Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/ubiQ5ar-55UmwgDgCVrXV85nXQE.roa
File: ubiQ5ar-55UmwgDgCVrXV85nXQE.roa (raw, json)
Hash identifier: mWzVHk4glo0b6yTx6hzjC24C01/1xLg4WjHKVwjawQw=
Subject key identifier: B9:B8:90:E5:AA:FE:E7:95:26:C2:00:E0:09:5A:D7:57:CE:67:5D:01
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 063EB1D1
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/ubiQ5ar-55UmwgDgCVrXV85nXQE.roa
Signing time: Sat 12 Mar 2022 17:43:41 +0000
ROA not before: Sat 12 Mar 2022 17:43:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25369
IP address blocks: 93.152.207.0/24 maxlen: 24
93.152.211.0/24 maxlen: 24
93.152.219.0/24 maxlen: 24
93.152.217.0/24 maxlen: 24
93.152.222.0/24 maxlen: 24
212.102.105.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 104772049 (0x63eb1d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Mar 12 17:43:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b9b890e5aafee79526c200e0095ad757ce675d01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d6:a1:6a:7e:4d:3a:ae:1d:e6:30:97:47:bd:
59:0f:c2:b6:3b:f4:c3:f1:54:34:a0:dd:f7:3d:29:
59:b8:6f:f8:6d:58:8d:3b:a6:13:ab:02:ed:2d:ae:
b2:e7:18:a8:01:50:aa:59:63:9a:75:49:2b:da:f1:
03:c7:d0:06:ee:23:80:ae:92:2b:3a:04:8c:1b:4f:
4c:f5:b4:f1:b4:d0:39:6a:20:53:e5:68:56:96:15:
a1:01:36:21:c9:ef:d4:30:ec:ee:47:05:42:3c:e8:
ee:54:6a:bd:93:8d:c8:0b:29:3f:84:84:86:bd:f6:
e8:2b:fe:eb:a8:39:56:84:b2:b5:a5:0d:d3:53:49:
0d:ce:fd:dc:95:82:e2:ec:82:9d:d7:e8:a9:d8:46:
5d:9b:2f:04:70:d3:ca:52:b8:bb:38:87:64:d3:bd:
a7:b3:40:1e:b9:0b:32:6e:37:69:91:d9:72:62:20:
46:88:7b:0a:c3:69:9c:81:54:5a:64:bb:e5:85:58:
94:2c:0f:90:1f:54:8b:5e:63:0c:f3:41:12:67:63:
95:4c:0b:08:97:e3:06:0a:b4:25:3e:40:5a:7b:44:
8d:2b:5a:da:81:13:c4:d2:b5:d4:39:16:cd:da:34:
14:2b:56:56:43:98:33:da:7b:3c:0d:7f:52:ee:c0:
4a:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:B8:90:E5:AA:FE:E7:95:26:C2:00:E0:09:5A:D7:57:CE:67:5D:01
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/ubiQ5ar-55UmwgDgCVrXV85nXQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.152.207.0/24
93.152.211.0/24
93.152.217.0/24
93.152.219.0/24
93.152.222.0/24
212.102.105.0/24
Signature Algorithm: sha256WithRSAEncryption
83:9a:29:ac:11:ae:8d:40:7b:82:2d:20:19:e9:5c:c8:21:39:
02:0f:4d:48:09:c0:6d:71:af:df:40:16:11:ee:ee:a3:11:38:
36:04:14:6b:03:61:32:07:fd:84:ef:dc:a9:3b:18:6c:04:3a:
30:6f:ee:9c:6b:11:a5:ce:0c:00:67:56:8b:b1:ed:2e:6c:fb:
f3:a6:7a:bd:66:31:bc:b4:5e:bf:fb:76:c0:c5:ee:4d:c9:5c:
d2:77:d6:20:45:35:39:db:7a:f7:b9:4e:d5:3b:e1:e3:3c:3f:
29:9f:a9:ca:d3:78:c6:30:a1:2a:3b:15:ff:6f:cf:b0:76:d1:
7f:5a:2b:24:f5:1b:ab:c4:56:14:6c:7a:24:b0:35:e0:c5:49:
75:4b:c7:9c:59:e3:cd:e7:84:53:13:eb:00:9a:9c:b4:3e:e8:
26:79:92:0b:db:01:61:f0:3b:3e:4b:31:87:99:7c:cd:21:a9:
51:23:27:53:dc:72:34:33:1c:c8:b7:99:69:07:c7:60:2b:b7:
71:cc:17:38:ce:53:52:30:5d:bd:c6:d0:63:a1:93:a4:43:a0:
3d:39:13:7e:fd:80:d5:8d:d9:be:cf:79:ef:2c:ab:d5:a1:80:
d0:4e:cf:43:fb:de:21:84:15:9c:b9:e9:9a:58:9f:47:c3:53:
d5:32:20:09
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEBj6x0TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZDFjYWE2OTM1OGY4Yzk4ZjdhNzE5ZjI1OTdkNWRhZGRiZDAwMThjMB4XDTIyMDMx
MjE3NDM0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjliODkwZTVhYWZl
ZTc5NTI2YzIwMGUwMDk1YWQ3NTdjZTY3NWQwMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALzWoWp+TTquHeYwl0e9WQ/Ctjv0w/FUNKDd9z0pWbhv+G1Y
jTumE6sC7S2usucYqAFQqlljmnVJK9rxA8fQBu4jgK6SKzoEjBtPTPW08bTQOWog
U+VoVpYVoQE2Icnv1DDs7kcFQjzo7lRqvZONyAspP4SEhr326Cv+66g5VoSytaUN
01NJDc793JWC4uyCndfoqdhGXZsvBHDTylK4uziHZNO9p7NAHrkLMm43aZHZcmIg
Roh7CsNpnIFUWmS75YVYlCwPkB9Ui15jDPNBEmdjlUwLCJfjBgq0JT5AWntEjSta
2oETxNK11DkWzdo0FCtWVkOYM9p7PA1/Uu7ASlcCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBS5uJDlqv7nlSbCAOAJWtdXzmddATAfBgNVHSMEGDAWgBQtHKppNY+MmPen
GfJZfV2t29ABjDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xSeXFhVFdQakpqM3B4bnlXWDFkcmR2UUFZdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGYvYTkzNjk5LTE4OGItNDcwYS05NmI3LTI5YjA4NWRkMjNhZC8x
L3ViaVE1YXItNTVVbXdnRGdDVnJYVjg1blhRRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYv
YTkzNjk5LTE4OGItNDcwYS05NmI3LTI5YjA4NWRkMjNhZC8xL0xSeXFhVFdQakpq
M3B4bnlXWDFkcmR2UUFZdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAF2YzwMEAF2Y0wMEAF2Y2QMEAF2Y
2wMEAF2Y3gMEANRmaTANBgkqhkiG9w0BAQsFAAOCAQEAg5oprBGujUB7gi0gGelc
yCE5Ag9NSAnAbXGv30AWEe7uoxE4NgQUawNhMgf9hO/cqTsYbAQ6MG/unGsRpc4M
AGdWi7HtLmz786Z6vWYxvLRev/t2wMXuTclc0nfWIEU1Odt697lO1Tvh4zw/KZ+p
ytN4xjChKjsV/2/PsHbRf1orJPUbq8RWFGx6JLA14MVJdUvHnFnjzeeEUxPrAJqc
tD7oJnmSC9sBYfA7Pksxh5l8zSGpUSMnU9xyNDMcyLeZaQfHYCu3ccwXOM5TUjBd
vcbQY6GTpEOgPTkTfv2A1Y3Zvs957yyr1aGA0E7PQ/veIYQVnLnpmlifR8NT1TIg
CQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:21:39 2025 by rpki-client