Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/a1f212-ba35-466b-b52e-3853d340c9a6/1/UGR2ZGIqX_5BUfDFJKyzZbyE4yM.roa
File: UGR2ZGIqX_5BUfDFJKyzZbyE4yM.roa (raw, json)
Hash identifier: pfoLFHxP+wm6LWeVdS4VkVTIShbaDGV4eoqHdOYKwqM=
Subject key identifier: 50:64:76:64:62:2A:5F:FE:41:51:F0:C5:24:AC:B3:65:BC:84:E3:23
Certificate issuer: /CN=ab4f00f5c3ab3df4c674a410d8a0f0182fb5e918
Certificate serial: 01823B6278384C23B94049AD5BC0205BE94A
Authority key identifier: AB:4F:00:F5:C3:AB:3D:F4:C6:74:A4:10:D8:A0:F0:18:2F:B5:E9:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q08A9cOrPfTGdKQQ2KDwGC-16Rg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/a1f212-ba35-466b-b52e-3853d340c9a6/1/UGR2ZGIqX_5BUfDFJKyzZbyE4yM.roa
Signing time: Tue 26 Jul 2022 16:41:25 +0000
ROA not before: Tue 26 Jul 2022 16:41:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204384
IP address blocks: 178.209.69.0/24 maxlen: 24
178.209.68.0/24 maxlen: 24
178.209.80.0/21 maxlen: 24
178.209.87.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:3b:62:78:38:4c:23:b9:40:49:ad:5b:c0:20:5b:e9:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab4f00f5c3ab3df4c674a410d8a0f0182fb5e918
Validity
Not Before: Jul 26 16:41:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=50647664622a5ffe4151f0c524acb365bc84e323
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:61:49:68:6d:43:e8:52:52:7f:8b:ef:0d:af:
66:e8:67:d9:36:cd:b7:19:58:80:d3:6f:00:d4:6c:
f4:f8:ae:d6:c3:e6:4e:62:16:24:e7:2f:e4:87:f4:
6b:c7:a3:03:4b:a7:2b:74:cb:64:67:38:7d:d6:09:
d4:2e:82:7c:5e:0f:59:00:3b:ce:84:83:74:0e:b1:
26:e5:2e:78:2d:78:5f:7d:90:20:46:12:bf:6b:83:
e4:b3:cd:90:9c:49:20:cc:a8:79:f6:26:e7:0d:08:
37:ef:ef:14:51:71:85:99:dc:da:2b:cb:2e:11:79:
f1:e9:c5:0e:fd:c8:bc:a0:c9:e9:ac:71:7a:b9:e2:
de:3b:d4:9c:d1:b0:e2:1e:e5:46:23:b8:6e:e7:98:
6c:4f:c2:c2:26:a9:f5:ee:2d:6c:fd:ba:bb:fe:9d:
d0:33:92:4a:d8:43:86:8e:97:f7:b1:d5:a9:e8:cf:
1b:58:c1:11:cd:d0:a8:6a:97:28:c0:7c:55:77:5d:
71:99:08:e5:6c:36:fc:bf:ea:52:0e:6c:96:1e:d0:
4a:c9:18:43:e9:da:f6:83:c3:8b:34:fc:a3:ab:75:
ca:80:57:25:1d:82:7a:8f:3c:4e:ce:61:09:7a:90:
10:9a:81:09:c7:24:4b:6b:3d:4f:38:ea:e2:bd:f0:
f1:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:64:76:64:62:2A:5F:FE:41:51:F0:C5:24:AC:B3:65:BC:84:E3:23
X509v3 Authority Key Identifier:
keyid:AB:4F:00:F5:C3:AB:3D:F4:C6:74:A4:10:D8:A0:F0:18:2F:B5:E9:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q08A9cOrPfTGdKQQ2KDwGC-16Rg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/a1f212-ba35-466b-b52e-3853d340c9a6/1/UGR2ZGIqX_5BUfDFJKyzZbyE4yM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/a1f212-ba35-466b-b52e-3853d340c9a6/1/q08A9cOrPfTGdKQQ2KDwGC-16Rg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.209.68.0/23
178.209.80.0/21
Signature Algorithm: sha256WithRSAEncryption
b1:81:f0:61:f7:a9:5c:ec:78:5d:0b:23:f0:81:a7:b9:d5:38:
c3:0a:8f:20:48:cd:2d:ed:4f:fb:0e:0a:76:c4:40:49:3f:d2:
d7:10:1c:10:aa:ad:d7:d0:92:77:20:e8:c5:31:e0:13:8f:ae:
86:49:e3:26:92:9e:9f:85:dc:8c:03:b9:b1:77:82:d6:90:86:
5f:78:5e:d2:63:0d:6a:3e:e3:b4:97:3b:44:fb:d9:c5:bd:ea:
9c:ed:ed:38:5f:84:de:d7:b3:fb:03:ad:7f:fc:a6:3d:4d:e0:
5c:0a:a9:1a:9b:65:ca:68:cb:c4:fd:df:1d:15:94:d1:67:b3:
b3:f7:0c:b1:d3:02:b6:0c:1f:7d:02:69:91:94:c6:c6:02:ad:
4c:66:07:1f:7f:e7:2b:60:04:1e:22:60:b2:af:2f:5c:e2:16:
4d:1b:6f:98:03:97:f5:20:b2:73:a4:b0:c7:c3:f0:2c:1b:6b:
ca:fb:5a:35:45:75:f7:d1:e8:ae:bb:3b:5d:cb:24:9b:6f:c3:
cb:35:02:d8:76:6f:85:0c:43:19:fa:37:50:4d:0a:13:87:b8:
bb:50:47:ca:3f:c5:2c:03:9c:c8:d5:8f:4a:04:db:3c:fa:af:
98:cb:88:a0:30:d5:70:d4:9f:89:6a:d8:4c:ba:5c:49:13:78:
40:ce:41:2f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYI7Yng4TCO5QEmtW8AgW+lKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNGYwMGY1YzNhYjNkZjRjNjc0YTQxMGQ4YTBmMDE4MmZi
NWU5MTgwHhcNMjIwNzI2MTY0MTI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDY0NzY2NDYyMmE1ZmZlNDE1MWYwYzUyNGFjYjM2NWJjODRlMzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2WFJaG1D6FJSf4vvDa9m6GfZNs23
GViA028A1Gz0+K7Ww+ZOYhYk5y/kh/Rrx6MDS6crdMtkZzh91gnULoJ8Xg9ZADvO
hIN0DrEm5S54LXhffZAgRhK/a4Pks82QnEkgzKh59ibnDQg37+8UUXGFmdzaK8su
EXnx6cUO/ci8oMnprHF6ueLeO9Sc0bDiHuVGI7hu55hsT8LCJqn17i1s/bq7/p3Q
M5JK2EOGjpf3sdWp6M8bWMERzdCoapcowHxVd11xmQjlbDb8v+pSDmyWHtBKyRhD
6dr2g8OLNPyjq3XKgFclHYJ6jzxOzmEJepAQmoEJxyRLaz1POOrivfDx/wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFBkdmRiKl/+QVHwxSSss2W8hOMjMB8GA1UdIwQY
MBaAFKtPAPXDqz30xnSkENig8BgvtekYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTA4QTljT3JQZlRHZEtRUTJLRHdHQy0xNlJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9hMWYyMTItYmEzNS00NjZiLWI1MmUt
Mzg1M2QzNDBjOWE2LzEvVUdSMlpHSXFYXzVCVWZERkpLeXpaYnlFNHlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9hMWYyMTItYmEzNS00NjZiLWI1MmUtMzg1M2QzNDBjOWE2
LzEvcTA4QTljT3JQZlRHZEtRUTJLRHdHQy0xNlJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBstFEAwQD
stFQMA0GCSqGSIb3DQEBCwUAA4IBAQCxgfBh96lc7HhdCyPwgae51TjDCo8gSM0t
7U/7Dgp2xEBJP9LXEBwQqq3X0JJ3IOjFMeATj66GSeMmkp6fhdyMA7mxd4LWkIZf
eF7SYw1qPuO0lztE+9nFveqc7e04X4Te17P7A61//KY9TeBcCqkam2XKaMvE/d8d
FZTRZ7Oz9wyx0wK2DB99AmmRlMbGAq1MZgcff+crYAQeImCyry9c4hZNG2+YA5f1
ILJzpLDHw/AsG2vK+1o1RXX30eiuuztdyySbb8PLNQLYdm+FDEMZ+jdQTQoTh7i7
UEfKP8UsA5zI1Y9KBNs8+q+Yy4igMNVw1J+JathMulxJE3hAzkEv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:20 2024 by rpki-client on console-ams.rpki-client.org