Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/93841b-a526-40e3-8a4f-bc1d9a034593/1/UuDW-KophuLyaG5rQXM1_ZrwFsU.roa
File: UuDW-KophuLyaG5rQXM1_ZrwFsU.roa (raw, json)
Hash identifier: r4JH8uRyMAoGyLGFZXUewJORwnMpXYtPU736itxtfek=
Subject key identifier: 52:E0:D6:F8:AA:29:86:E2:F2:68:6E:6B:41:73:35:FD:9A:F0:16:C5
Certificate issuer: /CN=4c071bad929e362b062b89c87fa41b5deda4ffc0
Certificate serial: 01856D0A9666EBA86A9073C48401CFA55698
Authority key identifier: 4C:07:1B:AD:92:9E:36:2B:06:2B:89:C8:7F:A4:1B:5D:ED:A4:FF:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TAcbrZKeNisGK4nIf6QbXe2k_8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/93841b-a526-40e3-8a4f-bc1d9a034593/1/UuDW-KophuLyaG5rQXM1_ZrwFsU.roa
Signing time: Sun 01 Jan 2023 11:14:48 +0000
ROA not before: Sun 01 Jan 2023 11:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47116
IP address blocks: 31.223.232.0/21 maxlen: 21
185.91.184.0/22 maxlen: 22
93.189.112.0/21 maxlen: 21
37.143.76.0/22 maxlen: 22
2a00:10b8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:96:66:eb:a8:6a:90:73:c4:84:01:cf:a5:56:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c071bad929e362b062b89c87fa41b5deda4ffc0
Validity
Not Before: Jan 1 11:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52e0d6f8aa2986e2f2686e6b417335fd9af016c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:37:a3:b9:ae:1d:dd:93:d7:fc:aa:07:28:33:
5b:32:75:69:0f:c9:aa:47:8e:e6:c6:2a:2f:e7:ec:
7c:f1:b3:41:6f:24:f2:c1:78:df:20:f6:5b:00:e4:
41:1e:b8:d9:45:83:24:05:8a:71:24:17:25:5c:fe:
0e:79:07:c8:fe:53:06:27:c7:19:48:ad:43:1d:ef:
46:35:6b:cb:9d:af:58:69:ba:94:d6:83:d0:01:90:
ab:be:c6:a6:4c:e0:53:ce:ea:f3:85:2f:ca:8f:6c:
a7:7c:e8:7b:b4:89:e2:94:e6:96:44:31:53:a4:23:
81:f7:30:98:ab:6b:1a:bc:1e:75:b7:5a:d3:c0:51:
95:d6:a6:f1:a8:53:7c:59:a0:07:ba:36:f4:22:1b:
75:e2:91:84:b2:4c:af:c5:10:ad:93:d8:33:28:ee:
d1:69:d5:8c:2b:e6:e7:85:0a:cd:e4:f1:f6:2c:79:
a1:e0:57:d3:23:65:98:4b:86:bf:d5:fa:5d:08:ed:
77:7e:cd:0a:ff:f7:71:76:b5:6b:eb:cc:51:e5:d0:
b1:83:0c:da:37:03:29:39:fe:5d:90:3d:8c:6f:ba:
25:44:96:02:68:cb:9d:22:b4:cf:f6:7d:a0:85:7c:
9c:64:48:0a:ff:7d:0a:67:f4:cf:bb:b3:de:59:19:
d2:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:E0:D6:F8:AA:29:86:E2:F2:68:6E:6B:41:73:35:FD:9A:F0:16:C5
X509v3 Authority Key Identifier:
keyid:4C:07:1B:AD:92:9E:36:2B:06:2B:89:C8:7F:A4:1B:5D:ED:A4:FF:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TAcbrZKeNisGK4nIf6QbXe2k_8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/93841b-a526-40e3-8a4f-bc1d9a034593/1/UuDW-KophuLyaG5rQXM1_ZrwFsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/93841b-a526-40e3-8a4f-bc1d9a034593/1/TAcbrZKeNisGK4nIf6QbXe2k_8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.223.232.0/21
37.143.76.0/22
93.189.112.0/21
185.91.184.0/22
IPv6:
2a00:10b8::/32
Signature Algorithm: sha256WithRSAEncryption
61:af:54:1d:8f:8b:a2:38:89:b0:e2:1e:99:d7:31:00:e0:fb:
90:ec:96:46:81:ce:23:09:e1:e6:a0:e9:ad:d7:b1:c4:f6:11:
57:54:4f:86:67:b2:7a:9f:b7:54:b9:30:0b:c5:28:cd:92:d8:
2a:29:71:3a:81:c9:a4:80:28:8b:07:41:21:09:4f:a8:24:95:
b6:64:91:50:a9:e4:88:26:0c:0f:37:8f:2b:2f:12:04:12:5e:
54:f8:f4:45:18:e5:61:dc:15:0d:30:9a:e2:87:37:9b:05:6d:
22:47:6c:37:d9:7f:d1:28:16:1d:d6:6b:69:d0:de:e1:c0:78:
7b:08:bd:36:ab:98:7d:f1:5f:11:4c:19:7b:32:a1:2e:82:00:
d5:85:e8:a2:01:e3:e5:46:35:11:ee:83:27:c9:c0:0f:01:90:
f7:5f:60:5b:5c:fb:52:11:b2:0e:66:01:3a:f5:3a:b9:b4:4e:
31:00:21:11:86:1f:0c:4c:50:01:02:3e:fe:e8:62:17:60:3c:
53:60:dd:90:9a:31:4c:0a:b5:63:a6:89:14:90:1a:7e:f9:68:
d8:93:fc:bd:a2:8d:d7:03:d2:8b:79:0f:b8:f9:13:35:9e:ac:
43:44:e7:b5:79:ce:4b:7a:d3:e8:9f:92:bf:3d:8d:b6:d2:7b:
b5:4d:84:d0
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVtCpZm66hqkHPEhAHPpVaYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMDcxYmFkOTI5ZTM2MmIwNjJiODljODdmYTQxYjVkZWRh
NGZmYzAwHhcNMjMwMTAxMTExNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmUwZDZmOGFhMjk4NmUyZjI2ODZlNmI0MTczMzVmZDlhZjAxNmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDejua4d3ZPX/KoHKDNbMnVpD8mq
R47mxiov5+x88bNBbyTywXjfIPZbAORBHrjZRYMkBYpxJBclXP4OeQfI/lMGJ8cZ
SK1DHe9GNWvLna9YabqU1oPQAZCrvsamTOBTzurzhS/Kj2ynfOh7tInilOaWRDFT
pCOB9zCYq2savB51t1rTwFGV1qbxqFN8WaAHujb0Iht14pGEskyvxRCtk9gzKO7R
adWMK+bnhQrN5PH2LHmh4FfTI2WYS4a/1fpdCO13fs0K//dxdrVr68xR5dCxgwza
NwMpOf5dkD2Mb7olRJYCaMudIrTP9n2ghXycZEgK/30KZ/TPu7PeWRnSKwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFFLg1viqKYbi8mhua0FzNf2a8BbFMB8GA1UdIwQY
MBaAFEwHG62SnjYrBiuJyH+kG13tpP/AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEFjYnJaS2VOaXNHSzRuSWY2UWJYZTJrXzhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy85Mzg0MWItYTUyNi00MGUzLThhNGYt
YmMxZDlhMDM0NTkzLzEvVXVEVy1Lb3BodUx5YUc1clFYTTFfWnJ3RnNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy85Mzg0MWItYTUyNi00MGUzLThhNGYtYmMxZDlhMDM0NTkz
LzEvVEFjYnJaS2VOaXNHSzRuSWY2UWJYZTJrXzhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDH9/oAwQC
JY9MAwQDXb1wAwQCuVu4MA0EAgACMAcDBQAqABC4MA0GCSqGSIb3DQEBCwUAA4IB
AQBhr1Qdj4uiOImw4h6Z1zEA4PuQ7JZGgc4jCeHmoOmt17HE9hFXVE+GZ7J6n7dU
uTALxSjNktgqKXE6gcmkgCiLB0EhCU+oJJW2ZJFQqeSIJgwPN48rLxIEEl5U+PRF
GOVh3BUNMJrihzebBW0iR2w32X/RKBYd1mtp0N7hwHh7CL02q5h98V8RTBl7MqEu
ggDVheiiAePlRjUR7oMnycAPAZD3X2BbXPtSEbIOZgE69Tq5tE4xACERhh8MTFAB
Aj7+6GIXYDxTYN2QmjFMCrVjpokUkBp++WjYk/y9oo3XA9KLeQ+4+RM1nqxDROe1
ec5LetPon5K/PY220nu1TYTQ
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:00 2025 by rpki-client