Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/9d9680-ffbf-43d1-9c05-1be753fad1bf/1/ukJ-U015XK1pd2tPtsoSptFxCq0.roa
File: ukJ-U015XK1pd2tPtsoSptFxCq0.roa (raw, json)
Hash identifier: FBB+GbINv+hRd/kc3qifeMe1zGMjvYNqmo5TSRz4ow4=
Subject key identifier: BA:42:7E:53:4D:79:5C:AD:69:77:6B:4F:B6:CA:12:A6:D1:71:0A:AD
Certificate issuer: /CN=6c5e4ef5516799ffe0bb1b839317dbd355bb7a9b
Certificate serial: 0185208302421FCB5CAA2EE9150C4267062C
Authority key identifier: 6C:5E:4E:F5:51:67:99:FF:E0:BB:1B:83:93:17:DB:D3:55:BB:7A:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bF5O9VFnmf_guxuDkxfb01W7eps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/9d9680-ffbf-43d1-9c05-1be753fad1bf/1/ukJ-U015XK1pd2tPtsoSptFxCq0.roa
Signing time: Sat 17 Dec 2022 14:35:34 +0000
ROA not before: Sat 17 Dec 2022 14:35:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47527
IP address blocks: 185.126.152.0/23 maxlen: 23
91.223.235.0/24 maxlen: 24
185.208.212.0/22 maxlen: 24
194.247.61.0/24 maxlen: 24
62.69.152.0/21 maxlen: 21
46.30.120.0/21 maxlen: 21
2a00:1b18::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:20:83:02:42:1f:cb:5c:aa:2e:e9:15:0c:42:67:06:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c5e4ef5516799ffe0bb1b839317dbd355bb7a9b
Validity
Not Before: Dec 17 14:35:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ba427e534d795cad69776b4fb6ca12a6d1710aad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:dd:64:6a:e0:1a:62:59:65:2c:42:42:26:e7:
fd:7e:8d:d4:ba:b1:0a:60:92:65:73:a3:38:91:e5:
be:b5:e3:bb:34:55:6c:74:a2:40:79:70:8c:45:74:
04:6e:0a:76:05:65:90:c3:61:17:c3:60:f0:f2:c7:
09:ee:e1:fb:4a:7d:90:03:63:5f:19:03:77:89:da:
8f:aa:52:67:08:37:04:89:ae:a8:30:d8:55:1b:99:
ff:ce:93:a2:37:b1:0e:ca:79:31:4e:4b:00:23:9f:
86:40:91:d4:ea:d3:41:29:f7:ca:05:52:29:6c:1c:
25:0a:62:a9:99:de:91:ee:36:98:e2:b8:1f:c9:ad:
5b:7f:a7:e1:5b:5a:99:94:96:02:1d:2b:76:33:5e:
3b:e1:2b:bd:60:54:76:e9:f4:27:02:0e:ab:80:55:
a2:7d:08:99:73:b7:ee:bf:4f:c3:44:c4:1a:d8:37:
e9:ae:1e:78:11:8b:2d:ed:7f:91:3e:7c:bd:5b:ad:
12:6d:20:ce:03:7c:14:1e:9b:60:0b:db:27:bf:a5:
65:03:8f:0e:f8:32:90:d1:c4:8c:36:3e:71:e9:de:
b1:d1:c8:45:33:49:f4:6c:1b:b7:cd:68:c8:b0:8f:
cb:bf:cd:7f:ea:8c:14:62:59:6e:18:80:66:80:00:
c9:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:42:7E:53:4D:79:5C:AD:69:77:6B:4F:B6:CA:12:A6:D1:71:0A:AD
X509v3 Authority Key Identifier:
keyid:6C:5E:4E:F5:51:67:99:FF:E0:BB:1B:83:93:17:DB:D3:55:BB:7A:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bF5O9VFnmf_guxuDkxfb01W7eps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/9d9680-ffbf-43d1-9c05-1be753fad1bf/1/ukJ-U015XK1pd2tPtsoSptFxCq0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/9d9680-ffbf-43d1-9c05-1be753fad1bf/1/bF5O9VFnmf_guxuDkxfb01W7eps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.30.120.0/21
62.69.152.0/21
91.223.235.0/24
185.126.152.0/23
185.208.212.0/22
194.247.61.0/24
IPv6:
2a00:1b18::/29
Signature Algorithm: sha256WithRSAEncryption
16:18:f7:7a:5f:e7:b5:88:1f:65:d5:89:61:ee:3c:82:cb:1d:
3b:a6:22:2f:a1:23:4d:df:79:fc:87:8a:7f:19:83:8b:41:4b:
ef:0c:4c:70:67:18:3f:19:c9:92:b3:de:07:21:92:b5:16:11:
be:da:57:17:6d:fb:61:80:09:10:6a:1b:2c:5b:c3:9d:2a:f3:
aa:24:fb:1e:a4:ce:70:62:64:7a:a8:fe:80:16:f2:21:5a:2c:
b0:50:e7:ac:82:79:bc:eb:e8:69:97:f5:73:81:ee:4c:f5:5e:
ec:5e:d4:0f:32:01:27:f5:64:79:6c:f0:95:e6:1b:8c:48:59:
99:3a:e0:48:a8:ca:95:5d:10:63:21:75:3b:80:04:2e:b5:a9:
4b:50:a3:02:c8:0c:5f:c0:b8:32:94:86:8c:07:67:79:f8:22:
de:73:c0:9b:0b:da:aa:1a:12:e3:e3:e1:29:0f:ae:cc:14:c6:
69:5f:26:c2:e7:f3:2b:54:f5:09:f0:5d:15:c3:67:b5:47:68:
ce:19:f4:ac:ac:48:7f:71:08:25:cc:63:8f:e0:2b:66:1f:3f:
4f:20:d4:d5:53:5e:d0:62:a1:20:ba:8c:9b:42:f7:92:0b:2f:
6e:b2:e0:fe:1d:be:11:28:9a:4c:bd:4e:76:e1:ac:e6:08:02:
ff:9e:28:60
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYUggwJCH8tcqi7pFQxCZwYsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjNWU0ZWY1NTE2Nzk5ZmZlMGJiMWI4MzkzMTdkYmQzNTVi
YjdhOWIwHhcNMjIxMjE3MTQzNTM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTQyN2U1MzRkNzk1Y2FkNjk3NzZiNGZiNmNhMTJhNmQxNzEwYWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnt1kauAaYlllLEJCJuf9fo3UurEK
YJJlc6M4keW+teO7NFVsdKJAeXCMRXQEbgp2BWWQw2EXw2Dw8scJ7uH7Sn2QA2Nf
GQN3idqPqlJnCDcEia6oMNhVG5n/zpOiN7EOynkxTksAI5+GQJHU6tNBKffKBVIp
bBwlCmKpmd6R7jaY4rgfya1bf6fhW1qZlJYCHSt2M1474Su9YFR26fQnAg6rgFWi
fQiZc7fuv0/DRMQa2Dfprh54EYst7X+RPny9W60SbSDOA3wUHptgC9snv6VlA48O
+DKQ0cSMNj5x6d6x0chFM0n0bBu3zWjIsI/Lv81/6owUYlluGIBmgADJzQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFLpCflNNeVytaXdrT7bKEqbRcQqtMB8GA1UdIwQY
MBaAFGxeTvVRZ5n/4Lsbg5MX29NVu3qbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkY1TzlWRm5tZl9ndXh1RGt4ZmIwMVc3ZXBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS85ZDk2ODAtZmZiZi00M2QxLTljMDUt
MWJlNzUzZmFkMWJmLzEvdWtKLVUwMTVYSzFwZDJ0UHRzb1NwdEZ4Q3EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS85ZDk2ODAtZmZiZi00M2QxLTljMDUtMWJlNzUzZmFkMWJm
LzEvYkY1TzlWRm5tZl9ndXh1RGt4ZmIwMVc3ZXBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDLh54AwQD
PkWYAwQAW9/rAwQBuX6YAwQCudDUAwQAwvc9MA0EAgACMAcDBQMqABsYMA0GCSqG
SIb3DQEBCwUAA4IBAQAWGPd6X+e1iB9l1Ylh7jyCyx07piIvoSNN33n8h4p/GYOL
QUvvDExwZxg/GcmSs94HIZK1FhG+2lcXbfthgAkQahssW8OdKvOqJPsepM5wYmR6
qP6AFvIhWiywUOesgnm86+hpl/Vzge5M9V7sXtQPMgEn9WR5bPCV5huMSFmZOuBI
qMqVXRBjIXU7gAQutalLUKMCyAxfwLgylIaMB2d5+CLec8CbC9qqGhLj4+EpD67M
FMZpXybC5/MrVPUJ8F0Vw2e1R2jOGfSsrEh/cQglzGOP4CtmHz9PINTVU17QYqEg
uoybQveSCy9usuD+Hb4RKJpMvU524azmCAL/nihg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:55 2024 by rpki-client on console-fra.rpki-client.org