Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/299d61-6b96-4054-98a3-dc42c7693df9/1/uEYUPffXQtswUFV4KI0TX9YQlFw.roa
File: uEYUPffXQtswUFV4KI0TX9YQlFw.roa (raw, json)
Hash identifier: +3a3/vZu2btKrUFEYD3Sc6tnowuUvAVR+aPi03erLW8=
Subject key identifier: B8:46:14:3D:F7:D7:42:DB:30:50:55:78:28:8D:13:5F:D6:10:94:5C
Certificate issuer: /CN=67d34fc03002eaa7f36b2e7e635eda8c30c48284
Certificate serial: 06A0B2E1
Authority key identifier: 67:D3:4F:C0:30:02:EA:A7:F3:6B:2E:7E:63:5E:DA:8C:30:C4:82:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z9NPwDAC6qfzay5-Y17ajDDEgoQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/299d61-6b96-4054-98a3-dc42c7693df9/1/uEYUPffXQtswUFV4KI0TX9YQlFw.roa
Signing time: Sat 01 Jan 2022 14:59:35 +0000
ROA not before: Sat 01 Jan 2022 14:59:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44399
IP address blocks: 185.252.72.0/22 maxlen: 22
2a0c:2340::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 111194849 (0x6a0b2e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67d34fc03002eaa7f36b2e7e635eda8c30c48284
Validity
Not Before: Jan 1 14:59:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b846143df7d742db30505578288d135fd610945c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:bc:c1:8c:a7:51:0f:82:76:cc:af:6e:92:14:
56:7e:28:65:7f:3d:cd:53:71:30:58:16:be:7b:a0:
8c:d2:43:a9:96:97:02:04:8e:05:6b:fc:b0:35:1e:
b0:49:eb:5d:dc:56:64:8f:c8:7d:92:6b:65:ab:53:
c8:d5:24:cc:75:c6:bb:cf:cc:ca:4f:c0:80:8d:71:
9d:b6:70:b3:3a:86:df:6f:5f:13:f9:53:db:9f:b7:
31:a3:e0:9b:5a:5a:e5:16:a7:6d:e9:22:85:82:5c:
d6:21:58:45:a8:c4:31:77:07:90:99:ef:02:ef:4a:
d2:c3:1f:55:19:1c:e0:3b:76:a5:31:16:7c:00:7d:
f4:2a:ad:c6:bd:77:9d:0e:be:e3:6b:00:21:41:8f:
89:99:34:86:b6:ac:e8:5f:a8:45:e0:cc:4b:71:ed:
36:ef:b3:e7:24:b4:a9:1f:0e:03:ad:81:2a:f5:7a:
6a:c4:c3:e4:df:43:6b:cd:58:94:77:19:f4:d1:dd:
e9:d3:bc:85:38:f7:aa:83:b9:8e:3a:47:40:72:73:
2d:0a:e3:7f:ff:2c:31:71:50:7f:24:a1:9b:ca:18:
1e:23:47:45:86:b7:80:0b:3a:e3:93:e9:20:fb:3b:
cd:85:3c:19:c0:f3:b7:05:c3:73:e3:4c:b6:7d:c6:
8b:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:46:14:3D:F7:D7:42:DB:30:50:55:78:28:8D:13:5F:D6:10:94:5C
X509v3 Authority Key Identifier:
keyid:67:D3:4F:C0:30:02:EA:A7:F3:6B:2E:7E:63:5E:DA:8C:30:C4:82:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z9NPwDAC6qfzay5-Y17ajDDEgoQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/299d61-6b96-4054-98a3-dc42c7693df9/1/uEYUPffXQtswUFV4KI0TX9YQlFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/299d61-6b96-4054-98a3-dc42c7693df9/1/Z9NPwDAC6qfzay5-Y17ajDDEgoQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.252.72.0/22
IPv6:
2a0c:2340::/29
Signature Algorithm: sha256WithRSAEncryption
2b:45:36:96:fc:fe:37:bf:db:b8:3c:ac:b8:85:4d:df:82:59:
ec:64:f3:69:4a:4b:05:92:dd:ed:88:06:80:76:92:9b:eb:7e:
2b:9d:4b:61:86:01:4a:8e:50:5a:b1:e7:25:33:39:55:7c:d2:
16:1c:b5:44:4b:ad:22:bd:3e:23:5e:c5:d2:77:2c:95:70:76:
3d:03:ef:9d:a6:19:11:08:f1:2b:4b:f1:54:1e:a6:08:4f:b5:
54:37:33:84:50:f1:94:e3:7d:23:6c:c6:6d:3f:2d:1e:85:60:
19:aa:67:e3:03:4b:99:35:5d:c4:72:1d:ca:f7:19:49:54:dc:
46:90:b1:4c:06:69:91:09:fb:0f:26:5c:d6:06:59:de:22:34:
38:4e:33:f1:41:02:fc:59:9e:b4:4d:12:14:1f:87:99:72:84:
2c:b5:0e:16:e6:db:dc:06:93:0f:f7:6d:ef:ca:17:31:7a:89:
1f:0c:e0:96:c8:ba:dc:a2:90:0c:70:fa:40:75:1e:28:ac:3b:
54:44:15:ee:24:5c:44:ae:1d:42:e3:bd:2f:97:86:9e:6d:3f:
25:ed:a1:e6:04:eb:b7:86:71:41:b3:bf:1e:32:e5:f6:f4:ec:
60:c9:3a:0d:44:ba:bc:b6:67:c7:79:50:6e:12:f7:21:05:89:
66:aa:98:70
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBqCy4TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
N2QzNGZjMDMwMDJlYWE3ZjM2YjJlN2U2MzVlZGE4YzMwYzQ4Mjg0MB4XDTIyMDEw
MTE0NTkzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjg0NjE0M2RmN2Q3
NDJkYjMwNTA1NTc4Mjg4ZDEzNWZkNjEwOTQ1YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMO8wYynUQ+CdsyvbpIUVn4oZX89zVNxMFgWvnugjNJDqZaX
AgSOBWv8sDUesEnrXdxWZI/IfZJrZatTyNUkzHXGu8/Myk/AgI1xnbZwszqG329f
E/lT25+3MaPgm1pa5RanbekihYJc1iFYRajEMXcHkJnvAu9K0sMfVRkc4Dt2pTEW
fAB99Cqtxr13nQ6+42sAIUGPiZk0hras6F+oReDMS3HtNu+z5yS0qR8OA62BKvV6
asTD5N9Da81YlHcZ9NHd6dO8hTj3qoO5jjpHQHJzLQrjf/8sMXFQfyShm8oYHiNH
RYa3gAs645PpIPs7zYU8GcDztwXDc+NMtn3Gi2MCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBS4RhQ999dC2zBQVXgojRNf1hCUXDAfBgNVHSMEGDAWgBRn00/AMALqp/Nr
Ln5jXtqMMMSChDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1o5TlB3REFDNnFmemF5NS1ZMTdhakRERWdvUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzgvMjk5ZDYxLTZiOTYtNDA1NC05OGEzLWRjNDJjNzY5M2RmOS8x
L3VFWVVQZmZYUXRzd1VGVjRLSTBUWDlZUWxGdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgv
Mjk5ZDYxLTZiOTYtNDA1NC05OGEzLWRjNDJjNzY5M2RmOS8xL1o5TlB3REFDNnFm
emF5NS1ZMTdhakRERWdvUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArn8SDANBAIAAjAHAwUDKgwjQDAN
BgkqhkiG9w0BAQsFAAOCAQEAK0U2lvz+N7/buDysuIVN34JZ7GTzaUpLBZLd7YgG
gHaSm+t+K51LYYYBSo5QWrHnJTM5VXzSFhy1REutIr0+I17F0ncslXB2PQPvnaYZ
EQjxK0vxVB6mCE+1VDczhFDxlON9I2zGbT8tHoVgGapn4wNLmTVdxHIdyvcZSVTc
RpCxTAZpkQn7DyZc1gZZ3iI0OE4z8UEC/FmetE0SFB+HmXKELLUOFubb3AaTD/dt
78oXMXqJHwzglsi63KKQDHD6QHUeKKw7VEQV7iRcRK4dQuO9L5eGnm0/Je2h5gTr
t4ZxQbO/HjLl9vTsYMk6DUS6vLZnx3lQbhL3IQWJZqqYcA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:51 2025 by rpki-client