Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/53f252-f3fe-467a-bccf-b291f97b7096/1/uk-KQqjbH09n-b9SQSJUpqpIG4w.roa
File: uk-KQqjbH09n-b9SQSJUpqpIG4w.roa (raw, json)
Hash identifier: CkfhFP/W9ayj9/f4aRNwS6q0dJWKSbq1Jn7j7Tazlng=
Subject key identifier: BA:4F:8A:42:A8:DB:1F:4F:67:F9:BF:52:41:22:54:A6:AA:48:1B:8C
Certificate issuer: /CN=c47a84061671603ddc2ae8eea9cad51ee75aaec6
Certificate serial: 1085D20D
Authority key identifier: C4:7A:84:06:16:71:60:3D:DC:2A:E8:EE:A9:CA:D5:1E:E7:5A:AE:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xHqEBhZxYD3cKujuqcrVHudarsY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/53f252-f3fe-467a-bccf-b291f97b7096/1/uk-KQqjbH09n-b9SQSJUpqpIG4w.roa
Signing time: Fri 17 Jun 2022 11:23:44 +0000
ROA not before: Fri 17 Jun 2022 11:23:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204226
IP address blocks: 194.105.148.0/24 maxlen: 24
185.89.9.0/24 maxlen: 24
185.89.10.0/24 maxlen: 24
185.89.11.0/24 maxlen: 24
185.89.8.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 277205517 (0x1085d20d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c47a84061671603ddc2ae8eea9cad51ee75aaec6
Validity
Not Before: Jun 17 11:23:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ba4f8a42a8db1f4f67f9bf52412254a6aa481b8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:d0:0f:39:2d:c2:c9:58:8e:8c:84:b0:af:ff:
82:5e:1c:b8:ed:40:ce:e6:37:72:db:33:8c:fb:89:
06:d1:78:6e:ac:b3:a0:de:16:eb:b1:9a:99:82:6a:
6b:a0:4d:a3:f2:89:8b:58:cc:50:05:25:c5:4a:2c:
ba:62:2b:0b:eb:b2:43:66:dd:88:db:3e:a6:7e:22:
39:38:b0:ef:96:95:0c:98:dc:7a:c6:ee:3e:2c:f4:
cf:d7:bb:c0:10:55:a4:7a:68:4a:49:f2:85:6a:a1:
84:b1:70:30:c2:1f:2d:b6:f5:54:c0:65:3f:24:58:
74:f9:8c:9d:2b:d5:86:c0:32:75:11:c9:b4:72:3a:
34:21:aa:57:d2:7d:76:33:bd:5b:69:19:28:05:e2:
d9:19:8c:a4:80:86:fb:fb:ee:f1:bb:7d:e3:a8:0c:
b9:9c:76:54:fe:ac:27:f5:00:f3:c7:ad:10:ea:45:
a7:a0:b9:4a:fe:a4:72:f5:b8:ab:08:0a:6b:f3:4f:
29:54:ca:30:f2:32:2a:be:19:8b:19:27:00:54:32:
8f:ca:d6:66:7d:88:43:f2:77:df:5b:77:75:3d:62:
e4:dd:b7:e1:f1:88:c2:f9:35:5a:3f:68:a4:38:3e:
14:b5:33:f8:76:5e:0f:96:03:a4:ab:72:01:f6:77:
8e:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:4F:8A:42:A8:DB:1F:4F:67:F9:BF:52:41:22:54:A6:AA:48:1B:8C
X509v3 Authority Key Identifier:
keyid:C4:7A:84:06:16:71:60:3D:DC:2A:E8:EE:A9:CA:D5:1E:E7:5A:AE:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xHqEBhZxYD3cKujuqcrVHudarsY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/53f252-f3fe-467a-bccf-b291f97b7096/1/uk-KQqjbH09n-b9SQSJUpqpIG4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/53f252-f3fe-467a-bccf-b291f97b7096/1/xHqEBhZxYD3cKujuqcrVHudarsY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.89.8.0/22
194.105.148.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:95:83:8e:8b:fd:76:56:65:8a:10:d8:42:a0:11:6f:8d:f2:
b3:72:aa:b5:f5:3d:f6:80:af:0e:b6:67:3d:bf:13:38:70:58:
f1:57:93:53:fc:b4:a7:c9:93:ca:9a:a7:35:95:19:f1:51:6c:
a6:fa:cc:82:a2:64:54:a6:66:d0:a8:f4:4b:7e:1d:6b:ad:a9:
0b:24:e1:43:57:8b:1a:6d:57:26:d5:6d:d8:5e:58:93:99:52:
0c:5d:1f:0e:e3:23:e7:22:ad:e0:be:48:77:df:35:df:a9:c7:
d7:c1:d7:c9:2b:43:3f:e7:d9:7f:62:f2:c8:57:4f:07:15:3e:
f5:19:23:51:0a:5b:6f:bf:cc:b9:a5:4b:8e:c6:14:09:55:6e:
31:b9:7d:ea:9e:c0:66:a6:c6:fd:94:31:f8:d6:9a:f2:b7:b0:
12:d2:62:c8:85:1e:19:21:06:55:7f:c7:53:f3:da:ef:4a:6e:
8e:0d:6c:8a:a0:3b:09:ec:74:e9:69:ec:08:5f:6c:8c:ac:e0:
3c:b8:d8:6c:f0:ff:4d:f9:2d:b5:b8:df:ed:dc:e6:07:11:63:
89:48:b1:15:1a:e1:f1:03:65:75:6b:f0:47:e3:8f:c9:3f:61:
0a:bc:7e:2d:d1:b3:9e:bd:25:d7:b0:84:c0:de:9b:d8:b8:c2:
bb:e3:cd:1e
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEEIXSDTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDdhODQwNjE2NzE2MDNkZGMyYWU4ZWVhOWNhZDUxZWU3NWFhZWM2MB4XDTIyMDYx
NzExMjM0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmE0ZjhhNDJhOGRi
MWY0ZjY3ZjliZjUyNDEyMjU0YTZhYTQ4MWI4YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAITQDzktwslYjoyEsK//gl4cuO1AzuY3ctszjPuJBtF4bqyz
oN4W67GamYJqa6BNo/KJi1jMUAUlxUosumIrC+uyQ2bdiNs+pn4iOTiw75aVDJjc
esbuPiz0z9e7wBBVpHpoSknyhWqhhLFwMMIfLbb1VMBlPyRYdPmMnSvVhsAydRHJ
tHI6NCGqV9J9djO9W2kZKAXi2RmMpICG+/vu8bt946gMuZx2VP6sJ/UA88etEOpF
p6C5Sv6kcvW4qwgKa/NPKVTKMPIyKr4ZixknAFQyj8rWZn2IQ/J331t3dT1i5N23
4fGIwvk1Wj9opDg+FLUz+HZeD5YDpKtyAfZ3joMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBS6T4pCqNsfT2f5v1JBIlSmqkgbjDAfBgNVHSMEGDAWgBTEeoQGFnFgPdwq
6O6pytUe51quxjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hIcUVCaFp4WUQzY0t1anVxY3JWSHVkYXJzWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODAvNTNmMjUyLWYzZmUtNDY3YS1iY2NmLWIyOTFmOTdiNzA5Ni8x
L3VrLUtRcWpiSDA5bi1iOVNRU0pVcHFwSUc0dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODAv
NTNmMjUyLWYzZmUtNDY3YS1iY2NmLWIyOTFmOTdiNzA5Ni8xL3hIcUVCaFp4WUQz
Y0t1anVxY3JWSHVkYXJzWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArlZCAMEAMJplDANBgkqhkiG9w0B
AQsFAAOCAQEACpWDjov9dlZlihDYQqARb43ys3KqtfU99oCvDrZnPb8TOHBY8VeT
U/y0p8mTypqnNZUZ8VFspvrMgqJkVKZm0Kj0S34da62pCyThQ1eLGm1XJtVt2F5Y
k5lSDF0fDuMj5yKt4L5Id98136nH18HXyStDP+fZf2LyyFdPBxU+9RkjUQpbb7/M
uaVLjsYUCVVuMbl96p7AZqbG/ZQx+Naa8rewEtJiyIUeGSEGVX/HU/Pa70pujg1s
iqA7Cex06WnsCF9sjKzgPLjYbPD/Tfkttbjf7dzmBxFjiUixFRrh8QNldWvwR+OP
yT9hCrx+LdGznr0l17CEwN6b2LjCu+PNHg==
-----END CERTIFICATE-----
Generated at Tue Apr 22 11:39:01 2025 by rpki-client