Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/e2abad-58fa-4ced-8650-ec508dec7793/1/uKREK7vB-smYEbwdT-T-dQpUl7c.roa
File: uKREK7vB-smYEbwdT-T-dQpUl7c.roa (raw, json)
Hash identifier: 6OqgkqYTTNED2tzWCCzg/sSBrkBlh7Tc7+x+gcczaLA=
Subject key identifier: B8:A4:44:2B:BB:C1:FA:C9:98:11:BC:1D:4F:E4:FE:75:0A:54:97:B7
Certificate issuer: /CN=9e9e6887ea7572a6411306c87b0cc089397a6354
Certificate serial: 0419643B
Authority key identifier: 9E:9E:68:87:EA:75:72:A6:41:13:06:C8:7B:0C:C0:89:39:7A:63:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/np5oh-p1cqZBEwbIewzAiTl6Y1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/e2abad-58fa-4ced-8650-ec508dec7793/1/uKREK7vB-smYEbwdT-T-dQpUl7c.roa
Signing time: Sat 04 Jun 2022 11:02:20 +0000
ROA not before: Sat 04 Jun 2022 11:02:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213145
IP address blocks: 188.125.175.0/24 maxlen: 24
188.125.173.0/24 maxlen: 24
185.117.99.0/24 maxlen: 24
185.117.123.0/24 maxlen: 24
185.117.120.0/22 maxlen: 24
185.117.122.0/24 maxlen: 24
188.125.172.0/24 maxlen: 24
188.125.171.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68772923 (0x419643b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e9e6887ea7572a6411306c87b0cc089397a6354
Validity
Not Before: Jun 4 11:02:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b8a4442bbbc1fac99811bc1d4fe4fe750a5497b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:56:b9:6c:91:2b:49:4d:8c:43:17:97:cf:03:
6e:13:a6:0f:4d:2f:b7:3c:4a:72:0b:11:c5:86:5e:
39:ac:6d:35:0e:78:07:f5:09:fc:bc:5a:89:6e:8b:
30:c2:86:ea:75:d6:6a:d6:f3:1d:27:69:77:4c:d9:
2f:db:4f:11:f5:5f:96:ed:2b:49:63:52:a9:20:12:
c0:27:b5:b1:97:f9:96:0e:2e:ed:0f:14:26:47:b8:
49:49:a8:01:50:dd:28:4d:d2:ce:e4:c1:cc:40:30:
c0:1c:15:1f:9f:99:98:f4:c5:c6:a8:63:5a:27:aa:
9a:95:a2:b3:29:84:ed:cd:bb:7e:23:58:23:8c:1e:
bc:fe:23:bd:fa:37:ca:58:13:ea:52:8b:e8:35:77:
77:a2:da:7d:b4:a5:c7:95:8b:5e:f9:45:c4:b8:ac:
ae:2e:35:40:88:ba:fe:01:4d:16:14:5b:85:ff:eb:
51:14:9e:e8:d0:4e:57:89:bd:3f:b1:8a:6c:e0:57:
29:b5:66:57:85:0d:1b:a1:a8:8e:38:f2:47:69:d3:
b1:e0:b7:46:cd:ee:fd:18:06:3b:47:34:d0:fd:2e:
09:2e:c8:c6:fe:fe:cf:a6:f9:cd:8d:a2:f4:a5:f1:
7c:4a:61:c8:d6:4c:ea:e0:0c:83:9a:23:71:bc:ef:
82:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:A4:44:2B:BB:C1:FA:C9:98:11:BC:1D:4F:E4:FE:75:0A:54:97:B7
X509v3 Authority Key Identifier:
keyid:9E:9E:68:87:EA:75:72:A6:41:13:06:C8:7B:0C:C0:89:39:7A:63:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/np5oh-p1cqZBEwbIewzAiTl6Y1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/e2abad-58fa-4ced-8650-ec508dec7793/1/uKREK7vB-smYEbwdT-T-dQpUl7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/e2abad-58fa-4ced-8650-ec508dec7793/1/np5oh-p1cqZBEwbIewzAiTl6Y1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.99.0/24
185.117.120.0/22
188.125.171.0-188.125.173.255
188.125.175.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:fa:9e:bd:04:5f:1a:97:44:1d:cf:7d:f4:0b:d4:ac:60:94:
65:30:23:15:aa:4a:d5:f0:e9:ab:72:c8:05:97:a1:2c:e1:c0:
15:8c:e8:ee:ce:fe:69:6f:f0:b5:9f:5c:ac:df:4c:bf:43:ad:
83:ed:67:0f:14:ee:74:8f:0f:6f:cf:a5:69:92:91:45:2e:f0:
29:6f:01:96:64:2f:f2:71:30:32:a0:35:58:85:90:a5:db:3c:
2b:cf:25:fe:a3:5b:e7:5d:d9:5c:11:9c:09:9f:b5:05:bd:cd:
9b:77:6d:1e:a4:3e:45:5a:4b:09:f9:b4:80:d7:d4:ab:07:16:
1c:f7:7c:b3:76:ac:4a:68:93:2b:62:0d:c0:71:4e:ab:19:2d:
e1:d8:ef:4f:d7:3a:6e:a1:81:47:b5:4e:ce:cf:72:f0:eb:8d:
94:48:dd:8f:c2:da:33:42:dc:f9:db:2d:0f:0e:8a:46:77:a7:
3c:75:ba:65:42:82:83:73:f8:03:ba:49:e5:29:f8:83:e7:ed:
aa:fb:a9:dc:61:0b:fd:d2:09:c9:85:b7:5f:a4:8d:d2:c9:ca:
97:d5:d8:6a:d9:8c:c8:8a:cd:28:c7:cf:e3:40:91:fa:2e:31:
c7:1c:6e:fb:9a:0b:39:b7:04:3b:10:d8:c7:e3:c4:1a:ac:41:
ed:fc:a6:0f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEBBlkOzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZTllNjg4N2VhNzU3MmE2NDExMzA2Yzg3YjBjYzA4OTM5N2E2MzU0MB4XDTIyMDYw
NDExMDIyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjhhNDQ0MmJiYmMx
ZmFjOTk4MTFiYzFkNGZlNGZlNzUwYTU0OTdiNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOJWuWyRK0lNjEMXl88DbhOmD00vtzxKcgsRxYZeOaxtNQ54
B/UJ/LxaiW6LMMKG6nXWatbzHSdpd0zZL9tPEfVflu0rSWNSqSASwCe1sZf5lg4u
7Q8UJke4SUmoAVDdKE3SzuTBzEAwwBwVH5+ZmPTFxqhjWieqmpWisymE7c27fiNY
I4wevP4jvfo3ylgT6lKL6DV3d6LafbSlx5WLXvlFxLisri41QIi6/gFNFhRbhf/r
URSe6NBOV4m9P7GKbOBXKbVmV4UNG6GojjjyR2nTseC3Rs3u/RgGO0c00P0uCS7I
xv7+z6b5zY2i9KXxfEphyNZM6uAMg5ojcbzvggcCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBS4pEQru8H6yZgRvB1P5P51ClSXtzAfBgNVHSMEGDAWgBSenmiH6nVypkET
Bsh7DMCJOXpjVDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25wNW9oLXAxY3FaQkV3Yklld3pBaVRsNlkxUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzMvZTJhYmFkLTU4ZmEtNGNlZC04NjUwLWVjNTA4ZGVjNzc5My8x
L3VLUkVLN3ZCLXNtWUVid2RULVQtZFFwVWw3Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzMv
ZTJhYmFkLTU4ZmEtNGNlZC04NjUwLWVjNTA4ZGVjNzc5My8xL25wNW9oLXAxY3Fa
QkV3Yklld3pBaVRsNlkxUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEALl1YwMEArl1eDAMAwQAvH2rAwQB
vH2sAwQAvH2vMA0GCSqGSIb3DQEBCwUAA4IBAQAL+p69BF8al0Qdz330C9SsYJRl
MCMVqkrV8OmrcsgFl6Es4cAVjOjuzv5pb/C1n1ys30y/Q62D7WcPFO50jw9vz6Vp
kpFFLvApbwGWZC/ycTAyoDVYhZCl2zwrzyX+o1vnXdlcEZwJn7UFvc2bd20epD5F
WksJ+bSA19SrBxYc93yzdqxKaJMrYg3AcU6rGS3h2O9P1zpuoYFHtU7Oz3Lw642U
SN2PwtozQtz52y0PDopGd6c8dbplQoKDc/gDuknlKfiD5+2q+6ncYQv90gnJhbdf
pI3SycqX1dhq2YzIis0ox8/jQJH6LjHHHG77mgs5twQ7ENjH48QarEHt/KYP
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:58 2025 by rpki-client