Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/2da1ec-aa4b-4d94-98cb-a776e4a63e6f/1/UF06EPKBVFcg8a0IgVtu4d5Der4.roa
File: UF06EPKBVFcg8a0IgVtu4d5Der4.roa (raw, json)
Hash identifier: v/M8Gmu8Mpi0ddC4dn6tj7CPXH4t4u3OKpWDy1MkQ6c=
Subject key identifier: 50:5D:3A:10:F2:81:54:57:20:F1:AD:08:81:5B:6E:E1:DE:43:7A:BE
Certificate issuer: /CN=afa51165aa5036acda11fee0020e34fcc439ede6
Certificate serial: 01837DC99C2346C65A603A3BDE47A128A7F4
Authority key identifier: AF:A5:11:65:AA:50:36:AC:DA:11:FE:E0:02:0E:34:FC:C4:39:ED:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r6URZapQNqzaEf7gAg40_MQ57eY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/2da1ec-aa4b-4d94-98cb-a776e4a63e6f/1/UF06EPKBVFcg8a0IgVtu4d5Der4.roa
Signing time: Tue 27 Sep 2022 07:11:48 +0000
ROA not before: Tue 27 Sep 2022 07:11:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25504
IP address blocks: 185.90.232.0/22 maxlen: 22
151.252.48.0/20 maxlen: 24
158.58.144.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:7d:c9:9c:23:46:c6:5a:60:3a:3b:de:47:a1:28:a7:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afa51165aa5036acda11fee0020e34fcc439ede6
Validity
Not Before: Sep 27 07:11:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=505d3a10f281545720f1ad08815b6ee1de437abe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:b2:89:3e:33:42:9d:d3:ec:9f:81:26:0d:c5:
61:f0:3d:50:76:bb:ed:20:3e:31:50:00:58:12:d0:
17:8a:6b:00:47:81:53:0a:91:12:bf:99:50:0a:89:
67:97:77:28:86:ee:4d:cf:b2:b6:b2:5f:3c:fe:22:
5f:46:e2:b7:50:54:37:7d:13:cc:5c:9c:a0:1b:e8:
65:56:02:8a:b3:f2:08:da:71:7e:40:70:fa:79:89:
5c:9f:58:63:01:a0:f4:d9:d1:12:71:62:79:77:48:
f1:34:96:ab:bc:ac:92:97:c9:01:0d:ca:de:6a:09:
a8:16:7d:14:f3:58:89:46:ca:e6:a3:b5:b8:92:31:
f8:0c:d6:20:82:96:c4:d0:3d:c8:c0:5c:2f:00:09:
a0:a0:42:ac:5a:c9:76:88:72:c2:6f:de:13:20:c6:
e0:37:32:f7:ee:da:2a:cb:1e:b6:e5:5a:6a:ed:c2:
55:75:dd:30:46:3c:24:67:16:8d:90:50:48:a4:3a:
c8:16:6c:12:4f:75:ad:a3:ca:cb:50:c4:50:a0:76:
00:fc:20:4a:ed:35:ad:61:89:30:e7:a1:a9:7b:63:
27:88:cd:07:e5:a3:76:72:67:fc:4d:9e:bb:be:d5:
85:f1:ea:56:06:6e:2a:f2:42:2f:d1:a7:50:f8:7a:
43:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:5D:3A:10:F2:81:54:57:20:F1:AD:08:81:5B:6E:E1:DE:43:7A:BE
X509v3 Authority Key Identifier:
keyid:AF:A5:11:65:AA:50:36:AC:DA:11:FE:E0:02:0E:34:FC:C4:39:ED:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r6URZapQNqzaEf7gAg40_MQ57eY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/2da1ec-aa4b-4d94-98cb-a776e4a63e6f/1/UF06EPKBVFcg8a0IgVtu4d5Der4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/2da1ec-aa4b-4d94-98cb-a776e4a63e6f/1/r6URZapQNqzaEf7gAg40_MQ57eY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.252.48.0/20
158.58.144.0/21
185.90.232.0/22
Signature Algorithm: sha256WithRSAEncryption
99:cd:82:37:fa:ff:43:61:39:f3:cf:17:3d:1b:08:70:07:94:
9d:0d:5f:94:30:c8:bc:c5:e2:b4:86:d1:c9:2f:45:b0:05:de:
fc:c6:83:ae:89:7b:01:20:72:3c:ad:99:66:33:0d:1c:c0:30:
65:3c:0b:79:ad:5a:33:9a:85:66:54:8e:b6:f0:cf:7e:a2:4b:
da:4e:14:3c:47:da:a8:7a:b7:19:63:27:8d:d4:82:bc:50:6c:
b3:59:e7:a2:90:01:c1:a3:6b:48:e9:d8:7e:9f:82:49:57:81:
7b:6a:e4:2f:4c:c2:05:01:89:2f:1e:5d:ae:15:9d:0f:9d:0d:
2f:12:43:6c:c7:42:5c:be:71:6d:10:e3:b9:b7:b7:82:18:f4:
18:cf:90:62:56:95:88:f6:86:48:51:42:71:fe:ba:33:90:ea:
63:ef:be:1c:c3:be:a3:73:2b:8e:fa:c4:d5:2f:89:42:26:d5:
4f:59:7f:51:d6:1f:c0:5e:c9:e3:8b:6a:f6:f9:3c:cd:48:74:
8e:26:a6:40:b0:3d:46:66:f5:0b:5d:53:da:6f:d3:8c:bb:71:
30:82:ba:2d:73:ed:96:1f:75:86:5a:a3:6b:c5:9d:29:b6:4d:
fb:e8:f3:a3:e9:f4:2a:7b:c4:eb:c9:02:dc:75:88:a8:5d:1b:
97:c4:06:4f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYN9yZwjRsZaYDo73kehKKf0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmYTUxMTY1YWE1MDM2YWNkYTExZmVlMDAyMGUzNGZjYzQz
OWVkZTYwHhcNMjIwOTI3MDcxMTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDVkM2ExMGYyODE1NDU3MjBmMWFkMDg4MTViNmVlMWRlNDM3YWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrKJPjNCndPsn4EmDcVh8D1Qdrvt
ID4xUABYEtAXimsAR4FTCpESv5lQColnl3cohu5Nz7K2sl88/iJfRuK3UFQ3fRPM
XJygG+hlVgKKs/II2nF+QHD6eYlcn1hjAaD02dEScWJ5d0jxNJarvKySl8kBDcre
agmoFn0U81iJRsrmo7W4kjH4DNYggpbE0D3IwFwvAAmgoEKsWsl2iHLCb94TIMbg
NzL37toqyx625Vpq7cJVdd0wRjwkZxaNkFBIpDrIFmwST3Wto8rLUMRQoHYA/CBK
7TWtYYkw56Gpe2MniM0H5aN2cmf8TZ67vtWF8epWBm4q8kIv0adQ+HpDNwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFBdOhDygVRXIPGtCIFbbuHeQ3q+MB8GA1UdIwQY
MBaAFK+lEWWqUDas2hH+4AIONPzEOe3mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjZVUlphcFFOcXphRWY3Z0FnNDBfTVE1N2VZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC8yZGExZWMtYWE0Yi00ZDk0LTk4Y2It
YTc3NmU0YTYzZTZmLzEvVUYwNkVQS0JWRmNnOGEwSWdWdHU0ZDVEZXI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC8yZGExZWMtYWE0Yi00ZDk0LTk4Y2ItYTc3NmU0YTYzZTZm
LzEvcjZVUlphcFFOcXphRWY3Z0FnNDBfTVE1N2VZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEl/wwAwQD
njqQAwQCuVroMA0GCSqGSIb3DQEBCwUAA4IBAQCZzYI3+v9DYTnzzxc9GwhwB5Sd
DV+UMMi8xeK0htHJL0WwBd78xoOuiXsBIHI8rZlmMw0cwDBlPAt5rVozmoVmVI62
8M9+okvaThQ8R9qoercZYyeN1IK8UGyzWeeikAHBo2tI6dh+n4JJV4F7auQvTMIF
AYkvHl2uFZ0PnQ0vEkNsx0JcvnFtEOO5t7eCGPQYz5BiVpWI9oZIUUJx/rozkOpj
774cw76jcyuO+sTVL4lCJtVPWX9R1h/AXsnji2r2+TzNSHSOJqZAsD1GZvULXVPa
b9OMu3Ewgrotc+2WH3WGWqNrxZ0ptk376POj6fQqe8TryQLcdYioXRuXxAZP
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:29:49 2025 by rpki-client