Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/e20ba1-6ae8-4b43-a709-7545c04e1578/1/UKYawDf_m4bKXCybaR0SxSaVqRc.roa
File: UKYawDf_m4bKXCybaR0SxSaVqRc.roa (raw, json)
Hash identifier: KJcYC6oHP2rVXIGdavsdGcc58wLpdw86SZrGBhSEO5Q=
Subject key identifier: 50:A6:1A:C0:37:FF:9B:86:CA:5C:2C:9B:69:1D:12:C5:26:95:A9:17
Certificate issuer: /CN=4474cf3e2fa892b5fdd3f30dc8275ee1062e1d06
Certificate serial: 026C6AFE
Authority key identifier: 44:74:CF:3E:2F:A8:92:B5:FD:D3:F3:0D:C8:27:5E:E1:06:2E:1D:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RHTPPi-okrX90_MNyCde4QYuHQY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/e20ba1-6ae8-4b43-a709-7545c04e1578/1/UKYawDf_m4bKXCybaR0SxSaVqRc.roa
Signing time: Sat 01 Jan 2022 10:55:16 +0000
ROA not before: Sat 01 Jan 2022 10:55:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 2.58.64.0/22 maxlen: 22
2.58.64.0/23 maxlen: 23
2.58.66.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40659710 (0x26c6afe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4474cf3e2fa892b5fdd3f30dc8275ee1062e1d06
Validity
Not Before: Jan 1 10:55:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=50a61ac037ff9b86ca5c2c9b691d12c52695a917
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:26:84:a8:8a:53:36:08:fd:51:8f:c4:e8:62:
af:74:18:75:14:8c:cb:4f:42:da:6a:f2:23:ac:e5:
e0:91:bd:0a:aa:39:17:67:18:08:d0:be:02:fc:4c:
c4:6c:14:49:12:15:61:6c:a8:c1:d9:fb:ce:29:c5:
28:1c:89:be:d6:60:27:4e:b8:29:f0:2a:a7:df:b6:
46:5f:d7:91:4a:30:37:2c:71:39:eb:9d:fb:4d:36:
86:3b:83:ed:c8:80:9a:fe:4f:1c:c5:6f:bf:28:d2:
fb:05:df:01:ec:65:72:c6:48:2d:e0:97:99:4a:f1:
1a:36:37:fd:83:a3:b6:b8:2f:8a:cc:56:0f:70:a6:
9f:c2:6b:55:28:73:94:32:a3:84:dc:36:13:cb:1c:
85:0a:b3:16:19:30:31:a2:f0:49:d0:a4:5e:5f:aa:
c9:16:b1:08:c3:93:fd:51:db:a1:33:f4:90:40:8d:
24:8b:5f:75:b5:c6:0c:9a:30:9e:6e:c1:51:fc:d7:
c8:e5:ad:c0:f0:82:50:35:c0:56:82:7b:b7:d1:57:
ff:b3:7d:70:d3:76:8f:c2:49:5e:d1:b8:c7:cc:8a:
c4:5a:d9:7b:fe:24:3c:44:4c:f8:0c:79:86:e9:5b:
fd:3a:f5:b1:0a:93:af:2d:b8:ba:b2:c1:3e:b7:34:
83:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:A6:1A:C0:37:FF:9B:86:CA:5C:2C:9B:69:1D:12:C5:26:95:A9:17
X509v3 Authority Key Identifier:
keyid:44:74:CF:3E:2F:A8:92:B5:FD:D3:F3:0D:C8:27:5E:E1:06:2E:1D:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RHTPPi-okrX90_MNyCde4QYuHQY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e20ba1-6ae8-4b43-a709-7545c04e1578/1/UKYawDf_m4bKXCybaR0SxSaVqRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e20ba1-6ae8-4b43-a709-7545c04e1578/1/RHTPPi-okrX90_MNyCde4QYuHQY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.64.0/22
Signature Algorithm: sha256WithRSAEncryption
ac:d6:73:8b:fc:c6:15:10:23:fe:4d:c4:85:4b:38:df:d6:cc:
fd:99:fc:86:a8:15:89:a2:d3:ec:69:3f:9a:1a:b4:c3:1a:ce:
dc:58:e1:31:f1:b2:df:13:f2:6b:65:f5:ec:03:1f:aa:6d:48:
8a:26:b8:85:c0:b7:77:27:d9:3d:13:b9:1a:7f:05:63:6c:1c:
84:c6:d1:e5:b7:78:21:98:1f:80:98:93:30:5e:d1:65:47:a5:
6d:cc:20:47:bc:34:b9:92:6b:62:81:59:e7:d9:d0:85:7c:52:
5f:dd:e0:0c:50:cf:44:37:9d:e1:45:88:0f:53:c6:e8:5c:5e:
cb:99:7f:a9:7f:b8:f6:17:06:c2:d6:02:21:8e:54:10:43:48:
45:66:ba:ed:94:74:48:af:8b:63:19:85:90:63:24:58:b7:ef:
fc:fe:c8:f3:3b:cf:df:00:15:b3:1e:b3:91:70:b7:aa:ae:6b:
d1:4d:5e:c8:e9:0c:3f:24:3b:06:2a:6b:a6:32:88:a7:7a:bf:
ad:8b:aa:25:eb:18:42:41:54:c1:b1:01:24:b4:31:9e:16:d0:
00:a1:96:2b:18:98:1f:3a:9e:e6:58:61:95:2b:36:29:7c:bf:
59:51:81:82:e0:f4:be:68:0a:98:c1:42:4d:6d:93:8b:d7:39:
33:f5:87:d5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAmxq/jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NDc0Y2YzZTJmYTg5MmI1ZmRkM2YzMGRjODI3NWVlMTA2MmUxZDA2MB4XDTIyMDEw
MTEwNTUxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTBhNjFhYzAzN2Zm
OWI4NmNhNWMyYzliNjkxZDEyYzUyNjk1YTkxNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOcmhKiKUzYI/VGPxOhir3QYdRSMy09C2mryI6zl4JG9Cqo5
F2cYCNC+AvxMxGwUSRIVYWyowdn7zinFKByJvtZgJ064KfAqp9+2Rl/XkUowNyxx
Oeud+002hjuD7ciAmv5PHMVvvyjS+wXfAexlcsZILeCXmUrxGjY3/YOjtrgvisxW
D3Cmn8JrVShzlDKjhNw2E8schQqzFhkwMaLwSdCkXl+qyRaxCMOT/VHboTP0kECN
JItfdbXGDJownm7BUfzXyOWtwPCCUDXAVoJ7t9FX/7N9cNN2j8JJXtG4x8yKxFrZ
e/4kPERM+Ax5hulb/Tr1sQqTry24urLBPrc0g+kCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRQphrAN/+bhspcLJtpHRLFJpWpFzAfBgNVHSMEGDAWgBREdM8+L6iStf3T
8w3IJ17hBi4dBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JIVFBQaS1va3JYOTBfTU55Q2RlNFFZdUhRWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDMvZTIwYmExLTZhZTgtNGI0My1hNzA5LTc1NDVjMDRlMTU3OC8x
L1VLWWF3RGZfbTRiS1hDeWJhUjBTeFNhVnFSYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDMv
ZTIwYmExLTZhZTgtNGI0My1hNzA5LTc1NDVjMDRlMTU3OC8xL1JIVFBQaS1va3JY
OTBfTU55Q2RlNFFZdUhRWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAgI6QDANBgkqhkiG9w0BAQsFAAOC
AQEArNZzi/zGFRAj/k3EhUs439bM/Zn8hqgViaLT7Gk/mhq0wxrO3FjhMfGy3xPy
a2X17AMfqm1Iiia4hcC3dyfZPRO5Gn8FY2wchMbR5bd4IZgfgJiTMF7RZUelbcwg
R7w0uZJrYoFZ59nQhXxSX93gDFDPRDed4UWID1PG6Fxey5l/qX+49hcGwtYCIY5U
EENIRWa67ZR0SK+LYxmFkGMkWLfv/P7I8zvP3wAVsx6zkXC3qq5r0U1eyOkMPyQ7
BiprpjKIp3q/rYuqJesYQkFUwbEBJLQxnhbQAKGWKxiYHzqe5lhhlSs2KXy/WVGB
guD0vmgKmMFCTW2Ti9c5M/WH1Q==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:29 2023 by rpki-client on console-fra.rpki-client.org