Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/UFBBmtFe5Fl6YDRFPHVIklkLHcA.roa
File: UFBBmtFe5Fl6YDRFPHVIklkLHcA.roa (raw, json)
Hash identifier: ifYNoVXdjvFa6nnsBL5B8GOzXz3QH9w1M1dfeJRT8Vs=
Subject key identifier: 50:50:41:9A:D1:5E:E4:59:7A:60:34:45:3C:75:48:92:59:0B:1D:C0
Certificate issuer: /CN=0f671fec38f00c402f3066f13c792e1a0ed16db3
Certificate serial: 0101C03D
Authority key identifier: 0F:67:1F:EC:38:F0:0C:40:2F:30:66:F1:3C:79:2E:1A:0E:D1:6D:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D2cf7DjwDEAvMGbxPHkuGg7RbbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/UFBBmtFe5Fl6YDRFPHVIklkLHcA.roa
Signing time: Wed 06 Apr 2022 08:00:03 +0000
ROA not before: Wed 06 Apr 2022 08:00:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29286
IP address blocks: 185.20.215.0/24 maxlen: 24
37.9.178.0/24 maxlen: 24
37.9.176.0/24 maxlen: 24
37.9.179.0/24 maxlen: 24
37.9.183.0/24 maxlen: 24
37.9.180.0/23 maxlen: 24
185.20.212.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16891965 (0x101c03d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f671fec38f00c402f3066f13c792e1a0ed16db3
Validity
Not Before: Apr 6 08:00:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5050419ad15ee4597a6034453c754892590b1dc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b3:d8:a8:6c:05:9d:a4:17:ad:9f:22:3f:3a:
11:67:67:67:27:43:59:12:f6:03:01:66:d7:88:b3:
72:d3:40:1d:c7:bb:1b:51:30:7c:1d:a8:45:e1:b6:
68:e4:05:0f:c6:d5:a9:90:22:30:f9:c6:aa:a7:54:
38:0b:12:bb:a8:7e:a1:4a:f9:a3:ab:d0:b2:b1:65:
d4:97:a2:c4:de:15:60:82:7f:d3:c4:05:78:82:30:
de:b5:b0:d1:23:b5:80:b1:e1:c5:31:a0:9d:f2:39:
a2:b1:fe:78:bb:40:fb:c1:d5:4c:c5:2d:35:a2:da:
a9:4a:73:d1:cf:65:cb:88:7a:79:62:cd:75:ad:8b:
f0:ae:8e:00:84:30:32:92:b8:f6:2e:46:14:a0:4d:
fd:ea:57:46:b5:41:96:f2:8b:05:d8:fd:d7:d3:07:
84:ee:bd:63:3a:23:fd:34:61:6b:9f:c5:08:62:ed:
99:49:b1:c3:20:9c:19:57:4d:15:bf:89:f7:e0:62:
30:e7:2a:51:84:7f:3a:27:13:bb:7a:4c:bd:c8:b4:
53:9b:05:21:0b:32:ec:27:ca:de:86:fa:f7:dd:00:
63:3e:8f:3e:05:c8:44:78:98:55:14:b9:7c:37:ed:
8c:be:24:a2:1f:61:4f:96:d8:55:9e:64:4d:45:e6:
c2:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:50:41:9A:D1:5E:E4:59:7A:60:34:45:3C:75:48:92:59:0B:1D:C0
X509v3 Authority Key Identifier:
keyid:0F:67:1F:EC:38:F0:0C:40:2F:30:66:F1:3C:79:2E:1A:0E:D1:6D:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2cf7DjwDEAvMGbxPHkuGg7RbbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/UFBBmtFe5Fl6YDRFPHVIklkLHcA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/D2cf7DjwDEAvMGbxPHkuGg7RbbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.9.176.0/24
37.9.178.0-37.9.181.255
37.9.183.0/24
185.20.212.0/22
Signature Algorithm: sha256WithRSAEncryption
77:a3:be:0f:78:c3:96:d7:56:f5:5b:02:c1:19:b9:a1:d1:16:
52:a7:0b:fb:e2:f5:9b:5b:cc:af:24:41:4d:24:ab:58:5e:3c:
57:7b:41:75:43:55:d2:8d:79:32:83:61:db:4f:39:af:09:3e:
e5:c0:37:eb:68:c5:8e:d1:85:d9:6c:24:53:f3:8c:97:bb:73:
ce:dc:f7:63:45:89:4e:8f:97:3f:a3:b4:4e:20:4b:1b:d1:b8:
c1:b4:ab:82:38:53:ac:08:74:88:5c:b0:3f:63:ae:f0:da:51:
d8:ff:5e:78:77:6f:65:15:6b:45:35:5a:f4:5f:74:dd:9f:c4:
4a:16:f1:1c:97:77:6f:c1:ac:d0:b6:32:96:66:8e:68:0c:86:
b3:de:9e:19:71:7a:64:2d:41:e8:1a:04:61:ac:3c:54:80:77:
ba:4d:a5:31:79:ad:ec:53:f0:64:40:e4:aa:c2:18:c5:8e:94:
53:c2:d7:e7:a1:c8:26:82:6f:21:06:ac:60:33:0d:bb:a4:9a:
c5:ff:5b:5c:70:87:3e:24:d0:9c:42:e7:c4:04:6b:c3:35:64:
2f:7b:ef:fe:dd:bc:13:15:54:37:4c:03:2b:6d:16:f0:fb:96:
6a:80:88:63:2b:1d:59:0f:e8:88:0a:46:d6:6b:0b:51:5b:c8:
2a:00:e9:59
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEAQHAPTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZjY3MWZlYzM4ZjAwYzQwMmYzMDY2ZjEzYzc5MmUxYTBlZDE2ZGIzMB4XDTIyMDQw
NjA4MDAwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTA1MDQxOWFkMTVl
ZTQ1OTdhNjAzNDQ1M2M3NTQ4OTI1OTBiMWRjMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALGz2KhsBZ2kF62fIj86EWdnZydDWRL2AwFm14izctNAHce7
G1EwfB2oReG2aOQFD8bVqZAiMPnGqqdUOAsSu6h+oUr5o6vQsrFl1JeixN4VYIJ/
08QFeIIw3rWw0SO1gLHhxTGgnfI5orH+eLtA+8HVTMUtNaLaqUpz0c9ly4h6eWLN
da2L8K6OAIQwMpK49i5GFKBN/epXRrVBlvKLBdj919MHhO69Yzoj/TRha5/FCGLt
mUmxwyCcGVdNFb+J9+BiMOcqUYR/OicTu3pMvci0U5sFIQsy7CfK3ob6990AYz6P
PgXIRHiYVRS5fDftjL4koh9hT5bYVZ5kTUXmwiECAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBRQUEGa0V7kWXpgNEU8dUiSWQsdwDAfBgNVHSMEGDAWgBQPZx/sOPAMQC8w
ZvE8eS4aDtFtszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0QyY2Y3RGp3REVBdk1HYnhQSGt1R2c3UmJiTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzkvNDliYjY5LWRmZjktNDQ4ZS1hOGEyLTk3NzMwNWM3MDA1MS8x
L1VGQkJtdEZlNUZsNllEUkZQSFZJa2xrTEhjQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzkv
NDliYjY5LWRmZjktNDQ4ZS1hOGEyLTk3NzMwNWM3MDA1MS8xL0QyY2Y3RGp3REVB
dk1HYnhQSGt1R2c3UmJiTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEACUJsDAMAwQBJQmyAwQBJQm0AwQA
JQm3AwQCuRTUMA0GCSqGSIb3DQEBCwUAA4IBAQB3o74PeMOW11b1WwLBGbmh0RZS
pwv74vWbW8yvJEFNJKtYXjxXe0F1Q1XSjXkyg2HbTzmvCT7lwDfraMWO0YXZbCRT
84yXu3PO3PdjRYlOj5c/o7ROIEsb0bjBtKuCOFOsCHSIXLA/Y67w2lHY/154d29l
FWtFNVr0X3Tdn8RKFvEcl3dvwazQtjKWZo5oDIaz3p4ZcXpkLUHoGgRhrDxUgHe6
TaUxea3sU/BkQOSqwhjFjpRTwtfnocgmgm8hBqxgMw27pJrF/1tccIc+JNCcQufE
BGvDNWQve+/+3bwTFVQ3TAMrbRbw+5ZqgIhjKx1ZD+iICkbWawtRW8gqAOlZ
-----END CERTIFICATE-----
Generated at Thu Apr 17 20:01:23 2025 by rpki-client