Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/UHndKwdcAuBVCRQrNemVsREMi_4.roa
File: UHndKwdcAuBVCRQrNemVsREMi_4.roa (raw, json)
Hash identifier: DTJI8Znh2+iDdpUg8I/uMAIfRyoQGHtqBP4Sjg1mF5o=
Subject key identifier: 50:79:DD:2B:07:5C:02:E0:55:09:14:2B:35:E9:95:B1:11:0C:8B:FE
Certificate issuer: /CN=0c90c356e2864f43894857443555d8b5c0352819
Certificate serial: 0185718C2D3C691B2DB49AB4942EC233AA6F
Authority key identifier: 0C:90:C3:56:E2:86:4F:43:89:48:57:44:35:55:D8:B5:C0:35:28:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DJDDVuKGT0OJSFdENVXYtcA1KBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/UHndKwdcAuBVCRQrNemVsREMi_4.roa
Signing time: Mon 02 Jan 2023 08:14:50 +0000
ROA not before: Mon 02 Jan 2023 08:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197834
IP address blocks: 185.13.196.0/22 maxlen: 24
176.32.192.0/23 maxlen: 24
176.32.194.0/23 maxlen: 24
176.32.198.0/23 maxlen: 24
176.32.196.0/23 maxlen: 24
176.32.192.236/32 maxlen: 32
109.75.32.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:8c:2d:3c:69:1b:2d:b4:9a:b4:94:2e:c2:33:aa:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c90c356e2864f43894857443555d8b5c0352819
Validity
Not Before: Jan 2 08:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5079dd2b075c02e05509142b35e995b1110c8bfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:78:66:c1:e5:05:72:7b:80:1d:19:4f:1e:5c:
99:14:f0:01:9c:70:da:32:08:fe:36:64:db:c8:e4:
2f:22:24:c3:f1:16:c1:29:f4:79:78:e5:c3:66:0e:
cb:51:c1:f8:75:18:c5:ea:75:ea:0c:b7:47:c3:8b:
b3:de:58:b4:fa:8d:ed:45:e4:a2:85:cb:99:fd:5d:
5c:95:a5:a3:65:45:35:da:b3:02:c6:74:6b:a2:9b:
4c:a7:65:b9:c8:ea:a4:b4:24:7a:2a:2c:0e:5b:23:
63:63:2f:f1:e4:29:b1:e9:ce:2a:27:b0:37:08:13:
b9:ec:d6:4e:f2:82:b7:22:3d:fb:6c:96:c4:47:d0:
ab:ff:e1:b1:8a:1f:d0:8f:88:85:dc:1e:41:61:69:
f6:bc:3f:8f:19:24:f1:65:49:3a:69:07:e2:a3:04:
16:9c:60:15:36:b8:11:d4:12:3f:31:f0:39:18:2d:
0d:5a:ea:44:52:d3:2e:c7:4e:5c:78:c2:3f:d0:31:
27:cb:bb:ae:ba:93:4d:56:8c:84:ea:7a:6e:a6:f7:
d8:48:e3:1b:df:50:d2:79:79:5e:2c:9f:3c:2c:7d:
2e:bc:db:b0:47:94:fe:c0:5d:35:40:11:1d:76:26:
4d:2b:1a:2b:af:d6:a0:d3:a6:b8:fa:bd:35:86:d7:
82:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:79:DD:2B:07:5C:02:E0:55:09:14:2B:35:E9:95:B1:11:0C:8B:FE
X509v3 Authority Key Identifier:
keyid:0C:90:C3:56:E2:86:4F:43:89:48:57:44:35:55:D8:B5:C0:35:28:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DJDDVuKGT0OJSFdENVXYtcA1KBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/UHndKwdcAuBVCRQrNemVsREMi_4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/DJDDVuKGT0OJSFdENVXYtcA1KBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.75.32.0/23
176.32.192.0/21
185.13.196.0/22
Signature Algorithm: sha256WithRSAEncryption
82:4a:1c:7b:65:4e:c6:6a:45:e6:35:ba:2b:9a:5e:bd:32:43:
60:57:6b:49:29:de:d8:e9:e2:2b:4c:f9:e0:76:9a:35:bb:25:
69:30:8e:8c:c4:d4:c1:3d:f3:f4:d3:ee:7a:ea:98:6c:35:3a:
00:ce:99:09:a8:cc:5b:a9:38:9b:31:76:37:a0:df:10:f8:fa:
c0:9c:98:17:ac:27:89:3a:10:ef:8c:03:94:49:a1:6e:41:a2:
53:b9:27:51:5a:85:20:4d:8e:f6:5d:26:a7:63:2e:33:86:f1:
ab:b1:1a:d0:76:be:fe:a7:c9:6b:c8:5b:c9:a4:55:c5:f4:55:
da:cc:ee:24:d8:ad:66:45:58:88:8f:8c:48:0a:2f:2f:d4:bd:
54:ae:a1:ba:11:b9:c5:d0:6a:39:fb:e2:bf:76:ca:35:88:a7:
7a:4d:3a:74:69:13:48:8f:a4:44:12:76:64:3a:66:b7:eb:34:
79:06:d2:89:a3:4c:bf:92:64:3e:47:d7:16:7d:39:dd:2d:fb:
12:be:90:da:0f:0a:4a:c4:63:4e:7b:d4:80:6d:0f:ca:47:27:
9e:85:b0:7e:f3:ed:8f:6f:a5:4a:56:fe:19:95:5f:48:26:11:
2f:2d:f8:7e:d8:f4:60:a6:4d:f9:93:02:39:d8:e8:f1:40:c3:
72:e2:23:7c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxjC08aRsttJq0lC7CM6pvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjOTBjMzU2ZTI4NjRmNDM4OTQ4NTc0NDM1NTVkOGI1YzAz
NTI4MTkwHhcNMjMwMTAyMDgxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDc5ZGQyYjA3NWMwMmUwNTUwOTE0MmIzNWU5OTViMTExMGM4YmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3hmweUFcnuAHRlPHlyZFPABnHDa
Mgj+NmTbyOQvIiTD8RbBKfR5eOXDZg7LUcH4dRjF6nXqDLdHw4uz3li0+o3tReSi
hcuZ/V1claWjZUU12rMCxnRroptMp2W5yOqktCR6KiwOWyNjYy/x5Cmx6c4qJ7A3
CBO57NZO8oK3Ij37bJbER9Cr/+Gxih/Qj4iF3B5BYWn2vD+PGSTxZUk6aQfiowQW
nGAVNrgR1BI/MfA5GC0NWupEUtMux05ceMI/0DEny7uuupNNVoyE6npupvfYSOMb
31DSeXleLJ88LH0uvNuwR5T+wF01QBEddiZNKxorr9ag06a4+r01hteC5wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFB53SsHXALgVQkUKzXplbERDIv+MB8GA1UdIwQY
MBaAFAyQw1bihk9DiUhXRDVV2LXANSgZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREpERFZ1S0dUME9KU0ZkRU5WWFl0Y0ExS0JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hYzVhNTYtMTYzYS00OTdhLTk1NDct
ZTM3OTlhZGU5ZGZlLzEvVUhuZEt3ZGNBdUJWQ1JRck5lbVZzUkVNaV80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hYzVhNTYtMTYzYS00OTdhLTk1NDctZTM3OTlhZGU5ZGZl
LzEvREpERFZ1S0dUME9KU0ZkRU5WWFl0Y0ExS0JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBbUsgAwQD
sCDAAwQCuQ3EMA0GCSqGSIb3DQEBCwUAA4IBAQCCShx7ZU7GakXmNborml69MkNg
V2tJKd7Y6eIrTPngdpo1uyVpMI6MxNTBPfP00+566phsNToAzpkJqMxbqTibMXY3
oN8Q+PrAnJgXrCeJOhDvjAOUSaFuQaJTuSdRWoUgTY72XSanYy4zhvGrsRrQdr7+
p8lryFvJpFXF9FXazO4k2K1mRViIj4xICi8v1L1UrqG6EbnF0Go5++K/dso1iKd6
TTp0aRNIj6REEnZkOma36zR5BtKJo0y/kmQ+R9cWfTndLfsSvpDaDwpKxGNOe9SA
bQ/KRyeehbB+8+2Pb6VKVv4ZlV9IJhEvLfh+2PRgpk35kwI52OjxQMNy4iN8
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:19 2025 by rpki-client