Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/0776a2-5e89-4e2c-9370-5b304eec0025/1/UlMitxHQmjbiD_3_Y9Pb6kN0g4U.roa
File: UlMitxHQmjbiD_3_Y9Pb6kN0g4U.roa (raw, json)
Hash identifier: wCrhdjwJN/1K8YvJGA/0xkol7wpkbNwrfUeHoZGaNv0=
Subject key identifier: 52:53:22:B7:11:D0:9A:36:E2:0F:FD:FF:63:D3:DB:EA:43:74:83:85
Certificate issuer: /CN=ec9b0931118f08bf4a34b3e052fd8f8a5c1ecab0
Certificate serial: 1D5175F8
Authority key identifier: EC:9B:09:31:11:8F:08:BF:4A:34:B3:E0:52:FD:8F:8A:5C:1E:CA:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7JsJMRGPCL9KNLPgUv2PilweyrA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/0776a2-5e89-4e2c-9370-5b304eec0025/1/UlMitxHQmjbiD_3_Y9Pb6kN0g4U.roa
Signing time: Wed 20 Apr 2022 06:30:31 +0000
ROA not before: Wed 20 Apr 2022 06:30:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31621
IP address blocks: 91.194.188.0/23 maxlen: 24
185.31.24.0/22 maxlen: 24
193.23.48.0/24 maxlen: 24
178.21.152.0/21 maxlen: 24
194.0.251.0/24 maxlen: 24
2a02:dcd::/32 maxlen: 48
2a02:dcc::/32 maxlen: 48
2a02:dce::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 491877880 (0x1d5175f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec9b0931118f08bf4a34b3e052fd8f8a5c1ecab0
Validity
Not Before: Apr 20 06:30:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=525322b711d09a36e20ffdff63d3dbea43748385
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ad:03:e4:c2:a0:ea:b0:68:16:c9:2f:70:20:
d3:56:55:54:18:04:c2:98:d6:14:39:b8:db:ae:69:
f6:06:fe:58:fe:3a:72:9f:b6:df:70:4f:97:ba:79:
d1:01:e9:c9:00:f3:7d:bf:74:50:e2:87:53:37:a5:
b2:7a:94:a3:77:e0:42:e2:9c:a7:a7:c6:41:4b:b1:
e6:03:5b:85:e3:ca:b8:17:0e:27:d1:2c:8a:39:28:
88:4d:54:b7:b3:e5:d6:80:d1:fd:2d:5a:8e:ce:04:
e9:97:ae:93:63:cb:a7:29:42:b4:5c:98:03:f5:29:
93:32:cf:4e:72:be:76:c0:39:d7:6a:b4:6d:d1:7d:
b5:16:f9:e1:69:d6:9a:6a:3b:e9:cd:a9:0d:f0:64:
87:f1:4a:51:c0:b0:c6:57:4f:d9:dc:66:dd:51:0a:
e6:f0:b1:fa:21:3a:40:64:e2:83:94:ec:50:62:8f:
0f:3e:0c:3c:8e:0f:6a:61:7b:ed:3d:55:1a:1c:86:
af:2b:92:8c:d8:1f:70:85:b9:32:cb:12:5c:ab:a6:
a9:e8:46:21:e3:78:4c:61:8b:58:52:e9:0f:e7:d0:
a7:29:71:6f:8f:92:82:ca:7b:a7:54:85:3c:16:11:
f6:d2:20:da:c2:d7:bc:ed:c3:a6:f6:12:5e:d0:30:
5d:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:53:22:B7:11:D0:9A:36:E2:0F:FD:FF:63:D3:DB:EA:43:74:83:85
X509v3 Authority Key Identifier:
keyid:EC:9B:09:31:11:8F:08:BF:4A:34:B3:E0:52:FD:8F:8A:5C:1E:CA:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7JsJMRGPCL9KNLPgUv2PilweyrA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/0776a2-5e89-4e2c-9370-5b304eec0025/1/UlMitxHQmjbiD_3_Y9Pb6kN0g4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/0776a2-5e89-4e2c-9370-5b304eec0025/1/7JsJMRGPCL9KNLPgUv2PilweyrA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.188.0/23
178.21.152.0/21
185.31.24.0/22
193.23.48.0/24
194.0.251.0/24
IPv6:
2a02:dcc::-2a02:dce:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
3b:99:32:33:6b:e5:0d:b6:df:7a:eb:34:fe:c1:f5:0c:a8:40:
04:58:7f:35:1b:7a:0f:77:ce:e7:da:eb:b6:fb:b4:6c:36:3b:
ef:a6:32:cd:a8:48:f8:ce:e8:37:0a:eb:94:f6:5b:ee:0e:06:
19:1f:37:3f:b6:c6:e9:7f:db:dc:2b:85:85:bf:43:7d:ac:e2:
09:17:e7:35:f2:05:85:20:a0:2e:ac:a9:c4:ef:05:90:0e:33:
ad:16:15:cc:6f:42:71:9a:d2:20:b5:44:f8:ed:24:4c:09:e3:
21:f0:5b:35:ed:17:a2:7b:8b:a2:7a:75:46:b4:a8:f0:2d:c0:
10:1b:1e:ee:b8:cf:8c:b7:57:e6:b4:95:86:63:2c:32:3b:5f:
01:6a:e3:3a:99:13:84:de:2a:a3:18:30:7b:01:ef:e7:90:48:
f9:e8:8b:3c:fb:ed:96:b4:45:a8:b3:79:e0:51:16:93:e4:ea:
bf:4d:59:26:0e:3d:96:0e:ee:16:59:e7:dc:0d:70:25:ba:59:
70:a3:c1:c6:6d:1d:05:88:70:76:41:72:b1:4b:62:61:4f:08:
2d:05:00:17:1e:a0:5f:54:a7:27:f0:a0:f9:77:e9:83:15:86:
b4:5e:da:79:b3:a0:25:c6:a3:9a:71:53:dc:7c:43:16:18:5d:
74:d4:c8:7f
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEHVF1+DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YzliMDkzMTExOGYwOGJmNGEzNGIzZTA1MmZkOGY4YTVjMWVjYWIwMB4XDTIyMDQy
MDA2MzAzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTI1MzIyYjcxMWQw
OWEzNmUyMGZmZGZmNjNkM2RiZWE0Mzc0ODM4NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKqtA+TCoOqwaBbJL3Ag01ZVVBgEwpjWFDm4265p9gb+WP46
cp+233BPl7p50QHpyQDzfb90UOKHUzelsnqUo3fgQuKcp6fGQUux5gNbhePKuBcO
J9EsijkoiE1Ut7Pl1oDR/S1ajs4E6Zeuk2PLpylCtFyYA/UpkzLPTnK+dsA512q0
bdF9tRb54WnWmmo76c2pDfBkh/FKUcCwxldP2dxm3VEK5vCx+iE6QGTig5TsUGKP
Dz4MPI4PamF77T1VGhyGryuSjNgfcIW5MssSXKumqehGIeN4TGGLWFLpD+fQpylx
b4+Sgsp7p1SFPBYR9tIg2sLXvO3DpvYSXtAwXe0CAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBRSUyK3EdCaNuIP/f9j09vqQ3SDhTAfBgNVHSMEGDAWgBTsmwkxEY8Iv0o0
s+BS/Y+KXB7KsDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdKc0pNUkdQQ0w5S05MUGdVdjJQaWx3ZXlyQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODMvMDc3NmEyLTVlODktNGUyYy05MzcwLTViMzA0ZWVjMDAyNS8x
L1VsTWl0eEhRbWpiaURfM19ZOVBiNmtOMGc0VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODMv
MDc3NmEyLTVlODktNGUyYy05MzcwLTViMzA0ZWVjMDAyNS8xLzdKc0pNUkdQQ0w5
S05MUGdVdjJQaWx3ZXlyQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wJAQCAAEwHgMEAVvCvAMEA7IVmAMEArkfGAMEAMEX
MAMEAMIA+zAWBAIAAjAQMA4DBQIqAg3MAwUAKgINzjANBgkqhkiG9w0BAQsFAAOC
AQEAO5kyM2vlDbbfeus0/sH1DKhABFh/NRt6D3fO59rrtvu0bDY776YyzahI+M7o
NwrrlPZb7g4GGR83P7bG6X/b3CuFhb9DfaziCRfnNfIFhSCgLqypxO8FkA4zrRYV
zG9CcZrSILVE+O0kTAnjIfBbNe0XonuLonp1RrSo8C3AEBse7rjPjLdX5rSVhmMs
MjtfAWrjOpkThN4qoxgwewHv55BI+eiLPPvtlrRFqLN54FEWk+Tqv01ZJg49lg7u
Flnn3A1wJbpZcKPBxm0dBYhwdkFysUtiYU8ILQUAFx6gX1SnJ/Cg+XfpgxWGtF7a
ebOgJcajmnFT3HxDFhhddNTIfw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:14 2024 by rpki-client on console-fra.rpki-client.org