Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/9fb171-11f4-4c5f-83e7-2ed1fde68516/1/U82w1iK4_NbhLLuiq2NwGeCUtX0.roa
File: U82w1iK4_NbhLLuiq2NwGeCUtX0.roa (raw, json)
Hash identifier: E5C2SnW5yVpOkg/WWqRUXHneVmdUhCG9ZY7EgoxHMMA=
Subject key identifier: 53:CD:B0:D6:22:B8:FC:D6:E1:2C:BB:A2:AB:63:70:19:E0:94:B5:7D
Certificate issuer: /CN=12449447ebdaf2d44a498b3dae525a2f5227f18a
Certificate serial: 01852C16BE87AC6D5DB9C1D1D38E388B4C5F
Authority key identifier: 12:44:94:47:EB:DA:F2:D4:4A:49:8B:3D:AE:52:5A:2F:52:27:F1:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EkSUR-va8tRKSYs9rlJaL1In8Yo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/9fb171-11f4-4c5f-83e7-2ed1fde68516/1/U82w1iK4_NbhLLuiq2NwGeCUtX0.roa
Signing time: Mon 19 Dec 2022 20:32:46 +0000
ROA not before: Mon 19 Dec 2022 20:32:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209138
IP address blocks: 185.167.104.0/22 maxlen: 22
185.167.104.0/24 maxlen: 24
185.167.105.0/24 maxlen: 24
185.167.106.0/24 maxlen: 24
185.167.107.0/24 maxlen: 24
2a0f:62c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2c:16:be:87:ac:6d:5d:b9:c1:d1:d3:8e:38:8b:4c:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12449447ebdaf2d44a498b3dae525a2f5227f18a
Validity
Not Before: Dec 19 20:32:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=53cdb0d622b8fcd6e12cbba2ab637019e094b57d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:24:11:7a:4b:8c:f5:5a:3f:ff:fb:cd:74:76:
f5:be:fc:0d:52:be:1d:3f:50:1c:14:04:d7:5b:9c:
45:a5:65:cb:17:58:49:8c:85:ac:d2:c8:ca:de:92:
3a:2a:0e:b2:6b:68:3f:31:43:c5:aa:d0:7a:3a:ed:
0a:d4:3f:e9:89:b8:27:2d:35:17:23:66:6d:da:47:
03:40:fb:38:fc:c3:17:a2:b4:3d:69:42:ac:a5:b7:
51:7a:ae:97:de:f4:84:c6:5b:bf:05:9c:e2:57:44:
d7:24:dc:5c:99:8f:5b:04:8c:ad:61:db:3c:a4:fd:
7e:36:21:e6:fe:90:17:fb:b5:b9:49:a9:25:b4:23:
e6:7b:b7:4b:b2:40:f4:47:c2:ab:2c:f8:9b:87:2d:
63:eb:80:37:d0:ae:33:e9:35:e2:82:f1:b8:c4:f1:
ca:ab:48:91:6c:75:84:b3:ae:bd:1c:fd:31:88:17:
ed:fb:47:86:df:b0:f3:5a:8c:b6:1e:c0:88:83:94:
2e:d9:e3:70:29:93:df:83:0c:bc:9b:2e:6b:6e:77:
7f:15:51:65:6f:4f:d8:9d:b4:ad:a2:e2:b6:be:4e:
ea:1b:6b:50:10:fd:46:76:48:d6:ea:78:38:d8:fc:
9d:28:d7:b2:5e:93:8a:c9:bf:5f:56:29:15:43:b6:
db:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:CD:B0:D6:22:B8:FC:D6:E1:2C:BB:A2:AB:63:70:19:E0:94:B5:7D
X509v3 Authority Key Identifier:
keyid:12:44:94:47:EB:DA:F2:D4:4A:49:8B:3D:AE:52:5A:2F:52:27:F1:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EkSUR-va8tRKSYs9rlJaL1In8Yo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/9fb171-11f4-4c5f-83e7-2ed1fde68516/1/U82w1iK4_NbhLLuiq2NwGeCUtX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/9fb171-11f4-4c5f-83e7-2ed1fde68516/1/EkSUR-va8tRKSYs9rlJaL1In8Yo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.167.104.0/22
IPv6:
2a0f:62c0::/29
Signature Algorithm: sha256WithRSAEncryption
18:16:68:8e:00:90:96:78:31:e2:4b:06:44:92:f9:a9:88:fa:
d5:83:f6:bc:75:44:ff:95:4e:47:3b:f7:05:91:71:41:94:54:
a9:b9:1d:93:f7:c5:aa:d8:d4:c5:ac:91:dc:81:51:42:fd:82:
e3:29:15:7a:24:ed:d9:36:7b:fd:11:fc:8a:5d:3c:fd:95:39:
ba:d1:92:88:64:2e:20:58:b7:32:50:8a:41:97:5d:2d:90:b3:
54:76:0c:28:ea:cf:e5:aa:2c:f8:b8:f1:77:b7:1f:eb:32:b0:
2d:2c:72:02:28:d6:d8:10:7e:e5:30:f7:03:96:d8:9c:71:c9:
88:8b:02:7c:76:67:80:d7:db:ee:38:02:55:0a:47:2a:ae:c7:
49:ac:9c:8b:f7:b8:07:19:08:13:42:cd:63:87:43:9d:d7:3d:
39:43:30:c3:3c:79:8b:d4:87:2e:24:f4:2e:a7:55:da:e6:b6:
88:36:60:f0:d5:5b:87:e8:5b:63:98:4b:85:ac:0f:3f:11:56:
56:a1:21:55:4f:d5:89:ff:01:0c:57:3e:3d:c0:2b:70:a3:cd:
38:5c:3d:6b:12:3b:5c:47:0e:1e:c0:c7:71:0e:91:b8:1f:6e:
bf:b3:35:c9:4b:40:0c:b3:f9:56:89:4c:f7:85:b4:a2:06:5d:
db:96:8d:b6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYUsFr6HrG1ducHR0444i0xfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyNDQ5NDQ3ZWJkYWYyZDQ0YTQ5OGIzZGFlNTI1YTJmNTIy
N2YxOGEwHhcNMjIxMjE5MjAzMjQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2NkYjBkNjIyYjhmY2Q2ZTEyY2JiYTJhYjYzNzAxOWUwOTRiNTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmyQRekuM9Vo///vNdHb1vvwNUr4d
P1AcFATXW5xFpWXLF1hJjIWs0sjK3pI6Kg6ya2g/MUPFqtB6Ou0K1D/pibgnLTUX
I2Zt2kcDQPs4/MMXorQ9aUKspbdReq6X3vSExlu/BZziV0TXJNxcmY9bBIytYds8
pP1+NiHm/pAX+7W5SakltCPme7dLskD0R8KrLPibhy1j64A30K4z6TXigvG4xPHK
q0iRbHWEs669HP0xiBft+0eG37DzWoy2HsCIg5Qu2eNwKZPfgwy8my5rbnd/FVFl
b0/YnbStouK2vk7qG2tQEP1GdkjW6ng42PydKNeyXpOKyb9fVikVQ7bbWQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFPNsNYiuPzW4Sy7oqtjcBnglLV9MB8GA1UdIwQY
MBaAFBJElEfr2vLUSkmLPa5SWi9SJ/GKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWtTVVItdmE4dFJLU1lzOXJsSmFMMUluOFlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy85ZmIxNzEtMTFmNC00YzVmLTgzZTct
MmVkMWZkZTY4NTE2LzEvVTgydzFpSzRfTmJoTEx1aXEyTndHZUNVdFgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy85ZmIxNzEtMTFmNC00YzVmLTgzZTctMmVkMWZkZTY4NTE2
LzEvRWtTVVItdmE4dFJLU1lzOXJsSmFMMUluOFlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuadoMA0E
AgACMAcDBQMqD2LAMA0GCSqGSIb3DQEBCwUAA4IBAQAYFmiOAJCWeDHiSwZEkvmp
iPrVg/a8dUT/lU5HO/cFkXFBlFSpuR2T98Wq2NTFrJHcgVFC/YLjKRV6JO3ZNnv9
EfyKXTz9lTm60ZKIZC4gWLcyUIpBl10tkLNUdgwo6s/lqiz4uPF3tx/rMrAtLHIC
KNbYEH7lMPcDlticccmIiwJ8dmeA19vuOAJVCkcqrsdJrJyL97gHGQgTQs1jh0Od
1z05QzDDPHmL1IcuJPQup1Xa5raINmDw1VuH6FtjmEuFrA8/EVZWoSFVT9WJ/wEM
Vz49wCtwo804XD1rEjtcRw4ewMdxDpG4H26/szXJS0AMs/lWiUz3hbSiBl3blo22
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:31 2024 by rpki-client on console-fra.rpki-client.org