Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/6683f4-3eec-4dcb-8787-731abc6f75ca/1/Uq8yLdRI8DlmYk0pBJtZyZPhuJw.roa
File: Uq8yLdRI8DlmYk0pBJtZyZPhuJw.roa (raw, json)
Hash identifier: KVTk9fFkoa2WNEgYmhpn6RrelQ6ehjdtW3mIxmL1ROc=
Subject key identifier: 52:AF:32:2D:D4:48:F0:39:66:62:4D:29:04:9B:59:C9:93:E1:B8:9C
Certificate issuer: /CN=1795ac843cd8ba90188f7313652bb561299b296f
Certificate serial: 0AB0752A
Authority key identifier: 17:95:AC:84:3C:D8:BA:90:18:8F:73:13:65:2B:B5:61:29:9B:29:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F5WshDzYupAYj3MTZSu1YSmbKW8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/6683f4-3eec-4dcb-8787-731abc6f75ca/1/Uq8yLdRI8DlmYk0pBJtZyZPhuJw.roa
Signing time: Sat 01 Jan 2022 07:57:19 +0000
ROA not before: Sat 01 Jan 2022 07:57:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31313
IP address blocks: 213.177.16.0/21 maxlen: 32
213.177.24.0/21 maxlen: 32
93.113.29.0/24 maxlen: 32
89.42.116.0/23 maxlen: 32
193.151.28.0/22 maxlen: 32
89.35.192.0/24 maxlen: 32
213.177.0.0/21 maxlen: 32
86.105.108.0/22 maxlen: 32
213.177.8.0/21 maxlen: 32
193.169.21.0/24 maxlen: 32
89.41.56.0/23 maxlen: 32
89.43.190.0/23 maxlen: 32
195.242.244.0/22 maxlen: 32
89.200.246.0/23 maxlen: 32
89.200.247.0/24 maxlen: 32
86.105.216.0/22 maxlen: 32
2a00:5dc0::/29 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 179336490 (0xab0752a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1795ac843cd8ba90188f7313652bb561299b296f
Validity
Not Before: Jan 1 07:57:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=52af322dd448f03966624d29049b59c993e1b89c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:49:93:06:b9:28:e0:5f:d2:a3:47:3e:1f:07:
63:a2:88:82:9d:9d:1f:23:44:d0:9c:d6:49:c6:88:
56:85:b9:2b:0a:79:55:78:e5:ee:87:b1:4f:b3:7b:
7a:41:be:70:fa:b8:6c:0b:a7:c8:04:1f:da:9b:ae:
76:31:d3:03:c4:ef:2b:80:14:f2:a1:c8:c9:18:34:
6f:d9:1a:94:42:7f:a6:d2:d8:79:11:c3:a2:0a:c5:
7d:a9:8a:f5:b4:47:69:c8:b4:4c:94:d4:be:0a:25:
de:8c:0b:4c:1b:69:0d:c5:4e:ae:d9:bf:92:14:1c:
85:fe:b8:30:32:4b:b9:ce:8a:f0:10:53:91:82:9d:
d2:cb:52:83:77:03:fb:54:3d:fe:06:b3:af:11:77:
82:bf:4f:f3:11:a4:a9:1d:9a:31:44:3b:f5:e7:3c:
a5:b0:7f:db:f6:d6:30:e2:4f:35:5a:dd:bd:d8:3c:
11:8f:0b:0f:e6:35:5d:2d:be:ec:74:ed:68:20:ce:
7f:0a:12:ae:4a:46:7a:fc:4d:f0:8c:2e:b2:e1:97:
33:92:63:76:56:f5:4e:3a:7e:68:6f:d1:2b:ca:81:
cc:71:84:b7:b6:36:42:17:b9:29:57:ad:83:e7:2a:
82:b7:c2:4c:85:84:5e:bb:13:0a:a2:a4:9e:dc:ed:
9e:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:AF:32:2D:D4:48:F0:39:66:62:4D:29:04:9B:59:C9:93:E1:B8:9C
X509v3 Authority Key Identifier:
keyid:17:95:AC:84:3C:D8:BA:90:18:8F:73:13:65:2B:B5:61:29:9B:29:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F5WshDzYupAYj3MTZSu1YSmbKW8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/6683f4-3eec-4dcb-8787-731abc6f75ca/1/Uq8yLdRI8DlmYk0pBJtZyZPhuJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/6683f4-3eec-4dcb-8787-731abc6f75ca/1/F5WshDzYupAYj3MTZSu1YSmbKW8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.108.0/22
86.105.216.0/22
89.35.192.0/24
89.41.56.0/23
89.42.116.0/23
89.43.190.0/23
89.200.246.0/23
93.113.29.0/24
193.151.28.0/22
193.169.21.0/24
195.242.244.0/22
213.177.0.0/19
IPv6:
2a00:5dc0::/29
Signature Algorithm: sha256WithRSAEncryption
b0:ee:35:55:ef:95:da:84:9c:13:0e:11:6d:4e:87:a2:83:b9:
79:a9:81:27:ad:5c:c7:58:c8:f3:71:09:f4:49:23:76:4b:f3:
e6:ad:b5:46:04:55:79:03:48:d8:fa:3c:3e:dd:cd:af:6e:fb:
25:4f:f8:93:4c:9e:a1:26:08:19:3a:16:88:a5:af:4e:23:26:
25:52:e4:dc:8b:3b:ed:ed:c5:a8:0f:87:2e:78:77:a5:59:a5:
54:5a:ec:13:8b:ab:ee:47:bf:40:8a:71:0a:7b:08:df:6b:4b:
14:60:b0:fe:0e:a2:8d:18:4d:cc:d7:06:e3:c4:f9:88:34:e1:
03:47:2c:be:bc:72:1a:79:3f:8c:66:99:7f:68:43:81:8d:58:
cc:18:e0:b0:43:86:8f:e2:12:33:f3:10:fa:52:47:00:39:a8:
7a:55:aa:95:43:83:08:b3:c2:30:31:a3:d6:11:84:bd:3e:cd:
00:af:22:ad:e8:63:e7:25:09:6d:7b:7a:9d:96:e6:a0:7d:c6:
bc:09:9e:bd:7c:a0:cd:81:2a:1b:4d:61:6d:80:d9:7b:5f:c5:
4e:45:1e:12:f1:20:a3:1a:fa:30:90:7c:65:b2:20:e2:da:db:
68:dc:f7:3e:e5:a3:3a:2b:51:3c:f3:a3:db:f6:66:b7:67:cf:
53:bd:d3:42
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIECrB1KjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
Nzk1YWM4NDNjZDhiYTkwMTg4ZjczMTM2NTJiYjU2MTI5OWIyOTZmMB4XDTIyMDEw
MTA3NTcxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTJhZjMyMmRkNDQ4
ZjAzOTY2NjI0ZDI5MDQ5YjU5Yzk5M2UxYjg5YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL5Jkwa5KOBf0qNHPh8HY6KIgp2dHyNE0JzWScaIVoW5Kwp5
VXjl7oexT7N7ekG+cPq4bAunyAQf2puudjHTA8TvK4AU8qHIyRg0b9kalEJ/ptLY
eRHDogrFfamK9bRHaci0TJTUvgol3owLTBtpDcVOrtm/khQchf64MDJLuc6K8BBT
kYKd0stSg3cD+1Q9/gazrxF3gr9P8xGkqR2aMUQ79ec8pbB/2/bWMOJPNVrdvdg8
EY8LD+Y1XS2+7HTtaCDOfwoSrkpGevxN8IwusuGXM5Jjdlb1Tjp+aG/RK8qBzHGE
t7Y2Qhe5KVetg+cqgrfCTIWEXrsTCqKkntztnqUCAwEAAaOCAlowggJWMB0GA1Ud
DgQWBBRSrzIt1EjwOWZiTSkEm1nJk+G4nDAfBgNVHSMEGDAWgBQXlayEPNi6kBiP
cxNlK7VhKZspbzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0Y1V3NoRHpZdXBBWWozTVRaU3UxWVNtYktXOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGEvNjY4M2Y0LTNlZWMtNGRjYi04Nzg3LTczMWFiYzZmNzVjYS8x
L1VxOHlMZFJJOERsbVlrMHBCSnRaeVpQaHVKdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGEv
NjY4M2Y0LTNlZWMtNGRjYi04Nzg3LTczMWFiYzZmNzVjYS8xL0Y1V3NoRHpZdXBB
WWozTVRaU3UxWVNtYktXOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBw
BggrBgEFBQcBBwEB/wRhMF8wTgQCAAEwSAMEAlZpbAMEAlZp2AMEAFkjwAMEAVkp
OAMEAVkqdAMEAVkrvgMEAVnI9gMEAF1xHQMEAsGXHAMEAMGpFQMEAsPy9AMEBdWx
ADANBAIAAjAHAwUDKgBdwDANBgkqhkiG9w0BAQsFAAOCAQEAsO41Ve+V2oScEw4R
bU6HooO5eamBJ61cx1jI83EJ9Ekjdkvz5q21RgRVeQNI2Po8Pt3Nr277JU/4k0ye
oSYIGToWiKWvTiMmJVLk3Is77e3FqA+HLnh3pVmlVFrsE4ur7ke/QIpxCnsI32tL
FGCw/g6ijRhNzNcG48T5iDThA0csvrxyGnk/jGaZf2hDgY1YzBjgsEOGj+ISM/MQ
+lJHADmoelWqlUODCLPCMDGj1hGEvT7NAK8irehj5yUJbXt6nZbmoH3GvAmevXyg
zYEqG01hbYDZe1/FTkUeEvEgoxr6MJB8ZbIg4trbaNz3PuWjOitRPPOj2/Zmt2fP
U73TQg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:33 2024 by rpki-client on console-ams.rpki-client.org