Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/UfVSKdBExvX_jaNeiNsSNQJ3m6A.roa
File: UfVSKdBExvX_jaNeiNsSNQJ3m6A.roa (raw, json)
Hash identifier: lEyN7AAxZEADfpIi3kcdc9r5qVU6iY/PMGB0GggVh3Q=
Subject key identifier: 51:F5:52:29:D0:44:C6:F5:FF:8D:A3:5E:88:DB:12:35:02:77:9B:A0
Certificate issuer: /CN=dbd4f8e4762377f86b07a8753f6e98f6f4b6b792
Certificate serial: 096C3D1D
Authority key identifier: DB:D4:F8:E4:76:23:77:F8:6B:07:A8:75:3F:6E:98:F6:F4:B6:B7:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/29T45HYjd_hrB6h1P26Y9vS2t5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/UfVSKdBExvX_jaNeiNsSNQJ3m6A.roa
Signing time: Sat 01 Jan 2022 15:58:23 +0000
ROA not before: Sat 01 Jan 2022 15:58:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59675
IP address blocks: 213.185.78.0/23 maxlen: 23
213.185.80.0/22 maxlen: 22
213.185.84.0/23 maxlen: 23
31.220.150.0/24 maxlen: 24
185.5.10.0/23 maxlen: 23
185.5.8.0/23 maxlen: 23
128.0.144.0/23 maxlen: 23
128.0.150.0/24 maxlen: 24
128.0.151.0/24 maxlen: 24
128.0.152.0/24 maxlen: 24
128.0.148.0/23 maxlen: 23
128.0.146.0/23 maxlen: 23
128.0.154.0/24 maxlen: 24
128.0.153.0/24 maxlen: 24
2a02:45c0::/32 maxlen: 32
2a02:45c0:13::/48 maxlen: 48
2a02:45c0:9::/48 maxlen: 48
2a02:45c0:7::/48 maxlen: 48
2a02:45c0:8::/48 maxlen: 48
2a02:45c0:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 158088477 (0x96c3d1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbd4f8e4762377f86b07a8753f6e98f6f4b6b792
Validity
Not Before: Jan 1 15:58:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=51f55229d044c6f5ff8da35e88db123502779ba0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:11:50:d9:c8:75:8e:66:6c:c4:22:45:70:6a:
70:60:8f:ef:e3:3e:01:1a:1f:62:23:98:34:fb:5c:
73:60:57:6b:ce:a7:88:bb:bb:04:52:db:4d:dd:b6:
4c:1a:ef:b6:b0:09:f7:be:27:fa:5e:02:34:82:d0:
30:3e:64:1f:27:9e:a3:45:1e:11:b6:d2:dd:ab:82:
a9:4e:f6:14:ef:5c:db:3f:b5:50:31:01:af:ee:2f:
f2:f2:0b:d4:40:02:a0:d3:99:9d:ba:b9:5a:a8:9c:
3d:37:45:a7:20:51:4d:a8:24:e5:8c:75:28:95:1a:
fd:ce:a1:d1:28:d5:03:fc:09:65:83:c8:43:31:07:
cb:42:5c:cd:c6:90:fa:e3:60:42:53:52:87:81:09:
72:12:ad:25:5f:81:ff:8a:35:a3:74:5b:f9:02:47:
31:6c:2e:33:8f:ba:6f:b8:96:20:48:71:b0:aa:83:
67:d4:d3:13:f4:8f:8a:98:a4:10:a0:4e:db:f9:55:
32:6e:54:1f:e2:c5:39:99:85:e4:a9:f0:15:16:87:
6d:be:d5:32:da:89:5f:22:22:79:5e:8f:35:35:22:
4b:24:9d:82:71:ec:3b:72:fb:30:ac:cb:04:72:fd:
73:55:af:c5:3f:87:cc:aa:c6:23:95:b6:f0:17:f7:
e3:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:F5:52:29:D0:44:C6:F5:FF:8D:A3:5E:88:DB:12:35:02:77:9B:A0
X509v3 Authority Key Identifier:
keyid:DB:D4:F8:E4:76:23:77:F8:6B:07:A8:75:3F:6E:98:F6:F4:B6:B7:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/29T45HYjd_hrB6h1P26Y9vS2t5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/UfVSKdBExvX_jaNeiNsSNQJ3m6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/29T45HYjd_hrB6h1P26Y9vS2t5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.150.0/24
128.0.144.0-128.0.154.255
185.5.8.0/22
213.185.78.0-213.185.85.255
IPv6:
2a02:45c0::/32
Signature Algorithm: sha256WithRSAEncryption
37:ee:b6:a8:6d:b6:9f:a6:66:fc:5e:58:34:e8:92:8e:1d:0e:
c9:d5:7e:d7:b5:6c:fb:13:3a:d3:10:20:88:17:4c:6e:99:1c:
25:c1:10:2b:ab:f0:55:6d:85:c7:1a:e1:66:cc:7b:68:20:a2:
d7:07:67:6b:d3:a0:4c:6b:27:ee:db:b6:d3:aa:28:9a:f0:f5:
be:ca:46:fc:bd:4c:7c:b5:4c:e9:e9:d7:d8:e1:fd:f4:55:a2:
43:53:90:75:f9:d4:f3:11:ee:94:8f:74:e2:4b:42:16:be:4b:
d7:d9:46:2f:47:be:70:fd:c1:03:fd:2b:4d:1b:cd:6f:55:bb:
1e:32:0a:1d:f4:d2:cf:50:d7:b5:58:43:ef:76:41:a3:84:f9:
69:54:fb:10:6c:37:20:ce:60:8e:e5:73:67:63:34:c7:8f:30:
56:d7:ec:cf:60:82:47:d8:54:70:2a:9b:07:7b:86:f2:96:b9:
62:ec:2e:f5:0c:43:33:e9:17:2d:7a:3b:01:79:e4:e9:9e:4f:
bf:dd:ce:1d:53:b4:0d:f8:d9:64:42:70:12:e5:28:34:2d:85:
81:5b:55:a0:37:0f:01:2b:04:10:03:97:65:b9:08:f4:59:2a:
e4:df:53:f0:19:28:9b:5e:a5:fa:40:0e:41:09:0e:58:20:63:
a0:5a:57:b5
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgIECWw9HTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YmQ0ZjhlNDc2MjM3N2Y4NmIwN2E4NzUzZjZlOThmNmY0YjZiNzkyMB4XDTIyMDEw
MTE1NTgyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTFmNTUyMjlkMDQ0
YzZmNWZmOGRhMzVlODhkYjEyMzUwMjc3OWJhMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALYRUNnIdY5mbMQiRXBqcGCP7+M+ARofYiOYNPtcc2BXa86n
iLu7BFLbTd22TBrvtrAJ974n+l4CNILQMD5kHyeeo0UeEbbS3auCqU72FO9c2z+1
UDEBr+4v8vIL1EACoNOZnbq5WqicPTdFpyBRTagk5Yx1KJUa/c6h0SjVA/wJZYPI
QzEHy0JczcaQ+uNgQlNSh4EJchKtJV+B/4o1o3Rb+QJHMWwuM4+6b7iWIEhxsKqD
Z9TTE/SPipikEKBO2/lVMm5UH+LFOZmF5KnwFRaHbb7VMtqJXyIieV6PNTUiSySd
gnHsO3L7MKzLBHL9c1WvxT+HzKrGI5W28Bf3408CAwEAAaOCAjowggI2MB0GA1Ud
DgQWBBRR9VIp0ETG9f+No16I2xI1AneboDAfBgNVHSMEGDAWgBTb1PjkdiN3+GsH
qHU/bpj29La3kjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzI5VDQ1SFlqZF9ockI2aDFQMjZZOXZTMnQ1SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODcvZDNmNjVkLWFmYWItNGQyOC1iNDZlLTYyMGE3OWNmNzkyYi8x
L1VmVlNLZEJFeHZYX2phTmVpTnNTTlFKM202QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODcv
ZDNmNjVkLWFmYWItNGQyOC1iNDZlLTYyMGE3OWNmNzkyYi8xLzI5VDQ1SFlqZF9o
ckI2aDFQMjZZOXZTMnQ1SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBQ
BggrBgEFBQcBBwEB/wRBMD8wLgQCAAEwKAMEAB/cljAMAwQEgACQAwQAgACaAwQC
uQUIMAwDBAHVuU4DBAHVuVQwDQQCAAIwBwMFACoCRcAwDQYJKoZIhvcNAQELBQAD
ggEBADfutqhttp+mZvxeWDToko4dDsnVfte1bPsTOtMQIIgXTG6ZHCXBECur8FVt
hcca4WbMe2ggotcHZ2vToExrJ+7bttOqKJrw9b7KRvy9THy1TOnp19jh/fRVokNT
kHX51PMR7pSPdOJLQha+S9fZRi9HvnD9wQP9K00bzW9Vux4yCh300s9Q17VYQ+92
QaOE+WlU+xBsNyDOYI7lc2djNMePMFbX7M9ggkfYVHAqmwd7hvKWuWLsLvUMQzPp
Fy16OwF55OmeT7/dzh1TtA342WRCcBLlKDQthYFbVaA3DwErBBADl2W5CPRZKuTf
U/AZKJtepfpADkEJDlggY6BaV7U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:49 2024 by rpki-client on console-fra.rpki-client.org