Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/uCX4ZeBqRwegqWXWLkOe-7yG60U.roa
File: uCX4ZeBqRwegqWXWLkOe-7yG60U.roa (raw, json)
Hash identifier: U1q7NpMpisC5olwnXHF1ZuFCGX7WRVf1+2suxbnisTQ=
Subject key identifier: B8:25:F8:65:E0:6A:47:07:A0:A9:65:D6:2E:43:9E:FB:BC:86:EB:45
Certificate issuer: /CN=50592e68895c7068b4655508917ad5bbddbd0a5f
Certificate serial: 0184A10E3F03D31C2C9AA0857C3A5852FCD9
Authority key identifier: 50:59:2E:68:89:5C:70:68:B4:65:55:08:91:7A:D5:BB:DD:BD:0A:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UFkuaIlccGi0ZVUIkXrVu929Cl8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/uCX4ZeBqRwegqWXWLkOe-7yG60U.roa
Signing time: Tue 22 Nov 2022 20:36:16 +0000
ROA not before: Tue 22 Nov 2022 20:36:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206119
IP address blocks: 185.237.81.0/24 maxlen: 24
185.237.80.0/24 maxlen: 24
194.145.136.0/24 maxlen: 24
194.145.137.0/24 maxlen: 24
185.205.16.0/24 maxlen: 24
185.86.82.0/24 maxlen: 24
185.205.18.0/24 maxlen: 24
193.36.62.0/24 maxlen: 24
185.254.93.0/24 maxlen: 24
185.254.95.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a1:0e:3f:03:d3:1c:2c:9a:a0:85:7c:3a:58:52:fc:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50592e68895c7068b4655508917ad5bbddbd0a5f
Validity
Not Before: Nov 22 20:36:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b825f865e06a4707a0a965d62e439efbbc86eb45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:1c:49:d5:d8:0b:36:1b:a0:30:ba:b4:72:e2:
5a:cf:e6:b2:7b:03:35:63:5d:5d:b5:19:15:cd:f0:
ef:7c:81:53:9b:1c:47:05:c6:77:f9:6f:25:81:81:
3f:af:88:3e:4d:1c:45:90:3f:f9:dd:3b:0f:4a:9f:
c9:09:65:56:2e:81:60:09:60:c1:c5:36:bb:f5:4f:
4f:3d:00:8c:94:d7:26:ed:11:5e:71:8d:2b:87:3b:
d2:1d:01:4f:26:b7:c3:50:30:eb:e9:51:a3:09:44:
38:25:78:44:38:b7:83:b2:2f:ea:45:0f:27:63:e5:
4f:a1:fa:5f:11:ab:ea:dd:00:0f:5c:4b:10:3e:89:
10:ad:96:83:84:ff:c1:bf:a1:bc:80:39:62:4f:f1:
76:d6:5f:4a:49:c1:3b:eb:c3:13:2f:fb:80:e2:d7:
8d:d7:f3:7a:8d:ab:05:57:38:66:cd:68:5a:7f:c2:
de:b6:ad:bd:4d:85:81:b0:be:08:99:e7:0f:82:7e:
4a:a5:d3:87:43:b8:01:86:6c:f1:9c:12:b6:2d:f0:
62:13:25:ee:d3:1a:4d:dd:30:13:27:a7:13:d0:44:
13:78:11:b4:d9:e2:f5:08:8e:9d:d1:65:29:0b:cd:
87:17:20:8c:ba:bc:8a:c8:67:03:88:b6:97:d5:26:
f4:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:25:F8:65:E0:6A:47:07:A0:A9:65:D6:2E:43:9E:FB:BC:86:EB:45
X509v3 Authority Key Identifier:
keyid:50:59:2E:68:89:5C:70:68:B4:65:55:08:91:7A:D5:BB:DD:BD:0A:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UFkuaIlccGi0ZVUIkXrVu929Cl8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/uCX4ZeBqRwegqWXWLkOe-7yG60U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/UFkuaIlccGi0ZVUIkXrVu929Cl8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.82.0/24
185.205.16.0/24
185.205.18.0/24
185.237.80.0/23
185.254.93.0/24
185.254.95.0/24
193.36.62.0/24
194.145.136.0/23
Signature Algorithm: sha256WithRSAEncryption
2c:e5:4c:05:69:3b:b8:fb:7f:3f:c0:59:6a:8e:bd:df:70:76:
ad:a9:eb:32:36:82:68:f7:91:1c:5d:8e:40:c6:d4:87:1f:a6:
5d:e2:61:91:36:ce:2b:37:06:36:6f:54:d4:58:67:2f:9f:6d:
97:7c:88:2a:1d:e8:dc:f0:4b:07:be:40:2c:ca:96:57:da:8f:
2e:c7:6e:e8:6c:54:d5:37:ed:39:37:be:72:bd:78:8b:70:a4:
59:50:11:f6:63:a4:ee:49:f7:23:ca:af:b4:28:55:37:52:f9:
2a:d3:41:21:de:89:32:07:e2:2c:28:b7:8f:09:2d:db:3e:25:
40:b2:54:99:f4:cd:82:9d:1b:4c:4f:30:a3:31:47:08:e7:97:
b4:80:db:49:b0:21:ef:42:7b:d5:a3:2e:79:d4:d2:33:0d:68:
03:52:41:00:ad:de:47:c3:ea:b3:f0:f1:34:e0:14:5e:63:d6:
50:f5:79:e3:6f:e2:0c:bb:53:b8:63:1b:03:91:1f:8e:e4:d5:
40:fc:be:ed:aa:fc:de:1c:7d:b3:29:d2:ab:84:60:45:4b:6b:
f7:39:b4:63:bb:43:3b:cb:53:80:d5:8a:8a:60:35:e9:04:de:
fa:c1:0c:44:f8:ac:e4:90:ca:bb:f7:19:6c:0e:32:9e:9c:ce:
3e:03:41:db
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYShDj8D0xwsmqCFfDpYUvzZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNTkyZTY4ODk1YzcwNjhiNDY1NTUwODkxN2FkNWJiZGRi
ZDBhNWYwHhcNMjIxMTIyMjAzNjE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODI1Zjg2NWUwNmE0NzA3YTBhOTY1ZDYyZTQzOWVmYmJjODZlYjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRxJ1dgLNhugMLq0cuJaz+ayewM1
Y11dtRkVzfDvfIFTmxxHBcZ3+W8lgYE/r4g+TRxFkD/53TsPSp/JCWVWLoFgCWDB
xTa79U9PPQCMlNcm7RFecY0rhzvSHQFPJrfDUDDr6VGjCUQ4JXhEOLeDsi/qRQ8n
Y+VPofpfEavq3QAPXEsQPokQrZaDhP/Bv6G8gDliT/F21l9KScE768MTL/uA4teN
1/N6jasFVzhmzWhaf8Letq29TYWBsL4ImecPgn5KpdOHQ7gBhmzxnBK2LfBiEyXu
0xpN3TATJ6cT0EQTeBG02eL1CI6d0WUpC82HFyCMuryKyGcDiLaX1Sb0/QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFLgl+GXgakcHoKll1i5Dnvu8hutFMB8GA1UdIwQY
MBaAFFBZLmiJXHBotGVVCJF61bvdvQpfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUZrdWFJbGNjR2kwWlZVSWtYclZ1OTI5Q2w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8yYTgxMDAtMTcyYi00OGUzLWEzMmEt
N2JiZDI4Y2U0YTc1LzEvdUNYNFplQnFSd2VncVdYV0xrT2UtN3lHNjBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8yYTgxMDAtMTcyYi00OGUzLWEzMmEtN2JiZDI4Y2U0YTc1
LzEvVUZrdWFJbGNjR2kwWlZVSWtYclZ1OTI5Q2w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAuVZSAwQA
uc0QAwQAuc0SAwQBue1QAwQAuf5dAwQAuf5fAwQAwSQ+AwQBwpGIMA0GCSqGSIb3
DQEBCwUAA4IBAQAs5UwFaTu4+38/wFlqjr3fcHatqesyNoJo95EcXY5AxtSHH6Zd
4mGRNs4rNwY2b1TUWGcvn22XfIgqHejc8EsHvkAsypZX2o8ux27obFTVN+05N75y
vXiLcKRZUBH2Y6TuSfcjyq+0KFU3Uvkq00Eh3okyB+IsKLePCS3bPiVAslSZ9M2C
nRtMTzCjMUcI55e0gNtJsCHvQnvVoy551NIzDWgDUkEArd5Hw+qz8PE04BReY9ZQ
9Xnjb+IMu1O4YxsDkR+O5NVA/L7tqvzeHH2zKdKrhGBFS2v3ObRju0M7y1OA1YqK
YDXpBN76wQxE+KzkkMq79xlsDjKenM4+A0Hb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:59 2024 by rpki-client on console-fra.rpki-client.org