Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/pUKfjzYJprVJxJ5narmRfm7i8FM.roa
File: pUKfjzYJprVJxJ5narmRfm7i8FM.roa (raw, json)
Hash identifier: OsMOKvjmry03PZbDeaEyIB0P0pKTI0NICdjXJSzNSso=
Subject key identifier: A5:42:9F:8F:36:09:A6:B5:49:C4:9E:67:6A:B9:91:7E:6E:E2:F0:53
Certificate issuer: /CN=3af7710df8add64bb9688e0f4581bea67e402c66
Certificate serial: 01839D06C061DE34C5E52E8E1F32EA0502CC
Authority key identifier: 3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/pUKfjzYJprVJxJ5narmRfm7i8FM.roa
Signing time: Mon 03 Oct 2022 08:46:48 +0000
ROA not before: Mon 03 Oct 2022 08:46:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6898
IP address blocks: 31.44.32.0/20 maxlen: 20
193.221.216.0/23 maxlen: 23
31.44.46.0/23 maxlen: 23
46.21.16.0/23 maxlen: 23
46.21.18.0/23 maxlen: 23
46.21.31.0/24 maxlen: 24
46.21.29.0/24 maxlen: 24
193.222.104.0/23 maxlen: 24
185.155.176.0/22 maxlen: 22
185.155.184.0/23 maxlen: 23
77.220.64.0/19 maxlen: 19
2a00:bd00::/32 maxlen: 32
2a0f:e880::/29 maxlen: 29
2a02:210::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:9d:06:c0:61:de:34:c5:e5:2e:8e:1f:32:ea:05:02:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af7710df8add64bb9688e0f4581bea67e402c66
Validity
Not Before: Oct 3 08:46:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a5429f8f3609a6b549c49e676ab9917e6ee2f053
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:62:6a:02:e7:c8:03:2e:71:92:ac:ab:fa:fa:
26:32:cb:9f:85:1e:8d:c5:e3:b5:d4:72:50:93:6b:
25:f4:c2:e1:af:4c:63:cb:05:59:8d:04:9e:94:f8:
33:cb:c0:84:8a:51:b6:bc:5c:04:e2:ab:13:7e:de:
97:69:36:fb:d2:89:76:5a:41:33:8f:12:23:cb:3f:
19:64:a4:0b:9c:07:16:26:14:94:40:c2:8b:84:e9:
28:da:fc:3e:58:2e:98:0e:8c:00:cd:88:6d:74:9b:
9f:18:dc:39:fa:72:e3:cb:3d:75:04:fa:1e:4f:82:
87:20:0a:ea:bc:1c:1d:01:b0:8d:1f:93:4c:ad:52:
f3:71:b8:e1:8a:07:b5:c6:dd:9a:ca:81:84:76:7a:
fa:06:bd:33:a2:43:ee:0c:5a:0f:d6:b1:48:f9:36:
1c:cd:34:99:9a:6d:31:de:92:3a:83:69:b0:78:83:
d8:8b:01:a8:56:1d:c7:33:76:4e:0f:37:61:b4:ea:
33:18:9a:8d:29:2f:fb:56:4b:58:21:1b:4c:8f:59:
0a:5d:a1:32:f4:bf:10:ca:fb:20:65:b1:49:41:9f:
1d:1f:c6:a5:be:ae:62:55:13:37:9b:a3:3b:c6:e1:
67:57:a1:58:9b:e1:b4:7b:32:66:7a:c8:31:87:a6:
f9:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:42:9F:8F:36:09:A6:B5:49:C4:9E:67:6A:B9:91:7E:6E:E2:F0:53
X509v3 Authority Key Identifier:
keyid:3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/pUKfjzYJprVJxJ5narmRfm7i8FM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/OvdxDfit1ku5aI4PRYG-pn5ALGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.32.0/20
46.21.16.0/22
46.21.29.0/24
46.21.31.0/24
77.220.64.0/19
185.155.176.0/22
185.155.184.0/23
193.221.216.0/23
193.222.104.0/23
IPv6:
2a00:bd00::/32
2a02:210::/32
2a0f:e880::/29
Signature Algorithm: sha256WithRSAEncryption
a4:a9:9b:bd:0c:2e:1c:12:8b:d5:e6:f5:68:82:ef:ff:37:7c:
f7:ac:1a:04:df:e9:d7:96:fd:04:16:a4:e5:17:33:dc:d2:2a:
61:6b:90:17:a6:1e:eb:3d:43:e6:0b:db:bd:c8:4d:b8:87:fc:
f4:36:ab:df:91:98:ed:59:28:31:7b:93:cc:66:c7:75:39:5b:
4e:b4:28:37:ed:de:85:4a:11:de:1f:b7:11:12:79:22:58:28:
42:98:69:c7:5a:f5:15:eb:fa:d5:1f:1a:d6:3b:ea:ae:3b:06:
c9:aa:41:32:3f:71:94:5d:05:94:ee:a1:db:c0:43:d4:0b:a7:
97:a0:e0:2b:25:48:78:95:12:a4:92:ea:7f:06:c7:eb:fa:a7:
ac:3a:8d:3e:68:34:35:f8:b1:7e:ca:d3:15:10:3c:28:6d:f5:
b1:5a:8f:6b:8d:92:c1:b3:f0:8f:f3:17:cb:1b:13:7a:c3:5e:
dd:a0:76:4a:5e:df:3a:ee:b8:ed:d2:f0:5c:65:bc:ef:b1:0e:
ef:25:3c:9f:37:b6:9c:b5:63:e1:56:26:e7:04:ec:dd:c5:05:
69:73:98:df:95:d3:38:28:45:d5:d0:57:a4:69:3a:89:e9:86:
87:43:93:c3:c8:b0:54:82:ab:d7:60:b7:a4:6f:67:cf:cc:9c:
e8:25:73:64
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAYOdBsBh3jTF5S6OHzLqBQLMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjc3MTBkZjhhZGQ2NGJiOTY4OGUwZjQ1ODFiZWE2N2U0
MDJjNjYwHhcNMjIxMDAzMDg0NjQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTQyOWY4ZjM2MDlhNmI1NDljNDllNjc2YWI5OTE3ZTZlZTJmMDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWJqAufIAy5xkqyr+vomMsufhR6N
xeO11HJQk2sl9MLhr0xjywVZjQSelPgzy8CEilG2vFwE4qsTft6XaTb70ol2WkEz
jxIjyz8ZZKQLnAcWJhSUQMKLhOko2vw+WC6YDowAzYhtdJufGNw5+nLjyz11BPoe
T4KHIArqvBwdAbCNH5NMrVLzcbjhige1xt2ayoGEdnr6Br0zokPuDFoP1rFI+TYc
zTSZmm0x3pI6g2mweIPYiwGoVh3HM3ZODzdhtOozGJqNKS/7VktYIRtMj1kKXaEy
9L8QyvsgZbFJQZ8dH8alvq5iVRM3m6M7xuFnV6FYm+G0ezJmesgxh6b5KQIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFKVCn482Caa1ScSeZ2q5kX5u4vBTMB8GA1UdIwQY
MBaAFDr3cQ34rdZLuWiOD0WBvqZ+QCxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQt
ZWVjNDE2YTg4NmY3LzEvcFVLZmp6WUpwclZKeEo1bmFybVJmbTdpOEZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQtZWVjNDE2YTg4NmY3
LzEvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzA8BAIAATA2AwQEHywgAwQC
LhUQAwQALhUdAwQALhUfAwQFTdxAAwQCuZuwAwQBuZu4AwQBwd3YAwQBwd5oMBsE
AgACMBUDBQAqAL0AAwUAKgICEAMFAyoP6IAwDQYJKoZIhvcNAQELBQADggEBAKSp
m70MLhwSi9Xm9WiC7/83fPesGgTf6deW/QQWpOUXM9zSKmFrkBemHus9Q+YL273I
TbiH/PQ2q9+RmO1ZKDF7k8xmx3U5W060KDft3oVKEd4ftxESeSJYKEKYacda9RXr
+tUfGtY76q47BsmqQTI/cZRdBZTuodvAQ9QLp5eg4CslSHiVEqSS6n8Gx+v6p6w6
jT5oNDX4sX7K0xUQPCht9bFaj2uNksGz8I/zF8sbE3rDXt2gdkpe3zruuO3S8Fxl
vO+xDu8lPJ83tpy1Y+FWJucE7N3FBWlzmN+V0zgoRdXQV6RpOonphodDk8PIsFSC
q9dgt6RvZ8/MnOglc2Q=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:17 2025 by rpki-client