Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/6e0ed3-eb01-44f7-8d54-39d9e0962440/1/QiTHmsWUVFnbAqvOIfblSZG8s4o.roa
File: QiTHmsWUVFnbAqvOIfblSZG8s4o.roa (raw, json)
Hash identifier: 7WyR7pZqYHKO6HqC0qXaukihSol/MXQvpsMJVjvbkxw=
Subject key identifier: 42:24:C7:9A:C5:94:54:59:DB:02:AB:CE:21:F6:E5:49:91:BC:B3:8A
Certificate issuer: /CN=b9c89cfadd51f4d921bb3d0c55f9313663a71cc4
Certificate serial: 01856D01B295D7CB243109C08FD68CA4D696
Authority key identifier: B9:C8:9C:FA:DD:51:F4:D9:21:BB:3D:0C:55:F9:31:36:63:A7:1C:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ucic-t1R9Nkhuz0MVfkxNmOnHMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/6e0ed3-eb01-44f7-8d54-39d9e0962440/1/QiTHmsWUVFnbAqvOIfblSZG8s4o.roa
Signing time: Sun 01 Jan 2023 11:05:05 +0000
ROA not before: Sun 01 Jan 2023 11:05:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203687
IP address blocks: 185.167.140.0/22 maxlen: 22
185.167.140.0/23 maxlen: 23
185.167.142.0/23 maxlen: 23
2a0b:6e00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:b2:95:d7:cb:24:31:09:c0:8f:d6:8c:a4:d6:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9c89cfadd51f4d921bb3d0c55f9313663a71cc4
Validity
Not Before: Jan 1 11:05:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4224c79ac5945459db02abce21f6e54991bcb38a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:bd:1d:51:21:ac:26:e3:8a:9a:ee:99:3c:af:
29:51:b6:be:2a:96:40:26:1c:fb:83:57:d3:9d:72:
e1:d7:54:90:0b:65:2e:fd:f5:e1:a3:cf:df:c7:03:
63:39:ad:91:8f:d9:59:57:42:a7:28:cd:3d:95:44:
56:20:9e:eb:40:84:a6:7f:2c:a7:9f:a2:c5:d1:e1:
28:e4:f2:8f:00:17:28:0b:25:45:d9:d9:67:25:3f:
fa:b9:5a:fc:f7:e3:5f:19:aa:84:af:e7:79:22:6f:
61:50:61:00:99:be:82:ba:7f:e7:9e:89:56:d6:e9:
b6:2f:68:e6:dd:37:5b:af:9c:77:ac:ac:15:0a:f6:
03:76:a8:bd:86:46:e7:82:59:99:4e:dd:7d:de:60:
75:d4:a7:42:3b:4d:e7:bf:ff:f9:8b:ea:e6:5b:82:
57:9c:79:04:4e:68:09:7f:9f:c0:72:d4:7a:fc:06:
98:0b:7f:5b:e5:26:47:80:0c:39:f7:79:90:44:f3:
f1:a6:c3:14:25:b1:e8:a7:d1:f6:06:db:10:3e:19:
50:2c:42:d2:80:f7:f4:34:6a:1e:d6:48:77:44:84:
e1:d2:77:60:f4:cc:10:ea:7a:63:43:8f:33:30:ea:
3f:e5:70:4a:ae:c4:fe:31:3f:f4:99:c8:2f:0d:ea:
7b:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:24:C7:9A:C5:94:54:59:DB:02:AB:CE:21:F6:E5:49:91:BC:B3:8A
X509v3 Authority Key Identifier:
keyid:B9:C8:9C:FA:DD:51:F4:D9:21:BB:3D:0C:55:F9:31:36:63:A7:1C:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ucic-t1R9Nkhuz0MVfkxNmOnHMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6e0ed3-eb01-44f7-8d54-39d9e0962440/1/QiTHmsWUVFnbAqvOIfblSZG8s4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6e0ed3-eb01-44f7-8d54-39d9e0962440/1/ucic-t1R9Nkhuz0MVfkxNmOnHMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.167.140.0/22
IPv6:
2a0b:6e00::/32
Signature Algorithm: sha256WithRSAEncryption
22:0c:26:a3:06:4a:4e:d1:2b:87:03:dc:d3:62:8e:d4:51:3d:
b3:9c:9f:ee:51:9b:b3:bb:c2:d5:24:2c:a3:b3:ba:08:ff:21:
56:68:ae:64:83:3f:a5:22:1a:32:00:95:a6:71:d3:d2:fb:dc:
53:72:95:7c:1d:88:20:47:40:06:eb:0b:78:12:ca:8a:2a:07:
ba:18:5a:fb:46:f8:29:0b:3e:14:9a:2f:5e:2d:a8:ee:ee:b1:
aa:60:b7:bc:c1:4f:49:1a:29:af:1a:10:6b:bf:c8:0c:6b:3c:
bb:f2:f0:de:d7:e8:79:5f:ff:77:8d:f3:89:17:9b:75:cc:fe:
95:6d:a2:da:ec:b5:ef:ac:9f:ba:1a:c4:b8:1d:86:87:dd:4a:
fd:9d:2c:ed:6d:e8:10:51:2d:3f:1b:e1:0b:fc:b5:33:82:92:
6c:59:36:5b:ae:3e:40:77:88:d2:61:c3:be:ad:65:88:0a:b6:
73:5d:68:26:6c:bc:1a:7f:78:a8:2a:d3:89:9c:64:19:04:6b:
1c:f2:dc:c6:05:5a:2c:de:80:12:8c:a5:22:cc:3a:aa:78:92:
15:9d:2f:44:e4:be:46:8e:47:31:2f:0a:1b:35:09:d2:7b:17:
6f:2f:4a:c8:f6:0d:e7:19:2c:85:df:97:5a:40:34:d7:82:02:
e2:b5:6f:6c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtAbKV18skMQnAj9aMpNaWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5Yzg5Y2ZhZGQ1MWY0ZDkyMWJiM2QwYzU1ZjkzMTM2NjNh
NzFjYzQwHhcNMjMwMTAxMTEwNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjI0Yzc5YWM1OTQ1NDU5ZGIwMmFiY2UyMWY2ZTU0OTkxYmNiMzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhb0dUSGsJuOKmu6ZPK8pUba+KpZA
Jhz7g1fTnXLh11SQC2Uu/fXho8/fxwNjOa2Rj9lZV0KnKM09lURWIJ7rQISmfyyn
n6LF0eEo5PKPABcoCyVF2dlnJT/6uVr89+NfGaqEr+d5Im9hUGEAmb6Cun/nnolW
1um2L2jm3Tdbr5x3rKwVCvYDdqi9hkbnglmZTt193mB11KdCO03nv//5i+rmW4JX
nHkETmgJf5/ActR6/AaYC39b5SZHgAw593mQRPPxpsMUJbHop9H2BtsQPhlQLELS
gPf0NGoe1kh3RITh0ndg9MwQ6npjQ48zMOo/5XBKrsT+MT/0mcgvDep7lwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEIkx5rFlFRZ2wKrziH25UmRvLOKMB8GA1UdIwQY
MBaAFLnInPrdUfTZIbs9DFX5MTZjpxzEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWNpYy10MVI5TmtodXowTVZma3hObU9uSE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi82ZTBlZDMtZWIwMS00NGY3LThkNTQt
MzlkOWUwOTYyNDQwLzEvUWlUSG1zV1VWRm5iQXF2T0lmYmxTWkc4czRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi82ZTBlZDMtZWIwMS00NGY3LThkNTQtMzlkOWUwOTYyNDQw
LzEvdWNpYy10MVI5TmtodXowTVZma3hObU9uSE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaeMMA0E
AgACMAcDBQAqC24AMA0GCSqGSIb3DQEBCwUAA4IBAQAiDCajBkpO0SuHA9zTYo7U
UT2znJ/uUZuzu8LVJCyjs7oI/yFWaK5kgz+lIhoyAJWmcdPS+9xTcpV8HYggR0AG
6wt4EsqKKge6GFr7RvgpCz4Umi9eLaju7rGqYLe8wU9JGimvGhBrv8gMazy78vDe
1+h5X/93jfOJF5t1zP6VbaLa7LXvrJ+6GsS4HYaH3Ur9nSztbegQUS0/G+EL/LUz
gpJsWTZbrj5Ad4jSYcO+rWWICrZzXWgmbLwaf3ioKtOJnGQZBGsc8tzGBVos3oAS
jKUizDqqeJIVnS9E5L5GjkcxLwobNQnSexdvL0rI9g3nGSyF35daQDTXggLitW9s
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:02 2025 by rpki-client