Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/UknePGEKpntlSgqMOc0tTyPwn7M.roa
File: UknePGEKpntlSgqMOc0tTyPwn7M.roa (raw, json)
Hash identifier: sItofbxFL7wDcnW1tfozCKoEJbpuAdQPu4lwcoUgvww=
Subject key identifier: 52:49:DE:3C:61:0A:A6:7B:65:4A:0A:8C:39:CD:2D:4F:23:F0:9F:B3
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018992268E6EE914DDB3D810364C0E729DAE
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/UknePGEKpntlSgqMOc0tTyPwn7M.roa
Signing time: Wed 26 Jul 2023 12:22:27 +0000
ROA not before: Wed 26 Jul 2023 12:22:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42831
IP address blocks: 89.213.191.0/24 maxlen: 24
82.153.246.0/24 maxlen: 24
82.152.110.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.131.0/24 maxlen: 24
109.176.253.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:92:26:8e:6e:e9:14:dd:b3:d8:10:36:4c:0e:72:9d:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 26 12:22:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5249de3c610aa67b654a0a8c39cd2d4f23f09fb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:6a:77:c0:01:29:c6:fb:5a:f2:5f:30:35:8d:
c1:f5:b3:c5:10:b1:f6:9a:3d:4a:24:20:76:90:15:
22:37:20:af:d7:55:0b:2d:e9:96:73:f0:5e:4b:d8:
2d:b7:52:76:59:d1:33:a9:4b:7d:90:a2:9a:60:6e:
58:bb:09:01:5c:5c:42:8d:38:e0:d5:14:c0:ae:b1:
d6:ed:d1:44:87:2c:bb:42:55:05:38:3e:20:8e:52:
c7:10:55:62:85:38:7c:50:b1:d8:d6:1b:79:b8:81:
e0:7a:25:59:5f:94:60:d4:e1:ab:52:0c:58:30:f2:
ed:5d:97:f9:6a:ee:37:30:bf:7e:87:25:93:09:79:
a8:b0:39:84:93:49:a5:da:4d:81:89:93:21:0a:68:
6a:39:f9:17:a7:2d:f9:60:31:8a:df:c3:af:6b:42:
5d:8f:cb:14:19:d9:ac:35:a4:4f:e0:c9:b5:a4:71:
15:71:a4:f2:93:0f:19:ae:2d:90:36:71:c8:27:b9:
69:68:9d:59:bf:d1:63:bf:12:ae:8d:3e:65:f9:de:
7e:5e:53:46:a7:27:3e:9a:7b:3d:91:cf:c7:6f:a4:
5f:a3:2f:74:f5:3b:92:2e:54:8a:bb:2e:07:79:e1:
4b:28:19:0d:13:5e:df:ea:01:e3:25:b7:59:96:52:
31:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:49:DE:3C:61:0A:A6:7B:65:4A:0A:8C:39:CD:2D:4F:23:F0:9F:B3
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/UknePGEKpntlSgqMOc0tTyPwn7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.110.0/24
82.153.246.0/24
89.213.131.0-89.213.132.255
89.213.191.0/24
109.176.253.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:d4:4a:83:28:ea:99:52:48:30:b8:8d:8c:45:eb:59:26:ee:
fa:ed:52:ca:fd:99:d7:22:51:67:6c:2a:c1:8e:3e:76:62:a7:
d0:68:61:2d:a6:b1:bd:a9:58:9f:72:a4:ec:51:70:15:c6:6d:
e7:b9:74:5d:35:f8:0b:99:54:48:55:c9:ed:a6:63:e0:ef:b1:
ac:9c:de:e5:b3:d6:fe:bf:b3:1e:9a:5d:aa:c5:3d:b7:db:d5:
ec:21:91:7d:04:3b:2f:03:b8:e9:0a:94:51:79:a1:db:f9:ab:
c6:ed:d0:41:fd:68:2d:97:fb:b4:75:fb:08:1b:27:dc:35:25:
c4:4a:92:31:24:ad:1b:52:d6:00:e9:17:c1:6c:b2:23:02:94:
6d:54:24:7b:8c:3d:7a:b5:ab:d3:76:db:2e:6b:d3:07:53:22:
ba:bc:45:2c:0e:a9:d6:f2:d5:67:56:e4:5e:e7:e2:1a:31:85:
16:06:3b:e1:e2:32:7a:42:96:c1:9a:ed:2c:7a:3b:0c:1d:44:
c1:f6:f4:0d:1f:58:e2:6c:17:4c:b6:10:b4:97:7d:65:54:9e:
f2:66:9f:29:47:0a:eb:9d:b6:73:1b:6d:fa:d6:6d:31:92:77:
d9:af:52:fe:e6:3a:73:e5:fe:aa:f4:bd:96:da:e9:46:f3:7d:
01:d1:ee:18
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYmSJo5u6RTds9gQNkwOcp2uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzI2MTIyMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjQ5ZGUzYzYxMGFhNjdiNjU0YTBhOGMzOWNkMmQ0ZjIzZjA5ZmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWp3wAEpxvta8l8wNY3B9bPFELH2
mj1KJCB2kBUiNyCv11ULLemWc/BeS9gtt1J2WdEzqUt9kKKaYG5YuwkBXFxCjTjg
1RTArrHW7dFEhyy7QlUFOD4gjlLHEFVihTh8ULHY1ht5uIHgeiVZX5Rg1OGrUgxY
MPLtXZf5au43ML9+hyWTCXmosDmEk0ml2k2BiZMhCmhqOfkXpy35YDGK38Ova0Jd
j8sUGdmsNaRP4Mm1pHEVcaTykw8Zri2QNnHIJ7lpaJ1Zv9FjvxKujT5l+d5+XlNG
pyc+mns9kc/Hb6Rfoy909TuSLlSKuy4HeeFLKBkNE17f6gHjJbdZllIxFQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFFJJ3jxhCqZ7ZUoKjDnNLU8j8J+zMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvVWtuZVBHRUtwbnRsU2dxTU9jMHRUeVB3bjdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAUphuAwQA
Upn2MAwDBABZ1YMDBABZ1YQDBABZ1b8DBABtsP0wDQYJKoZIhvcNAQELBQADggEB
AKPUSoMo6plSSDC4jYxF61km7vrtUsr9mdciUWdsKsGOPnZip9BoYS2msb2pWJ9y
pOxRcBXGbee5dF01+AuZVEhVye2mY+Dvsayc3uWz1v6/sx6aXarFPbfb1ewhkX0E
Oy8DuOkKlFF5odv5q8bt0EH9aC2X+7R1+wgbJ9w1JcRKkjEkrRtS1gDpF8FssiMC
lG1UJHuMPXq1q9N22y5r0wdTIrq8RSwOqdby1WdW5F7n4hoxhRYGO+HiMnpClsGa
7Sx6OwwdRMH29A0fWOJsF0y2ELSXfWVUnvJmnylHCuudtnMbbfrWbTGSd9mvUv7m
OnPl/qr0vZba6UbzfQHR7hg=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:32:47 2025 by rpki-client