:83:cc:8a:f7:
1f:bf:f7:29:5c:19:4d:f7:b7:4d:f1:8b:e1:83:ef:
6c:9e:c9:48:b9:f8:3f:06:79:0a:4a:48:5f:19:25:
78:ed:2a:95:36:b7:3e:60:a6:9f:19:cd:47:6d:81:
84:0f:6b:7f:56:14:cd:49:7d:f2:b2:ed:56:ea:fe:
83:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:40:90:77:32:AC:17:F2:60:A1:F9:7D:6A:6F:83:E4:5A:DE:5B:FB
X509v3 Authority Key Identifier:
keyid:B8:7B:76:69:68:71:62:96:E5:BB:A0:BC:E8:38:56:AE:71:65:B8:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uHt2aWhxYpblu6C86DhWrnFluLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/a3ede6-bc31-4d00-925c-3d612f324996/1/bUCQdzKsF_Jgofl9am-D5FreW_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/a3ede6-bc31-4d00-925c-3d612f324996/1/uHt2aWhxYpblu6C86DhWrnFluLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.141.192.0/18
80.240.16.0/20
95.179.128.0/17
185.92.220.0/22
192.248.128.0/18
199.247.0.0/19
209.250.224.0/19
217.69.0.0/20
IPv6:
2a05:f480:1000::-2a05:f480:23ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
62:93:10:11:53:d3:5c:1d:b9:e8:cc:bb:e8:e2:d9:47:3e:b3:
0c:b2:b4:03:28:3e:b3:c3:53:d7:2d:d0:05:5c:c8:a1:04:ff:
12:ef:70:d8:29:94:31:11:ea:91:bb:99:57:f3:7b:a4:e6:38:
8b:b2:d7:e6:8f:6d:72:3e:de:7d:9b:5c:dd:8f:11:ee:5e:59:
1f:bd:0f:f0:99:c1:ea:40:81:76:33:22:bb:e5:50:59:80:e8:
3e:2a:d0:9f:c6:14:05:a0:f8:7f:ff:cc:f6:ca:fe:b6:a3:58:
ef:e7:56:af:9f:bc:fd:09:9a:11:42:08:6e:b4:b5:49:dc:45:
77:a4:ba:2c:15:c5:27:b4:a9:62:00:0b:05:22:82:d6:62:ea:
7e:2c:22:29:e0:8f:b7:43:80:45:a2:24:b9:3d:7c:7c:2c:d5:
91:a9:19:8a:60:af:cd:41:9d:fc:c6:a7:23:fa:dc:19:3e:46:
53:c7:67:50:7a:ed:fb:c4:e8:d3:8a:ea:71:9b:a2:b4:80:e5:
53:ba:10:c4:81:d6:71:fb:b7:83:67:3a:d1:52:ea:f3:6b:c3:
14:56:7e:2f:23:3a:53:aa:c1:72:23:b4:2a:12:be:30:6a:a2:
e1:e1:07:e1:db:47:60:11:c5:94:d2:2e:91:01:df:af:7d:de:
5b:1a:b8:7f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIECpfJmTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ODdiNzY2OTY4NzE2Mjk2ZTViYmEwYmNlODM4NTZhZTcxNjViOGI4MB4XDTIyMDEw
MTA4NTQxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmQ0MDkwNzczMmFj
MTdmMjYwYTFmOTdkNmE2ZjgzZTQ1YWRlNWJmYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALMb1h6Fz26aU4tQNWry8yV/BaltJww/yH17WZvMFSj8VJtA
W3eO9j21xNtGMD159BEJRVcxSFEKsTX8XBRE0pBBc4jNlBWIaH1fwZb+z8ZOHbQ4
5TE4AJoqI5Oqc7gWxg2gUVIovWJmgfqR+H7f63j12vMBqSo5bgnzz5zy2u+vGE1Q
A62FF5ku9yB05I8ZkSrisjewd09I1WLYXHMNl4A4uZv3aBAKU5RilCi6bB5UrPnI
rHZLQgFiq0gRwXKDzIr3H7/3KVwZTfe3TfGL4YPvbJ7JSLn4PwZ5CkpIXxkleO0q
lTa3PmCmnxnNR22BhA9rf1YUzUl98rLtVur+g08CAwEAAaOCAk0wggJJMB0GA1Ud
DgQWBBRtQJB3MqwX8mCh+X1qb4PkWt5b+zAfBgNVHSMEGDAWgBS4e3ZpaHFiluW7
oLzoOFaucWW4uDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VIdDJhV2h4WXBibHU2Qzg2RGhXcm5GbHVMZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzkvYTNlZGU2LWJjMzEtNGQwMC05MjVjLTNkNjEyZjMyNDk5Ni8x
L2JVQ1FkektzRl9KZ29mbDlhbS1ENUZyZVdfcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzkv
YTNlZGU2LWJjMzEtNGQwMC05MjVjLTNkNjEyZjMyNDk5Ni8xL3VIdDJhV2h4WXBi
bHU2Qzg2RGhXcm5GbHVMZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBj
BggrBgEFBQcBBwEB/wRUMFIwNgQCAAEwMAMEBk6NwAMEBFDwEAMEB1+zgAMEArlc
3AMEBsD4gAMEBcf3AAMEBdH64AMEBNlFADAYBAIAAjASMBADBgQqBfSAEAMGAioF
9IAgMA0GCSqGSIb3DQEBCwUAA4IBAQBikxARU9NcHbnozLvo4tlHPrMMsrQDKD6z
w1PXLdAFXMihBP8S73DYKZQxEeqRu5lX83uk5jiLstfmj21yPt59m1zdjxHuXlkf
vQ/wmcHqQIF2MyK75VBZgOg+KtCfxhQFoPh//8z2yv62o1jv51avn7z9CZoRQghu
tLVJ3EV3pLosFcUntKliAAsFIoLWYup+LCIp4I+3Q4BFoiS5PXx8LNWRqRmKYK/N
QZ38xqcj+twZPkZTx2dQeu37xOjTiupxm6K0gOVTuhDEgdZx+7eDZzrRUurza8MU
Vn4vIzpTqsFyI7QqEr4waqLh4Qfh20dgEcWU0i6RAd+vfd5bGrh/
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:37 2025 by rpki-client