Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/2ac980-2259-46fd-a428-7b98c7462a7e/1/UcNZdQqsVR6cX3JTXVejlrgK2a0.roa
File: UcNZdQqsVR6cX3JTXVejlrgK2a0.roa (raw, json)
Hash identifier: luIn6qFk5LKo7FgjJ9raJOZZlyRrGhEeRjlvISePkw4=
Subject key identifier: 51:C3:59:75:0A:AC:55:1E:9C:5F:72:53:5D:57:A3:96:B8:0A:D9:AD
Certificate issuer: /CN=84f2ce71c6ffce87560d565ee5ccda31e01b9c15
Certificate serial: 02458F35
Authority key identifier: 84:F2:CE:71:C6:FF:CE:87:56:0D:56:5E:E5:CC:DA:31:E0:1B:9C:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hPLOccb_zodWDVZe5czaMeAbnBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/2ac980-2259-46fd-a428-7b98c7462a7e/1/UcNZdQqsVR6cX3JTXVejlrgK2a0.roa
Signing time: Sat 01 Jan 2022 14:55:40 +0000
ROA not before: Sat 01 Jan 2022 14:55:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6855
IP address blocks: 89.24.56.0/21 maxlen: 21
193.86.32.0/19 maxlen: 19
78.80.96.0/21 maxlen: 21
78.80.104.0/21 maxlen: 21
78.80.112.0/21 maxlen: 21
78.80.120.0/21 maxlen: 21
89.24.48.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 38113077 (0x2458f35)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84f2ce71c6ffce87560d565ee5ccda31e01b9c15
Validity
Not Before: Jan 1 14:55:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=51c359750aac551e9c5f72535d57a396b80ad9ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:01:c0:1b:12:85:31:f7:5b:22:73:d7:5e:0e:
5b:f4:b0:b6:08:a7:01:20:13:32:33:3a:f8:9a:29:
e2:13:eb:bc:cf:4f:64:a6:ce:26:3a:bd:ff:5d:ab:
e1:5c:de:0f:d8:4b:c7:5f:4e:dd:17:16:7d:68:56:
22:69:cf:ee:41:36:cd:37:32:4a:a8:d8:f4:57:02:
42:7b:0e:70:b0:b0:b6:fc:5a:dc:51:2d:0d:c1:6d:
b7:99:7f:d7:1d:2f:94:07:5f:f2:8e:71:58:59:f4:
3b:f0:6d:1e:37:fa:50:23:64:5d:04:cb:28:02:df:
b6:54:61:5e:b6:cd:6a:1a:4f:a9:d2:47:6a:02:d7:
98:32:1e:d4:c8:3a:6f:ca:cb:2c:6f:8f:79:3f:b5:
93:f5:c9:e6:39:4a:73:2e:33:34:79:89:61:bd:e2:
9a:f1:a9:c1:6e:1c:24:71:e6:9f:5e:4d:2b:57:bf:
5e:13:d8:33:ba:4e:ed:8b:ec:ed:a4:d7:03:48:73:
1b:5d:88:27:f3:cd:7c:1f:54:07:25:02:fe:dd:ff:
2d:26:52:9f:3c:fa:ad:72:b6:1b:35:a9:41:bd:65:
0b:6d:71:e9:60:db:14:cb:26:2a:e7:0b:68:87:8b:
69:57:c2:b1:98:e4:4f:7c:d2:bb:b9:e2:b4:12:da:
11:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:C3:59:75:0A:AC:55:1E:9C:5F:72:53:5D:57:A3:96:B8:0A:D9:AD
X509v3 Authority Key Identifier:
keyid:84:F2:CE:71:C6:FF:CE:87:56:0D:56:5E:E5:CC:DA:31:E0:1B:9C:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPLOccb_zodWDVZe5czaMeAbnBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/2ac980-2259-46fd-a428-7b98c7462a7e/1/UcNZdQqsVR6cX3JTXVejlrgK2a0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/2ac980-2259-46fd-a428-7b98c7462a7e/1/hPLOccb_zodWDVZe5czaMeAbnBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.80.96.0/19
89.24.48.0/20
193.86.32.0/19
Signature Algorithm: sha256WithRSAEncryption
29:96:fd:1a:0d:2a:54:39:39:f3:91:0e:af:46:d7:68:27:e0:
7d:ae:76:ff:71:7b:4e:c1:1e:fd:72:06:81:ec:59:1c:92:52:
63:ef:dc:37:13:d1:95:a9:a0:ca:2a:ab:7f:b4:64:59:69:ec:
3f:dc:8e:c0:09:f8:cf:73:b7:a4:55:ee:a5:66:b7:a3:65:3a:
90:f7:df:28:c7:17:1b:63:a4:93:6a:37:e8:ad:e5:24:d6:0a:
7e:b8:b7:8d:51:70:b8:c2:8f:f7:ec:93:14:1a:e5:cd:6e:bd:
ae:87:7a:8a:fb:da:2f:77:4a:60:b1:a3:ee:41:8e:a3:7d:67:
3a:e8:15:eb:52:fa:28:c3:39:34:25:06:52:b5:32:7b:68:97:
9d:1c:6c:d0:1f:d2:59:2a:08:16:78:d2:93:11:49:9d:0f:64:
19:f2:ca:32:97:29:c3:9a:5f:d4:32:6e:9b:d9:50:0f:e3:3f:
d3:51:f1:b0:6e:0f:11:51:2c:e8:af:2d:84:79:66:47:cd:b5:
63:8b:86:93:2d:49:c7:59:df:ec:6e:22:ce:70:c5:6d:63:9f:
d3:63:cc:ee:7e:7e:8e:24:2c:23:70:75:30:4e:80:b5:00:c9:
9b:4d:b9:d3:c1:3c:a7:c4:15:1e:e3:bf:5e:56:78:1c:ed:3a:
ba:bb:ac:3e
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEAkWPNTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NGYyY2U3MWM2ZmZjZTg3NTYwZDU2NWVlNWNjZGEzMWUwMWI5YzE1MB4XDTIyMDEw
MTE0NTU0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTFjMzU5NzUwYWFj
NTUxZTljNWY3MjUzNWQ1N2EzOTZiODBhZDlhZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOQBwBsShTH3WyJz114OW/SwtginASATMjM6+Jop4hPrvM9P
ZKbOJjq9/12r4VzeD9hLx19O3RcWfWhWImnP7kE2zTcySqjY9FcCQnsOcLCwtvxa
3FEtDcFtt5l/1x0vlAdf8o5xWFn0O/BtHjf6UCNkXQTLKALftlRhXrbNahpPqdJH
agLXmDIe1Mg6b8rLLG+PeT+1k/XJ5jlKcy4zNHmJYb3imvGpwW4cJHHmn15NK1e/
XhPYM7pO7Yvs7aTXA0hzG12IJ/PNfB9UByUC/t3/LSZSnzz6rXK2GzWpQb1lC21x
6WDbFMsmKucLaIeLaVfCsZjkT3zSu7nitBLaEZMCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBRRw1l1CqxVHpxfclNdV6OWuArZrTAfBgNVHSMEGDAWgBSE8s5xxv/Oh1YN
Vl7lzNox4BucFTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hQTE9jY2Jfem9kV0RWWmU1Y3phTWVBYm5CVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDcvMmFjOTgwLTIyNTktNDZmZC1hNDI4LTdiOThjNzQ2MmE3ZS8x
L1VjTlpkUXFzVlI2Y1gzSlRYVmVqbHJnSzJhMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDcv
MmFjOTgwLTIyNTktNDZmZC1hNDI4LTdiOThjNzQ2MmE3ZS8xL2hQTE9jY2Jfem9k
V0RWWmU1Y3phTWVBYm5CVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEBU5QYAMEBFkYMAMEBcFWIDANBgkq
hkiG9w0BAQsFAAOCAQEAKZb9Gg0qVDk585EOr0bXaCfgfa52/3F7TsEe/XIGgexZ
HJJSY+/cNxPRlamgyiqrf7RkWWnsP9yOwAn4z3O3pFXupWa3o2U6kPffKMcXG2Ok
k2o36K3lJNYKfri3jVFwuMKP9+yTFBrlzW69rod6ivvaL3dKYLGj7kGOo31nOugV
61L6KMM5NCUGUrUye2iXnRxs0B/SWSoIFnjSkxFJnQ9kGfLKMpcpw5pf1DJum9lQ
D+M/01HxsG4PEVEs6K8thHlmR821Y4uGky1Jx1nf7G4iznDFbWOf02PM7n5+jiQs
I3B1ME6AtQDJm02508E8p8QVHuO/XlZ4HO06urusPg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:22 2025 by rpki-client