Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/UGlzQFr5IlSlOcg-dMeQo4qbTVE.roa
File: UGlzQFr5IlSlOcg-dMeQo4qbTVE.roa (raw, json)
Hash identifier: OSfFnqhP7rSz31NyfuU20ci17CELh8A9kgjN3Q9Sgnw=
Subject key identifier: 50:69:73:40:5A:F9:22:54:A5:39:C8:3E:74:C7:90:A3:8A:9B:4D:51
Certificate issuer: /CN=535825ce8bf544170282f720a2484141568b0e7d
Certificate serial: 018570F08CFE1E161D82307B633B3E15C799
Authority key identifier: 53:58:25:CE:8B:F5:44:17:02:82:F7:20:A2:48:41:41:56:8B:0E:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U1glzov1RBcCgvcgokhBQVaLDn0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/UGlzQFr5IlSlOcg-dMeQo4qbTVE.roa
Signing time: Mon 02 Jan 2023 05:24:50 +0000
ROA not before: Mon 02 Jan 2023 05:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198382
IP address blocks: 185.123.81.0/24 maxlen: 24
212.84.64.0/21 maxlen: 21
212.84.72.0/21 maxlen: 24
212.84.80.0/21 maxlen: 21
212.84.88.0/21 maxlen: 24
2a00:14a0:6::/48 maxlen: 48
2a00:14a0:1::/48 maxlen: 48
2a00:14a0::/29 maxlen: 48
2a00:14a0:5::/48 maxlen: 48
2a00:14a0::/48 maxlen: 48
2a00:14a0:3::/48 maxlen: 48
2a00:14a0:9::/48 maxlen: 48
2a00:14a0:4::/48 maxlen: 48
2a00:14a0:7::/48 maxlen: 48
2a00:14a0:8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:8c:fe:1e:16:1d:82:30:7b:63:3b:3e:15:c7:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=535825ce8bf544170282f720a2484141568b0e7d
Validity
Not Before: Jan 2 05:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=506973405af92254a539c83e74c790a38a9b4d51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:0b:e2:c2:67:44:3c:95:80:06:40:04:f6:ca:
4d:0f:9b:5a:99:ba:e4:2c:1a:38:52:8a:b2:a7:20:
a1:6d:d6:5c:53:66:89:78:ea:58:2d:17:54:19:f0:
24:3d:59:38:b2:6c:3a:1c:55:95:62:7d:a7:d5:1c:
f2:9a:36:be:bb:f7:01:39:b6:25:3c:c1:d8:74:2f:
05:de:5b:e0:4b:c9:78:6b:4e:0b:b6:bf:50:f3:a5:
ad:73:79:8f:bb:99:98:7a:f6:55:cc:d9:2c:4b:e1:
f8:eb:a9:08:5f:42:49:b4:4e:d3:ae:28:cd:13:22:
44:07:47:92:ab:83:67:28:bc:78:40:95:56:b4:40:
6c:51:a7:c7:af:81:3a:5e:d7:7d:8b:c1:d0:16:17:
c0:2a:5a:79:04:c8:fa:69:08:b4:06:c3:e3:dc:21:
0a:f6:85:f7:90:18:f5:c7:5b:ea:5a:7b:5d:d4:2f:
3e:d6:64:bb:bc:3d:54:19:e5:b8:f2:aa:bd:55:3f:
4a:38:34:4c:6f:e8:58:41:9b:cd:c0:ed:8e:bd:f7:
b2:e2:b8:7b:2c:3f:f9:dd:cc:79:6f:90:07:8d:bc:
aa:4c:dd:cf:c0:43:54:39:92:1c:39:c8:8f:e5:60:
0a:01:06:c0:d1:ec:1b:52:92:87:f3:c1:03:77:b8:
71:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:69:73:40:5A:F9:22:54:A5:39:C8:3E:74:C7:90:A3:8A:9B:4D:51
X509v3 Authority Key Identifier:
keyid:53:58:25:CE:8B:F5:44:17:02:82:F7:20:A2:48:41:41:56:8B:0E:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U1glzov1RBcCgvcgokhBQVaLDn0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/UGlzQFr5IlSlOcg-dMeQo4qbTVE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/U1glzov1RBcCgvcgokhBQVaLDn0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.123.81.0/24
212.84.64.0/19
IPv6:
2a00:14a0::/29
Signature Algorithm: sha256WithRSAEncryption
2b:98:a5:a8:b4:a9:21:63:0e:ea:46:9b:b4:54:f6:e8:0d:a3:
67:f5:1e:ed:32:d3:89:85:af:49:e6:f0:b4:5c:af:58:e5:39:
d5:64:80:0f:8e:7e:c7:a9:eb:60:7c:db:db:45:6a:95:8b:68:
d1:3c:4a:b1:c8:33:1d:20:03:43:1f:d1:73:14:a1:4a:d5:b6:
ea:5c:92:9d:e6:15:d5:7f:a3:d8:e8:62:34:83:6b:ac:fa:8c:
f4:f9:d7:e0:2c:43:bb:75:34:c4:ec:6b:a3:f7:d1:cc:60:2a:
57:39:ca:b9:bc:71:82:0e:bd:f8:8f:96:12:69:6f:48:ba:c2:
cd:3c:66:c1:3e:74:31:a0:a7:b0:e6:9d:f5:f5:e3:27:5b:d2:
2e:e7:d9:ae:ef:88:32:7d:0c:e7:b9:31:ed:87:e5:a2:3f:dc:
2e:4f:69:90:68:3a:94:e4:4c:71:fe:8e:86:6a:90:b2:5c:df:
bc:a9:60:9a:14:22:2f:de:76:33:87:b6:5b:60:d8:db:81:d9:
ce:30:a9:97:66:69:f6:9d:51:61:5e:43:7e:be:f5:63:34:3f:
df:b3:cd:99:71:e7:d5:7c:60:1d:c3:20:f0:2f:10:07:88:5c:
e9:7c:a6:93:ff:4f:b0:46:4a:3a:82:69:88:8b:fa:f6:3e:89:
d3:bf:15:a5
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVw8Iz+HhYdgjB7Yzs+FceZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNTgyNWNlOGJmNTQ0MTcwMjgyZjcyMGEyNDg0MTQxNTY4
YjBlN2QwHhcNMjMwMTAyMDUyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDY5NzM0MDVhZjkyMjU0YTUzOWM4M2U3NGM3OTBhMzhhOWI0ZDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQviwmdEPJWABkAE9spND5tambrk
LBo4UoqypyChbdZcU2aJeOpYLRdUGfAkPVk4smw6HFWVYn2n1Rzymja+u/cBObYl
PMHYdC8F3lvgS8l4a04Ltr9Q86Wtc3mPu5mYevZVzNksS+H466kIX0JJtE7TrijN
EyJEB0eSq4NnKLx4QJVWtEBsUafHr4E6Xtd9i8HQFhfAKlp5BMj6aQi0BsPj3CEK
9oX3kBj1x1vqWntd1C8+1mS7vD1UGeW48qq9VT9KODRMb+hYQZvNwO2Ovfey4rh7
LD/53cx5b5AHjbyqTN3PwENUOZIcOciP5WAKAQbA0ewbUpKH88EDd7hxHQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFBpc0Ba+SJUpTnIPnTHkKOKm01RMB8GA1UdIwQY
MBaAFFNYJc6L9UQXAoL3IKJIQUFWiw59MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTFnbHpvdjFSQmNDZ3ZjZ29raEJRVmFMRG4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS8wMWY3MzYtYWY4My00NTZjLThiNDUt
NTE0NmFiN2VhMDE1LzEvVUdselFGcjVJbFNsT2NnLWRNZVFvNHFiVFZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS8wMWY3MzYtYWY4My00NTZjLThiNDUtNTE0NmFiN2VhMDE1
LzEvVTFnbHpvdjFSQmNDZ3ZjZ29raEJRVmFMRG4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuXtRAwQF
1FRAMA0EAgACMAcDBQMqABSgMA0GCSqGSIb3DQEBCwUAA4IBAQArmKWotKkhYw7q
Rpu0VPboDaNn9R7tMtOJha9J5vC0XK9Y5TnVZIAPjn7HqetgfNvbRWqVi2jRPEqx
yDMdIANDH9FzFKFK1bbqXJKd5hXVf6PY6GI0g2us+oz0+dfgLEO7dTTE7Guj99HM
YCpXOcq5vHGCDr34j5YSaW9IusLNPGbBPnQxoKew5p319eMnW9Iu59mu74gyfQzn
uTHth+WiP9wuT2mQaDqU5Exx/o6GapCyXN+8qWCaFCIv3nYzh7ZbYNjbgdnOMKmX
Zmn2nVFhXkN+vvVjND/fs82ZcefVfGAdwyDwLxAHiFzpfKaT/0+wRko6gmmIi/r2
PonTvxWl
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:48 2025 by rpki-client