Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/UKQS4rQOzf2mIP5-b2CBT07UHyA.roa
File: UKQS4rQOzf2mIP5-b2CBT07UHyA.roa (raw, json)
Hash identifier: e0NHR0iw5+QPDnMmviHvq9Dp2WOKAItt97Sfl8o9SQI=
Subject key identifier: 50:A4:12:E2:B4:0E:CD:FD:A6:20:FE:7E:6F:60:81:4F:4E:D4:1F:20
Certificate issuer: /CN=affa13f1ae053916280ec68ee1b0976f9ebd3ea8
Certificate serial: 058D6064
Authority key identifier: AF:FA:13:F1:AE:05:39:16:28:0E:C6:8E:E1:B0:97:6F:9E:BD:3E:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r_oT8a4FORYoDsaO4bCXb569Pqg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/UKQS4rQOzf2mIP5-b2CBT07UHyA.roa
Signing time: Sun 06 Mar 2022 17:44:50 +0000
ROA not before: Sun 06 Mar 2022 17:44:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50386
IP address blocks: 77.73.128.0/24 maxlen: 24
77.73.129.0/24 maxlen: 24
77.73.130.0/24 maxlen: 24
77.73.131.0/24 maxlen: 24
77.73.132.0/24 maxlen: 24
77.73.134.0/24 maxlen: 24
77.73.135.0/24 maxlen: 24
77.73.133.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93151332 (0x58d6064)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=affa13f1ae053916280ec68ee1b0976f9ebd3ea8
Validity
Not Before: Mar 6 17:44:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=50a412e2b40ecdfda620fe7e6f60814f4ed41f20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:03:69:66:1f:3b:b2:44:15:58:52:b7:6f:67:
d2:c1:05:22:3b:94:51:de:ea:30:44:be:68:dd:a5:
78:be:ce:af:95:f5:e6:43:bb:1a:c8:da:9f:57:c1:
69:0b:60:d8:3b:04:3f:0d:b5:2c:fd:48:76:ee:48:
bc:39:c2:93:5d:dd:d0:ff:7a:b9:42:25:35:49:fe:
65:0c:aa:8a:f3:a5:84:a6:fb:3b:11:64:00:28:73:
af:73:7e:cb:ca:87:56:42:d0:13:98:9d:62:53:ba:
ac:97:55:e1:6d:9e:ed:55:55:48:e7:79:1d:aa:a5:
9c:dd:b7:ca:e2:43:53:3b:fe:99:1d:d4:d1:69:7c:
ef:81:1c:eb:27:d8:c7:24:d1:8f:ed:e2:10:96:1c:
d7:2a:bb:36:a2:4f:91:1b:24:11:32:b4:d8:93:32:
ad:dd:16:38:bb:4f:1a:e2:c6:79:8d:05:1b:76:5e:
06:eb:5e:35:3b:d3:92:16:ff:48:40:d5:95:48:73:
ee:1c:15:c4:d6:55:c8:8b:f4:c7:79:eb:10:de:87:
72:3f:ec:a9:43:d6:31:88:37:c3:55:d0:a9:7b:d7:
c3:68:db:df:45:9c:6e:30:52:55:c0:57:72:db:71:
85:c5:fc:f3:78:6a:07:50:a6:70:21:bd:a7:e2:17:
8c:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:A4:12:E2:B4:0E:CD:FD:A6:20:FE:7E:6F:60:81:4F:4E:D4:1F:20
X509v3 Authority Key Identifier:
keyid:AF:FA:13:F1:AE:05:39:16:28:0E:C6:8E:E1:B0:97:6F:9E:BD:3E:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_oT8a4FORYoDsaO4bCXb569Pqg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/UKQS4rQOzf2mIP5-b2CBT07UHyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/r_oT8a4FORYoDsaO4bCXb569Pqg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.73.128.0/21
Signature Algorithm: sha256WithRSAEncryption
46:7e:64:42:29:70:b1:c4:b8:32:bd:04:c4:73:f9:f2:c9:88:
f8:20:7e:18:fb:86:98:cc:62:37:e3:de:05:55:78:fc:e9:61:
e5:27:f7:fa:d3:d0:30:22:52:7c:e7:a3:50:04:d5:74:dc:f3:
34:fe:17:3c:1e:ae:29:a9:51:45:90:d4:bd:77:50:e4:0a:76:
28:b3:02:e6:5e:99:dd:43:b3:c4:a4:65:76:96:d6:ca:2b:da:
23:92:0c:52:f0:04:b7:da:36:e2:9a:34:9f:62:9d:9f:79:e5:
12:68:1f:8c:4a:40:41:62:b4:9f:33:6e:1c:7a:ea:c1:7f:c4:
c9:88:e3:c6:77:55:dc:f2:ba:eb:5c:1a:19:cc:26:f9:88:e9:
22:91:77:d7:0f:cd:ef:82:0f:44:e9:16:4d:75:6b:68:b0:f7:
54:ee:3d:6f:6c:c3:41:31:9b:65:33:ce:27:5c:be:1f:1f:c0:
5a:20:9f:60:62:be:c2:44:69:df:4e:c0:6b:95:e6:7c:bf:ca:
07:45:88:bb:ed:b4:84:a1:67:9b:5d:9f:f9:98:b2:da:0d:65:
86:5f:2e:43:8e:83:5a:bd:6e:94:39:8e:4b:8b:39:6a:e9:be:
91:7c:23:75:c7:08:7b:77:40:51:d2:81:08:23:14:b6:c8:77:
4d:d0:41:dc
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBY1gZDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZmZhMTNmMWFlMDUzOTE2MjgwZWM2OGVlMWIwOTc2ZjllYmQzZWE4MB4XDTIyMDMw
NjE3NDQ1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTBhNDEyZTJiNDBl
Y2RmZGE2MjBmZTdlNmY2MDgxNGY0ZWQ0MWYyMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMkDaWYfO7JEFVhSt29n0sEFIjuUUd7qMES+aN2leL7Or5X1
5kO7Gsjan1fBaQtg2DsEPw21LP1Idu5IvDnCk13d0P96uUIlNUn+ZQyqivOlhKb7
OxFkAChzr3N+y8qHVkLQE5idYlO6rJdV4W2e7VVVSOd5HaqlnN23yuJDUzv+mR3U
0Wl874Ec6yfYxyTRj+3iEJYc1yq7NqJPkRskETK02JMyrd0WOLtPGuLGeY0FG3Ze
ButeNTvTkhb/SEDVlUhz7hwVxNZVyIv0x3nrEN6Hcj/sqUPWMYg3w1XQqXvXw2jb
30WcbjBSVcBXcttxhcX883hqB1CmcCG9p+IXjCMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRQpBLitA7N/aYg/n5vYIFPTtQfIDAfBgNVHSMEGDAWgBSv+hPxrgU5FigO
xo7hsJdvnr0+qDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3Jfb1Q4YTRGT1JZb0RzYU80YkNYYjU2OVBxZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTkvYTNjMGE0LTMxOTEtNGU1MS04ZDgwLTQ3OGMyYzhjYjJhMC8x
L1VLUVM0clFPemYybUlQNS1iMkNCVDA3VUh5QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTkv
YTNjMGE0LTMxOTEtNGU1MS04ZDgwLTQ3OGMyYzhjYjJhMC8xL3Jfb1Q4YTRGT1JZ
b0RzYU80YkNYYjU2OVBxZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA01JgDANBgkqhkiG9w0BAQsFAAOC
AQEARn5kQilwscS4Mr0ExHP58smI+CB+GPuGmMxiN+PeBVV4/Olh5Sf3+tPQMCJS
fOejUATVdNzzNP4XPB6uKalRRZDUvXdQ5Ap2KLMC5l6Z3UOzxKRldpbWyivaI5IM
UvAEt9o24po0n2Kdn3nlEmgfjEpAQWK0nzNuHHrqwX/EyYjjxndV3PK661waGcwm
+YjpIpF31w/N74IPROkWTXVraLD3VO49b2zDQTGbZTPOJ1y+Hx/AWiCfYGK+wkRp
307Aa5XmfL/KB0WIu+20hKFnm12f+Ziy2g1lhl8uQ46DWr1ulDmOS4s5aum+kXwj
dccIe3dAUdKBCCMUtsh3TdBB3A==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:39:12 2025 by rpki-client