Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/b1282f-71c5-47e7-aea1-4d05498aa97d/1/UADnGWJVc-ipktc1DPBIbtN_H38.roa
File: UADnGWJVc-ipktc1DPBIbtN_H38.roa (raw, json)
Hash identifier: 79PBcyZdoWiENMUBsO8bVIGoy+RSA/TDPKPAX2NVGEw=
Subject key identifier: 50:00:E7:19:62:55:73:E8:A9:92:D7:35:0C:F0:48:6E:D3:7F:1F:7F
Certificate issuer: /CN=b0f8a885f7776d2ab99bb4f20e84d306e0394aa3
Certificate serial: 01856FC277BD30735458CFA6CB5BEF3362E9
Authority key identifier: B0:F8:A8:85:F7:77:6D:2A:B9:9B:B4:F2:0E:84:D3:06:E0:39:4A:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sPiohfd3bSq5m7TyDoTTBuA5SqM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/b1282f-71c5-47e7-aea1-4d05498aa97d/1/UADnGWJVc-ipktc1DPBIbtN_H38.roa
Signing time: Sun 01 Jan 2023 23:54:53 +0000
ROA not before: Sun 01 Jan 2023 23:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48305
IP address blocks: 45.148.0.0/22 maxlen: 22
185.86.184.0/22 maxlen: 22
91.242.132.0/22 maxlen: 22
91.242.128.0/22 maxlen: 22
2a03:77e0:3301::/48 maxlen: 48
2a03:77e0:4401::/48 maxlen: 48
2a03:77e0:5301::/48 maxlen: 48
2a0f:4400::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:77:bd:30:73:54:58:cf:a6:cb:5b:ef:33:62:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0f8a885f7776d2ab99bb4f20e84d306e0394aa3
Validity
Not Before: Jan 1 23:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5000e719625573e8a992d7350cf0486ed37f1f7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:32:14:2b:bd:e6:9a:46:36:fa:87:71:1d:c1:
a6:fa:47:71:3a:b4:09:e5:03:dc:d2:fd:d7:a7:67:
b3:a3:b7:f5:d3:b3:e6:41:25:60:6d:2b:3e:2e:4e:
c9:c7:2e:52:83:a1:35:7f:9f:62:40:cd:85:cb:01:
27:11:b2:a9:97:d8:3c:4f:26:92:04:e3:da:5e:16:
8f:e8:50:83:14:ff:33:f2:b1:22:79:b7:e2:72:fc:
24:ca:f4:8c:a6:27:cd:fd:eb:59:c5:3b:e9:37:3f:
54:26:8a:f2:2f:f0:20:15:66:de:d7:64:31:47:f6:
18:4c:2c:f9:e4:b8:9f:00:52:09:8e:03:92:80:01:
d3:79:c7:c3:47:c1:4c:9b:a7:ef:28:86:f2:8e:33:
6b:b1:8c:91:47:dd:ca:68:59:98:92:f1:30:77:0a:
e2:07:98:97:df:aa:54:2d:50:e6:16:24:94:2e:ad:
b7:4b:3b:25:45:63:25:78:09:5c:d0:ec:f3:c6:07:
44:d0:1e:54:a7:25:f5:d2:c3:19:2d:b1:ef:6c:c9:
34:21:52:8e:9e:f8:60:8b:d7:18:07:bc:67:bb:bf:
a6:43:35:fc:5f:34:78:89:6e:13:0b:68:81:01:ee:
bf:df:83:fe:a0:d0:27:33:4a:2a:80:a1:1e:67:01:
bc:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:00:E7:19:62:55:73:E8:A9:92:D7:35:0C:F0:48:6E:D3:7F:1F:7F
X509v3 Authority Key Identifier:
keyid:B0:F8:A8:85:F7:77:6D:2A:B9:9B:B4:F2:0E:84:D3:06:E0:39:4A:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sPiohfd3bSq5m7TyDoTTBuA5SqM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/b1282f-71c5-47e7-aea1-4d05498aa97d/1/UADnGWJVc-ipktc1DPBIbtN_H38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/b1282f-71c5-47e7-aea1-4d05498aa97d/1/sPiohfd3bSq5m7TyDoTTBuA5SqM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.0.0/22
91.242.128.0/21
185.86.184.0/22
IPv6:
2a03:77e0:3301::/48
2a03:77e0:4401::/48
2a03:77e0:5301::/48
2a0f:4400::/29
Signature Algorithm: sha256WithRSAEncryption
56:80:ba:d5:8f:1c:bc:49:74:52:63:fc:c7:13:36:24:3b:c0:
9f:76:2b:7f:a9:5d:c2:b4:f0:32:f1:ed:ea:f7:77:c3:b7:ce:
ac:24:0c:a3:68:d7:a8:70:d7:0e:8a:0d:36:1b:51:71:1b:79:
50:a5:71:f6:b5:83:59:24:95:cd:1c:ca:14:2b:27:8f:ee:e3:
04:55:07:f1:ec:27:51:8c:83:d8:d1:fa:3e:10:11:9f:be:76:
76:3c:df:a2:ac:dc:1d:e9:ab:a2:dd:49:d1:4f:09:65:9d:91:
05:bf:41:3a:94:9c:8b:21:0c:35:13:44:5f:f3:ce:15:41:18:
80:08:88:10:9e:09:10:57:ce:e3:ee:d4:aa:e0:32:44:1e:0d:
06:af:26:72:69:1a:7d:06:ba:bc:a5:3e:09:e3:13:8e:c4:61:
e6:5a:59:33:7e:3a:d4:96:3b:ca:72:24:c9:0c:91:a8:98:76:
d7:60:16:cf:35:f4:26:04:dd:ef:6b:58:9b:5f:48:b3:53:6d:
5f:89:6a:7e:da:18:3a:45:cd:1d:71:6d:b9:3c:e2:79:a9:96:
ca:95:a0:24:dc:91:7a:3e:11:9b:56:c4:ea:75:61:37:6b:77:
1a:b0:96:ce:a3:a4:69:17:bc:96:c9:b1:0c:0d:cd:1c:b4:1d:
44:7a:54:37
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYVvwne9MHNUWM+my1vvM2LpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZjhhODg1Zjc3NzZkMmFiOTliYjRmMjBlODRkMzA2ZTAz
OTRhYTMwHhcNMjMwMTAxMjM1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDAwZTcxOTYyNTU3M2U4YTk5MmQ3MzUwY2YwNDg2ZWQzN2YxZjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzIUK73mmkY2+odxHcGm+kdxOrQJ
5QPc0v3Xp2ezo7f107PmQSVgbSs+Lk7Jxy5Sg6E1f59iQM2FywEnEbKpl9g8TyaS
BOPaXhaP6FCDFP8z8rEiebficvwkyvSMpifN/etZxTvpNz9UJoryL/AgFWbe12Qx
R/YYTCz55LifAFIJjgOSgAHTecfDR8FMm6fvKIbyjjNrsYyRR93KaFmYkvEwdwri
B5iX36pULVDmFiSULq23SzslRWMleAlc0OzzxgdE0B5UpyX10sMZLbHvbMk0IVKO
nvhgi9cYB7xnu7+mQzX8XzR4iW4TC2iBAe6/34P+oNAnM0oqgKEeZwG8XwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFFAA5xliVXPoqZLXNQzwSG7Tfx9/MB8GA1UdIwQY
MBaAFLD4qIX3d20quZu08g6E0wbgOUqjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1Bpb2hmZDNiU3E1bTdUeURvVFRCdUE1U3FNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9iMTI4MmYtNzFjNS00N2U3LWFlYTEt
NGQwNTQ5OGFhOTdkLzEvVUFEbkdXSlZjLWlwa3RjMURQQklidE5fSDM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9iMTI4MmYtNzFjNS00N2U3LWFlYTEtNGQwNTQ5OGFhOTdk
LzEvc1Bpb2hmZDNiU3E1bTdUeURvVFRCdUE1U3FNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAYBAIAATASAwQCLZQAAwQD
W/KAAwQCuVa4MCgEAgACMCIDBwAqA3fgMwEDBwAqA3fgRAEDBwAqA3fgUwEDBQMq
D0QAMA0GCSqGSIb3DQEBCwUAA4IBAQBWgLrVjxy8SXRSY/zHEzYkO8Cfdit/qV3C
tPAy8e3q93fDt86sJAyjaNeocNcOig02G1FxG3lQpXH2tYNZJJXNHMoUKyeP7uME
VQfx7CdRjIPY0fo+EBGfvnZ2PN+irNwd6aui3UnRTwllnZEFv0E6lJyLIQw1E0Rf
884VQRiACIgQngkQV87j7tSq4DJEHg0GryZyaRp9Brq8pT4J4xOOxGHmWlkzfjrU
ljvKciTJDJGomHbXYBbPNfQmBN3va1ibX0izU21fiWp+2hg6Rc0dcW25POJ5qZbK
laAk3JF6PhGbVsTqdWE3a3casJbOo6RpF7yWybEMDc0ctB1EelQ3
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:46 2025 by rpki-client