Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/UsgxoOVlokTiNKe0gCjUaUWMg48.roa
File: UsgxoOVlokTiNKe0gCjUaUWMg48.roa (raw, json)
Hash identifier: yTZjhJ0iV6yEEy/eZWghbhrDaPQX+zZWuelAAXS1r0g=
Subject key identifier: 52:C8:31:A0:E5:65:A2:44:E2:34:A7:B4:80:28:D4:69:45:8C:83:8F
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 1976DABF
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/UsgxoOVlokTiNKe0gCjUaUWMg48.roa
Signing time: Mon 04 Apr 2022 07:23:47 +0000
ROA not before: Mon 04 Apr 2022 07:23:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62240
IP address blocks: 185.133.192.0/24 maxlen: 24
185.117.22.0/24 maxlen: 24
185.122.56.0/24 maxlen: 32
185.122.57.0/24 maxlen: 24
185.122.58.0/24 maxlen: 32
185.122.56.0/22 maxlen: 32
185.122.59.0/24 maxlen: 32
2a06:82c2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 427219647 (0x1976dabf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Apr 4 07:23:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=52c831a0e565a244e234a7b48028d469458c838f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e8:97:0f:85:f4:70:87:62:78:df:e2:e3:4d:
c0:62:b5:b2:3a:4c:fb:fe:be:7a:74:65:5e:e2:32:
5b:9d:e5:26:77:01:23:b1:11:ae:cd:d7:27:31:5e:
f9:05:6d:ed:d9:3f:b5:42:67:fe:30:ff:f1:51:55:
2a:89:4f:b2:e3:0b:ad:4a:ba:b8:4e:d7:d4:d7:d3:
2e:a2:86:9d:3b:93:92:90:16:72:0d:96:96:e4:52:
0b:a7:ae:78:a1:cc:62:7d:cd:02:e4:d0:39:ff:73:
34:9c:29:a9:52:15:3e:48:ab:92:f2:6e:3f:73:ba:
eb:b8:51:c8:e7:22:1d:9a:b5:3a:af:82:e1:ad:f5:
09:32:29:b7:ed:ca:21:ae:83:57:af:dd:eb:6a:2c:
5d:aa:02:01:34:f5:28:57:5c:55:47:76:14:22:b7:
83:e5:e0:26:3b:b7:d5:c1:34:c3:3d:d0:c1:47:2b:
44:ad:27:df:f9:d5:b6:4f:ec:29:7a:8a:96:19:c9:
a1:7e:c3:e6:00:69:94:99:9f:cf:f9:17:0a:fd:db:
4c:c1:ba:62:9c:1e:4c:aa:41:c9:f9:20:70:8c:28:
cf:59:44:ea:b8:bf:cb:de:81:2b:b6:4a:01:e9:10:
4d:7f:5d:ca:3a:28:56:9f:30:6e:73:12:7b:2d:27:
70:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:C8:31:A0:E5:65:A2:44:E2:34:A7:B4:80:28:D4:69:45:8C:83:8F
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/UsgxoOVlokTiNKe0gCjUaUWMg48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.22.0/24
185.122.56.0/22
185.133.192.0/24
IPv6:
2a06:82c2::/48
Signature Algorithm: sha256WithRSAEncryption
4c:0c:86:6c:4d:61:33:44:f8:ac:15:c9:96:6f:73:df:61:6d:
1d:69:7b:ab:86:25:63:c7:f6:a3:cb:a5:c9:e4:3c:7a:1c:63:
e3:d9:4c:59:39:2f:81:c3:15:d3:f0:d3:45:69:c3:59:51:8e:
74:51:c6:08:e5:0e:4a:14:0d:7c:6b:96:0b:5e:d0:96:48:7b:
96:63:cc:f6:24:04:c9:49:57:06:81:ef:a6:8c:4e:5b:03:6a:
5c:2b:6c:11:51:b5:77:77:43:94:78:ca:38:55:dd:be:98:65:
a1:be:62:3a:d7:63:7e:04:20:c8:1c:58:dc:92:57:ad:48:84:
27:83:bb:05:42:bc:04:d4:6d:f7:a9:8a:90:c0:a1:25:1d:7d:
70:3f:87:25:57:0d:d6:62:a9:ff:be:13:a9:13:8a:b7:3a:32:
27:b2:4e:26:c5:9a:de:88:70:0f:4a:f9:16:f3:f0:c9:db:42:
a9:10:0f:e9:2d:9f:04:21:4c:55:92:35:39:94:7e:5f:18:f2:
97:e3:5d:17:bb:55:7f:db:b3:b4:b5:f3:58:91:34:5b:7c:27:
a9:c1:a4:0d:65:1c:c8:08:f8:57:c2:7a:00:c9:96:cd:8e:0f:
12:0a:c3:81:4f:6d:e1:e3:42:8b:c0:30:96:b1:1f:fc:14:62:
dd:be:7f:01
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIEGXbavzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDQw
NDA3MjM0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTJjODMxYTBlNTY1
YTI0NGUyMzRhN2I0ODAyOGQ0Njk0NThjODM4ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKHolw+F9HCHYnjf4uNNwGK1sjpM+/6+enRlXuIyW53lJncB
I7ERrs3XJzFe+QVt7dk/tUJn/jD/8VFVKolPsuMLrUq6uE7X1NfTLqKGnTuTkpAW
cg2WluRSC6eueKHMYn3NAuTQOf9zNJwpqVIVPkirkvJuP3O667hRyOciHZq1Oq+C
4a31CTIpt+3KIa6DV6/d62osXaoCATT1KFdcVUd2FCK3g+XgJju31cE0wz3QwUcr
RK0n3/nVtk/sKXqKlhnJoX7D5gBplJmfz/kXCv3bTMG6YpweTKpByfkgcIwoz1lE
6ri/y96BK7ZKAekQTX9dyjooVp8wbnMSey0ncM8CAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBRSyDGg5WWiROI0p7SAKNRpRYyDjzAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L1VzZ3hvT1Zsb2tUaU5LZTBnQ2pVYVVXTWc0OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswGAQCAAEwEgMEALl1FgMEArl6OAMEALmFwDAPBAIA
AjAJAwcAKgaCwgAAMA0GCSqGSIb3DQEBCwUAA4IBAQBMDIZsTWEzRPisFcmWb3Pf
YW0daXurhiVjx/ajy6XJ5Dx6HGPj2UxZOS+BwxXT8NNFacNZUY50UcYI5Q5KFA18
a5YLXtCWSHuWY8z2JATJSVcGge+mjE5bA2pcK2wRUbV3d0OUeMo4Vd2+mGWhvmI6
12N+BCDIHFjckletSIQng7sFQrwE1G33qYqQwKElHX1wP4clVw3WYqn/vhOpE4q3
OjInsk4mxZreiHAPSvkW8/DJ20KpEA/pLZ8EIUxVkjU5lH5fGPKX410Xu1V/27O0
tfNYkTRbfCepwaQNZRzICPhXwnoAyZbNjg8SCsOBT23h40KLwDCWsR/8FGLdvn8B
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:18 2023 by rpki-client on console-fra.rpki-client.org