Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/a3ede6-bc31-4d00-925c-3d612f324996/1/uuXoA3YZt3WA3LMhPycsbXBOVLQ.roa
File: uuXoA3YZt3WA3LMhPycsbXBOVLQ.roa (raw, json)
Hash identifier: uDNHOjZxmSevK3l+Cl60wg+xk6ZOwKmHayaDt1uoyc4=
Subject key identifier: BA:E5:E8:03:76:19:B7:75:80:DC:B3:21:3F:27:2C:6D:70:4E:54:B4
Certificate issuer: /CN=b87b766968716296e5bba0bce83856ae7165b8b8
Certificate serial: 018B1A04F9ED6B9D17C64987A2694CD0153F
Authority key identifier: B8:7B:76:69:68:71:62:96:E5:BB:A0:BC:E8:38:56:AE:71:65:B8:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uHt2aWhxYpblu6C86DhWrnFluLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/a3ede6-bc31-4d00-925c-3d612f324996/1/uuXoA3YZt3WA3LMhPycsbXBOVLQ.roa
Signing time: Tue 10 Oct 2023 14:36:55 +0000
ROA not before: Tue 10 Oct 2023 14:36:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 199.247.0.0/19 maxlen: 24
80.240.16.0/20 maxlen: 24
192.248.128.0/18 maxlen: 24
95.179.128.0/17 maxlen: 24
66.245.192.0/19 maxlen: 24
209.250.224.0/19 maxlen: 24
217.69.0.0/20 maxlen: 24
185.92.220.0/22 maxlen: 24
78.141.192.0/19 maxlen: 24
78.141.224.0/19 maxlen: 24
2a05:f480:2800::/38 maxlen: 38
2a05:f480:1c00::/38 maxlen: 38
2a05:f480:2400::/38 maxlen: 38
2a05:f480:3400::/38 maxlen: 38
2a05:f480:1800::/38 maxlen: 38
2a05:f480:1400::/38 maxlen: 38
2a05:f480:3000::/38 maxlen: 38
2a05:f480:1000::/38 maxlen: 38
2a05:f480:2c00::/38 maxlen: 38
2a05:f480:2000::/38 maxlen: 38
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1a:04:f9:ed:6b:9d:17:c6:49:87:a2:69:4c:d0:15:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b87b766968716296e5bba0bce83856ae7165b8b8
Validity
Not Before: Oct 10 14:36:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bae5e8037619b77580dcb3213f272c6d704e54b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:bf:72:82:16:38:af:6f:a2:f2:38:51:4e:6f:
a3:3d:b6:d8:74:0e:86:82:bd:7e:c3:6a:26:6a:98:
c4:ee:92:6b:14:c8:8c:01:49:3e:b2:d7:f4:41:9a:
74:5b:0d:f9:cc:04:4c:88:f8:df:f3:45:84:2a:d5:
fe:b5:52:06:e9:f1:e9:43:88:e0:c9:1a:b3:52:5e:
8b:3c:c3:0b:01:28:58:f3:f1:96:93:51:a9:6f:7b:
64:3f:09:9b:2c:fa:38:3b:6e:8a:f1:7c:a9:cd:b4:
57:a0:f3:d1:c1:c6:32:fb:c3:83:db:ea:10:bc:3c:
44:ae:8c:60:d1:7d:79:28:f3:32:b6:2c:31:af:3e:
42:3f:f9:f7:8c:dd:c8:76:98:7f:08:4c:76:f0:b7:
82:b5:69:91:07:8f:4a:3d:c3:a7:99:16:e9:25:a8:
65:cc:30:84:e7:81:21:55:22:4b:69:f4:43:78:72:
6b:5f:46:de:ac:f1:8f:71:dd:1a:b5:a6:bc:dd:41:
32:2c:4a:f8:00:98:6d:7b:d3:a7:79:f4:85:fb:41:
3a:b2:4c:96:c4:e4:98:ff:ff:e9:c2:fa:0d:16:42:
ad:53:a4:9c:b2:3e:d0:f5:eb:7d:37:d6:be:23:94:
17:89:06:33:88:6e:c2:70:d8:c7:d9:ff:76:27:f0:
4d:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:E5:E8:03:76:19:B7:75:80:DC:B3:21:3F:27:2C:6D:70:4E:54:B4
X509v3 Authority Key Identifier:
keyid:B8:7B:76:69:68:71:62:96:E5:BB:A0:BC:E8:38:56:AE:71:65:B8:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uHt2aWhxYpblu6C86DhWrnFluLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/a3ede6-bc31-4d00-925c-3d612f324996/1/uuXoA3YZt3WA3LMhPycsbXBOVLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/a3ede6-bc31-4d00-925c-3d612f324996/1/uHt2aWhxYpblu6C86DhWrnFluLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.245.192.0/19
78.141.192.0/18
80.240.16.0/20
95.179.128.0/17
185.92.220.0/22
192.248.128.0/18
199.247.0.0/19
209.250.224.0/19
217.69.0.0/20
IPv6:
2a05:f480:1000::-2a05:f480:37ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
07:c8:da:6d:9e:f9:65:4a:57:6e:67:94:21:4d:b9:65:32:9c:
3e:c6:cc:54:5d:49:cc:42:a6:55:a9:61:ae:5e:ed:bc:24:22:
a9:81:60:f5:d9:a3:10:1d:2c:9d:cd:65:fc:a3:8d:b4:91:7c:
3b:a8:56:b9:16:40:35:be:f6:49:df:b7:5f:69:26:9d:e6:3a:
ea:e8:d2:b3:36:62:ee:fe:05:30:4f:3c:ae:0c:0d:f6:2b:f5:
18:60:c4:91:63:67:54:ba:19:a1:ee:05:8c:c6:67:d9:98:14:
f2:1b:a6:40:57:bb:e0:65:93:97:ed:72:ad:71:39:01:9c:22:
43:db:96:a7:15:bf:2f:32:1c:6f:88:70:77:10:0f:ec:31:86:
d6:c3:21:b9:c9:98:a9:d0:29:a3:ca:83:14:b2:49:a8:6a:ad:
4a:cb:0d:fe:ce:0d:6d:0c:4e:4e:95:7a:8a:e6:40:62:fc:1d:
fd:90:86:0d:c8:46:b9:46:74:9a:b1:c9:11:d1:38:e0:6d:ea:
bf:4e:cf:fa:d3:f6:bb:72:1f:21:5b:cd:e2:95:28:8b:4c:a2:
eb:4a:a0:e2:a2:3a:47:e1:25:77:04:87:66:38:e4:a9:0d:8f:
59:9d:a5:20:2b:f5:1e:e6:08:5d:a4:42:e0:a8:27:0f:d5:e2:
78:2c:a9:d0
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYsaBPnta50XxkmHomlM0BU/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4N2I3NjY5Njg3MTYyOTZlNWJiYTBiY2U4Mzg1NmFlNzE2
NWI4YjgwHhcNMjMxMDEwMTQzNjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWU1ZTgwMzc2MTliNzc1ODBkY2IzMjEzZjI3MmM2ZDcwNGU1NGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlr9yghY4r2+i8jhRTm+jPbbYdA6G
gr1+w2omapjE7pJrFMiMAUk+stf0QZp0Ww35zARMiPjf80WEKtX+tVIG6fHpQ4jg
yRqzUl6LPMMLAShY8/GWk1Gpb3tkPwmbLPo4O26K8XypzbRXoPPRwcYy+8OD2+oQ
vDxEroxg0X15KPMytiwxrz5CP/n3jN3Idph/CEx28LeCtWmRB49KPcOnmRbpJahl
zDCE54EhVSJLafRDeHJrX0berPGPcd0ataa83UEyLEr4AJhte9OnefSF+0E6skyW
xOSY///pwvoNFkKtU6Scsj7Q9et9N9a+I5QXiQYziG7CcNjH2f92J/BNswIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFLrl6AN2Gbd1gNyzIT8nLG1wTlS0MB8GA1UdIwQY
MBaAFLh7dmlocWKW5bugvOg4Vq5xZbi4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUh0MmFXaHhZcGJsdTZDODZEaFdybkZsdUxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS9hM2VkZTYtYmMzMS00ZDAwLTkyNWMt
M2Q2MTJmMzI0OTk2LzEvdXVYb0EzWVp0M1dBM0xNaFB5Y3NiWEJPVkxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS9hM2VkZTYtYmMzMS00ZDAwLTkyNWMtM2Q2MTJmMzI0OTk2
LzEvdUh0MmFXaHhZcGJsdTZDODZEaFdybkZsdUxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDA8BAIAATA2AwQFQvXAAwQG
To3AAwQEUPAQAwQHX7OAAwQCuVzcAwQGwPiAAwQFx/cAAwQF0frgAwQE2UUAMBgE
AgACMBIwEAMGBCoF9IAQAwYDKgX0gDAwDQYJKoZIhvcNAQELBQADggEBAAfI2m2e
+WVKV25nlCFNuWUynD7GzFRdScxCplWpYa5e7bwkIqmBYPXZoxAdLJ3NZfyjjbSR
fDuoVrkWQDW+9knft19pJp3mOuro0rM2Yu7+BTBPPK4MDfYr9RhgxJFjZ1S6GaHu
BYzGZ9mYFPIbpkBXu+Blk5ftcq1xOQGcIkPblqcVvy8yHG+IcHcQD+wxhtbDIbnJ
mKnQKaPKgxSySahqrUrLDf7ODW0MTk6VeormQGL8Hf2Qhg3IRrlGdJqxyRHROOBt
6r9Oz/rT9rtyHyFbzeKVKItMoutKoOKiOkfhJXcEh2Y45KkNj1mdpSAr9R7mCF2k
QuCoJw/V4ngsqdA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:45 2025 by rpki-client