Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/UkNxGUIwkOUFs8tlls1zYUouMwQ.roa
File: UkNxGUIwkOUFs8tlls1zYUouMwQ.roa (raw, json)
Hash identifier: K1/geCn/hEODFW9mpfgOmeBao5bwN6krmm5viHDiPkw=
Subject key identifier: 52:43:71:19:42:30:90:E5:05:B3:CB:65:96:CD:73:61:4A:2E:33:04
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0185437F137FD0D4D56D1F4D36B765473A9E
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/UkNxGUIwkOUFs8tlls1zYUouMwQ.roa
Signing time: Sat 24 Dec 2022 09:37:59 +0000
ROA not before: Sat 24 Dec 2022 09:37:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48806
IP address blocks: 91.217.236.0/24 maxlen: 24
185.228.225.0/24 maxlen: 24
89.31.216.0/24 maxlen: 24
37.46.149.0/24 maxlen: 24
193.84.132.0/24 maxlen: 24
185.244.137.0/24 maxlen: 24
185.239.241.0/24 maxlen: 24
185.245.5.0/24 maxlen: 24
185.245.7.0/24 maxlen: 24
193.218.32.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:43:7f:13:7f:d0:d4:d5:6d:1f:4d:36:b7:65:47:3a:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Dec 24 09:37:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=52437119423090e505b3cb6596cd73614a2e3304
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:1d:c3:f3:5b:12:07:5a:e7:19:8d:96:4a:aa:
50:14:18:40:13:09:2b:ea:8a:bf:72:6b:ae:51:66:
80:75:88:2b:92:b9:3e:d2:94:67:a5:3b:73:71:53:
a6:ec:75:31:35:c9:ff:71:14:97:29:00:17:7f:5b:
a7:61:5c:9a:5f:4d:be:44:c0:a8:a9:90:2b:9f:7a:
c5:3a:d7:fa:43:6b:d3:83:88:bc:95:f5:35:9b:11:
f8:a4:b0:a1:26:60:f7:ff:e6:bb:df:f3:83:6f:c6:
00:e7:3b:51:2b:12:97:09:05:ab:0d:a9:7e:b6:00:
dd:bc:71:5a:cd:17:6d:3c:3b:4e:92:b4:72:24:f9:
d0:21:db:7d:04:13:56:ad:7a:f8:c7:01:1a:df:3d:
3d:ec:bd:42:00:fe:73:af:c5:28:03:47:e2:ae:0b:
7e:e2:62:1a:1b:48:c2:0f:1f:6a:0a:76:cc:de:ca:
0c:c8:30:29:16:fe:7d:db:9d:6a:0a:9f:5c:4c:c7:
ca:1e:a1:1b:4a:3f:5c:49:84:3f:12:55:f9:23:1f:
e5:85:62:65:cd:ef:25:90:88:87:24:61:3b:dc:ed:
46:7d:fa:7c:61:93:6c:2c:00:4a:ba:47:48:56:24:
24:a3:2e:cb:54:e7:cd:ba:f5:8c:46:e1:1f:14:a6:
39:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:43:71:19:42:30:90:E5:05:B3:CB:65:96:CD:73:61:4A:2E:33:04
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/UkNxGUIwkOUFs8tlls1zYUouMwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.149.0/24
89.31.216.0/24
91.217.236.0/24
185.228.225.0/24
185.239.241.0/24
185.244.137.0/24
185.245.5.0/24
185.245.7.0/24
193.84.132.0/24
193.218.32.0/24
Signature Algorithm: sha256WithRSAEncryption
50:a7:a4:46:21:b3:f8:41:b5:29:b9:2a:7a:2f:20:8f:4f:66:
8c:4f:d8:52:45:47:b4:90:ee:66:26:12:6d:f7:55:e4:3f:e3:
fb:b7:bd:05:8d:ba:c4:26:d7:1f:37:78:ad:25:bd:00:e2:8d:
00:25:75:0e:d6:b7:c7:af:cd:2b:2e:29:15:79:f4:bd:1c:64:
0b:b9:ed:06:fd:61:c4:e5:06:75:78:fa:4d:e4:76:82:20:76:
2d:9e:4d:87:1a:ea:90:db:70:88:31:87:25:8a:b3:71:9f:5f:
1d:73:5f:e7:af:44:2a:9b:ce:d9:f7:93:46:bb:30:a8:e6:05:
cb:ba:bf:8a:6e:08:43:d6:2c:b1:a0:45:3a:3f:a4:75:43:d9:
eb:a1:e1:3e:7d:af:38:92:e4:48:d1:34:49:42:34:f6:82:52:
63:7f:6d:91:04:36:a9:bd:ed:4c:26:e4:ea:bd:c3:4e:09:1f:
ab:25:f2:dc:57:19:27:52:8d:8c:b2:f7:2e:42:80:6f:c1:b0:
f7:09:67:cc:33:bf:b4:b6:55:2b:50:52:67:88:db:11:40:37:
d4:97:ff:79:1c:8a:f2:2b:d7:02:fb:4e:73:21:18:78:43:99:
3f:98:41:70:5f:91:e6:83:57:d5:60:cf:62:91:53:b5:7d:b6:
5b:53:d3:c6
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYVDfxN/0NTVbR9NNrdlRzqeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjIxMjI0MDkzNzU5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjQzNzExOTQyMzA5MGU1MDViM2NiNjU5NmNkNzM2MTRhMmUzMzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArB3D81sSB1rnGY2WSqpQFBhAEwkr
6oq/cmuuUWaAdYgrkrk+0pRnpTtzcVOm7HUxNcn/cRSXKQAXf1unYVyaX02+RMCo
qZArn3rFOtf6Q2vTg4i8lfU1mxH4pLChJmD3/+a73/ODb8YA5ztRKxKXCQWrDal+
tgDdvHFazRdtPDtOkrRyJPnQIdt9BBNWrXr4xwEa3z097L1CAP5zr8UoA0firgt+
4mIaG0jCDx9qCnbM3soMyDApFv59251qCp9cTMfKHqEbSj9cSYQ/ElX5Ix/lhWJl
ze8lkIiHJGE73O1Gffp8YZNsLABKukdIViQkoy7LVOfNuvWMRuEfFKY5+wIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFFJDcRlCMJDlBbPLZZbNc2FKLjMEMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvVWtOeEdVSXdrT1VGczh0bGxzMXpZVW91TXdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAJS6VAwQA
WR/YAwQAW9nsAwQAueThAwQAue/xAwQAufSJAwQAufUFAwQAufUHAwQAwVSEAwQA
wdogMA0GCSqGSIb3DQEBCwUAA4IBAQBQp6RGIbP4QbUpuSp6LyCPT2aMT9hSRUe0
kO5mJhJt91XkP+P7t70FjbrEJtcfN3itJb0A4o0AJXUO1rfHr80rLikVefS9HGQL
ue0G/WHE5QZ1ePpN5HaCIHYtnk2HGuqQ23CIMYclirNxn18dc1/nr0Qqm87Z95NG
uzCo5gXLur+KbghD1iyxoEU6P6R1Q9nroeE+fa84kuRI0TRJQjT2glJjf22RBDap
ve1MJuTqvcNOCR+rJfLcVxknUo2MsvcuQoBvwbD3CWfMM7+0tlUrUFJniNsRQDfU
l/95HIryK9cC+05zIRh4Q5k/mEFwX5Hmg1fVYM9ikVO1fbZbU9PG
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:55 2023 by rpki-client on console-ams.rpki-client.org