Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/aafcb2-491d-4b80-9168-5f3381b071da/1/UA3NALqhOFBkdYbs-aljxVzcPJ0.roa
File: UA3NALqhOFBkdYbs-aljxVzcPJ0.roa (raw, json)
Hash identifier: iQIQioi5bKpKbrzVYjEeTzvdCJXFpIxriLWH77eKmBc=
Subject key identifier: 50:0D:CD:00:BA:A1:38:50:64:75:86:EC:F9:A9:63:C5:5C:DC:3C:9D
Certificate issuer: /CN=6afab09168e7cc66b663c6162d5c8d454965cce2
Certificate serial: 0189A685651578464629ABA68871B13DA990
Authority key identifier: 6A:FA:B0:91:68:E7:CC:66:B6:63:C6:16:2D:5C:8D:45:49:65:CC:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/avqwkWjnzGa2Y8YWLVyNRUllzOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/aafcb2-491d-4b80-9168-5f3381b071da/1/UA3NALqhOFBkdYbs-aljxVzcPJ0.roa
Signing time: Sun 30 Jul 2023 11:18:27 +0000
ROA not before: Sun 30 Jul 2023 11:18:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203268
IP address blocks: 185.137.245.0/24 maxlen: 24
185.137.246.0/24 maxlen: 24
185.137.244.0/24 maxlen: 24
185.137.247.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:a6:85:65:15:78:46:46:29:ab:a6:88:71:b1:3d:a9:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6afab09168e7cc66b663c6162d5c8d454965cce2
Validity
Not Before: Jul 30 11:18:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=500dcd00baa13850647586ecf9a963c55cdc3c9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:98:d0:16:b1:ee:eb:2a:0f:3c:b5:10:69:ab:
6d:fa:15:72:5c:fb:65:ba:9d:8c:e4:f9:2e:f8:95:
24:ff:b8:f4:33:ef:35:eb:c9:08:75:d5:1f:6d:73:
f0:a0:c6:af:2c:22:19:1a:df:f0:90:a0:62:1b:b1:
96:52:f1:e1:97:9e:6c:09:6f:d3:6e:f1:82:cc:2f:
e6:3d:57:9f:0a:4b:44:1c:c6:35:a2:25:3d:a8:2e:
53:af:e5:99:53:08:e5:2c:d0:c8:34:29:1b:b0:16:
39:20:fa:40:67:df:55:2a:6c:02:c7:6b:bd:99:a6:
a3:78:1f:3b:1a:f1:90:ec:73:14:9e:c0:20:ff:7d:
89:f7:54:23:76:84:51:d7:f0:63:dd:92:61:2c:1a:
db:4d:1a:2f:a8:d2:74:f1:55:f2:84:c5:d1:01:21:
a5:97:8b:0b:73:60:4c:88:b7:a0:9b:de:bb:00:2b:
bb:f6:be:19:69:86:9a:da:5c:db:10:18:83:5f:46:
e8:c6:d8:27:13:d6:50:c9:19:94:e5:a2:d9:75:01:
74:f7:4b:76:1d:5a:e6:90:ec:0e:f0:9d:60:1d:08:
38:ea:d2:c2:75:9f:f4:48:e0:04:84:67:05:7a:82:
76:c1:33:33:86:92:b3:7f:56:d5:1b:bc:ad:40:2a:
51:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:0D:CD:00:BA:A1:38:50:64:75:86:EC:F9:A9:63:C5:5C:DC:3C:9D
X509v3 Authority Key Identifier:
keyid:6A:FA:B0:91:68:E7:CC:66:B6:63:C6:16:2D:5C:8D:45:49:65:CC:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/avqwkWjnzGa2Y8YWLVyNRUllzOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/aafcb2-491d-4b80-9168-5f3381b071da/1/UA3NALqhOFBkdYbs-aljxVzcPJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/aafcb2-491d-4b80-9168-5f3381b071da/1/avqwkWjnzGa2Y8YWLVyNRUllzOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.244.0/22
Signature Algorithm: sha256WithRSAEncryption
01:41:d9:f3:65:45:fd:09:a2:2a:e3:44:1b:48:de:08:07:39:
34:c6:07:8c:04:ba:12:e3:af:b6:b2:7b:41:44:70:ee:cb:65:
1e:da:8f:b1:13:e2:bc:95:7c:3e:f5:04:b5:94:09:81:8d:04:
9a:51:31:fb:5a:de:0c:6e:f5:8a:b4:1f:e8:4e:e9:03:35:1f:
b9:20:90:fd:ad:28:aa:16:9f:8d:32:a4:30:a6:7f:13:8e:32:
b2:0e:20:f6:f9:5a:07:47:32:4a:ba:84:15:d3:0d:0f:6e:02:
b1:05:c1:44:44:c6:36:bb:96:28:d5:80:f0:05:1a:96:66:a7:
d4:f5:44:d7:63:19:f6:a5:9e:fb:4e:9d:34:af:75:22:7b:f5:
05:4a:68:2d:87:d6:90:9c:96:43:85:48:98:80:fa:bd:dd:7f:
87:32:c8:5d:93:a2:ff:36:7c:22:53:a2:1a:cd:a7:1f:b9:e1:
5e:cd:51:fd:d6:78:1d:23:a8:a4:4f:82:ec:7b:ca:3e:e9:c8:
09:98:a7:43:19:a0:76:14:c0:d7:82:d6:65:cd:2d:f3:a8:98:
6f:c6:91:c9:e3:c9:6c:60:c4:da:86:3a:5a:38:72:bb:02:9d:
58:4b:28:87:73:9e:88:cd:f6:13:a7:29:89:bb:99:f7:62:c7:
e4:38:a1:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmmhWUVeEZGKaumiHGxPamQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhZmFiMDkxNjhlN2NjNjZiNjYzYzYxNjJkNWM4ZDQ1NDk2
NWNjZTIwHhcNMjMwNzMwMTExODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDBkY2QwMGJhYTEzODUwNjQ3NTg2ZWNmOWE5NjNjNTVjZGMzYzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5jQFrHu6yoPPLUQaatt+hVyXPtl
up2M5Pku+JUk/7j0M+8168kIddUfbXPwoMavLCIZGt/wkKBiG7GWUvHhl55sCW/T
bvGCzC/mPVefCktEHMY1oiU9qC5Tr+WZUwjlLNDINCkbsBY5IPpAZ99VKmwCx2u9
maajeB87GvGQ7HMUnsAg/32J91QjdoRR1/Bj3ZJhLBrbTRovqNJ08VXyhMXRASGl
l4sLc2BMiLegm967ACu79r4ZaYaa2lzbEBiDX0boxtgnE9ZQyRmU5aLZdQF090t2
HVrmkOwO8J1gHQg46tLCdZ/0SOAEhGcFeoJ2wTMzhpKzf1bVG7ytQCpRCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFANzQC6oThQZHWG7PmpY8Vc3DydMB8GA1UdIwQY
MBaAFGr6sJFo58xmtmPGFi1cjUVJZcziMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXZxd2tXam56R2EyWThZV0xWeU5SVWxsek9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9hYWZjYjItNDkxZC00YjgwLTkxNjgt
NWYzMzgxYjA3MWRhLzEvVUEzTkFMcWhPRkJrZFlicy1hbGp4VnpjUEowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9hYWZjYjItNDkxZC00YjgwLTkxNjgtNWYzMzgxYjA3MWRh
LzEvYXZxd2tXam56R2EyWThZV0xWeU5SVWxsek9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYn0MA0G
CSqGSIb3DQEBCwUAA4IBAQABQdnzZUX9CaIq40QbSN4IBzk0xgeMBLoS46+2sntB
RHDuy2Ue2o+xE+K8lXw+9QS1lAmBjQSaUTH7Wt4MbvWKtB/oTukDNR+5IJD9rSiq
Fp+NMqQwpn8TjjKyDiD2+VoHRzJKuoQV0w0PbgKxBcFERMY2u5Yo1YDwBRqWZqfU
9UTXYxn2pZ77Tp00r3Uie/UFSmgth9aQnJZDhUiYgPq93X+HMshdk6L/NnwiU6Ia
zacfueFezVH91ngdI6ikT4Lse8o+6cgJmKdDGaB2FMDXgtZlzS3zqJhvxpHJ48ls
YMTahjpaOHK7Ap1YSyiHc56IzfYTpymJu5n3YsfkOKGw
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:22:46 2025 by rpki-client