Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/UKnM76GXsE3e8rEy1x43e8KLdlc.roa
File: UKnM76GXsE3e8rEy1x43e8KLdlc.roa (raw, json)
Hash identifier: NBFXIrdg/wCgcIb1WB5k5Pvcjb0VoKa8SwIiCFDh5Fg=
Subject key identifier: 50:A9:CC:EF:A1:97:B0:4D:DE:F2:B1:32:D7:1E:37:7B:C2:8B:76:57
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 01856ED4FE19D38C5C3B23D38072DECE4F93
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/UKnM76GXsE3e8rEy1x43e8KLdlc.roa
Signing time: Sun 01 Jan 2023 19:35:30 +0000
ROA not before: Sun 01 Jan 2023 19:35:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209456
IP address blocks: 185.22.25.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:fe:19:d3:8c:5c:3b:23:d3:80:72:de:ce:4f:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jan 1 19:35:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=50a9ccefa197b04ddef2b132d71e377bc28b7657
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:c8:67:b6:a9:35:b3:58:df:34:bd:81:5d:9a:
3c:44:07:7d:ff:b9:ed:5c:23:e3:6a:83:d8:5d:3f:
bd:76:16:93:82:5a:c8:0a:da:7b:1f:34:95:9d:b9:
95:c8:cf:7d:d3:70:33:f8:b2:41:d2:84:d3:25:19:
bc:d4:ce:9d:ab:bc:ea:49:31:1e:47:0b:be:c5:ee:
bb:3e:9a:f5:aa:1c:3a:0d:90:38:9e:9a:de:ff:10:
a3:3d:c3:eb:b6:e2:42:ec:8a:9c:0c:97:9c:47:08:
ac:b6:d4:56:7a:93:66:27:f3:6a:75:96:60:b6:80:
b7:50:7d:5f:73:cc:02:72:db:22:79:14:0b:78:1f:
c6:36:25:0c:27:15:d1:e9:ed:55:bc:34:74:9b:35:
7a:bf:b2:8e:7a:d9:ec:92:96:49:21:bf:6c:4f:50:
4b:eb:0b:51:83:7d:5b:53:65:43:84:c8:62:77:12:
df:d5:d2:f5:81:33:0d:03:d3:e8:ee:6c:62:41:17:
a4:57:5f:fe:89:a1:45:3a:96:17:cf:ad:fd:54:96:
13:5b:be:0e:e2:a6:32:73:1b:c8:8f:1e:11:1c:af:
91:f5:8c:d8:96:70:ef:e2:26:4c:39:c5:73:28:b3:
c8:a7:45:99:8f:87:fc:56:0d:de:49:07:5a:46:81:
fc:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:A9:CC:EF:A1:97:B0:4D:DE:F2:B1:32:D7:1E:37:7B:C2:8B:76:57
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/UKnM76GXsE3e8rEy1x43e8KLdlc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.22.25.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:b5:a3:d9:cb:fd:dc:a1:ce:e0:bc:52:08:18:c6:a2:27:21:
30:7e:b7:dd:70:23:f7:3c:bd:02:5f:01:39:99:39:d4:50:69:
cc:81:ae:11:8a:63:d9:71:c3:ae:06:4d:9c:b6:29:4a:1b:18:
c9:54:b5:c2:22:ea:d4:28:e1:84:80:79:e2:da:f7:f6:f6:31:
a2:96:26:91:ff:a8:dc:85:50:06:54:91:2d:90:62:5b:01:c7:
49:87:a3:46:e2:37:15:f9:13:25:b5:4d:55:d3:25:19:60:9d:
e7:f5:d5:e7:58:58:12:52:a7:95:d6:37:2c:f6:a8:51:5c:f9:
6a:ee:76:98:20:0c:81:ae:4d:14:ee:81:25:17:68:8f:19:23:
21:a0:74:a0:5c:ef:fa:3c:04:80:f9:fa:ce:dd:fe:81:2e:62:
53:16:02:ee:d1:07:01:d7:7a:03:db:b6:3f:c0:b6:4d:a7:ef:
a3:6f:fa:26:35:da:e2:14:41:a6:32:a2:24:c1:9f:d0:be:11:
c8:c9:d6:8c:74:e8:3f:7f:d7:bf:51:65:10:17:a0:67:26:21:
2b:37:03:6c:fe:df:bb:fb:63:93:92:b1:ec:b5:8d:cd:fb:64:
41:7b:77:6f:a9:50:93:41:b1:51:ee:2f:3b:b9:49:1f:02:b2:
e9:c0:5e:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu1P4Z04xcOyPTgHLezk+TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjMwMTAxMTkzNTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGE5Y2NlZmExOTdiMDRkZGVmMmIxMzJkNzFlMzc3YmMyOGI3NjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlshntqk1s1jfNL2BXZo8RAd9/7nt
XCPjaoPYXT+9dhaTglrICtp7HzSVnbmVyM9903Az+LJB0oTTJRm81M6dq7zqSTEe
Rwu+xe67Ppr1qhw6DZA4npre/xCjPcPrtuJC7IqcDJecRwisttRWepNmJ/NqdZZg
toC3UH1fc8wCctsieRQLeB/GNiUMJxXR6e1VvDR0mzV6v7KOetnskpZJIb9sT1BL
6wtRg31bU2VDhMhidxLf1dL1gTMNA9Po7mxiQRekV1/+iaFFOpYXz639VJYTW74O
4qYycxvIjx4RHK+R9YzYlnDv4iZMOcVzKLPIp0WZj4f8Vg3eSQdaRoH8JQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFCpzO+hl7BN3vKxMtceN3vCi3ZXMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvVUtuTTc2R1hzRTNlOHJFeTF4NDNlOEtMZGxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRYZMA0G
CSqGSIb3DQEBCwUAA4IBAQCNtaPZy/3coc7gvFIIGMaiJyEwfrfdcCP3PL0CXwE5
mTnUUGnMga4RimPZccOuBk2ctilKGxjJVLXCIurUKOGEgHni2vf29jGiliaR/6jc
hVAGVJEtkGJbAcdJh6NG4jcV+RMltU1V0yUZYJ3n9dXnWFgSUqeV1jcs9qhRXPlq
7naYIAyBrk0U7oElF2iPGSMhoHSgXO/6PASA+frO3f6BLmJTFgLu0QcB13oD27Y/
wLZNp++jb/omNdriFEGmMqIkwZ/QvhHIydaMdOg/f9e/UWUQF6BnJiErNwNs/t+7
+2OTkrHstY3N+2RBe3dvqVCTQbFR7i87uUkfArLpwF6S
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:19 2025 by rpki-client