Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/Ukw4_u_Hyt7lX1j7uHLHAfb_Mxw.roa
File: Ukw4_u_Hyt7lX1j7uHLHAfb_Mxw.roa (raw, json)
Hash identifier: kezNWi9sytTSLjRDnX8e9nvhWMNgI5F+GErVGG7/ORg=
Subject key identifier: 52:4C:38:FE:EF:C7:CA:DE:E5:5F:58:FB:B8:72:C7:01:F6:FF:33:1C
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 0184DEE127A7FFB10D9C0164FC854121C42D
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/Ukw4_u_Hyt7lX1j7uHLHAfb_Mxw.roa
Signing time: Sun 04 Dec 2022 20:43:28 +0000
ROA not before: Sun 04 Dec 2022 20:43:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42910
IP address blocks: 77.92.152.0/24 maxlen: 24
188.132.170.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:de:e1:27:a7:ff:b1:0d:9c:01:64:fc:85:41:21:c4:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Dec 4 20:43:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=524c38feefc7cadee55f58fbb872c701f6ff331c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:1f:e7:3d:d6:af:2b:ef:98:1d:09:9f:bf:dc:
0c:3b:67:14:5f:c3:db:13:4d:d1:8a:3c:12:a9:df:
8a:65:95:57:ad:5a:01:95:82:77:54:1a:d7:b9:0d:
15:e1:f3:2a:80:0d:2d:76:9b:e6:bd:63:61:db:44:
28:5d:81:b3:32:8b:08:19:11:ac:a9:27:27:b2:86:
df:9f:36:2f:08:ad:ed:ab:56:fb:f5:77:16:ca:f5:
91:4b:fd:a0:69:c6:50:ef:d4:9f:ab:96:10:46:f8:
bb:5a:23:1d:62:39:a9:a6:8e:4b:77:7d:5c:09:8c:
2d:1f:3a:4b:12:11:cc:94:53:1e:cb:a2:b8:f8:53:
f4:88:1d:ee:87:9f:3e:c5:42:a8:9c:77:ff:7a:4b:
23:65:3d:af:79:33:f4:72:60:20:ef:e3:43:ba:6c:
90:53:6c:9c:73:98:8e:88:04:b9:1c:5d:d3:6d:3e:
71:59:b0:65:90:27:6d:83:5b:d1:b2:ed:b9:e7:3d:
6e:b9:4e:a8:f8:a4:a2:4b:0e:70:56:51:44:86:4a:
0d:5b:38:55:68:48:f5:d2:55:75:ee:85:8e:02:a3:
99:30:43:fc:42:37:0b:ba:3f:bc:42:14:3e:8b:4c:
ea:94:61:1b:44:b7:84:3a:28:2c:c3:ff:92:50:6d:
ec:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:4C:38:FE:EF:C7:CA:DE:E5:5F:58:FB:B8:72:C7:01:F6:FF:33:1C
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/Ukw4_u_Hyt7lX1j7uHLHAfb_Mxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.92.152.0/24
188.132.170.0/24
Signature Algorithm: sha256WithRSAEncryption
29:22:48:bd:8d:d4:5c:b9:7f:79:39:21:13:3b:51:d1:f2:5c:
92:13:b2:47:8c:35:39:d5:1b:a8:01:cb:ff:7c:bd:82:cd:ce:
43:48:af:00:bf:a6:1b:2c:73:78:b9:df:c7:b0:ff:67:d4:75:
09:fa:12:b0:2f:1e:67:08:3b:52:cf:40:9c:bb:8b:cf:17:ca:
25:8b:74:f1:4b:cc:fb:f3:06:e8:2f:96:ab:fd:5a:13:73:18:
8d:58:2c:b6:dc:8a:69:52:62:44:78:6f:a1:22:ef:64:d7:05:
fd:94:2b:77:a8:ec:e1:ca:ac:4f:6f:6a:45:26:0e:4c:d5:29:
53:41:e0:cc:09:2f:9f:c7:c9:9d:1e:fb:2a:70:38:35:63:64:
0b:f2:fb:1b:24:ed:0d:cd:a7:9e:1d:a1:d9:09:d4:c9:92:83:
79:83:48:2b:99:ce:76:13:ee:e5:b6:a0:cd:b7:b2:bc:93:cd:
b4:dd:c1:52:2a:c5:a6:6d:c5:8d:6b:0a:28:19:93:76:be:09:
c0:97:7a:49:f5:43:cd:17:b6:d5:1e:ad:a5:53:db:ca:d2:3f:
c8:c0:bc:ae:40:92:11:c1:13:07:a8:92:8c:a6:79:d3:32:9e:
9d:48:9c:4b:79:b4:e8:bf:c5:67:20:0a:19:7c:da:96:3d:36:
cc:65:c4:f3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYTe4Sen/7ENnAFk/IVBIcQtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjIxMjA0MjA0MzI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjRjMzhmZWVmYzdjYWRlZTU1ZjU4ZmJiODcyYzcwMWY2ZmYzMzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7R/nPdavK++YHQmfv9wMO2cUX8Pb
E03RijwSqd+KZZVXrVoBlYJ3VBrXuQ0V4fMqgA0tdpvmvWNh20QoXYGzMosIGRGs
qScnsobfnzYvCK3tq1b79XcWyvWRS/2gacZQ79Sfq5YQRvi7WiMdYjmppo5Ld31c
CYwtHzpLEhHMlFMey6K4+FP0iB3uh58+xUKonHf/eksjZT2veTP0cmAg7+NDumyQ
U2ycc5iOiAS5HF3TbT5xWbBlkCdtg1vRsu255z1uuU6o+KSiSw5wVlFEhkoNWzhV
aEj10lV17oWOAqOZMEP8QjcLuj+8QhQ+i0zqlGEbRLeEOigsw/+SUG3s4wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFJMOP7vx8re5V9Y+7hyxwH2/zMcMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvVWt3NF91X0h5dDdsWDFqN3VITEhBZmJfTXh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATVyYAwQA
vISqMA0GCSqGSIb3DQEBCwUAA4IBAQApIki9jdRcuX95OSETO1HR8lySE7JHjDU5
1RuoAcv/fL2Czc5DSK8Av6YbLHN4ud/HsP9n1HUJ+hKwLx5nCDtSz0Ccu4vPF8ol
i3TxS8z78wboL5ar/VoTcxiNWCy23IppUmJEeG+hIu9k1wX9lCt3qOzhyqxPb2pF
Jg5M1SlTQeDMCS+fx8mdHvsqcDg1Y2QL8vsbJO0NzaeeHaHZCdTJkoN5g0grmc52
E+7ltqDNt7K8k8203cFSKsWmbcWNawooGZN2vgnAl3pJ9UPNF7bVHq2lU9vK0j/I
wLyuQJIRwRMHqJKMpnnTMp6dSJxLebTov8VnIAoZfNqWPTbMZcTz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:44 2024 by rpki-client on console-fra.rpki-client.org