Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/4d2e67-5ac2-427d-8b7b-d25a9df15925/1/uwjB1HJJZGyMwoAPmejmznQLJcc.roa
File: uwjB1HJJZGyMwoAPmejmznQLJcc.roa (raw, json)
Hash identifier: xxFsIJcArUFTHHnEtvDNAzFm7H3R0LyV1unLbsahv14=
Subject key identifier: BB:08:C1:D4:72:49:64:6C:8C:C2:80:0F:99:E8:E6:CE:74:0B:25:C7
Certificate issuer: /CN=9a754c71d62cb23948d9119eda772fde38e67b67
Certificate serial: 1C02A3BF
Authority key identifier: 9A:75:4C:71:D6:2C:B2:39:48:D9:11:9E:DA:77:2F:DE:38:E6:7B:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mnVMcdYssjlI2RGe2ncv3jjme2c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/4d2e67-5ac2-427d-8b7b-d25a9df15925/1/uwjB1HJJZGyMwoAPmejmznQLJcc.roa
Signing time: Sat 01 Jan 2022 05:02:39 +0000
ROA not before: Sat 01 Jan 2022 05:02:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199286
IP address blocks: 194.110.137.0/24 maxlen: 24
194.110.117.0/24 maxlen: 24
185.122.71.0/24 maxlen: 24
185.122.68.0/22 maxlen: 22
185.122.69.0/24 maxlen: 24
185.122.68.0/24 maxlen: 24
185.122.70.0/24 maxlen: 24
194.110.132.0/24 maxlen: 24
185.12.137.0/24 maxlen: 24
185.12.136.0/22 maxlen: 22
185.12.139.0/24 maxlen: 24
185.12.138.0/24 maxlen: 24
185.12.136.0/24 maxlen: 24
194.110.74.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 469935039 (0x1c02a3bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a754c71d62cb23948d9119eda772fde38e67b67
Validity
Not Before: Jan 1 05:02:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bb08c1d47249646c8cc2800f99e8e6ce740b25c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:53:aa:b5:12:c0:c3:56:ff:b9:25:93:60:b9:
84:da:fb:00:3e:63:4a:2c:94:d3:4f:45:88:1f:60:
3d:bb:3a:43:d6:5d:8d:f5:ec:f5:95:a8:93:23:9c:
9c:d6:44:73:0a:18:7f:79:ec:26:ca:18:88:1c:f6:
6e:ee:86:3f:38:df:50:32:a4:be:69:66:0f:5c:87:
83:05:5a:20:ee:70:80:ae:a6:28:83:fe:d6:70:3f:
72:82:f7:41:63:8f:13:7e:fd:55:d9:a9:0f:a3:c6:
b4:58:dc:f8:a0:ba:c3:2d:cc:9e:4a:2e:f1:7c:d4:
85:09:c2:8c:12:7e:a4:f9:63:8d:06:df:f3:1d:55:
98:70:a9:e6:96:ab:07:8f:1b:95:7d:fa:95:7c:45:
ea:b5:ba:7f:ec:25:74:af:11:1c:0f:96:72:01:86:
66:50:3a:fd:fd:00:2d:47:99:6b:a9:2a:ad:80:48:
a5:52:75:80:6b:c1:dd:d9:fb:21:07:ba:32:a6:8f:
6f:49:0f:8f:77:81:de:b7:36:99:85:d1:a3:24:4c:
b4:27:c3:19:61:0f:2a:8c:43:b0:c5:a0:1b:d6:e9:
88:fe:be:7c:15:06:95:14:bf:ca:9e:48:6d:b1:4f:
6a:b5:25:e2:51:75:ab:dd:3a:36:3d:67:d4:20:82:
6e:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:08:C1:D4:72:49:64:6C:8C:C2:80:0F:99:E8:E6:CE:74:0B:25:C7
X509v3 Authority Key Identifier:
keyid:9A:75:4C:71:D6:2C:B2:39:48:D9:11:9E:DA:77:2F:DE:38:E6:7B:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mnVMcdYssjlI2RGe2ncv3jjme2c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/4d2e67-5ac2-427d-8b7b-d25a9df15925/1/uwjB1HJJZGyMwoAPmejmznQLJcc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/4d2e67-5ac2-427d-8b7b-d25a9df15925/1/mnVMcdYssjlI2RGe2ncv3jjme2c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.12.136.0/22
185.122.68.0/22
194.110.74.0/24
194.110.117.0/24
194.110.132.0/24
194.110.137.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:0b:e8:cb:2b:dd:5d:10:4c:9a:a0:f8:90:84:e8:a9:0e:8d:
58:10:27:a0:97:b8:00:2e:18:eb:cf:c4:25:8c:af:0c:26:9a:
f1:13:c5:89:df:d2:7c:f1:66:f2:d2:73:51:60:c7:5f:67:4d:
ab:76:b3:e1:89:fe:5f:e1:1d:a8:79:95:43:12:ee:39:73:06:
d3:86:09:20:f2:ed:9a:ec:cf:04:df:75:e9:f3:07:4c:62:59:
86:08:a6:6f:c6:60:33:4f:72:93:15:4c:2f:91:f9:20:e1:4f:
3f:a1:38:e0:f9:38:28:ec:8d:80:79:25:e8:06:ec:59:8a:99:
24:49:ce:31:97:9b:53:6d:e5:bb:e0:b7:47:9c:72:52:72:1b:
35:6f:0e:ed:05:27:33:d7:27:96:c3:63:4c:cf:70:4c:c0:1c:
fa:8a:f3:30:66:ca:f1:1f:5c:14:43:ba:af:c3:06:76:53:95:
54:2d:09:bc:83:03:08:e6:9b:83:45:7d:75:a3:10:ac:3f:50:
87:f1:88:72:d6:d4:8c:ee:28:33:1c:28:c2:18:e3:ca:d5:94:
e0:ec:8c:09:c0:46:8a:15:65:44:c4:48:16:bf:18:43:64:af:
06:1e:58:4e:16:d5:4d:fd:46:f3:60:e9:4f:fe:cd:82:0e:c0:
31:91:fd:c3
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEHAKjvzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YTc1NGM3MWQ2MmNiMjM5NDhkOTExOWVkYTc3MmZkZTM4ZTY3YjY3MB4XDTIyMDEw
MTA1MDIzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmIwOGMxZDQ3MjQ5
NjQ2YzhjYzI4MDBmOTllOGU2Y2U3NDBiMjVjNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMxTqrUSwMNW/7klk2C5hNr7AD5jSiyU009FiB9gPbs6Q9Zd
jfXs9ZWokyOcnNZEcwoYf3nsJsoYiBz2bu6GPzjfUDKkvmlmD1yHgwVaIO5wgK6m
KIP+1nA/coL3QWOPE379VdmpD6PGtFjc+KC6wy3Mnkou8XzUhQnCjBJ+pPljjQbf
8x1VmHCp5parB48blX36lXxF6rW6f+wldK8RHA+WcgGGZlA6/f0ALUeZa6kqrYBI
pVJ1gGvB3dn7IQe6MqaPb0kPj3eB3rc2mYXRoyRMtCfDGWEPKoxDsMWgG9bpiP6+
fBUGlRS/yp5IbbFParUl4lF1q906Nj1n1CCCbhsCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBS7CMHUcklkbIzCgA+Z6ObOdAslxzAfBgNVHSMEGDAWgBSadUxx1iyyOUjZ
EZ7ady/eOOZ7ZzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21uVk1jZFlzc2psSTJSR2UybmN2M2pqbWUyYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDEvNGQyZTY3LTVhYzItNDI3ZC04YjdiLWQyNWE5ZGYxNTkyNS8x
L3V3akIxSEpKWkd5TXdvQVBtZWptem5RTEpjYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDEv
NGQyZTY3LTVhYzItNDI3ZC04YjdiLWQyNWE5ZGYxNTkyNS8xL21uVk1jZFlzc2ps
STJSR2UybmN2M2pqbWUyYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEArkMiAMEArl6RAMEAMJuSgMEAMJu
dQMEAMJuhAMEAMJuiTANBgkqhkiG9w0BAQsFAAOCAQEAXgvoyyvdXRBMmqD4kITo
qQ6NWBAnoJe4AC4Y68/EJYyvDCaa8RPFid/SfPFm8tJzUWDHX2dNq3az4Yn+X+Ed
qHmVQxLuOXMG04YJIPLtmuzPBN916fMHTGJZhgimb8ZgM09ykxVML5H5IOFPP6E4
4Pk4KOyNgHkl6AbsWYqZJEnOMZebU23lu+C3R5xyUnIbNW8O7QUnM9cnlsNjTM9w
TMAc+orzMGbK8R9cFEO6r8MGdlOVVC0JvIMDCOabg0V9daMQrD9Qh/GIctbUjO4o
MxwowhjjytWU4OyMCcBGihVlRMRIFr8YQ2SvBh5YThbVTf1G82DpT/7Ngg7AMZH9
ww==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:12 2024 by rpki-client on console-ams.rpki-client.org