Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/243b53-4b94-4244-a8ec-7c549f1ed16c/1/UtCjBlVuxwD7aiuPA4EXqMV2iQA.roa
File: UtCjBlVuxwD7aiuPA4EXqMV2iQA.roa (raw, json)
Hash identifier: v0Zn9VeElo4li9+r50U7FyVf3R6ZZNIWE1+/qY+WswM=
Subject key identifier: 52:D0:A3:06:55:6E:C7:00:FB:6A:2B:8F:03:81:17:A8:C5:76:89:00
Certificate issuer: /CN=bca0ec59564324237420d506b9b498d752ee2168
Certificate serial: 1C29AB02
Authority key identifier: BC:A0:EC:59:56:43:24:23:74:20:D5:06:B9:B4:98:D7:52:EE:21:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vKDsWVZDJCN0INUGubSY11LuIWg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/243b53-4b94-4244-a8ec-7c549f1ed16c/1/UtCjBlVuxwD7aiuPA4EXqMV2iQA.roa
Signing time: Sat 01 Jan 2022 03:02:26 +0000
ROA not before: Sat 01 Jan 2022 03:02:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29169
IP address blocks: 46.226.104.0/21 maxlen: 32
213.167.228.0/22 maxlen: 24
217.70.176.0/20 maxlen: 32
185.26.124.0/22 maxlen: 32
213.167.240.0/20 maxlen: 24
2001:4b98::/32 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 472492802 (0x1c29ab02)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bca0ec59564324237420d506b9b498d752ee2168
Validity
Not Before: Jan 1 03:02:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=52d0a306556ec700fb6a2b8f038117a8c5768900
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:07:48:ea:53:42:d8:5b:a0:e0:fa:f7:79:8d:
6b:ee:ff:01:50:ac:3a:e6:74:70:2b:c5:1f:29:78:
c9:2b:d0:6f:70:14:6e:8e:00:59:fd:6b:29:bf:a4:
25:d6:36:88:70:f3:bf:fa:50:c4:da:51:c7:9a:f2:
61:da:76:a7:f7:40:27:2d:67:17:02:f9:34:ea:a2:
f1:de:5e:43:22:86:0e:a8:f4:ea:5d:5c:33:9b:96:
c2:23:69:1f:95:c2:b0:84:ee:48:d8:25:b8:be:09:
d3:0b:3c:76:42:48:ad:df:c0:28:38:c9:ea:ea:60:
d3:a3:0a:4a:b8:a3:18:0b:44:7e:c0:db:2d:dd:66:
63:0e:46:bf:cb:7e:e5:c3:ac:12:07:63:b6:5a:14:
a4:b7:59:92:16:15:f5:17:5e:d2:2d:23:d4:b8:89:
dd:67:55:41:8f:d0:74:f9:11:ec:70:50:38:4d:a6:
83:5c:ff:71:e9:75:43:c8:1c:71:94:81:5c:aa:e9:
c3:5d:bb:ab:56:0c:dc:62:52:a5:c6:63:d9:d5:1c:
3c:af:1e:74:32:0c:a4:2f:82:3c:38:4b:af:cb:43:
bc:b5:70:15:ac:9d:48:8c:19:ff:51:98:48:94:48:
ef:0d:e8:e5:c4:a7:77:b2:da:09:4e:2b:83:5c:9a:
0c:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:D0:A3:06:55:6E:C7:00:FB:6A:2B:8F:03:81:17:A8:C5:76:89:00
X509v3 Authority Key Identifier:
keyid:BC:A0:EC:59:56:43:24:23:74:20:D5:06:B9:B4:98:D7:52:EE:21:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vKDsWVZDJCN0INUGubSY11LuIWg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/243b53-4b94-4244-a8ec-7c549f1ed16c/1/UtCjBlVuxwD7aiuPA4EXqMV2iQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/243b53-4b94-4244-a8ec-7c549f1ed16c/1/vKDsWVZDJCN0INUGubSY11LuIWg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.104.0/21
185.26.124.0/22
213.167.228.0/22
213.167.240.0/20
217.70.176.0/20
IPv6:
2001:4b98::/32
Signature Algorithm: sha256WithRSAEncryption
7a:6d:78:9b:cd:f7:5e:9b:45:6b:60:fb:fc:3a:e0:ad:39:56:
80:bb:8a:46:c0:40:77:32:50:bd:75:ae:a9:0e:62:5e:93:27:
63:77:b2:2d:a3:d7:6a:60:96:5f:d2:39:07:bd:f6:5f:a0:8c:
7a:e0:1e:c1:1f:9a:62:c0:1a:67:6b:29:e6:fa:d0:20:bf:57:
48:60:8f:48:1a:29:d1:7d:6f:38:a6:3e:28:76:af:d6:67:da:
f2:29:4a:88:38:8b:0a:df:ee:e9:af:20:3a:ee:f0:e3:1e:36:
bd:0e:64:ba:50:a1:41:ea:b3:aa:62:45:3f:39:00:74:5c:1d:
40:12:d4:cc:79:3a:0f:64:32:5f:86:0b:ac:d0:53:63:8e:e2:
fb:ba:47:25:45:ee:49:f8:7b:c3:c0:51:1d:cc:5c:3c:06:6f:
88:99:b3:6f:2d:a2:f6:1a:73:83:84:b1:72:56:57:09:81:6d:
3d:4b:3e:5e:52:c4:e0:a4:18:4c:76:73:e8:1c:77:f6:1c:e8:
00:2d:7a:78:58:76:7c:8d:c1:59:b0:86:92:c4:21:f2:10:35:
f0:e9:a7:61:1c:b6:b5:26:ec:f6:67:3b:f5:a6:38:97:23:68:
0c:76:fe:c4:51:25:1b:e5:57:d0:fc:d4:5b:51:ad:fd:6e:e8:
e4:35:9a:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEHCmrAjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
Y2EwZWM1OTU2NDMyNDIzNzQyMGQ1MDZiOWI0OThkNzUyZWUyMTY4MB4XDTIyMDEw
MTAzMDIyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTJkMGEzMDY1NTZl
YzcwMGZiNmEyYjhmMDM4MTE3YThjNTc2ODkwMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK4HSOpTQthboOD693mNa+7/AVCsOuZ0cCvFHyl4ySvQb3AU
bo4AWf1rKb+kJdY2iHDzv/pQxNpRx5ryYdp2p/dAJy1nFwL5NOqi8d5eQyKGDqj0
6l1cM5uWwiNpH5XCsITuSNgluL4J0ws8dkJIrd/AKDjJ6upg06MKSrijGAtEfsDb
Ld1mYw5Gv8t+5cOsEgdjtloUpLdZkhYV9Rde0i0j1LiJ3WdVQY/QdPkR7HBQOE2m
g1z/cel1Q8gccZSBXKrpw127q1YM3GJSpcZj2dUcPK8edDIMpC+CPDhLr8tDvLVw
FaydSIwZ/1GYSJRI7w3o5cSnd7LaCU4rg1yaDJ8CAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBRS0KMGVW7HAPtqK48DgReoxXaJADAfBgNVHSMEGDAWgBS8oOxZVkMkI3Qg
1Qa5tJjXUu4haDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZLRHNXVlpESkNOMElOVUd1YlNZMTFMdUlXZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTIvMjQzYjUzLTRiOTQtNDI0NC1hOGVjLTdjNTQ5ZjFlZDE2Yy8x
L1V0Q2pCbFZ1eHdEN2FpdVBBNEVYcU1WMmlRQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTIv
MjQzYjUzLTRiOTQtNDI0NC1hOGVjLTdjNTQ5ZjFlZDE2Yy8xL3ZLRHNXVlpESkNO
MElOVUd1YlNZMTFMdUlXZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAy7iaAMEArkafAMEAtWn5AMEBNWn
8AMEBNlGsDANBAIAAjAHAwUAIAFLmDANBgkqhkiG9w0BAQsFAAOCAQEAem14m833
XptFa2D7/DrgrTlWgLuKRsBAdzJQvXWuqQ5iXpMnY3eyLaPXamCWX9I5B732X6CM
euAewR+aYsAaZ2sp5vrQIL9XSGCPSBop0X1vOKY+KHav1mfa8ilKiDiLCt/u6a8g
Ou7w4x42vQ5kulChQeqzqmJFPzkAdFwdQBLUzHk6D2QyX4YLrNBTY47i+7pHJUXu
Sfh7w8BRHcxcPAZviJmzby2i9hpzg4SxclZXCYFtPUs+XlLE4KQYTHZz6Bx39hzo
AC16eFh2fI3BWbCGksQh8hA18OmnYRy2tSbs9mc79aY4lyNoDHb+xFElG+VX0PzU
W1Gt/W7o5DWavQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:26 2024 by rpki-client on console-fra.rpki-client.org