Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/2da1ec-aa4b-4d94-98cb-a776e4a63e6f/1/Uz_yaBnW7UyK0UMO9umLHqtdbZE.roa
File: Uz_yaBnW7UyK0UMO9umLHqtdbZE.roa (raw, json)
Hash identifier: q9cHzHEZgupwhPt4JkjbLRVetjAPaTPND2CxntXCF4o=
Subject key identifier: 53:3F:F2:68:19:D6:ED:4C:8A:D1:43:0E:F6:E9:8B:1E:AB:5D:6D:91
Certificate issuer: /CN=afa51165aa5036acda11fee0020e34fcc439ede6
Certificate serial: 01837DDEAB808BBD1AC6E5305218DA5394BC
Authority key identifier: AF:A5:11:65:AA:50:36:AC:DA:11:FE:E0:02:0E:34:FC:C4:39:ED:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r6URZapQNqzaEf7gAg40_MQ57eY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/2da1ec-aa4b-4d94-98cb-a776e4a63e6f/1/Uz_yaBnW7UyK0UMO9umLHqtdbZE.roa
Signing time: Tue 27 Sep 2022 07:34:48 +0000
ROA not before: Tue 27 Sep 2022 07:34:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25504
IP address blocks: 185.90.232.0/22 maxlen: 24
151.252.48.0/20 maxlen: 24
158.58.144.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:7d:de:ab:80:8b:bd:1a:c6:e5:30:52:18:da:53:94:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afa51165aa5036acda11fee0020e34fcc439ede6
Validity
Not Before: Sep 27 07:34:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=533ff26819d6ed4c8ad1430ef6e98b1eab5d6d91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:e2:81:c7:a9:5e:eb:18:91:a0:f3:1b:60:e0:
28:2f:01:40:ec:bd:0c:ef:7e:34:5d:24:9f:6f:90:
36:ae:76:78:86:3f:70:7c:01:34:7f:82:29:47:ae:
32:93:65:a0:f1:c1:35:00:12:e3:b6:04:a4:f6:a2:
bb:7e:67:71:65:6e:df:69:76:d3:3a:ad:33:1a:bb:
1d:57:cc:06:1c:d6:a2:0f:41:a3:d4:c3:1d:de:00:
fc:91:7e:b8:01:2a:dd:48:3d:84:d4:cf:77:38:28:
94:23:ed:0c:fd:ba:c0:5c:59:27:6a:67:f1:b8:4b:
ad:e3:d3:58:88:c5:2c:cb:f9:de:0c:8b:1c:c7:76:
eb:97:c4:a8:6f:8d:5a:16:42:48:0f:4c:a3:55:3e:
7c:20:3b:5a:f5:c9:39:f7:5b:6d:3a:c6:08:ba:40:
5a:52:29:26:d5:45:02:8a:51:d9:a9:f4:05:32:6f:
98:ae:5f:06:dc:5f:4b:93:4c:58:5b:1a:ae:11:06:
0e:4a:8c:57:85:9c:d7:dd:af:8f:b8:a6:bd:66:0e:
d7:b1:2d:19:a0:89:0c:ea:79:ab:d9:04:44:cb:63:
20:85:08:a0:f5:c0:d5:6e:1a:16:a7:66:dc:ae:69:
a2:06:ce:0a:4a:8b:0d:e8:b8:79:8a:a2:8b:23:0c:
73:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:3F:F2:68:19:D6:ED:4C:8A:D1:43:0E:F6:E9:8B:1E:AB:5D:6D:91
X509v3 Authority Key Identifier:
keyid:AF:A5:11:65:AA:50:36:AC:DA:11:FE:E0:02:0E:34:FC:C4:39:ED:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r6URZapQNqzaEf7gAg40_MQ57eY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/2da1ec-aa4b-4d94-98cb-a776e4a63e6f/1/Uz_yaBnW7UyK0UMO9umLHqtdbZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/2da1ec-aa4b-4d94-98cb-a776e4a63e6f/1/r6URZapQNqzaEf7gAg40_MQ57eY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.252.48.0/20
158.58.144.0/21
185.90.232.0/22
Signature Algorithm: sha256WithRSAEncryption
36:11:f0:93:f6:03:03:6c:6d:31:f5:35:c1:f9:f5:c0:46:ae:
62:aa:e4:0c:4e:bf:63:5e:dd:7b:5f:4e:3c:c5:66:a2:b4:6b:
29:41:d4:65:5b:d1:ba:df:26:c4:cd:5e:ca:07:68:1c:09:f1:
59:4b:05:db:cd:aa:44:9a:09:6b:25:f9:2a:78:f8:cc:58:06:
56:53:49:86:37:fd:cd:8f:32:b9:6e:d4:0c:df:55:5d:19:07:
b5:21:dc:2c:25:b1:fe:f4:02:cb:06:16:09:3e:94:0d:67:f9:
7e:03:bb:79:29:f7:51:c1:84:70:c2:4c:76:f0:af:b4:90:92:
db:f8:90:c1:1f:62:e5:ce:6b:95:a7:76:69:84:d8:4c:08:ea:
e6:0e:ff:82:87:39:cd:91:58:cd:cb:68:e0:50:56:30:d6:2b:
be:4b:fd:4c:fb:a4:7a:08:ab:bc:34:a4:b6:cb:2b:ed:71:be:
4e:63:af:25:5c:cc:cb:c3:9d:85:b1:e8:72:2e:a9:af:b8:63:
0e:f2:86:15:21:bb:88:5f:70:92:10:a5:22:ac:cb:20:b0:88:
84:94:7f:fa:a3:d2:83:f6:00:b5:74:f6:95:b8:ad:d8:10:e3:
fe:78:4c:46:a7:47:1e:7a:82:91:74:7c:84:45:d7:9e:0f:bb:
01:50:53:d1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYN93quAi70axuUwUhjaU5S8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmYTUxMTY1YWE1MDM2YWNkYTExZmVlMDAyMGUzNGZjYzQz
OWVkZTYwHhcNMjIwOTI3MDczNDQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzNmZjI2ODE5ZDZlZDRjOGFkMTQzMGVmNmU5OGIxZWFiNWQ2ZDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOKBx6le6xiRoPMbYOAoLwFA7L0M
7340XSSfb5A2rnZ4hj9wfAE0f4IpR64yk2Wg8cE1ABLjtgSk9qK7fmdxZW7faXbT
Oq0zGrsdV8wGHNaiD0Gj1MMd3gD8kX64ASrdSD2E1M93OCiUI+0M/brAXFknamfx
uEut49NYiMUsy/neDIscx3brl8Sob41aFkJID0yjVT58IDta9ck591ttOsYIukBa
Uikm1UUCilHZqfQFMm+Yrl8G3F9Lk0xYWxquEQYOSoxXhZzX3a+PuKa9Zg7XsS0Z
oIkM6nmr2QREy2MghQig9cDVbhoWp2bcrmmiBs4KSosN6Lh5iqKLIwxzuQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFM/8mgZ1u1MitFDDvbpix6rXW2RMB8GA1UdIwQY
MBaAFK+lEWWqUDas2hH+4AIONPzEOe3mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjZVUlphcFFOcXphRWY3Z0FnNDBfTVE1N2VZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC8yZGExZWMtYWE0Yi00ZDk0LTk4Y2It
YTc3NmU0YTYzZTZmLzEvVXpfeWFCblc3VXlLMFVNTzl1bUxIcXRkYlpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC8yZGExZWMtYWE0Yi00ZDk0LTk4Y2ItYTc3NmU0YTYzZTZm
LzEvcjZVUlphcFFOcXphRWY3Z0FnNDBfTVE1N2VZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEl/wwAwQD
njqQAwQCuVroMA0GCSqGSIb3DQEBCwUAA4IBAQA2EfCT9gMDbG0x9TXB+fXARq5i
quQMTr9jXt17X048xWaitGspQdRlW9G63ybEzV7KB2gcCfFZSwXbzapEmglrJfkq
ePjMWAZWU0mGN/3NjzK5btQM31VdGQe1IdwsJbH+9ALLBhYJPpQNZ/l+A7t5KfdR
wYRwwkx28K+0kJLb+JDBH2LlzmuVp3ZphNhMCOrmDv+ChznNkVjNy2jgUFYw1iu+
S/1M+6R6CKu8NKS2yyvtcb5OY68lXMzLw52FsehyLqmvuGMO8oYVIbuIX3CSEKUi
rMsgsIiElH/6o9KD9gC1dPaVuK3YEOP+eExGp0ceeoKRdHyERdeeD7sBUFPR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:34 2024 by rpki-client on console-fra.rpki-client.org