Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/UgX5soe3_NlnazW7nYedM0p2qzU.roa
File: UgX5soe3_NlnazW7nYedM0p2qzU.roa (raw, json)
Hash identifier: nhywb43BcBlifpEURlAfsMJe3kIJ1lMQkNcJ0DfjJ7w=
Subject key identifier: 52:05:F9:B2:87:B7:FC:D9:67:6B:35:BB:9D:87:9D:33:4A:76:AB:35
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 18FE15D3
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/UgX5soe3_NlnazW7nYedM0p2qzU.roa
Signing time: Fri 04 Mar 2022 08:24:27 +0000
ROA not before: Fri 04 Mar 2022 08:24:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7489
IP address blocks: 185.133.192.0/24 maxlen: 24
185.117.22.0/24 maxlen: 24
185.122.56.0/24 maxlen: 24
185.122.57.0/24 maxlen: 24
185.122.58.0/24 maxlen: 32
185.122.56.0/22 maxlen: 32
185.122.59.0/24 maxlen: 24
2a06:8e00::/48 maxlen: 48
2a06:8ec0:3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 419304915 (0x18fe15d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Mar 4 08:24:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5205f9b287b7fcd9676b35bb9d879d334a76ab35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:23:05:51:84:90:6e:90:c5:3e:f4:75:69:e4:
90:1f:f2:f8:0d:75:69:41:2c:c1:ce:80:56:12:a1:
3a:43:9e:4d:aa:24:b1:cf:83:90:d7:97:b9:82:85:
0e:1c:51:7e:24:ef:f9:2d:30:c9:cc:97:c4:75:46:
1c:4f:6e:02:4b:36:9b:60:cb:bf:88:53:9b:73:45:
cd:f0:e8:eb:5c:c0:27:ab:a7:ea:60:38:e3:67:ce:
d7:51:f4:94:a3:0d:58:bd:c9:a7:7b:77:af:58:2c:
c6:81:a4:0a:13:69:12:03:95:2b:85:64:c7:fe:22:
f8:3c:a8:27:b7:fe:41:3d:c1:6c:3f:95:a3:24:c7:
74:22:6d:81:72:d0:d0:e6:f4:1d:bd:cb:eb:a3:86:
c2:9b:f9:74:b7:dd:37:71:90:1e:57:d9:8f:a1:b2:
da:c6:2b:d1:2a:9f:3f:6d:c6:0b:4d:73:55:de:32:
c2:37:d6:3c:f5:bb:68:fd:55:e9:cb:4b:84:86:e7:
df:a2:39:bf:06:95:17:74:d2:88:69:b2:5a:18:65:
20:3f:de:4f:db:dc:45:87:ed:da:3e:00:d5:d9:f0:
cb:2e:eb:0d:74:8e:36:bf:bc:30:7d:70:af:fd:e2:
12:09:43:75:80:3e:ad:cd:bf:df:fe:3d:36:a8:c1:
6e:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:05:F9:B2:87:B7:FC:D9:67:6B:35:BB:9D:87:9D:33:4A:76:AB:35
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/UgX5soe3_NlnazW7nYedM0p2qzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.22.0/24
185.122.56.0/22
185.133.192.0/24
IPv6:
2a06:8e00::/48
2a06:8ec0:3::/48
Signature Algorithm: sha256WithRSAEncryption
0f:e9:3c:b3:15:b0:aa:b0:1d:0e:74:89:36:91:e8:68:65:b6:
32:1f:92:f8:bb:83:26:68:e2:28:71:5e:25:fa:00:1a:c3:1b:
8a:d3:52:93:48:b1:df:43:5e:b1:28:0b:df:22:8d:19:c4:c9:
96:34:ea:06:c8:e1:ea:e7:fd:6f:64:0b:94:5f:d1:a8:84:39:
5d:45:47:8c:22:bb:eb:71:74:b6:57:c5:9c:c5:19:c3:eb:a6:
4a:23:c4:97:46:3c:c2:70:f0:4b:2b:95:67:4e:83:84:6f:33:
7f:f2:c4:8f:4f:23:90:8a:ca:96:33:c2:a7:af:a4:55:61:7f:
f7:31:0d:fc:08:80:fe:be:06:56:7c:17:bc:bf:6c:73:35:bc:
97:43:3f:eb:ba:6b:fd:cd:4a:24:e2:c8:89:34:42:68:99:ac:
f6:27:e2:f6:a6:21:e2:0e:e7:47:14:f7:03:20:f6:4d:4f:e6:
69:73:4e:e4:2a:bb:2d:c8:9f:05:06:f4:74:3a:2a:17:cb:f3:
47:67:db:bc:27:55:13:49:22:20:e2:ed:02:12:4c:26:03:c3:
8b:af:25:fd:98:4c:a9:85:fa:a4:9f:06:ff:2f:25:9f:6f:47:
46:d5:6e:61:2f:5b:07:7e:f5:0a:a5:a2:2a:8e:0f:46:f6:84:
d1:96:88:a5
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIEGP4V0zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDMw
NDA4MjQyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTIwNWY5YjI4N2I3
ZmNkOTY3NmIzNWJiOWQ4NzlkMzM0YTc2YWIzNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIwjBVGEkG6QxT70dWnkkB/y+A11aUEswc6AVhKhOkOeTaok
sc+DkNeXuYKFDhxRfiTv+S0wycyXxHVGHE9uAks2m2DLv4hTm3NFzfDo61zAJ6un
6mA442fO11H0lKMNWL3Jp3t3r1gsxoGkChNpEgOVK4Vkx/4i+DyoJ7f+QT3BbD+V
oyTHdCJtgXLQ0Ob0Hb3L66OGwpv5dLfdN3GQHlfZj6Gy2sYr0SqfP23GC01zVd4y
wjfWPPW7aP1V6ctLhIbn36I5vwaVF3TSiGmyWhhlID/eT9vcRYft2j4A1dnwyy7r
DXSONr+8MH1wr/3iEglDdYA+rc2/3/49NqjBbpMCAwEAAaOCAi8wggIrMB0GA1Ud
DgQWBBRSBfmyh7f82WdrNbudh50zSnarNTAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L1VnWDVzb2UzX05sbmF6VzduWWVkTTBwMnF6VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBF
BggrBgEFBQcBBwEB/wQ2MDQwGAQCAAEwEgMEALl1FgMEArl6OAMEALmFwDAYBAIA
AjASAwcAKgaOAAAAAwcAKgaOwAADMA0GCSqGSIb3DQEBCwUAA4IBAQAP6TyzFbCq
sB0OdIk2kehoZbYyH5L4u4MmaOIocV4l+gAawxuK01KTSLHfQ16xKAvfIo0ZxMmW
NOoGyOHq5/1vZAuUX9GohDldRUeMIrvrcXS2V8WcxRnD66ZKI8SXRjzCcPBLK5Vn
ToOEbzN/8sSPTyOQisqWM8Knr6RVYX/3MQ38CID+vgZWfBe8v2xzNbyXQz/rumv9
zUok4siJNEJomaz2J+L2piHiDudHFPcDIPZNT+Zpc07kKrstyJ8FBvR0OioXy/NH
Z9u8J1UTSSIg4u0CEkwmA8OLryX9mEyphfqknwb/LyWfb0dG1W5hL1sHfvUKpaIq
jg9G9oTRloil
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:09 2023 by rpki-client on console-ams.rpki-client.org