Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/5b6b06-9af6-4026-b47c-4e85897f309c/1/uXAwg9YHjomQzJujH5WOwHKlscA.roa
File: uXAwg9YHjomQzJujH5WOwHKlscA.roa (raw, json)
Hash identifier: Ukgr42Bta8xsIE2EwHn4+uYp++ElroPU88C5tynNfZY=
Subject key identifier: B9:70:30:83:D6:07:8E:89:90:CC:9B:A3:1F:95:8E:C0:72:A5:B1:C0
Certificate issuer: /CN=7b48945b9d716cd47fbde2860d8100fcda987496
Certificate serial: 018BED0F8E2C141EA041F3B4CC33BA816A3D
Authority key identifier: 7B:48:94:5B:9D:71:6C:D4:7F:BD:E2:86:0D:81:00:FC:DA:98:74:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e0iUW51xbNR_veKGDYEA_NqYdJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/5b6b06-9af6-4026-b47c-4e85897f309c/1/uXAwg9YHjomQzJujH5WOwHKlscA.roa
Signing time: Mon 20 Nov 2023 14:08:21 +0000
ROA not before: Mon 20 Nov 2023 14:08:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 196763
IP address blocks: 5.22.144.0/24 maxlen: 24
5.22.148.0/22 maxlen: 22
109.234.104.0/21 maxlen: 21
185.33.180.0/22 maxlen: 22
78.109.56.0/21 maxlen: 21
2a00:18e0:7::/48 maxlen: 48
2a00:18e0::/48 maxlen: 48
2a00:18e0:6::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ed:0f:8e:2c:14:1e:a0:41:f3:b4:cc:33:ba:81:6a:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b48945b9d716cd47fbde2860d8100fcda987496
Validity
Not Before: Nov 20 14:08:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b9703083d6078e8990cc9ba31f958ec072a5b1c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:c3:5a:0c:c8:45:b7:3e:cf:a7:fb:e0:f1:23:
a5:a7:15:c3:89:e5:ae:41:25:8f:88:e3:20:c0:55:
27:d3:91:1a:f0:ed:a7:3a:b5:39:5f:19:22:d1:6f:
37:29:5b:fa:4b:06:fb:99:cd:21:bf:c6:58:13:e5:
99:b6:f2:5d:74:7e:bd:53:36:44:ae:d7:18:b8:60:
5c:80:dd:d3:55:6e:df:0a:6f:dd:db:f0:d8:44:ca:
c4:3e:c4:f1:1e:9a:60:38:1b:72:1c:95:22:53:59:
16:b6:c3:52:ac:86:07:ae:dc:f3:fa:11:92:87:06:
ae:1d:e8:6e:49:25:f9:a1:fc:cc:df:eb:1e:38:a6:
b5:08:32:96:d7:e6:7a:68:5c:24:1b:a0:48:48:82:
31:c2:ce:0f:cd:26:72:49:aa:59:ba:15:87:6a:73:
a8:67:e3:ba:86:b8:a3:d8:22:8d:dd:6f:de:7f:17:
de:71:29:66:bc:1d:c9:d2:53:95:46:49:38:3f:a6:
df:13:eb:31:97:a1:7d:fa:c3:e9:12:70:84:2b:29:
8a:e2:3f:98:b4:93:1c:90:92:f5:9f:fc:02:33:73:
19:71:09:4d:de:51:ae:c1:24:84:e5:1b:02:a7:51:
d6:a2:ac:f3:0f:fd:2c:ad:d6:2c:b0:16:be:ba:15:
a4:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:70:30:83:D6:07:8E:89:90:CC:9B:A3:1F:95:8E:C0:72:A5:B1:C0
X509v3 Authority Key Identifier:
keyid:7B:48:94:5B:9D:71:6C:D4:7F:BD:E2:86:0D:81:00:FC:DA:98:74:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0iUW51xbNR_veKGDYEA_NqYdJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/5b6b06-9af6-4026-b47c-4e85897f309c/1/uXAwg9YHjomQzJujH5WOwHKlscA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/5b6b06-9af6-4026-b47c-4e85897f309c/1/e0iUW51xbNR_veKGDYEA_NqYdJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.144.0/24
5.22.148.0/22
78.109.56.0/21
109.234.104.0/21
185.33.180.0/22
IPv6:
2a00:18e0::/48
2a00:18e0:6::/47
Signature Algorithm: sha256WithRSAEncryption
2e:97:0b:01:c1:8b:e6:fa:ac:19:80:f7:57:69:c7:46:c6:cd:
80:12:ac:10:4c:52:3c:3a:54:47:71:86:8c:af:1e:c0:05:55:
0e:a0:7c:a5:a7:84:d2:0c:96:69:9b:d4:6a:94:97:26:c9:bd:
9a:22:03:47:c5:04:7c:d1:5a:97:a8:46:28:d2:53:e5:35:85:
67:8f:bc:56:b2:f1:ae:f4:fc:58:b5:c9:a9:8e:e6:6c:e4:7b:
27:ea:83:d3:ee:38:00:a5:d0:9a:54:94:0b:e4:a8:dd:b6:a1:
16:e2:ef:99:40:9d:52:d8:44:13:3a:45:59:8b:36:32:81:e1:
1c:bf:68:00:27:6c:1f:81:6c:72:c0:69:c5:92:6f:a4:c1:66:
95:45:47:30:1b:ce:a5:2d:73:83:11:b4:be:72:23:90:b3:42:
12:37:a4:87:dc:18:d6:9f:a2:d6:7d:67:96:6a:42:4f:10:41:
2a:3f:24:af:2d:a1:93:22:5f:17:63:7e:6c:4a:13:58:06:e3:
e2:7b:f6:c3:de:74:94:20:93:d4:1c:a8:c7:b4:7a:68:23:9d:
b3:c5:f0:b5:3c:1a:95:36:ef:aa:8a:70:c6:db:db:f6:a4:2a:
a9:27:31:c5:ea:0c:5b:3f:10:34:9c:a6:28:fa:71:45:b7:be:
82:55:3c:65
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYvtD44sFB6gQfO0zDO6gWo9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNDg5NDViOWQ3MTZjZDQ3ZmJkZTI4NjBkODEwMGZjZGE5
ODc0OTYwHhcNMjMxMTIwMTQwODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTcwMzA4M2Q2MDc4ZTg5OTBjYzliYTMxZjk1OGVjMDcyYTViMWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnMNaDMhFtz7Pp/vg8SOlpxXDieWu
QSWPiOMgwFUn05Ea8O2nOrU5Xxki0W83KVv6Swb7mc0hv8ZYE+WZtvJddH69UzZE
rtcYuGBcgN3TVW7fCm/d2/DYRMrEPsTxHppgOBtyHJUiU1kWtsNSrIYHrtzz+hGS
hwauHehuSSX5ofzM3+seOKa1CDKW1+Z6aFwkG6BISIIxws4PzSZySapZuhWHanOo
Z+O6hrij2CKN3W/efxfecSlmvB3J0lOVRkk4P6bfE+sxl6F9+sPpEnCEKymK4j+Y
tJMckJL1n/wCM3MZcQlN3lGuwSSE5RsCp1HWoqzzD/0srdYssBa+uhWkkQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFLlwMIPWB46JkMybox+VjsBypbHAMB8GA1UdIwQY
MBaAFHtIlFudcWzUf73ihg2BAPzamHSWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTBpVVc1MXhiTlJfdmVLR0RZRUFfTnFZZEpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS81YjZiMDYtOWFmNi00MDI2LWI0N2Mt
NGU4NTg5N2YzMDljLzEvdVhBd2c5WUhqb21Rekp1akg1V093SEtsc2NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS81YjZiMDYtOWFmNi00MDI2LWI0N2MtNGU4NTg5N2YzMDlj
LzEvZTBpVVc1MXhiTlJfdmVLR0RZRUFfTnFZZEpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAkBAIAATAeAwQABRaQAwQC
BRaUAwQDTm04AwQDbepoAwQCuSG0MBgEAgACMBIDBwAqABjgAAADBwEqABjgAAYw
DQYJKoZIhvcNAQELBQADggEBAC6XCwHBi+b6rBmA91dpx0bGzYASrBBMUjw6VEdx
hoyvHsAFVQ6gfKWnhNIMlmmb1GqUlybJvZoiA0fFBHzRWpeoRijSU+U1hWePvFay
8a70/Fi1yamO5mzkeyfqg9PuOACl0JpUlAvkqN22oRbi75lAnVLYRBM6RVmLNjKB
4Ry/aAAnbB+BbHLAacWSb6TBZpVFRzAbzqUtc4MRtL5yI5CzQhI3pIfcGNafotZ9
Z5ZqQk8QQSo/JK8toZMiXxdjfmxKE1gG4+J79sPedJQgk9QcqMe0emgjnbPF8LU8
GpU276qKcMbb2/akKqknMcXqDFs/EDScpij6cUW3voJVPGU=
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:36:43 2025 by rpki-client