Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Uc6j_QRFdwYSjx6R3u1EnQHJKCQ.roa
File: Uc6j_QRFdwYSjx6R3u1EnQHJKCQ.roa (raw, json)
Hash identifier: Xxjf9QtkHZ5uZkX9rQQB9P6QNonTsyNxgF1Duk+LgUQ=
Subject key identifier: 51:CE:A3:FD:04:45:77:06:12:8F:1E:91:DE:ED:44:9D:01:C9:28:24
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 18F2ED21
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Uc6j_QRFdwYSjx6R3u1EnQHJKCQ.roa
Signing time: Mon 28 Feb 2022 23:19:18 +0000
ROA not before: Mon 28 Feb 2022 23:19:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7489
IP address blocks: 185.133.192.0/24 maxlen: 24
185.117.22.0/24 maxlen: 24
185.122.56.0/24 maxlen: 24
185.122.57.0/24 maxlen: 24
185.122.58.0/24 maxlen: 32
185.122.56.0/22 maxlen: 32
185.122.59.0/24 maxlen: 24
2a06:8e00::/48 maxlen: 48
2a06:8ec0:3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 418573601 (0x18f2ed21)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Feb 28 23:19:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=51cea3fd04457706128f1e91deed449d01c92824
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:53:40:f3:09:9d:21:8a:b5:8d:c0:30:ff:13:
a2:dc:c4:9b:47:9c:10:eb:2c:d5:1c:39:68:96:44:
16:db:c8:09:4a:42:ca:6c:cd:ec:12:15:49:cc:f7:
27:2e:1c:7e:2a:d7:84:dd:af:92:a1:d2:cc:64:d7:
8e:c4:68:0e:fb:28:3e:35:a9:59:a6:fe:d7:9d:15:
95:a0:e0:d1:ba:ec:8c:1e:3c:b0:d7:ca:7c:7a:b4:
c2:e4:d6:22:98:82:6f:14:0f:f4:23:16:c0:e4:c1:
86:69:a9:3e:ff:d7:6e:42:ce:13:c6:d7:db:16:84:
a2:fc:26:a1:c4:7d:c5:56:28:e0:a6:45:43:92:19:
a3:ca:68:de:ae:25:0d:9b:ad:20:6e:8a:7d:75:77:
de:90:eb:1c:56:42:28:43:d3:ee:1f:fa:d3:48:42:
ec:80:e4:5b:a1:24:cc:69:7f:6a:64:d9:7c:9d:bc:
83:fa:6b:a4:d1:79:f1:3d:3c:5d:c7:46:48:9f:a6:
e9:78:41:c2:b1:a1:cc:61:2a:21:52:5e:f3:66:15:
c1:e2:0a:d2:05:7b:0c:1d:88:36:16:65:25:cb:68:
b1:27:a1:3c:91:b4:da:fa:4c:81:a0:fc:fb:e7:0f:
c5:69:37:cb:23:36:5f:08:de:0c:15:a3:45:cf:e6:
3a:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:CE:A3:FD:04:45:77:06:12:8F:1E:91:DE:ED:44:9D:01:C9:28:24
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Uc6j_QRFdwYSjx6R3u1EnQHJKCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.22.0/24
185.122.56.0/22
185.133.192.0/24
IPv6:
2a06:8e00::/48
2a06:8ec0:3::/48
Signature Algorithm: sha256WithRSAEncryption
88:e4:ff:83:b0:b9:9c:0a:8e:ec:9a:d8:e9:c9:38:b5:4d:01:
7e:db:c6:f1:5e:7d:b0:41:9d:f3:f4:c1:88:44:e9:51:ae:35:
85:36:df:93:4d:d9:41:91:ed:77:12:1b:fd:3c:bc:76:d5:4d:
7d:d5:99:f2:d5:3d:fd:58:a2:45:18:99:5b:10:2d:9b:81:d0:
78:7f:d5:6e:23:57:1c:82:4e:42:45:88:4c:39:d1:e7:70:22:
cd:f2:a8:7a:f6:92:7d:aa:d7:23:f3:2f:1a:03:0e:f8:9b:95:
62:c5:df:31:3c:8a:eb:be:19:d1:58:77:da:a8:88:c6:5c:ee:
97:3f:4f:89:0d:d1:05:df:f4:4d:94:78:4d:7e:83:d5:53:54:
3d:8a:03:be:68:2f:57:d2:35:9a:9f:1e:68:eb:d7:5a:b0:d4:
e2:e3:75:34:8e:1f:ee:9f:76:e5:e3:d9:46:7a:6e:c6:fb:99:
e3:00:d8:9f:91:c9:be:e6:74:bd:de:98:a1:95:c0:9b:ff:ba:
08:80:36:37:7e:ee:03:f5:93:49:cf:08:39:67:12:42:d1:97:
56:b3:0f:aa:91:14:41:97:b5:96:47:57:da:6e:7f:77:10:b2:
0d:75:b1:78:c0:b3:20:66:91:11:68:dd:c9:cc:a1:c1:33:4e:
e2:73:72:3a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIEGPLtITANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDIy
ODIzMTkxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTFjZWEzZmQwNDQ1
NzcwNjEyOGYxZTkxZGVlZDQ0OWQwMWM5MjgyNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKBTQPMJnSGKtY3AMP8TotzEm0ecEOss1Rw5aJZEFtvICUpC
ymzN7BIVScz3Jy4cfirXhN2vkqHSzGTXjsRoDvsoPjWpWab+150VlaDg0brsjB48
sNfKfHq0wuTWIpiCbxQP9CMWwOTBhmmpPv/XbkLOE8bX2xaEovwmocR9xVYo4KZF
Q5IZo8po3q4lDZutIG6KfXV33pDrHFZCKEPT7h/600hC7IDkW6EkzGl/amTZfJ28
g/prpNF58T08XcdGSJ+m6XhBwrGhzGEqIVJe82YVweIK0gV7DB2INhZlJctosSeh
PJG02vpMgaD8++cPxWk3yyM2XwjeDBWjRc/mOv0CAwEAAaOCAi8wggIrMB0GA1Ud
DgQWBBRRzqP9BEV3BhKPHpHe7USdAckoJDAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L1VjNmpfUVJGZHdZU2p4NlIzdTFFblFISktDUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBF
BggrBgEFBQcBBwEB/wQ2MDQwGAQCAAEwEgMEALl1FgMEArl6OAMEALmFwDAYBAIA
AjASAwcAKgaOAAAAAwcAKgaOwAADMA0GCSqGSIb3DQEBCwUAA4IBAQCI5P+DsLmc
Co7smtjpyTi1TQF+28bxXn2wQZ3z9MGIROlRrjWFNt+TTdlBke13Ehv9PLx21U19
1Zny1T39WKJFGJlbEC2bgdB4f9VuI1ccgk5CRYhMOdHncCLN8qh69pJ9qtcj8y8a
Aw74m5Vixd8xPIrrvhnRWHfaqIjGXO6XP0+JDdEF3/RNlHhNfoPVU1Q9igO+aC9X
0jWanx5o69dasNTi43U0jh/un3bl49lGem7G+5njANifkcm+5nS93pihlcCb/7oI
gDY3fu4D9ZNJzwg5ZxJC0ZdWsw+qkRRBl7WWR1fabn93ELINdbF4wLMgZpERaN3J
zKHBM07ic3I6
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:09 2023 by rpki-client on console-ams.rpki-client.org