Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/ukziaw8JRc4OXHq3KM7D5jALbFA.roa
File: ukziaw8JRc4OXHq3KM7D5jALbFA.roa (raw, json)
Hash identifier: Dj9LLRlt04urmkq0ysbIlRwh2bHdAUYN+vB2WG/7rGw=
Subject key identifier: BA:4C:E2:6B:0F:09:45:CE:0E:5C:7A:B7:28:CE:C3:E6:30:0B:6C:50
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 1895379E
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/ukziaw8JRc4OXHq3KM7D5jALbFA.roa
Signing time: Thu 03 Feb 2022 12:10:23 +0000
ROA not before: Thu 03 Feb 2022 12:10:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62425
IP address blocks: 193.160.214.0/24 maxlen: 32
185.122.39.0/24 maxlen: 32
185.115.242.0/24 maxlen: 32
2a06:7243::/43 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 412432286 (0x1895379e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Feb 3 12:10:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ba4ce26b0f0945ce0e5c7ab728cec3e6300b6c50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:3c:5c:ba:96:b4:a6:80:9a:31:be:34:a0:cf:
39:ed:1f:ba:cc:45:5d:9f:07:01:c3:72:da:88:ae:
68:d3:2f:f8:15:eb:98:ac:32:63:d3:c1:f3:24:3e:
1c:c9:fb:2e:16:34:cb:ba:bf:cf:42:8c:12:d1:d5:
a6:e3:03:3f:71:bc:48:9c:d5:1e:80:7f:ab:cc:8d:
9e:7d:ee:fb:06:35:64:4b:a0:da:4d:42:c5:9e:72:
f6:7f:57:f0:c3:e9:ac:68:9a:e0:7d:04:43:1a:39:
78:b1:9e:5b:28:c9:32:95:05:06:1f:e8:09:30:50:
68:f0:d4:a5:56:bc:86:d0:eb:fb:16:4f:b2:b7:ee:
40:a2:87:d7:7d:ff:ef:25:d1:ab:e0:7c:59:54:05:
c5:ec:fb:b6:23:63:a3:23:e0:dc:d2:de:72:a3:e2:
c4:44:9d:fe:17:a6:52:90:4d:a4:6e:03:12:b3:6c:
37:7c:55:17:c5:a1:a2:2a:95:cb:2a:e3:da:3a:2e:
9a:90:33:82:02:d8:48:3f:7d:97:92:6e:65:15:39:
12:77:54:81:a1:7a:ea:9e:6d:8e:b0:6f:0e:0c:72:
cf:50:c7:fa:f7:fa:a1:2f:75:df:d4:0b:84:3d:a3:
b6:e5:bd:aa:5b:65:03:76:12:cb:da:43:e9:6d:bc:
1f:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:4C:E2:6B:0F:09:45:CE:0E:5C:7A:B7:28:CE:C3:E6:30:0B:6C:50
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/ukziaw8JRc4OXHq3KM7D5jALbFA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.115.242.0/24
185.122.39.0/24
193.160.214.0/24
IPv6:
2a06:7243::/43
Signature Algorithm: sha256WithRSAEncryption
86:8a:ff:e2:d3:10:8d:24:54:f2:fb:b5:cc:42:78:f5:47:3b:
7f:0c:46:8d:26:36:46:b8:57:49:4f:d5:41:d7:b9:55:e7:8f:
56:be:da:0d:2d:47:64:31:ba:01:15:88:e8:f5:4c:87:b5:92:
a9:5b:b3:10:f5:a7:d1:6b:df:6f:54:8f:f3:9b:c0:b2:09:d0:
ac:17:1b:8c:15:6d:d6:d7:92:bc:7f:22:aa:58:59:f8:be:23:
cb:e6:84:76:c6:dd:6b:60:d0:3d:63:4d:c7:69:7a:71:35:29:
48:6d:c1:bf:43:43:c4:1b:4b:f6:f9:90:51:c5:d0:64:d3:f9:
13:fb:6a:d2:00:7b:f6:3f:52:45:7b:03:44:ac:ac:43:41:a5:
c3:ad:7f:98:cd:31:27:ad:8f:ce:06:db:5d:78:b5:19:ac:3d:
83:d5:ab:cb:98:fe:2a:fc:d1:e8:a1:f7:f0:5f:da:ed:8f:7d:
c5:75:47:5c:04:c9:5a:49:25:c2:6b:f2:67:5b:4f:c6:c5:31:
e1:c3:ac:61:9e:0b:c6:65:b0:15:68:97:b1:a3:7f:70:14:8c:
9f:fe:35:31:0b:2d:19:da:d6:c4:0e:75:6c:1e:83:4f:77:dc:
01:4c:6a:3d:4e:7e:32:ab:d4:6d:88:e2:de:a2:f4:3b:a4:3a:
fc:d2:2e:3f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIEGJU3njANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDIw
MzEyMTAyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmE0Y2UyNmIwZjA5
NDVjZTBlNWM3YWI3MjhjZWMzZTYzMDBiNmM1MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANA8XLqWtKaAmjG+NKDPOe0fusxFXZ8HAcNy2oiuaNMv+BXr
mKwyY9PB8yQ+HMn7LhY0y7q/z0KMEtHVpuMDP3G8SJzVHoB/q8yNnn3u+wY1ZEug
2k1CxZ5y9n9X8MPprGia4H0EQxo5eLGeWyjJMpUFBh/oCTBQaPDUpVa8htDr+xZP
srfuQKKH133/7yXRq+B8WVQFxez7tiNjoyPg3NLecqPixESd/hemUpBNpG4DErNs
N3xVF8WhoiqVyyrj2joumpAzggLYSD99l5JuZRU5EndUgaF66p5tjrBvDgxyz1DH
+vf6oS9139QLhD2jtuW9qltlA3YSy9pD6W28HxUCAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBS6TOJrDwlFzg5cercozsPmMAtsUDAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L3VremlhdzhKUmM0T1hIcTNLTTdENWpBTGJGQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswGAQCAAEwEgMEALlz8gMEALl6JwMEAMGg1jAPBAIA
AjAJAwcFKgZyQwAAMA0GCSqGSIb3DQEBCwUAA4IBAQCGiv/i0xCNJFTy+7XMQnj1
Rzt/DEaNJjZGuFdJT9VB17lV549WvtoNLUdkMboBFYjo9UyHtZKpW7MQ9afRa99v
VI/zm8CyCdCsFxuMFW3W15K8fyKqWFn4viPL5oR2xt1rYNA9Y03HaXpxNSlIbcG/
Q0PEG0v2+ZBRxdBk0/kT+2rSAHv2P1JFewNErKxDQaXDrX+YzTEnrY/OBttdeLUZ
rD2D1avLmP4q/NHooffwX9rtj33FdUdcBMlaSSXCa/JnW0/GxTHhw6xhngvGZbAV
aJexo39wFIyf/jUxCy0Z2tbEDnVsHoNPd9wBTGo9Tn4yq9RtiOLeovQ7pDr80i4/
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:18 2023 by rpki-client on console-fra.rpki-client.org