Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/dcb08c-5515-445c-ad99-fb4740fda250/1/Uh6cRxGOOWMZCAPpMkYtlHsy1xc.roa
File: Uh6cRxGOOWMZCAPpMkYtlHsy1xc.roa (raw, json)
Hash identifier: ZTc+J7UhShBYlZlH744AzKECumd4fdRt4cgTTRE10GU=
Subject key identifier: 52:1E:9C:47:11:8E:39:63:19:08:03:E9:32:46:2D:94:7B:32:D7:17
Certificate issuer: /CN=064dcd0ee7014efb2e3b554fbb706384ef11d051
Certificate serial: 0183F40F125D7F7430BBAB4F2320F5BFDE0F
Authority key identifier: 06:4D:CD:0E:E7:01:4E:FB:2E:3B:55:4F:BB:70:63:84:EF:11:D0:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Bk3NDucBTvsuO1VPu3BjhO8R0FE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/dcb08c-5515-445c-ad99-fb4740fda250/1/Uh6cRxGOOWMZCAPpMkYtlHsy1xc.roa
Signing time: Thu 20 Oct 2022 06:22:51 +0000
ROA not before: Thu 20 Oct 2022 06:22:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209830
IP address blocks: 193.135.122.0/24 maxlen: 24
193.135.121.0/24 maxlen: 24
193.135.123.0/24 maxlen: 24
193.135.120.0/24 maxlen: 24
193.141.24.0/24 maxlen: 24
193.141.23.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f4:0f:12:5d:7f:74:30:bb:ab:4f:23:20:f5:bf:de:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=064dcd0ee7014efb2e3b554fbb706384ef11d051
Validity
Not Before: Oct 20 06:22:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=521e9c47118e3963190803e932462d947b32d717
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:06:21:da:74:b7:17:d3:e8:0e:cc:5b:0d:fb:
bf:fb:ab:a1:fa:9d:45:a6:24:80:b9:95:e1:66:ef:
3c:63:3f:24:f4:5f:b9:36:e1:6c:7a:7e:c4:fb:1a:
7e:99:f2:00:c2:23:de:b8:6b:cf:29:08:a8:90:82:
0c:66:16:b0:f0:2b:13:64:99:54:2a:21:f2:0d:2b:
16:ba:3a:06:df:59:82:3f:65:c5:1c:fe:06:1e:e4:
a0:d8:4f:ce:a0:fc:11:27:bd:1c:c1:40:46:8e:7f:
1d:1f:88:82:1e:4d:ee:6d:a3:40:20:63:12:61:96:
92:e3:a6:94:a4:46:fc:30:c5:50:16:a5:1f:ee:ac:
5d:11:fd:d5:fb:96:36:f1:6c:ff:cf:3e:ec:dd:65:
ce:30:18:ee:25:b7:8f:8b:97:b5:06:3c:a7:2c:4c:
71:29:67:66:21:7d:d9:e3:c1:8a:b6:fe:7c:cc:43:
4e:68:f7:64:30:30:ed:96:84:4f:ac:56:19:72:e1:
13:a5:74:fa:78:d1:4e:a4:04:9a:57:25:38:37:46:
7c:33:03:f8:b8:4c:07:f9:c2:62:45:84:5d:e1:ff:
85:5d:ab:b8:ee:e6:8c:e9:51:81:d7:76:49:fb:03:
65:3d:76:4e:e7:99:7f:d1:3b:b4:2d:eb:84:cf:a8:
ab:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:1E:9C:47:11:8E:39:63:19:08:03:E9:32:46:2D:94:7B:32:D7:17
X509v3 Authority Key Identifier:
keyid:06:4D:CD:0E:E7:01:4E:FB:2E:3B:55:4F:BB:70:63:84:EF:11:D0:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bk3NDucBTvsuO1VPu3BjhO8R0FE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/dcb08c-5515-445c-ad99-fb4740fda250/1/Uh6cRxGOOWMZCAPpMkYtlHsy1xc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/dcb08c-5515-445c-ad99-fb4740fda250/1/Bk3NDucBTvsuO1VPu3BjhO8R0FE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.135.120.0/22
193.141.23.0-193.141.24.255
Signature Algorithm: sha256WithRSAEncryption
4a:55:25:85:f6:72:5b:72:72:ec:a8:f1:4e:1a:67:cd:8a:25:
93:69:c1:b3:85:d1:9e:63:e9:57:c9:19:4c:4d:65:4a:c0:16:
8b:92:28:26:c5:bf:c1:d8:96:7f:14:47:ba:36:f0:78:b8:79:
0c:78:83:b4:da:85:a7:b4:f2:4c:bd:3e:d2:26:e2:93:35:d4:
f0:02:32:e7:5f:5d:c9:8e:36:7d:0d:9f:ea:9d:ca:5e:9c:3f:
51:51:79:1d:1e:d0:51:cb:17:4d:6d:97:83:0b:2c:28:84:98:
4a:6c:b5:64:aa:b8:13:4a:55:5c:d3:22:34:1d:72:1f:31:ab:
9a:dd:40:ae:a1:8a:50:d8:ca:bf:49:9c:4a:37:b6:21:30:f4:
6c:f9:c3:ff:c7:87:97:9d:8c:3f:92:4b:0b:01:5f:d8:0f:27:
6a:cf:5c:57:25:b1:15:03:b5:35:6a:94:02:46:4d:11:c9:aa:
19:1c:5e:38:67:d8:0a:94:90:f7:d5:89:c3:b8:2d:8f:e8:0f:
59:14:33:df:b5:b2:bf:48:58:78:46:bf:32:a6:d3:a6:2b:59:
1b:29:6f:cd:13:ca:58:92:ff:a0:d3:e8:3f:02:06:d0:b7:c6:
94:c2:9d:fd:ad:47:6a:b7:15:8a:c6:ac:e4:1f:4a:97:ce:8b:
4f:fa:b4:46
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYP0DxJdf3Qwu6tPIyD1v94PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NGRjZDBlZTcwMTRlZmIyZTNiNTU0ZmJiNzA2Mzg0ZWYx
MWQwNTEwHhcNMjIxMDIwMDYyMjUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjFlOWM0NzExOGUzOTYzMTkwODAzZTkzMjQ2MmQ5NDdiMzJkNzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2QYh2nS3F9PoDsxbDfu/+6uh+p1F
piSAuZXhZu88Yz8k9F+5NuFsen7E+xp+mfIAwiPeuGvPKQiokIIMZhaw8CsTZJlU
KiHyDSsWujoG31mCP2XFHP4GHuSg2E/OoPwRJ70cwUBGjn8dH4iCHk3ubaNAIGMS
YZaS46aUpEb8MMVQFqUf7qxdEf3V+5Y28Wz/zz7s3WXOMBjuJbePi5e1BjynLExx
KWdmIX3Z48GKtv58zENOaPdkMDDtloRPrFYZcuETpXT6eNFOpASaVyU4N0Z8MwP4
uEwH+cJiRYRd4f+FXau47uaM6VGB13ZJ+wNlPXZO55l/0Tu0LeuEz6irXQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFFIenEcRjjljGQgD6TJGLZR7MtcXMB8GA1UdIwQY
MBaAFAZNzQ7nAU77LjtVT7twY4TvEdBRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmszTkR1Y0JUdnN1TzFWUHUzQmpoTzhSMEZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9kY2IwOGMtNTUxNS00NDVjLWFkOTkt
ZmI0NzQwZmRhMjUwLzEvVWg2Y1J4R09PV01aQ0FQcE1rWXRsSHN5MXhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9kY2IwOGMtNTUxNS00NDVjLWFkOTktZmI0NzQwZmRhMjUw
LzEvQmszTkR1Y0JUdnN1TzFWUHUzQmpoTzhSMEZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCwYd4MAwD
BADBjRcDBADBjRgwDQYJKoZIhvcNAQELBQADggEBAEpVJYX2cltycuyo8U4aZ82K
JZNpwbOF0Z5j6VfJGUxNZUrAFouSKCbFv8HYln8UR7o28Hi4eQx4g7Tahae08ky9
PtIm4pM11PACMudfXcmONn0Nn+qdyl6cP1FReR0e0FHLF01tl4MLLCiEmEpstWSq
uBNKVVzTIjQdch8xq5rdQK6hilDYyr9JnEo3tiEw9Gz5w//Hh5edjD+SSwsBX9gP
J2rPXFclsRUDtTVqlAJGTRHJqhkcXjhn2AqUkPfVicO4LY/oD1kUM9+1sr9IWHhG
vzKm06YrWRspb80TyliS/6DT6D8CBtC3xpTCnf2tR2q3FYrGrOQfSpfOi0/6tEY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:25 2024 by rpki-client on console-ams.rpki-client.org