Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/55e138-56da-4492-a1f2-db04f21390a0/1/uP_QLcUjIYjxpVQvxBGy9-2M_xo.roa
File: uP_QLcUjIYjxpVQvxBGy9-2M_xo.roa (raw, json)
Hash identifier: bcRZlQfj6ljCHFSPHhdQ+MqTJ6I/pI/sEgI16+AIBfI=
Subject key identifier: B8:FF:D0:2D:C5:23:21:88:F1:A5:54:2F:C4:11:B2:F7:ED:8C:FF:1A
Certificate issuer: /CN=48171672d53fdf8b2537764f537e365a5927bdaf
Certificate serial: 018B5CB08C5073BE99D2F43DF2AE40B5580C
Authority key identifier: 48:17:16:72:D5:3F:DF:8B:25:37:76:4F:53:7E:36:5A:59:27:BD:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SBcWctU_34slN3ZPU342Wlknva8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/55e138-56da-4492-a1f2-db04f21390a0/1/uP_QLcUjIYjxpVQvxBGy9-2M_xo.roa
Signing time: Mon 23 Oct 2023 13:19:15 +0000
ROA not before: Mon 23 Oct 2023 13:19:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21056
IP address blocks: 103.61.184.0/22 maxlen: 22
103.248.186.0/24 maxlen: 24
103.248.184.0/22 maxlen: 22
45.151.12.0/22 maxlen: 32
103.26.124.0/22 maxlen: 22
80.93.128.0/20 maxlen: 32
185.231.160.0/22 maxlen: 32
46.44.192.0/18 maxlen: 32
144.48.192.0/22 maxlen: 32
45.143.36.0/22 maxlen: 32
185.230.92.0/22 maxlen: 32
45.151.64.0/22 maxlen: 32
185.241.20.0/22 maxlen: 32
185.224.60.0/22 maxlen: 32
87.247.232.0/21 maxlen: 32
45.84.140.0/22 maxlen: 32
213.182.64.0/19 maxlen: 32
185.224.104.0/22 maxlen: 32
79.135.32.0/19 maxlen: 32
185.230.192.0/22 maxlen: 32
185.170.36.0/22 maxlen: 32
103.43.232.0/22 maxlen: 22
185.158.116.0/22 maxlen: 32
185.230.232.0/22 maxlen: 32
78.152.96.0/19 maxlen: 32
185.234.164.0/22 maxlen: 32
94.138.160.0/19 maxlen: 32
91.143.192.0/20 maxlen: 32
2a00:14f8::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:5c:b0:8c:50:73:be:99:d2:f4:3d:f2:ae:40:b5:58:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48171672d53fdf8b2537764f537e365a5927bdaf
Validity
Not Before: Oct 23 13:19:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b8ffd02dc5232188f1a5542fc411b2f7ed8cff1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:f6:04:10:aa:14:18:57:7c:88:01:af:21:b9:
61:ca:6f:f7:6e:78:76:24:9f:64:44:29:d9:8f:9e:
aa:2b:55:4b:b0:42:a6:5b:27:99:97:49:68:bc:de:
a1:86:27:d7:a5:ba:48:66:d8:10:6c:93:26:db:92:
c7:7e:21:e2:ec:b6:fb:ad:cf:c1:6d:41:c9:74:37:
70:de:d9:52:4e:0d:ac:d5:38:e6:6b:17:e8:e6:f3:
ff:6a:37:5b:1b:f6:c8:a3:3b:41:e9:82:f1:0e:0e:
f4:ab:7b:35:a0:17:db:33:8d:ff:ad:95:88:2f:ba:
d5:a8:ca:56:ce:c3:75:54:b7:7f:05:6f:9d:5b:46:
78:97:12:c9:78:38:c7:de:86:7f:de:6f:6f:f7:3b:
55:fd:a4:ae:dd:82:27:a1:b9:06:74:37:74:0d:97:
23:06:b0:01:1e:3a:55:ee:ff:de:b3:44:e7:d7:5f:
e9:79:38:38:45:fa:98:4d:20:a4:d8:92:13:9e:26:
ba:6a:ad:a3:27:55:4e:53:47:82:1a:04:42:08:37:
55:7a:5d:3f:9b:04:5e:a1:12:c2:94:f2:2f:16:de:
60:4f:10:40:f1:c1:70:59:65:0b:03:8c:ff:ff:69:
f9:4d:93:9d:2b:c2:94:c9:62:60:4b:d4:81:d4:b7:
10:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:FF:D0:2D:C5:23:21:88:F1:A5:54:2F:C4:11:B2:F7:ED:8C:FF:1A
X509v3 Authority Key Identifier:
keyid:48:17:16:72:D5:3F:DF:8B:25:37:76:4F:53:7E:36:5A:59:27:BD:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SBcWctU_34slN3ZPU342Wlknva8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/55e138-56da-4492-a1f2-db04f21390a0/1/uP_QLcUjIYjxpVQvxBGy9-2M_xo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/55e138-56da-4492-a1f2-db04f21390a0/1/SBcWctU_34slN3ZPU342Wlknva8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.140.0/22
45.143.36.0/22
45.151.12.0/22
45.151.64.0/22
46.44.192.0/18
78.152.96.0/19
79.135.32.0/19
80.93.128.0/20
87.247.232.0/21
91.143.192.0/20
94.138.160.0/19
103.26.124.0/22
103.43.232.0/22
103.61.184.0/22
103.248.184.0/22
144.48.192.0/22
185.158.116.0/22
185.170.36.0/22
185.224.60.0/22
185.224.104.0/22
185.230.92.0/22
185.230.192.0/22
185.230.232.0/22
185.231.160.0/22
185.234.164.0/22
185.241.20.0/22
213.182.64.0/19
IPv6:
2a00:14f8::/32
Signature Algorithm: sha256WithRSAEncryption
57:57:ae:e7:5f:b7:9b:15:b9:5f:0c:b0:9a:e1:c2:a0:7c:2a:
2f:83:7c:4e:b1:de:76:44:ac:5f:8f:1d:81:a1:33:0f:c7:eb:
65:82:47:c3:4c:cf:db:ff:69:81:62:03:df:85:5c:15:8b:22:
45:4e:be:0d:36:f7:12:03:53:2f:74:31:16:8b:e0:54:76:75:
bc:e1:07:60:46:c2:b6:82:26:31:14:bc:86:ca:46:98:12:e0:
dd:3e:18:2e:86:c1:a0:59:e7:f4:97:7d:7e:57:8f:34:ed:19:
00:03:df:68:8b:8e:f1:b5:df:6c:25:5d:c7:99:75:c7:ab:20:
11:af:7a:27:92:4c:85:26:03:b7:b0:1e:da:f7:8f:f7:3c:3b:
7d:3d:0b:ed:a8:d6:df:8d:17:68:a6:b8:87:c9:ad:37:61:90:
bf:97:63:ac:3b:61:0b:44:d9:fb:7f:32:ab:b8:11:33:92:a8:
6c:23:cd:ff:f1:81:60:d1:0a:cb:63:cb:e2:f0:7b:81:71:26:
c2:39:92:f2:91:3b:18:f0:10:fa:91:96:9e:fd:ea:da:3c:e0:
55:ca:cb:44:fc:f4:b0:e1:38:20:41:f8:96:b4:38:7b:f8:86:
e4:e9:e0:d0:2f:3b:bb:cb:5c:32:e2:ea:69:31:36:e7:c3:4a:
80:c2:e6:9b
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAYtcsIxQc76Z0vQ98q5AtVgMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MTcxNjcyZDUzZmRmOGIyNTM3NzY0ZjUzN2UzNjVhNTky
N2JkYWYwHhcNMjMxMDIzMTMxOTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGZmZDAyZGM1MjMyMTg4ZjFhNTU0MmZjNDExYjJmN2VkOGNmZjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5fYEEKoUGFd8iAGvIblhym/3bnh2
JJ9kRCnZj56qK1VLsEKmWyeZl0lovN6hhifXpbpIZtgQbJMm25LHfiHi7Lb7rc/B
bUHJdDdw3tlSTg2s1Tjmaxfo5vP/ajdbG/bIoztB6YLxDg70q3s1oBfbM43/rZWI
L7rVqMpWzsN1VLd/BW+dW0Z4lxLJeDjH3oZ/3m9v9ztV/aSu3YInobkGdDd0DZcj
BrABHjpV7v/es0Tn11/peTg4RfqYTSCk2JITnia6aq2jJ1VOU0eCGgRCCDdVel0/
mwReoRLClPIvFt5gTxBA8cFwWWULA4z//2n5TZOdK8KUyWJgS9SB1LcQ+QIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFLj/0C3FIyGI8aVUL8QRsvftjP8aMB8GA1UdIwQY
MBaAFEgXFnLVP9+LJTd2T1N+NlpZJ72vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0JjV2N0VV8zNHNsTjNaUFUzNDJXbGtudmE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS81NWUxMzgtNTZkYS00NDkyLWExZjIt
ZGIwNGYyMTM5MGEwLzEvdVBfUUxjVWpJWWp4cFZRdnhCR3k5LTJNX3hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS81NWUxMzgtNTZkYS00NDkyLWExZjItZGIwNGYyMTM5MGEw
LzEvU0JjV2N0VV8zNHNsTjNaUFUzNDJXbGtudmE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHOBggrBgEFBQcBBwEB/wSBvjCBuzCBqQQCAAEwgaIDBAIt
VIwDBAItjyQDBAItlwwDBAItl0ADBAYuLMADBAVOmGADBAVPhyADBARQXYADBANX
9+gDBARbj8ADBAVeiqADBAJnGnwDBAJnK+gDBAJnPbgDBAJn+LgDBAKQMMADBAK5
nnQDBAK5qiQDBAK54DwDBAK54GgDBAK55lwDBAK55sADBAK55ugDBAK556ADBAK5
6qQDBAK58RQDBAXVtkAwDQQCAAIwBwMFACoAFPgwDQYJKoZIhvcNAQELBQADggEB
AFdXrudft5sVuV8MsJrhwqB8Ki+DfE6x3nZErF+PHYGhMw/H62WCR8NMz9v/aYFi
A9+FXBWLIkVOvg029xIDUy90MRaL4FR2dbzhB2BGwraCJjEUvIbKRpgS4N0+GC6G
waBZ5/SXfX5XjzTtGQAD32iLjvG132wlXceZdcerIBGveieSTIUmA7ewHtr3j/c8
O309C+2o1t+NF2imuIfJrTdhkL+XY6w7YQtE2ft/Mqu4ETOSqGwjzf/xgWDRCstj
y+Lwe4FxJsI5kvKROxjwEPqRlp796to84FXKy0T89LDhOCBB+Ja0OHv4huTp4NAv
O7vLXDLi6mkxNufDSoDC5ps=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:29 2025 by rpki-client