Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/b2e350-af90-4f9b-8fbf-500c7c45f419/1/UjBDUKUWyRZDq2UoD9XAJNnCg5s.roa
File: UjBDUKUWyRZDq2UoD9XAJNnCg5s.roa (raw, json)
Hash identifier: 57x9H2GOPcWZOp4xzEKgjnz4CW4Dt2YTiWgpgekGV10=
Subject key identifier: 52:30:43:50:A5:16:C9:16:43:AB:65:28:0F:D5:C0:24:D9:C2:83:9B
Certificate issuer: /CN=8c7f251ac1190c9dedc8e5be085d54387f401a37
Certificate serial: 018571957E23B1055E7F3EB7FCAAE4A3C51B
Authority key identifier: 8C:7F:25:1A:C1:19:0C:9D:ED:C8:E5:BE:08:5D:54:38:7F:40:1A:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jH8lGsEZDJ3tyOW-CF1UOH9AGjc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/b2e350-af90-4f9b-8fbf-500c7c45f419/1/UjBDUKUWyRZDq2UoD9XAJNnCg5s.roa
Signing time: Mon 02 Jan 2023 08:25:00 +0000
ROA not before: Mon 02 Jan 2023 08:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60171
IP address blocks: 185.10.165.0/24 maxlen: 24
185.10.166.0/24 maxlen: 24
185.10.164.0/22 maxlen: 24
185.10.167.0/24 maxlen: 24
185.35.140.0/22 maxlen: 22
2a00:dd60::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:7e:23:b1:05:5e:7f:3e:b7:fc:aa:e4:a3:c5:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c7f251ac1190c9dedc8e5be085d54387f401a37
Validity
Not Before: Jan 2 08:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52304350a516c91643ab65280fd5c024d9c2839b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:22:bf:94:3b:a6:52:1d:b5:be:4a:f2:c2:a1:
b8:19:b2:b4:76:4c:62:98:0f:30:32:fe:2c:e0:98:
a8:36:43:e4:c1:8f:f7:e2:f2:1f:6c:9a:cb:9e:17:
2a:04:b0:5d:67:9c:c1:be:20:73:c6:25:d9:6b:07:
fb:7a:07:d6:fe:1d:69:1c:b3:71:d3:45:c9:36:ed:
40:10:3a:e9:87:14:0b:5a:11:be:90:13:b4:e4:d8:
8c:d7:5d:1e:48:45:7a:d3:30:82:87:79:4d:93:15:
0f:20:76:88:4c:4a:93:41:db:29:a2:d6:da:5f:6a:
a4:c8:20:b4:11:06:6c:74:bd:1b:8d:61:80:02:00:
f2:c5:c3:1b:c1:99:ed:fc:48:4b:c0:a8:20:25:e5:
cb:2d:9b:3d:ad:23:82:df:a4:90:d7:53:89:3a:66:
2b:09:b5:f2:ef:c3:42:f9:d5:fb:13:71:ce:d5:51:
4d:c7:57:15:52:a5:a2:7e:34:7d:d6:eb:65:3d:05:
31:c9:a6:d7:24:4e:5a:f5:93:cd:c9:ce:b5:12:3a:
e0:60:ed:61:7d:3c:91:87:c0:81:21:b5:c7:ff:1d:
1c:c3:23:e6:59:12:5e:95:49:32:a0:1b:19:19:88:
5d:25:c3:0b:37:05:a8:8e:a3:79:34:59:88:e8:dd:
05:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:30:43:50:A5:16:C9:16:43:AB:65:28:0F:D5:C0:24:D9:C2:83:9B
X509v3 Authority Key Identifier:
keyid:8C:7F:25:1A:C1:19:0C:9D:ED:C8:E5:BE:08:5D:54:38:7F:40:1A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jH8lGsEZDJ3tyOW-CF1UOH9AGjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/b2e350-af90-4f9b-8fbf-500c7c45f419/1/UjBDUKUWyRZDq2UoD9XAJNnCg5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/b2e350-af90-4f9b-8fbf-500c7c45f419/1/jH8lGsEZDJ3tyOW-CF1UOH9AGjc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.10.164.0/22
185.35.140.0/22
IPv6:
2a00:dd60::/32
Signature Algorithm: sha256WithRSAEncryption
67:92:58:b8:27:3e:28:29:7a:88:4a:33:7e:ce:d2:a3:52:f8:
fb:e2:a0:e7:f9:a6:57:ec:34:50:c3:da:4b:fc:0d:75:d1:8b:
3a:58:63:9a:e2:f2:a5:6e:b3:80:c3:d0:6e:e7:39:42:8c:8d:
4b:3e:9a:e1:aa:2c:da:1f:c9:a8:f4:d2:bc:87:73:48:b2:af:
00:68:46:d7:f8:fd:d7:0f:23:c0:62:18:b8:28:80:4c:6f:9f:
4f:3a:ec:ae:73:eb:f0:50:c1:dd:cd:af:d3:f5:f6:c9:74:48:
1e:09:63:aa:2f:95:7a:e6:4f:e8:8b:54:88:ef:e5:64:90:b9:
ea:7b:32:c8:fb:a0:39:76:be:19:a3:d3:f9:4b:c1:d5:f7:1c:
44:ab:a5:e3:40:69:9a:9c:8c:8e:9c:90:37:69:c3:d3:dd:be:
b2:e6:2e:ec:8f:07:6a:2e:cd:6c:a0:a5:02:1f:ce:df:66:cb:
8f:44:9a:fb:17:07:4e:2f:10:a9:7f:6e:bc:04:bc:a8:03:13:
30:a8:c1:a0:5f:43:01:32:d8:a0:14:4d:f2:86:69:46:db:11:
62:92:d6:be:63:f8:d0:16:a0:bf:bc:18:11:a8:2a:89:b5:36:
b4:35:9a:09:4b:5f:e1:1d:26:47:69:b2:4c:7a:ee:02:75:db:
eb:17:55:f3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVxlX4jsQVefz63/Krko8UbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjN2YyNTFhYzExOTBjOWRlZGM4ZTViZTA4NWQ1NDM4N2Y0
MDFhMzcwHhcNMjMwMTAyMDgyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjMwNDM1MGE1MTZjOTE2NDNhYjY1MjgwZmQ1YzAyNGQ5YzI4MzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgyK/lDumUh21vkrywqG4GbK0dkxi
mA8wMv4s4JioNkPkwY/34vIfbJrLnhcqBLBdZ5zBviBzxiXZawf7egfW/h1pHLNx
00XJNu1AEDrphxQLWhG+kBO05NiM110eSEV60zCCh3lNkxUPIHaITEqTQdspotba
X2qkyCC0EQZsdL0bjWGAAgDyxcMbwZnt/EhLwKggJeXLLZs9rSOC36SQ11OJOmYr
CbXy78NC+dX7E3HO1VFNx1cVUqWifjR91utlPQUxyabXJE5a9ZPNyc61EjrgYO1h
fTyRh8CBIbXH/x0cwyPmWRJelUkyoBsZGYhdJcMLNwWojqN5NFmI6N0FDQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFIwQ1ClFskWQ6tlKA/VwCTZwoObMB8GA1UdIwQY
MBaAFIx/JRrBGQyd7cjlvghdVDh/QBo3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakg4bEdzRVpESjN0eU9XLUNGMVVPSDlBR2pjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9iMmUzNTAtYWY5MC00ZjliLThmYmYt
NTAwYzdjNDVmNDE5LzEvVWpCRFVLVVd5UlpEcTJVb0Q5WEFKTm5DZzVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9iMmUzNTAtYWY5MC00ZjliLThmYmYtNTAwYzdjNDVmNDE5
LzEvakg4bEdzRVpESjN0eU9XLUNGMVVPSDlBR2pjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuQqkAwQC
uSOMMA0EAgACMAcDBQAqAN1gMA0GCSqGSIb3DQEBCwUAA4IBAQBnkli4Jz4oKXqI
SjN+ztKjUvj74qDn+aZX7DRQw9pL/A110Ys6WGOa4vKlbrOAw9Bu5zlCjI1LPprh
qizaH8mo9NK8h3NIsq8AaEbX+P3XDyPAYhi4KIBMb59POuyuc+vwUMHdza/T9fbJ
dEgeCWOqL5V65k/oi1SI7+VkkLnqezLI+6A5dr4Zo9P5S8HV9xxEq6XjQGmanIyO
nJA3acPT3b6y5i7sjwdqLs1soKUCH87fZsuPRJr7FwdOLxCpf268BLyoAxMwqMGg
X0MBMtigFE3yhmlG2xFikta+Y/jQFqC/vBgRqCqJtTa0NZoJS1/hHSZHabJMeu4C
ddvrF1Xz
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:49:08 2025 by rpki-client