Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/uWz3MFXXixn46tR8AH1pPjrZjhA.roa
File: uWz3MFXXixn46tR8AH1pPjrZjhA.roa (raw, json)
Hash identifier: J5HUAqgX0EnPwfyxetE0UVS0HaG/wIYqxky5LoOrraQ=
Subject key identifier: B9:6C:F7:30:55:D7:8B:19:F8:EA:D4:7C:00:7D:69:3E:3A:D9:8E:10
Certificate issuer: /CN=d98247d3f81472dbba06dbea9bd19c785d18babe
Certificate serial: 040276D1
Authority key identifier: D9:82:47:D3:F8:14:72:DB:BA:06:DB:EA:9B:D1:9C:78:5D:18:BA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2YJH0_gUctu6Btvqm9GceF0Yur4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/uWz3MFXXixn46tR8AH1pPjrZjhA.roa
Signing time: Sat 01 Jan 2022 13:54:44 +0000
ROA not before: Sat 01 Jan 2022 13:54:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50937
IP address blocks: 185.179.156.0/22 maxlen: 22
185.248.196.0/22 maxlen: 22
194.165.26.0/24 maxlen: 24
2a0a:8880:1::/48 maxlen: 48
2a0a:8880:aaaa::/48 maxlen: 48
2a0a:8880:2::/48 maxlen: 48
2a0f:4440:aaaa::/48 maxlen: 48
2a0f:4440:abcd::/48 maxlen: 48
2a0a:8880::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67270353 (0x40276d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d98247d3f81472dbba06dbea9bd19c785d18babe
Validity
Not Before: Jan 1 13:54:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b96cf73055d78b19f8ead47c007d693e3ad98e10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b0:52:e6:8c:58:0f:01:83:ec:93:b6:1a:e2:
47:05:3b:aa:fd:3e:1f:c7:4e:18:0c:ab:d2:8b:8f:
91:5a:4e:7c:ec:0d:62:0f:96:b0:7a:12:d1:1a:48:
f5:9d:89:e2:e2:15:95:bc:ea:d1:84:7d:ab:8a:11:
b5:ef:03:63:df:fb:e6:ee:f4:48:9d:34:7b:b6:98:
54:c3:76:4a:ae:94:67:7f:65:57:8f:07:f7:e6:7d:
68:98:b7:e4:75:0e:10:16:72:14:c1:ca:28:c7:a8:
5a:b3:43:5b:04:ad:32:94:d1:08:df:8e:70:01:f0:
15:40:ee:70:4f:97:83:a7:97:50:3c:8e:05:f0:b1:
33:41:aa:d0:57:ed:b7:dd:a3:b7:f1:f4:0a:de:58:
4d:77:64:08:ab:03:73:26:b5:5c:29:3a:25:aa:0b:
fb:94:b6:9b:61:b6:22:9c:2f:e0:9c:52:11:ff:13:
86:b5:de:00:46:5e:e3:92:db:e6:e4:e0:d4:23:47:
ad:9b:7e:3a:5d:eb:ee:55:c9:36:78:59:f4:4d:9d:
cb:1e:8d:96:b0:8d:60:7b:30:13:80:89:66:e3:69:
a7:33:7b:42:09:0d:04:ca:bf:87:5a:11:e7:7b:e5:
9a:45:f1:f4:e3:9e:6c:41:27:05:b8:c4:fe:6b:9e:
95:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:6C:F7:30:55:D7:8B:19:F8:EA:D4:7C:00:7D:69:3E:3A:D9:8E:10
X509v3 Authority Key Identifier:
keyid:D9:82:47:D3:F8:14:72:DB:BA:06:DB:EA:9B:D1:9C:78:5D:18:BA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2YJH0_gUctu6Btvqm9GceF0Yur4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/uWz3MFXXixn46tR8AH1pPjrZjhA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/2YJH0_gUctu6Btvqm9GceF0Yur4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.179.156.0/22
185.248.196.0/22
194.165.26.0/24
IPv6:
2a0a:8880::-2a0a:8880:2:ffff:ffff:ffff:ffff:ffff
2a0a:8880:aaaa::/48
2a0f:4440:aaaa::/48
2a0f:4440:abcd::/48
Signature Algorithm: sha256WithRSAEncryption
73:4e:47:75:0f:cb:b9:2d:72:96:7f:82:b1:5e:6f:9f:42:db:
68:57:a9:02:59:29:34:4b:5e:87:c3:10:87:d5:7b:01:ca:c3:
33:29:fa:1c:f8:06:a7:29:e2:11:db:76:53:7f:c7:4f:51:39:
33:f1:ab:5e:f0:32:8e:69:bb:9d:d2:70:f9:66:45:ba:70:8f:
33:fb:fc:b8:ab:44:bc:92:3a:d1:91:4c:d2:fc:0e:1c:fd:af:
11:01:e5:3f:a8:67:e2:6f:eb:97:1a:c9:ce:aa:ca:7f:a8:0f:
7f:4f:96:0d:2a:45:fe:63:78:80:a8:4c:e3:69:71:1d:f6:cf:
b6:fe:ed:7a:f6:6a:0f:69:21:c0:7e:d2:64:87:11:a0:7b:5f:
13:82:20:d3:de:f4:36:6f:8f:05:dd:52:92:58:58:0b:54:c2:
a5:ad:79:39:7b:6e:09:13:2d:5e:7f:1b:f1:58:7a:e1:86:89:
cc:eb:9f:7b:58:df:83:b3:4f:81:17:32:86:90:51:5f:67:60:
47:12:c4:8f:a2:06:67:7a:bc:b7:a8:01:60:b3:3e:98:0b:ef:
4e:4c:4d:58:e7:4b:26:f0:69:fb:2a:d1:1e:b4:e9:ca:2e:08:
f1:d5:f6:9b:38:6e:52:66:03:41:af:ea:87:e9:18:34:5f:f0:
bc:e2:96:28
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgIEBAJ20TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OTgyNDdkM2Y4MTQ3MmRiYmEwNmRiZWE5YmQxOWM3ODVkMThiYWJlMB4XDTIyMDEw
MTEzNTQ0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjk2Y2Y3MzA1NWQ3
OGIxOWY4ZWFkNDdjMDA3ZDY5M2UzYWQ5OGUxMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKuwUuaMWA8Bg+yTthriRwU7qv0+H8dOGAyr0ouPkVpOfOwN
Yg+WsHoS0RpI9Z2J4uIVlbzq0YR9q4oRte8DY9/75u70SJ00e7aYVMN2Sq6UZ39l
V48H9+Z9aJi35HUOEBZyFMHKKMeoWrNDWwStMpTRCN+OcAHwFUDucE+Xg6eXUDyO
BfCxM0Gq0Fftt92jt/H0Ct5YTXdkCKsDcya1XCk6JaoL+5S2m2G2Ipwv4JxSEf8T
hrXeAEZe45Lb5uTg1CNHrZt+Ol3r7lXJNnhZ9E2dyx6NlrCNYHswE4CJZuNppzN7
QgkNBMq/h1oR53vlmkXx9OOebEEnBbjE/muelXECAwEAAaOCAkowggJGMB0GA1Ud
DgQWBBS5bPcwVdeLGfjq1HwAfWk+OtmOEDAfBgNVHSMEGDAWgBTZgkfT+BRy27oG
2+qb0Zx4XRi6vjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJZSkgwX2dVY3R1NkJ0dnFtOUdjZUYwWXVyNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjgvNmRiYzk5LWJmYTktNGVmNy1hNzk4LWEzMDMyNjE1NjYwYy8x
L3VXejNNRlhYaXhuNDZ0UjhBSDFwUGpyWmpoQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjgv
NmRiYzk5LWJmYTktNGVmNy1hNzk4LWEzMDMyNjE1NjYwYy8xLzJZSkgwX2dVY3R1
NkJ0dnFtOUdjZUYwWXVyNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBg
BggrBgEFBQcBBwEB/wRRME8wGAQCAAEwEgMEArmznAMEArn4xAMEAMKlGjAzBAIA
AjAtMBADBQcqCoiAAwcAKgqIgAACAwcAKgqIgKqqAwcAKg9EQKqqAwcAKg9EQKvN
MA0GCSqGSIb3DQEBCwUAA4IBAQBzTkd1D8u5LXKWf4KxXm+fQttoV6kCWSk0S16H
wxCH1XsBysMzKfoc+AanKeIR23ZTf8dPUTkz8ate8DKOabud0nD5ZkW6cI8z+/y4
q0S8kjrRkUzS/A4c/a8RAeU/qGfib+uXGsnOqsp/qA9/T5YNKkX+Y3iAqEzjaXEd
9s+2/u169moPaSHAftJkhxGge18TgiDT3vQ2b48F3VKSWFgLVMKlrXk5e24JEy1e
fxvxWHrhhonM6597WN+Ds0+BFzKGkFFfZ2BHEsSPogZnery3qAFgsz6YC+9OTE1Y
50sm8Gn7KtEetOnKLgjx1fabOG5SZgNBr+qH6Rg0X/C84pYo
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:00 2023 by rpki-client on console-ams.rpki-client.org