Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/12391d-5fb6-4dea-a713-73a452bafb46/1/UrRLIx978-tDMitkwvOx7RfoIR4.roa
File: UrRLIx978-tDMitkwvOx7RfoIR4.roa (raw, json)
Hash identifier: Y5ac3C63RVWwVIRhqTSwDYYGuy+No3QUKyZCdG/LiOM=
Subject key identifier: 52:B4:4B:23:1F:7B:F3:EB:43:32:2B:64:C2:F3:B1:ED:17:E8:21:1E
Certificate issuer: /CN=101287927ad7b1db479ae5ab92ab87c4a4faf496
Certificate serial: 19BC4E9A
Authority key identifier: 10:12:87:92:7A:D7:B1:DB:47:9A:E5:AB:92:AB:87:C4:A4:FA:F4:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EBKHknrXsdtHmuWrkquHxKT69JY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/12391d-5fb6-4dea-a713-73a452bafb46/1/UrRLIx978-tDMitkwvOx7RfoIR4.roa
Signing time: Sat 01 Jan 2022 09:54:10 +0000
ROA not before: Sat 01 Jan 2022 09:54:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42811
IP address blocks: 95.176.0.0/17 maxlen: 17
185.147.220.0/22 maxlen: 22
81.14.0.0/17 maxlen: 17
2a00:be80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 431771290 (0x19bc4e9a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=101287927ad7b1db479ae5ab92ab87c4a4faf496
Validity
Not Before: Jan 1 09:54:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=52b44b231f7bf3eb43322b64c2f3b1ed17e8211e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:82:cf:56:53:36:3d:0e:d8:f8:ca:60:6c:b7:
19:5e:62:48:c4:2b:4a:45:bd:f5:97:3e:93:23:a3:
77:39:fc:d3:18:b8:3d:27:48:d6:99:16:54:a7:fc:
91:48:92:83:a9:76:b1:f5:51:89:10:ec:f0:19:ae:
77:12:e4:a2:7d:09:39:c1:83:88:6e:9b:9d:fb:63:
3d:a9:a7:51:8c:9e:6e:89:6c:37:dd:db:16:44:f2:
8d:cb:df:02:1b:1b:7a:0a:44:d5:d9:7c:b8:f4:6d:
07:d0:1f:98:91:2b:63:0a:99:ad:9c:25:77:89:f4:
1f:fb:af:66:bc:38:ef:55:65:57:e5:6c:87:3b:76:
8b:9a:2c:86:d6:24:e0:c8:9e:cf:24:23:ae:4c:8a:
62:9e:08:0e:8a:14:37:ff:4b:63:7d:72:08:dc:be:
39:2a:d1:71:a0:68:b8:07:fe:5a:98:43:2f:11:fc:
62:1d:44:10:46:36:06:05:66:90:4f:42:63:89:8f:
5c:5f:51:67:15:a6:9d:e2:e7:36:2d:c1:e7:93:b1:
83:01:e2:3a:d3:b2:e4:af:77:e4:b5:7f:2e:27:5c:
e2:e2:82:a2:a3:71:10:0b:9c:77:69:7e:f3:c7:12:
d3:14:a0:a0:0f:5a:77:df:cf:fd:b5:8b:ff:d3:4e:
dc:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:B4:4B:23:1F:7B:F3:EB:43:32:2B:64:C2:F3:B1:ED:17:E8:21:1E
X509v3 Authority Key Identifier:
keyid:10:12:87:92:7A:D7:B1:DB:47:9A:E5:AB:92:AB:87:C4:A4:FA:F4:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EBKHknrXsdtHmuWrkquHxKT69JY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/12391d-5fb6-4dea-a713-73a452bafb46/1/UrRLIx978-tDMitkwvOx7RfoIR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/12391d-5fb6-4dea-a713-73a452bafb46/1/EBKHknrXsdtHmuWrkquHxKT69JY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.14.0.0/17
95.176.0.0/17
185.147.220.0/22
IPv6:
2a00:be80::/32
Signature Algorithm: sha256WithRSAEncryption
46:95:6f:8b:b1:7e:9f:b5:b9:49:bd:91:3b:d8:18:fc:f8:0d:
ae:c1:76:c9:7d:10:c3:39:c9:1b:c4:ae:8a:01:d7:e3:2a:c7:
3f:33:89:5f:38:89:63:f8:86:49:aa:99:2f:6d:96:65:3d:dc:
bb:44:70:df:f7:b5:7a:2a:b6:dd:5f:f1:a8:e9:70:2f:01:49:
46:ab:1c:3e:ba:cd:1c:39:92:12:ea:30:2d:b6:94:1b:af:58:
f4:97:91:10:58:a5:dc:db:4a:24:d2:d7:d0:ac:1c:7e:b4:c9:
94:66:26:8e:b0:d2:15:fa:b2:00:fc:d1:e3:32:f0:98:3c:64:
99:b7:fd:7b:d8:5f:0c:2a:3e:97:e0:fd:07:82:16:22:5c:29:
26:06:99:3f:5d:82:ca:8b:fd:a4:62:81:4c:f3:ec:00:ec:d6:
90:53:34:93:46:97:2e:62:8b:fe:cc:0d:a6:d0:54:70:62:54:
a5:15:dc:2b:86:5e:ff:be:e0:77:43:87:05:a1:97:ac:c6:a6:
a3:9b:b3:16:65:fa:63:db:e9:b1:d6:5a:03:63:59:1b:db:d8:
37:8d:90:d2:fd:e4:0a:e2:b4:79:0d:c5:8f:98:38:37:82:17:
76:b6:69:5b:9c:dc:04:e4:14:52:fa:1b:c3:ee:54:bf:73:72:
71:02:35:57
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEGbxOmjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MDEyODc5MjdhZDdiMWRiNDc5YWU1YWI5MmFiODdjNGE0ZmFmNDk2MB4XDTIyMDEw
MTA5NTQxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTJiNDRiMjMxZjdi
ZjNlYjQzMzIyYjY0YzJmM2IxZWQxN2U4MjExZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIqCz1ZTNj0O2PjKYGy3GV5iSMQrSkW99Zc+kyOjdzn80xi4
PSdI1pkWVKf8kUiSg6l2sfVRiRDs8BmudxLkon0JOcGDiG6bnftjPamnUYyebols
N93bFkTyjcvfAhsbegpE1dl8uPRtB9AfmJErYwqZrZwld4n0H/uvZrw471VlV+Vs
hzt2i5oshtYk4MiezyQjrkyKYp4IDooUN/9LY31yCNy+OSrRcaBouAf+WphDLxH8
Yh1EEEY2BgVmkE9CY4mPXF9RZxWmneLnNi3B55OxgwHiOtOy5K935LV/Lidc4uKC
oqNxEAucd2l+88cS0xSgoA9ad9/P/bWL/9NO3JECAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBRStEsjH3vz60MyK2TC87HtF+ghHjAfBgNVHSMEGDAWgBQQEoeSetex20ea
5auSq4fEpPr0ljAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VCS0hrbnJYc2R0SG11V3JrcXVIeEtUNjlKWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzQvMTIzOTFkLTVmYjYtNGRlYS1hNzEzLTczYTQ1MmJhZmI0Ni8x
L1VyUkxJeDk3OC10RE1pdGt3dk94N1Jmb0lSNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzQv
MTIzOTFkLTVmYjYtNGRlYS1hNzEzLTczYTQ1MmJhZmI0Ni8xL0VCS0hrbnJYc2R0
SG11V3JrcXVIeEtUNjlKWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEB1EOAAMEB1+wAAMEArmT3DANBAIA
AjAHAwUAKgC+gDANBgkqhkiG9w0BAQsFAAOCAQEARpVvi7F+n7W5Sb2RO9gY/PgN
rsF2yX0QwznJG8SuigHX4yrHPzOJXziJY/iGSaqZL22WZT3cu0Rw3/e1eiq23V/x
qOlwLwFJRqscPrrNHDmSEuowLbaUG69Y9JeREFil3NtKJNLX0KwcfrTJlGYmjrDS
FfqyAPzR4zLwmDxkmbf9e9hfDCo+l+D9B4IWIlwpJgaZP12Cyov9pGKBTPPsAOzW
kFM0k0aXLmKL/swNptBUcGJUpRXcK4Ze/77gd0OHBaGXrMamo5uzFmX6Y9vpsdZa
A2NZG9vYN42Q0v3kCuK0eQ3Fj5g4N4IXdrZpW5zcBOQUUvobw+5Uv3NycQI1Vw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:00 2025 by rpki-client