Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/2d5bc8-5d93-4b0a-a8b6-f8d65c983744/1/uFpGCg5tbYERaNXttp5P_59xHto.roa
File: uFpGCg5tbYERaNXttp5P_59xHto.roa (raw, json)
Hash identifier: yoeDQnpEmDsPztDoLTGz1YYYPSFs5Lyo254ISn7lYO8=
Subject key identifier: B8:5A:46:0A:0E:6D:6D:81:11:68:D5:ED:B6:9E:4F:FF:9F:71:1E:DA
Certificate issuer: /CN=de2e917315f0a878b21fc139d49a821aaddc3c97
Certificate serial: 11B80036
Authority key identifier: DE:2E:91:73:15:F0:A8:78:B2:1F:C1:39:D4:9A:82:1A:AD:DC:3C:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3i6RcxXwqHiyH8E51JqCGq3cPJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/2d5bc8-5d93-4b0a-a8b6-f8d65c983744/1/uFpGCg5tbYERaNXttp5P_59xHto.roa
Signing time: Sat 01 Jan 2022 08:02:20 +0000
ROA not before: Sat 01 Jan 2022 08:02:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39351
IP address blocks: 45.129.56.0/24 maxlen: 24
185.209.196.0/24 maxlen: 24
185.209.197.0/24 maxlen: 24
193.32.249.0/24 maxlen: 24
185.65.132.0/24 maxlen: 24
185.65.134.0/24 maxlen: 24
185.65.133.0/24 maxlen: 24
185.65.135.0/24 maxlen: 24
141.98.252.0/24 maxlen: 24
141.98.255.0/24 maxlen: 24
141.98.254.0/24 maxlen: 24
45.83.220.0/24 maxlen: 24
185.213.152.0/24 maxlen: 24
185.213.153.0/24 maxlen: 24
185.213.155.0/24 maxlen: 24
185.213.154.0/24 maxlen: 24
193.138.216.0/22 maxlen: 22
193.32.127.0/24 maxlen: 24
193.32.126.0/24 maxlen: 24
185.195.232.0/24 maxlen: 24
185.195.233.0/24 maxlen: 24
2a03:1b20:8::/48 maxlen: 48
2a03:1b20:3::/48 maxlen: 48
2a03:1b20:6::/48 maxlen: 48
2a03:1b20:1::/48 maxlen: 48
2a03:1b20:a::/48 maxlen: 48
2a03:1b20:5::/48 maxlen: 48
2a03:1b20:2::/48 maxlen: 48
2a03:1b20:7::/48 maxlen: 48
2a03:1b20:9::/48 maxlen: 48
2a03:1b20:4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 297271350 (0x11b80036)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de2e917315f0a878b21fc139d49a821aaddc3c97
Validity
Not Before: Jan 1 08:02:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b85a460a0e6d6d811168d5edb69e4fff9f711eda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:8f:01:4f:75:77:bb:1b:6f:1b:39:aa:97:ce:
45:88:34:07:e3:84:53:a6:9a:58:08:cc:32:a9:16:
4d:92:1e:8d:df:19:77:fa:b6:42:bc:c4:b8:a7:be:
2c:10:16:d8:5a:13:dd:71:ca:73:03:d5:ea:aa:b5:
5f:46:48:ca:7e:c0:28:78:bd:80:d4:5e:64:d9:f4:
e1:9c:be:a9:df:50:13:47:3a:36:46:ce:3a:79:3e:
a2:69:d5:7c:7d:bd:5d:12:00:ac:92:63:22:31:2f:
48:07:e4:7b:5a:9a:54:ab:d5:30:95:0e:70:a2:24:
d6:6c:92:79:bc:34:a1:56:29:aa:d2:5f:d3:f6:06:
14:3f:0b:eb:98:66:d9:08:66:19:64:51:d6:b8:86:
52:7d:42:1c:22:0a:e0:05:c3:2d:c6:b6:48:30:7f:
c8:cc:98:26:b3:d1:a3:38:a7:fd:0d:22:8e:32:3c:
31:45:c1:6c:fe:03:b5:d1:ca:bc:f7:1c:49:7a:f2:
2a:2e:50:cf:c7:a8:37:40:a2:ad:db:d7:aa:27:aa:
d6:68:31:70:5a:2d:bb:65:3e:01:80:50:e5:cd:3b:
e1:de:d0:95:bb:3e:68:17:7a:d5:43:ca:da:85:a9:
94:8d:37:90:c6:d5:1a:5c:c6:34:97:28:95:2e:ee:
9a:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:5A:46:0A:0E:6D:6D:81:11:68:D5:ED:B6:9E:4F:FF:9F:71:1E:DA
X509v3 Authority Key Identifier:
keyid:DE:2E:91:73:15:F0:A8:78:B2:1F:C1:39:D4:9A:82:1A:AD:DC:3C:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3i6RcxXwqHiyH8E51JqCGq3cPJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/2d5bc8-5d93-4b0a-a8b6-f8d65c983744/1/uFpGCg5tbYERaNXttp5P_59xHto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/2d5bc8-5d93-4b0a-a8b6-f8d65c983744/1/3i6RcxXwqHiyH8E51JqCGq3cPJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.220.0/24
45.129.56.0/24
141.98.252.0/24
141.98.254.0/23
185.65.132.0/22
185.195.232.0/23
185.209.196.0/23
185.213.152.0/22
193.32.126.0/23
193.32.249.0/24
193.138.216.0/22
IPv6:
2a03:1b20:1::-2a03:1b20:a:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
5e:80:a6:6f:f7:81:1c:37:ae:cf:25:b0:01:0e:07:bd:d9:85:
8f:34:7d:c0:28:29:6e:9c:25:3b:e2:df:95:a5:f2:a0:8c:e0:
7e:4f:bb:71:05:bb:e6:fc:5d:43:26:bd:e5:cf:5a:e9:6a:db:
60:73:b8:d1:5d:74:da:f3:17:c1:0b:ff:63:50:3f:0b:e1:74:
0c:93:29:32:96:e0:97:ae:6e:b4:3a:ef:c9:bb:65:94:18:00:
31:77:5a:e3:8e:e5:26:6d:7f:14:8c:12:24:06:20:30:49:a8:
ab:ef:09:b1:71:b8:80:cb:06:0c:8d:cd:e1:5d:5d:b7:6f:e0:
e8:ed:af:e1:40:95:f3:31:ad:68:c7:91:d9:45:0e:e7:8f:78:
99:f1:72:cf:80:8f:a9:46:83:69:c5:5a:b4:10:c4:72:40:0f:
b6:7c:b3:8f:39:0f:53:45:24:a1:05:14:85:58:ff:45:9b:43:
b0:6b:c2:41:43:08:ad:29:05:ae:dd:21:97:5c:f0:cb:7b:5a:
b4:b1:6b:1a:e8:43:5a:0b:88:a9:95:98:ad:34:eb:3c:9d:0b:
98:e3:85:c4:84:e6:a6:eb:30:94:f6:cb:94:69:d3:43:8c:24:
9a:56:7e:40:a6:b6:e9:96:8f:5c:fc:1f:fa:81:b3:6d:49:ed:
0e:39:6c:db
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIEEbgANjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZTJlOTE3MzE1ZjBhODc4YjIxZmMxMzlkNDlhODIxYWFkZGMzYzk3MB4XDTIyMDEw
MTA4MDIyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjg1YTQ2MGEwZTZk
NmQ4MTExNjhkNWVkYjY5ZTRmZmY5ZjcxMWVkYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIuPAU91d7sbbxs5qpfORYg0B+OEU6aaWAjMMqkWTZIejd8Z
d/q2QrzEuKe+LBAW2FoT3XHKcwPV6qq1X0ZIyn7AKHi9gNReZNn04Zy+qd9QE0c6
NkbOOnk+omnVfH29XRIArJJjIjEvSAfke1qaVKvVMJUOcKIk1mySebw0oVYpqtJf
0/YGFD8L65hm2QhmGWRR1riGUn1CHCIK4AXDLca2SDB/yMyYJrPRozin/Q0ijjI8
MUXBbP4DtdHKvPccSXryKi5Qz8eoN0CirdvXqieq1mgxcFotu2U+AYBQ5c074d7Q
lbs+aBd61UPK2oWplI03kMbVGlzGNJcolS7umhsCAwEAAaOCAmEwggJdMB0GA1Ud
DgQWBBS4WkYKDm1tgRFo1e22nk//n3Ee2jAfBgNVHSMEGDAWgBTeLpFzFfCoeLIf
wTnUmoIardw8lzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNpNlJjeFh3cUhpeUg4RTUxSnFDR3EzY1BKYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzcvMmQ1YmM4LTVkOTMtNGIwYS1hOGI2LWY4ZDY1Yzk4Mzc0NC8x
L3VGcEdDZzV0YllFUmFOWHR0cDVQXzU5eEh0by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzcv
MmQ1YmM4LTVkOTMtNGIwYS1hOGI2LWY4ZDY1Yzk4Mzc0NC8xLzNpNlJjeFh3cUhp
eUg4RTUxSnFDR3EzY1BKYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB3
BggrBgEFBQcBBwEB/wRoMGYwSAQCAAEwQgMEAC1T3AMEAC2BOAMEAI1i/AMEAY1i
/gMEArlBhAMEAbnD6AMEAbnRxAMEArnVmAMEAcEgfgMEAMEg+QMEAsGK2DAaBAIA
AjAUMBIDBwAqAxsgAAEDBwAqAxsgAAowDQYJKoZIhvcNAQELBQADggEBAF6Apm/3
gRw3rs8lsAEOB73ZhY80fcAoKW6cJTvi35Wl8qCM4H5Pu3EFu+b8XUMmveXPWulq
22BzuNFddNrzF8EL/2NQPwvhdAyTKTKW4JeubrQ678m7ZZQYADF3WuOO5SZtfxSM
EiQGIDBJqKvvCbFxuIDLBgyNzeFdXbdv4Ojtr+FAlfMxrWjHkdlFDuePeJnxcs+A
j6lGg2nFWrQQxHJAD7Z8s485D1NFJKEFFIVY/0WbQ7BrwkFDCK0pBa7dIZdc8Mt7
WrSxaxroQ1oLiKmVmK006zydC5jjhcSE5qbrMJT2y5Rp00OMJJpWfkCmtumWj1z8
H/qBs21J7Q45bNs=
-----END CERTIFICATE-----
Generated at Tue Apr 15 09:41:31 2025 by rpki-client