Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/UfGLKcGfrByCya65FWNsQeEUTFM.roa
File: UfGLKcGfrByCya65FWNsQeEUTFM.roa (raw, json)
Hash identifier: XxzpjykYbTiU0iPG8ZCVqtQA+3MGs0K90SRussOj/FE=
Subject key identifier: 51:F1:8B:29:C1:9F:AC:1C:82:C9:AE:B9:15:63:6C:41:E1:14:4C:53
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 0184F976C22E6C657E0F3E64C6B4E5AE6D67
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/UfGLKcGfrByCya65FWNsQeEUTFM.roa
Signing time: Sat 10 Dec 2022 00:37:00 +0000
ROA not before: Sat 10 Dec 2022 00:37:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 94.241.136.0/21 maxlen: 24
91.186.200.0/22 maxlen: 24
91.186.214.0/23 maxlen: 24
94.241.168.0/21 maxlen: 24
94.241.176.0/21 maxlen: 24
83.147.216.0/23 maxlen: 24
178.253.31.0/24 maxlen: 24
83.147.222.0/23 maxlen: 24
83.147.232.0/22 maxlen: 24
178.253.52.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f9:76:c2:2e:6c:65:7e:0f:3e:64:c6:b4:e5:ae:6d:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Dec 10 00:37:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=51f18b29c19fac1c82c9aeb915636c41e1144c53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:77:47:0d:23:fe:a8:a6:ad:b0:db:68:71:75:
44:ed:c1:71:22:17:f5:59:32:11:04:d2:ca:eb:86:
8f:85:1d:14:3c:06:d0:6b:c6:f0:50:63:e0:35:53:
73:38:19:9b:ee:05:ec:b9:36:1d:0c:2a:7a:cd:3c:
80:35:28:c2:36:64:4d:67:5e:00:49:07:01:3c:d6:
2b:2a:18:50:50:c0:49:23:61:ad:31:90:38:10:d9:
1d:88:6e:a3:a2:ca:b6:e9:a6:e3:e6:d1:25:94:0c:
84:a6:eb:12:ca:15:74:93:12:c2:30:ca:68:b9:46:
0d:ea:41:00:e8:e4:40:86:a7:b4:20:05:da:c1:6b:
93:bd:36:04:a7:1c:a4:a0:e8:bf:77:03:c7:06:ea:
b5:d4:20:ca:ab:4d:8f:ed:f2:21:22:80:69:a8:bc:
65:42:de:b0:d2:e4:8d:21:47:fa:c2:63:d8:b5:18:
ac:41:15:34:25:39:83:93:44:db:a4:03:a4:2d:6d:
44:3d:e8:c9:85:0e:43:59:b5:eb:db:7c:19:25:32:
eb:d6:25:cd:0c:a3:43:55:e8:ed:51:d5:c5:ce:6a:
a0:2d:8b:aa:9e:6d:b5:29:b5:58:af:31:9a:5a:3f:
d6:57:59:33:b5:e3:0c:b2:c6:0d:19:26:b7:09:08:
f7:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:F1:8B:29:C1:9F:AC:1C:82:C9:AE:B9:15:63:6C:41:E1:14:4C:53
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/UfGLKcGfrByCya65FWNsQeEUTFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.216.0/23
83.147.222.0/23
83.147.232.0/22
91.186.200.0/22
91.186.214.0/23
94.241.136.0/21
94.241.168.0-94.241.183.255
178.253.31.0/24
178.253.52.0/23
Signature Algorithm: sha256WithRSAEncryption
9d:68:c6:86:68:ff:14:d0:31:fe:59:8d:4a:7f:cb:c9:1c:66:
55:8c:fd:52:ac:12:b2:a6:1a:2d:1b:12:f9:1d:47:f0:48:96:
2d:35:b4:f8:9b:e2:62:ee:74:5f:ca:86:1f:ce:58:12:7f:1f:
d9:3b:8f:ea:5c:d0:e3:28:b7:a5:2d:31:5c:fa:00:fb:d7:cb:
4b:3a:c7:35:86:69:0d:37:3f:f9:c4:d3:42:e0:72:03:2a:e6:
2d:7a:46:05:b3:db:6e:f0:a6:8c:3e:d4:e8:6a:8a:ed:22:0e:
fe:89:d3:ee:50:d9:9a:1c:d1:07:15:d2:e1:58:22:70:0e:c1:
e9:87:42:f6:de:e6:08:59:d2:59:73:1b:0c:3a:5f:c5:cc:42:
d1:d1:06:71:09:f6:48:75:18:68:9e:38:ab:51:84:6d:16:8e:
7c:07:99:af:3a:cd:7b:2a:46:0a:44:2f:11:15:4b:2e:e5:98:
3b:cd:c2:01:b6:01:43:d4:36:23:c3:81:8b:b3:72:d6:d6:45:
ec:28:47:6b:c6:e9:19:ef:4d:44:a3:31:7c:24:91:86:d1:f0:
82:dc:a6:07:9a:b5:16:5c:c4:d6:c7:13:ea:f3:2f:7c:d4:73:
47:b0:ed:7c:af:41:de:48:78:3c:83:f2:77:98:be:12:ea:e9:
91:ed:71:73
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYT5dsIubGV+Dz5kxrTlrm1nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjIxMjEwMDAzNzAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWYxOGIyOWMxOWZhYzFjODJjOWFlYjkxNTYzNmM0MWUxMTQ0YzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ndHDSP+qKatsNtocXVE7cFxIhf1
WTIRBNLK64aPhR0UPAbQa8bwUGPgNVNzOBmb7gXsuTYdDCp6zTyANSjCNmRNZ14A
SQcBPNYrKhhQUMBJI2GtMZA4ENkdiG6josq26abj5tEllAyEpusSyhV0kxLCMMpo
uUYN6kEA6ORAhqe0IAXawWuTvTYEpxykoOi/dwPHBuq11CDKq02P7fIhIoBpqLxl
Qt6w0uSNIUf6wmPYtRisQRU0JTmDk0TbpAOkLW1EPejJhQ5DWbXr23wZJTLr1iXN
DKNDVejtUdXFzmqgLYuqnm21KbVYrzGaWj/WV1kzteMMssYNGSa3CQj3ywIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFFHxiynBn6wcgsmuuRVjbEHhFExTMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvVWZHTEtjR2ZyQnlDeWE2NUZXTnNRZUVVVEZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQBU5PYAwQB
U5PeAwQCU5PoAwQCW7rIAwQBW7rWAwQDXvGIMAwDBANe8agDBANe8bADBACy/R8D
BAGy/TQwDQYJKoZIhvcNAQELBQADggEBAJ1oxoZo/xTQMf5ZjUp/y8kcZlWM/VKs
ErKmGi0bEvkdR/BIli01tPib4mLudF/Khh/OWBJ/H9k7j+pc0OMot6UtMVz6APvX
y0s6xzWGaQ03P/nE00LgcgMq5i16RgWz227wpow+1Ohqiu0iDv6J0+5Q2Zoc0QcV
0uFYInAOwemHQvbe5ghZ0llzGww6X8XMQtHRBnEJ9kh1GGieOKtRhG0WjnwHma86
zXsqRgpELxEVSy7lmDvNwgG2AUPUNiPDgYuzctbWRewoR2vG6RnvTUSjMXwkkYbR
8ILcpgeatRZcxNbHE+rzL3zUc0ew7XyvQd5IeDyD8neYvhLq6ZHtcXM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:19 2024 by rpki-client on console-ams.rpki-client.org