Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/UhtFflDdo3y_0jHMzn8Kh_h3w1U.roa
File: UhtFflDdo3y_0jHMzn8Kh_h3w1U.roa (raw, json)
Hash identifier: QSNzPLMU53kGlgBXlY+d2/67Cpza52+hQMQlMbDSIEw=
Subject key identifier: 52:1B:45:7E:50:DD:A3:7C:BF:D2:31:CC:CE:7F:0A:87:F8:77:C3:55
Certificate issuer: /CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Certificate serial: 018276F0B6F73EF76BABB7BB21B2FC3A1A12
Authority key identifier: 83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/UhtFflDdo3y_0jHMzn8Kh_h3w1U.roa
Signing time: Sun 07 Aug 2022 06:14:23 +0000
ROA not before: Sun 07 Aug 2022 06:14:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203729
IP address blocks: 185.186.8.0/24 maxlen: 24
2a0b:6b81:210::/48 maxlen: 48
2a0b:6b81:208::/48 maxlen: 48
2a0b:6b81:1::/48 maxlen: 48
2a0b:6b81:205::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:76:f0:b6:f7:3e:f7:6b:ab:b7:bb:21:b2:fc:3a:1a:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Validity
Not Before: Aug 7 06:14:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=521b457e50dda37cbfd231ccce7f0a87f877c355
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:24:e1:6d:63:2c:ae:ee:19:a4:1d:05:dd:0e:
e8:fe:f7:fe:53:db:1e:18:69:8d:e4:17:47:bf:2c:
f2:0d:05:1b:52:38:5b:13:68:0c:7f:66:96:ea:3c:
b1:06:1b:39:4f:9f:bf:1f:f5:b7:dc:a6:df:c7:db:
dd:d1:dd:37:0c:6e:fd:f0:89:56:5a:16:89:87:dd:
b1:1c:64:1e:52:94:5f:2e:22:a6:a6:5e:63:dd:77:
07:7a:71:95:59:99:84:4f:bb:ad:c4:69:00:e1:26:
76:9f:4f:df:53:b5:2e:33:71:a3:cc:a1:66:2c:d3:
5f:83:13:39:08:a0:d4:8a:a1:7a:3d:ac:b2:62:94:
6a:b1:2c:e3:69:41:bd:7b:43:b3:f6:45:2d:76:49:
2e:8e:9c:57:51:0b:d9:3f:73:56:c2:24:bd:f3:68:
de:92:ee:fe:d9:7c:68:62:5b:5f:80:75:6a:12:fa:
a1:54:4d:29:21:03:c7:53:60:ec:31:f9:ca:8c:7a:
58:79:bb:74:c2:8b:a4:d8:22:85:29:a4:6a:5d:ca:
f3:ed:f7:1b:1a:e9:6b:96:f5:6b:a1:f7:68:f6:00:
83:2d:a5:5c:36:7e:79:e7:9e:a6:25:a9:68:8f:79:
d6:9d:7d:73:43:f9:1c:75:a1:60:a7:ac:85:cc:91:
16:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:1B:45:7E:50:DD:A3:7C:BF:D2:31:CC:CE:7F:0A:87:F8:77:C3:55
X509v3 Authority Key Identifier:
keyid:83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/UhtFflDdo3y_0jHMzn8Kh_h3w1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.186.8.0/24
IPv6:
2a0b:6b81:1::/48
2a0b:6b81:205::/48
2a0b:6b81:208::/48
2a0b:6b81:210::/48
Signature Algorithm: sha256WithRSAEncryption
3d:ff:3a:af:6b:64:aa:15:99:8d:55:4f:e9:ad:1c:a0:03:09:
2e:de:dc:3a:69:82:8a:10:38:32:6e:17:3d:a9:ac:00:09:ae:
6f:af:76:fb:12:28:ff:b8:12:18:55:84:43:43:85:92:de:7c:
de:f9:16:8e:70:8a:85:de:7e:63:a1:4a:d0:56:c9:01:07:b2:
2a:8c:c6:b2:1e:6f:fd:ac:3f:98:66:fb:a4:02:c6:22:59:f2:
41:8c:aa:34:b3:04:fa:13:0c:a6:7c:14:6f:69:74:1d:b7:47:
23:f0:eb:85:ff:f2:53:5f:ff:ba:a9:3b:52:7e:ca:3f:11:20:
c8:cf:8d:2e:e8:00:36:9c:96:2c:1d:35:0c:f3:cd:93:75:85:
01:ef:39:fd:1c:cd:83:13:a7:c5:81:9e:e4:94:f7:03:19:b4:
87:23:6c:27:86:48:99:f6:b5:3c:3f:5a:41:02:cd:b1:05:03:
93:63:29:6f:1b:12:8e:c7:31:6f:83:32:11:c0:c5:22:83:2f:
b4:dd:c4:6f:bd:cb:9e:3a:eb:27:b5:ab:e7:93:3d:2a:1e:08:
56:9f:02:4e:f7:55:91:cf:9a:88:e5:ec:4a:bc:9a:60:2f:6c:
89:83:d3:07:9f:ef:93:4e:bb:04:f8:de:67:37:9f:ca:52:1d:
a8:99:3b:ea
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYJ28Lb3Pvdrq7e7IbL8OhoSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNWJjOWJiNTQ3ZTI3Nzg4ZDIyMWJjOGJiZDVmYjAyZTAy
NDQ4MGYwHhcNMjIwODA3MDYxNDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjFiNDU3ZTUwZGRhMzdjYmZkMjMxY2NjZTdmMGE4N2Y4NzdjMzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiThbWMsru4ZpB0F3Q7o/vf+U9se
GGmN5BdHvyzyDQUbUjhbE2gMf2aW6jyxBhs5T5+/H/W33Kbfx9vd0d03DG798IlW
WhaJh92xHGQeUpRfLiKmpl5j3XcHenGVWZmET7utxGkA4SZ2n0/fU7UuM3GjzKFm
LNNfgxM5CKDUiqF6PayyYpRqsSzjaUG9e0Oz9kUtdkkujpxXUQvZP3NWwiS982je
ku7+2XxoYltfgHVqEvqhVE0pIQPHU2DsMfnKjHpYebt0wouk2CKFKaRqXcrz7fcb
GulrlvVrofdo9gCDLaVcNn55556mJaloj3nWnX1zQ/kcdaFgp6yFzJEWfwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFFIbRX5Q3aN8v9IxzM5/Cof4d8NVMB8GA1UdIwQY
MBaAFINbybtUfid4jSIbyLvV+wLgJEgPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEt
YjM2YTI0ZDM5NDI3LzEvVWh0RmZsRGRvM3lfMGpITXpuOEtoX2gzdzFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEtYjM2YTI0ZDM5NDI3
LzEvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAMBAIAATAGAwQAuboIMCoE
AgACMCQDBwAqC2uBAAEDBwAqC2uBAgUDBwAqC2uBAggDBwAqC2uBAhAwDQYJKoZI
hvcNAQELBQADggEBAD3/Oq9rZKoVmY1VT+mtHKADCS7e3DppgooQODJuFz2prAAJ
rm+vdvsSKP+4EhhVhENDhZLefN75Fo5wioXefmOhStBWyQEHsiqMxrIeb/2sP5hm
+6QCxiJZ8kGMqjSzBPoTDKZ8FG9pdB23RyPw64X/8lNf/7qpO1J+yj8RIMjPjS7o
ADacliwdNQzzzZN1hQHvOf0czYMTp8WBnuSU9wMZtIcjbCeGSJn2tTw/WkECzbEF
A5NjKW8bEo7HMW+DMhHAxSKDL7TdxG+9y5466ye1q+eTPSoeCFafAk73VZHPmojl
7Eq8mmAvbImD0wef75NOuwT43mc3n8pSHaiZO+o=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:50 2023 by rpki-client on console-fra.rpki-client.org