Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/7b127b-44ce-4cad-ad8f-089c1c3d4357/1/4-UKB_3TbRj6zhKM0Uma_RhnS0k.roa
File: 4-UKB_3TbRj6zhKM0Uma_RhnS0k.roa (raw, json)
Hash identifier: 3aNCXbSFdvQH1zO+bpqaHrWym9SJLe5wFp2aaOzUl7A=
Subject key identifier: E3:E5:0A:07:FD:D3:6D:18:FA:CE:12:8C:D1:49:9A:FD:18:67:4B:49
Certificate issuer: /CN=2ac3ed794adafb91cb81a969eb8a9b2905fee2ec
Certificate serial: 09882146
Authority key identifier: 2A:C3:ED:79:4A:DA:FB:91:CB:81:A9:69:EB:8A:9B:29:05:FE:E2:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPteUra-5HLgalp64qbKQX-4uw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/7b127b-44ce-4cad-ad8f-089c1c3d4357/1/4-UKB_3TbRj6zhKM0Uma_RhnS0k.roa
Signing time: Sat 01 Jan 2022 09:02:58 +0000
ROA not before: Sat 01 Jan 2022 09:02:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24634
IP address blocks: 185.192.160.0/22 maxlen: 24
46.19.192.0/21 maxlen: 24
2a0a:2d40::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 159916358 (0x9882146)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3ed794adafb91cb81a969eb8a9b2905fee2ec
Validity
Not Before: Jan 1 09:02:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e3e50a07fdd36d18face128cd1499afd18674b49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:5d:61:66:cd:e4:94:ec:24:42:bc:7c:c9:35:
74:c0:e6:ea:8b:65:54:f2:f0:b7:12:0f:b3:53:51:
02:d1:a1:1f:31:39:35:d3:d3:a5:5b:29:ab:66:39:
45:4b:77:0e:c7:0e:05:68:93:dc:5f:e2:fc:3c:0a:
a6:ce:ef:03:74:97:87:37:a1:3c:17:e0:e3:e7:75:
fc:3b:0d:bf:e5:ff:dd:45:65:6c:58:99:0a:3e:35:
7a:9f:f8:1b:14:3d:f5:75:a3:9d:9a:bd:bc:60:24:
68:40:ad:40:95:65:0b:66:40:db:50:ee:3a:5f:86:
7e:d7:c4:2d:45:1b:7e:c1:4d:bb:3b:07:f3:b7:b3:
aa:17:ee:96:d1:3c:bb:2b:44:d6:fe:1a:11:41:d2:
85:73:4b:de:4b:df:94:40:5f:ab:90:36:b1:ed:77:
f5:ee:0a:ff:b2:01:6d:b9:7a:b9:9b:7c:10:73:d4:
d1:2a:00:ad:18:0a:0b:b3:59:f8:94:d1:38:7d:1a:
e8:41:fd:cb:1a:63:87:ce:64:1e:a7:02:0f:c2:ff:
ad:25:10:20:bc:c2:51:10:94:9e:01:d8:07:df:cd:
99:f8:a1:5c:09:c3:ea:76:79:3a:9d:53:9b:b3:11:
33:2b:85:30:74:51:71:cc:f5:e7:90:a7:55:20:ce:
67:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:E5:0A:07:FD:D3:6D:18:FA:CE:12:8C:D1:49:9A:FD:18:67:4B:49
X509v3 Authority Key Identifier:
keyid:2A:C3:ED:79:4A:DA:FB:91:CB:81:A9:69:EB:8A:9B:29:05:FE:E2:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPteUra-5HLgalp64qbKQX-4uw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/7b127b-44ce-4cad-ad8f-089c1c3d4357/1/4-UKB_3TbRj6zhKM0Uma_RhnS0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/7b127b-44ce-4cad-ad8f-089c1c3d4357/1/KsPteUra-5HLgalp64qbKQX-4uw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.19.192.0/21
185.192.160.0/22
IPv6:
2a0a:2d40::/29
Signature Algorithm: sha256WithRSAEncryption
56:ca:a2:77:84:4b:b2:50:d4:84:b0:a9:bc:38:3d:67:8a:ea:
f5:64:27:3f:2f:80:8e:48:c5:0f:e0:e4:6c:26:7f:60:f0:08:
80:9a:8a:4e:30:0a:16:47:a8:ff:9a:be:3c:49:2f:ec:d7:5e:
7b:b8:9c:ed:1a:de:d5:c1:38:64:64:60:bc:8a:62:3c:97:7f:
55:49:b4:58:12:3d:4c:c2:7a:98:a2:ef:a7:e5:ce:f6:02:f5:
dd:e9:79:0d:02:5a:2e:dd:ad:98:02:a9:7d:7c:13:1a:f7:ed:
e5:eb:b2:a4:96:b2:2b:25:90:f3:92:96:14:91:8b:a0:25:04:
1a:b0:8a:34:b6:2e:05:48:22:7c:8e:17:39:f2:85:f3:2b:0a:
07:25:44:21:b4:a8:a3:b8:11:94:0a:c6:09:ec:51:a6:42:91:
63:45:63:05:b2:8a:46:21:d9:4e:3b:02:80:c2:72:f3:ba:7a:
ae:c5:71:f9:4d:80:a7:b6:6e:37:d5:6a:73:f2:ea:a7:d9:dc:
42:59:f2:1e:a6:31:59:d1:79:e6:1b:d8:92:57:b9:67:3b:d5:
20:83:b1:58:5e:e2:bb:d4:8c:31:4e:ec:0f:62:12:b8:eb:a2:
29:11:4a:23:45:dd:d9:ec:21:da:2d:d7:a7:aa:e6:0a:ec:08:
f4:e2:2f:84
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIECYghRjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YWMzZWQ3OTRhZGFmYjkxY2I4MWE5NjllYjhhOWIyOTA1ZmVlMmVjMB4XDTIyMDEw
MTA5MDI1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTNlNTBhMDdmZGQz
NmQxOGZhY2UxMjhjZDE0OTlhZmQxODY3NGI0OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANddYWbN5JTsJEK8fMk1dMDm6otlVPLwtxIPs1NRAtGhHzE5
NdPTpVspq2Y5RUt3DscOBWiT3F/i/DwKps7vA3SXhzehPBfg4+d1/DsNv+X/3UVl
bFiZCj41ep/4GxQ99XWjnZq9vGAkaECtQJVlC2ZA21DuOl+GftfELUUbfsFNuzsH
87ezqhfultE8uytE1v4aEUHShXNL3kvflEBfq5A2se139e4K/7IBbbl6uZt8EHPU
0SoArRgKC7NZ+JTROH0a6EH9yxpjh85kHqcCD8L/rSUQILzCURCUngHYB9/Nmfih
XAnD6nZ5Op1Tm7MRMyuFMHRRccz155CnVSDOZ78CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBTj5QoH/dNtGPrOEozRSZr9GGdLSTAfBgNVHSMEGDAWgBQqw+15Str7kcuB
qWnripspBf7i7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tzUHRlVXJhLTVITGdhbHA2NHFiS1FYLTR1dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTIvN2IxMjdiLTQ0Y2UtNGNhZC1hZDhmLTA4OWMxYzNkNDM1Ny8x
LzQtVUtCXzNUYlJqNnpoS00wVW1hX1JoblMway5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTIv
N2IxMjdiLTQ0Y2UtNGNhZC1hZDhmLTA4OWMxYzNkNDM1Ny8xL0tzUHRlVXJhLTVI
TGdhbHA2NHFiS1FYLTR1dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAy4TwAMEArnAoDANBAIAAjAHAwUD
KgotQDANBgkqhkiG9w0BAQsFAAOCAQEAVsqid4RLslDUhLCpvDg9Z4rq9WQnPy+A
jkjFD+DkbCZ/YPAIgJqKTjAKFkeo/5q+PEkv7Ndee7ic7Rre1cE4ZGRgvIpiPJd/
VUm0WBI9TMJ6mKLvp+XO9gL13el5DQJaLt2tmAKpfXwTGvft5euypJayKyWQ85KW
FJGLoCUEGrCKNLYuBUgifI4XOfKF8ysKByVEIbSoo7gRlArGCexRpkKRY0VjBbKK
RiHZTjsCgMJy87p6rsVx+U2Ap7ZuN9Vqc/Lqp9ncQlnyHqYxWdF55hvYkle5ZzvV
IIOxWF7iu9SMMU7sD2ISuOuiKRFKI0Xd2ewh2i3Xp6rmCuwI9OIvhA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:09 2025 by rpki-client