Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/811d16-b513-47ed-9e71-238405f2cde9/1/UckY6ck-6pmSPjlYzIzTqdUOLjo.roa
File: UckY6ck-6pmSPjlYzIzTqdUOLjo.roa (raw, json)
Hash identifier: NwPU2OTY6oUafF5bW9lXGMggwSZzlulQoM4OAZw8zrs=
Subject key identifier: 51:C9:18:E9:C9:3E:EA:99:92:3E:39:58:CC:8C:D3:A9:D5:0E:2E:3A
Certificate issuer: /CN=c7983b3a9758fcbe78733d9155aed266c882a23c
Certificate serial: 040E0C0A
Authority key identifier: C7:98:3B:3A:97:58:FC:BE:78:73:3D:91:55:AE:D2:66:C8:82:A2:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x5g7OpdY_L54cz2RVa7SZsiCojw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/811d16-b513-47ed-9e71-238405f2cde9/1/UckY6ck-6pmSPjlYzIzTqdUOLjo.roa
Signing time: Fri 18 Feb 2022 10:39:07 +0000
ROA not before: Fri 18 Feb 2022 10:39:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16342
IP address blocks: 85.89.160.0/20 maxlen: 20
77.237.0.0/19 maxlen: 19
85.89.176.0/20 maxlen: 20
185.67.216.0/22 maxlen: 22
185.67.217.0/24 maxlen: 24
185.67.216.0/24 maxlen: 24
185.67.218.0/24 maxlen: 24
185.67.219.0/24 maxlen: 24
31.182.0.0/15 maxlen: 16
217.113.224.0/20 maxlen: 20
2a03:af80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68029450 (0x40e0c0a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7983b3a9758fcbe78733d9155aed266c882a23c
Validity
Not Before: Feb 18 10:39:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=51c918e9c93eea99923e3958cc8cd3a9d50e2e3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:dd:0d:bf:6e:0a:b6:fc:82:b3:e4:b3:86:d2:
fb:92:97:68:59:14:ac:1b:5c:8d:58:79:17:5e:13:
05:1c:b0:87:6c:c6:67:27:e3:05:78:fa:75:5b:a5:
db:76:07:47:ea:fe:a5:fe:88:ec:00:f4:67:48:6e:
63:10:cd:6c:18:4e:86:21:3a:35:2f:51:93:e1:68:
5e:40:c6:e0:ed:b9:31:11:36:99:05:54:27:82:d2:
bd:ec:a4:7d:b4:e4:31:19:ea:93:6b:bf:c0:7f:6f:
57:5d:96:db:bd:2d:54:76:46:04:31:66:5f:1d:94:
d4:3e:80:f9:7c:41:38:e2:de:76:11:f2:a5:c7:d9:
34:a7:35:1e:d5:6a:d7:52:18:67:20:9f:67:5f:61:
4e:54:ed:96:0f:a5:d3:bb:21:94:c0:4f:c5:fd:48:
9f:b0:38:8f:e0:67:13:89:39:0a:f2:7c:31:f4:3b:
bb:50:fb:42:a6:20:c0:fe:e2:ab:23:d9:44:8e:88:
6f:d4:43:72:6b:22:b6:21:1b:1c:3e:64:58:a4:83:
c9:c9:96:a6:04:a9:82:b7:77:fc:78:db:5c:8f:38:
ba:56:47:74:6c:73:d4:da:fa:29:cb:8a:14:91:0f:
47:c2:d0:16:58:b2:68:41:dd:9d:79:ea:e2:35:dd:
ce:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:C9:18:E9:C9:3E:EA:99:92:3E:39:58:CC:8C:D3:A9:D5:0E:2E:3A
X509v3 Authority Key Identifier:
keyid:C7:98:3B:3A:97:58:FC:BE:78:73:3D:91:55:AE:D2:66:C8:82:A2:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x5g7OpdY_L54cz2RVa7SZsiCojw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/811d16-b513-47ed-9e71-238405f2cde9/1/UckY6ck-6pmSPjlYzIzTqdUOLjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/811d16-b513-47ed-9e71-238405f2cde9/1/x5g7OpdY_L54cz2RVa7SZsiCojw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.182.0.0/15
77.237.0.0/19
85.89.160.0/19
185.67.216.0/22
217.113.224.0/20
IPv6:
2a03:af80::/29
Signature Algorithm: sha256WithRSAEncryption
2d:89:93:c3:97:80:da:68:83:80:29:bf:8e:f8:86:77:5a:8c:
d8:67:c0:b9:b4:97:e4:72:01:be:ae:3e:ba:3f:09:b9:c9:a3:
2d:f7:e4:26:31:b1:fd:01:aa:ca:2b:f9:8d:63:28:c7:6a:8a:
e0:32:9f:79:b8:6e:a8:de:00:d0:52:70:e1:77:b4:7d:df:01:
00:13:0b:7e:69:3b:d0:dc:16:b4:33:db:dd:3e:45:2e:e9:8f:
f7:3c:5b:22:2f:2f:1c:99:d2:45:38:c6:20:32:8e:95:31:a4:
7a:0b:39:d0:78:35:bc:e6:8a:60:0f:85:b2:4b:49:de:d4:e1:
f1:95:85:0f:57:75:ac:63:b2:25:09:8e:30:7d:3e:8e:24:7e:
09:b8:c4:05:1a:44:f0:c6:ba:9c:b4:c5:26:a0:8a:d4:0e:44:
b8:0c:22:45:97:0b:73:13:fc:c1:95:47:8d:53:60:fd:6a:e3:
81:80:10:36:02:1f:80:57:48:23:e8:a1:68:10:24:61:83:e5:
a9:56:b7:82:3f:38:89:10:a9:c5:ac:b9:2e:32:f9:e8:ea:f5:
73:63:ca:48:db:9d:c4:60:af:5c:32:2f:93:24:7c:96:c0:b9:
a3:a6:2d:d6:90:27:bd:06:8d:15:2c:54:77:84:42:13:af:b6:
8d:e2:c4:f0
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIEBA4MCjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Nzk4M2IzYTk3NThmY2JlNzg3MzNkOTE1NWFlZDI2NmM4ODJhMjNjMB4XDTIyMDIx
ODEwMzkwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTFjOTE4ZTljOTNl
ZWE5OTkyM2UzOTU4Y2M4Y2QzYTlkNTBlMmUzYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMXdDb9uCrb8grPks4bS+5KXaFkUrBtcjVh5F14TBRywh2zG
ZyfjBXj6dVul23YHR+r+pf6I7AD0Z0huYxDNbBhOhiE6NS9Rk+FoXkDG4O25MRE2
mQVUJ4LSveykfbTkMRnqk2u/wH9vV12W270tVHZGBDFmXx2U1D6A+XxBOOLedhHy
pcfZNKc1HtVq11IYZyCfZ19hTlTtlg+l07shlMBPxf1In7A4j+BnE4k5CvJ8MfQ7
u1D7QqYgwP7iqyPZRI6Ib9RDcmsitiEbHD5kWKSDycmWpgSpgrd3/HjbXI84ulZH
dGxz1Nr6KcuKFJEPR8LQFliyaEHdnXnq4jXdzosCAwEAAaOCAi8wggIrMB0GA1Ud
DgQWBBRRyRjpyT7qmZI+OVjMjNOp1Q4uOjAfBgNVHSMEGDAWgBTHmDs6l1j8vnhz
PZFVrtJmyIKiPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3g1ZzdPcGRZX0w1NGN6MlJWYTdTWnNpQ29qdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2QvODExZDE2LWI1MTMtNDdlZC05ZTcxLTIzODQwNWYyY2RlOS8x
L1Vja1k2Y2stNnBtU1BqbFl6SXpUcWRVT0xqby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Qv
ODExZDE2LWI1MTMtNDdlZC05ZTcxLTIzODQwNWYyY2RlOS8xL3g1ZzdPcGRZX0w1
NGN6MlJWYTdTWnNpQ29qdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBF
BggrBgEFBQcBBwEB/wQ2MDQwIwQCAAEwHQMDAR+2AwQFTe0AAwQFVVmgAwQCuUPY
AwQE2XHgMA0EAgACMAcDBQMqA6+AMA0GCSqGSIb3DQEBCwUAA4IBAQAtiZPDl4Da
aIOAKb+O+IZ3WozYZ8C5tJfkcgG+rj66Pwm5yaMt9+QmMbH9AarKK/mNYyjHaorg
Mp95uG6o3gDQUnDhd7R93wEAEwt+aTvQ3Ba0M9vdPkUu6Y/3PFsiLy8cmdJFOMYg
Mo6VMaR6CznQeDW85opgD4WyS0ne1OHxlYUPV3WsY7IlCY4wfT6OJH4JuMQFGkTw
xrqctMUmoIrUDkS4DCJFlwtzE/zBlUeNU2D9auOBgBA2Ah+AV0gj6KFoECRhg+Wp
VreCPziJEKnFrLkuMvno6vVzY8pI253EYK9cMi+TJHyWwLmjpi3WkCe9Bo0VLFR3
hEITr7aN4sTw
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:56:19 2025 by rpki-client