Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/e8c287-f049-4595-86eb-0be209ffbaec/1/UKSh1ZmFpjIxFUoaqORU3u0W8JM.roa
File: UKSh1ZmFpjIxFUoaqORU3u0W8JM.roa (raw, json)
Hash identifier: wcRX9e/F6e5PAUCz9Z1Xrp2p7wRzXvSTvUlnh8XbsZ4=
Subject key identifier: 50:A4:A1:D5:99:85:A6:32:31:15:4A:1A:A8:E4:54:DE:ED:16:F0:93
Certificate issuer: /CN=0f92c52f86009879c177092f7cd83418b4df8cab
Certificate serial: 366114EB
Authority key identifier: 0F:92:C5:2F:86:00:98:79:C1:77:09:2F:7C:D8:34:18:B4:DF:8C:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D5LFL4YAmHnBdwkvfNg0GLTfjKs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/e8c287-f049-4595-86eb-0be209ffbaec/1/UKSh1ZmFpjIxFUoaqORU3u0W8JM.roa
Signing time: Tue 08 Feb 2022 10:10:33 +0000
ROA not before: Tue 08 Feb 2022 10:10:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6453
IP address blocks: 81.28.112.0/20 maxlen: 24
188.123.160.0/19 maxlen: 24
185.175.248.0/22 maxlen: 24
82.212.64.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 912332011 (0x366114eb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f92c52f86009879c177092f7cd83418b4df8cab
Validity
Not Before: Feb 8 10:10:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=50a4a1d59985a63231154a1aa8e454deed16f093
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:78:94:d5:3b:67:c6:4b:31:80:fd:f1:51:ac:
da:c8:39:18:11:5a:bf:ba:dc:69:3b:e9:bd:1c:6f:
c9:5d:71:49:88:58:72:1d:77:38:6d:b9:ea:cd:71:
d3:13:b7:f3:93:ab:3b:a9:0c:8c:51:ba:71:90:fa:
ef:ba:bf:f7:72:fd:87:c3:01:01:5d:7e:df:d3:5d:
72:b2:54:f8:20:a7:bd:1c:29:29:a9:8d:e9:4e:5d:
dd:99:97:aa:13:21:02:48:a6:b1:e1:bc:57:dc:cc:
df:28:fe:ae:67:42:63:a0:3d:d0:34:0c:da:47:67:
b3:cc:3d:f2:32:a9:87:e6:92:77:9c:4a:b1:8e:0c:
57:2d:a3:dc:e2:2b:cd:f9:75:3b:ca:61:93:28:5a:
9c:d7:09:f4:5c:cb:7b:be:be:ff:bc:d1:71:3f:80:
e9:b1:ed:09:d0:66:46:a3:a8:8b:4b:7f:2b:f7:b1:
a7:b2:fe:8e:d4:aa:99:20:26:d4:38:a3:62:9e:29:
42:b2:0b:83:97:37:6f:84:d3:5a:10:9a:b1:82:d3:
d6:bf:ad:dc:50:16:ed:3f:4d:e2:a7:91:8d:bc:7b:
ca:04:aa:e2:3f:b6:4d:34:5e:bb:87:2b:99:6d:cf:
5c:78:51:59:4c:14:10:0c:c1:c4:c3:68:b6:d2:7d:
c9:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:A4:A1:D5:99:85:A6:32:31:15:4A:1A:A8:E4:54:DE:ED:16:F0:93
X509v3 Authority Key Identifier:
keyid:0F:92:C5:2F:86:00:98:79:C1:77:09:2F:7C:D8:34:18:B4:DF:8C:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D5LFL4YAmHnBdwkvfNg0GLTfjKs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e8c287-f049-4595-86eb-0be209ffbaec/1/UKSh1ZmFpjIxFUoaqORU3u0W8JM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e8c287-f049-4595-86eb-0be209ffbaec/1/D5LFL4YAmHnBdwkvfNg0GLTfjKs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.28.112.0/20
82.212.64.0/18
185.175.248.0/22
188.123.160.0/19
Signature Algorithm: sha256WithRSAEncryption
0d:8a:52:ca:b8:2c:ca:1f:b3:80:46:1b:ef:40:74:ef:0d:27:
b6:77:8d:99:aa:74:d8:5a:e3:52:62:fb:f0:75:ea:84:f7:1d:
2a:a4:5a:58:f6:06:91:a9:89:bd:c5:37:a1:f4:15:2f:aa:20:
56:3d:5e:15:8d:b7:62:11:34:38:e9:9c:95:7e:b2:d2:b0:19:
c6:be:ed:38:2a:e7:6b:0f:5d:c8:39:01:88:8d:60:cb:98:02:
0b:29:ce:38:41:07:69:8f:f4:9b:99:98:9b:77:45:f5:ba:5a:
e2:d6:11:1b:1a:a2:39:f7:3c:ea:5c:b4:2d:58:41:71:68:f3:
1c:5b:ed:34:14:ba:61:94:99:b1:14:74:b1:24:cd:64:b4:98:
3d:2c:93:8a:ae:21:18:e6:6f:b9:27:7b:a2:74:07:95:ed:b7:
5b:08:ea:5a:73:b3:e6:05:27:d4:3a:7b:9c:bc:4b:ec:46:c8:
ef:f4:09:f8:4c:c1:b2:20:83:90:be:08:87:75:01:9a:7b:c3:
da:80:e8:d8:a2:da:20:18:de:84:51:f1:0e:a7:7e:8b:a3:71:
36:0f:b3:ac:ae:f3:cb:bd:57:82:59:8c:9c:bc:52:77:d5:d0:
6a:58:5b:b7:67:b1:19:c2:c8:e6:14:da:69:27:4b:a0:84:10:
07:28:88:f4
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIENmEU6zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZjkyYzUyZjg2MDA5ODc5YzE3NzA5MmY3Y2Q4MzQxOGI0ZGY4Y2FiMB4XDTIyMDIw
ODEwMTAzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTBhNGExZDU5OTg1
YTYzMjMxMTU0YTFhYThlNDU0ZGVlZDE2ZjA5MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANx4lNU7Z8ZLMYD98VGs2sg5GBFav7rcaTvpvRxvyV1xSYhY
ch13OG256s1x0xO385OrO6kMjFG6cZD677q/93L9h8MBAV1+39NdcrJU+CCnvRwp
KamN6U5d3ZmXqhMhAkimseG8V9zM3yj+rmdCY6A90DQM2kdns8w98jKph+aSd5xK
sY4MVy2j3OIrzfl1O8phkyhanNcJ9FzLe76+/7zRcT+A6bHtCdBmRqOoi0t/K/ex
p7L+jtSqmSAm1DijYp4pQrILg5c3b4TTWhCasYLT1r+t3FAW7T9N4qeRjbx7ygSq
4j+2TTReu4crmW3PXHhRWUwUEAzBxMNottJ9yccCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBRQpKHVmYWmMjEVShqo5FTe7RbwkzAfBgNVHSMEGDAWgBQPksUvhgCYecF3
CS982DQYtN+MqzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0Q1TEZMNFlBbUhuQmR3a3ZmTmcwR0xUZmpLcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTYvZThjMjg3LWYwNDktNDU5NS04NmViLTBiZTIwOWZmYmFlYy8x
L1VLU2gxWm1GcGpJeEZVb2FxT1JVM3UwVzhKTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTYv
ZThjMjg3LWYwNDktNDU5NS04NmViLTBiZTIwOWZmYmFlYy8xL0Q1TEZMNFlBbUhu
QmR3a3ZmTmcwR0xUZmpLcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEBFEccAMEBlLUQAMEArmv+AMEBbx7
oDANBgkqhkiG9w0BAQsFAAOCAQEADYpSyrgsyh+zgEYb70B07w0ntneNmap02Frj
UmL78HXqhPcdKqRaWPYGkamJvcU3ofQVL6ogVj1eFY23YhE0OOmclX6y0rAZxr7t
OCrnaw9dyDkBiI1gy5gCCynOOEEHaY/0m5mYm3dF9bpa4tYRGxqiOfc86ly0LVhB
cWjzHFvtNBS6YZSZsRR0sSTNZLSYPSyTiq4hGOZvuSd7onQHle23WwjqWnOz5gUn
1Dp7nLxL7EbI7/QJ+EzBsiCDkL4Ih3UBmnvD2oDo2KLaIBjehFHxDqd+i6NxNg+z
rK7zy71XglmMnLxSd9XQalhbt2exGcLI5hTaaSdLoIQQByiI9A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:46 2024 by rpki-client on console-fra.rpki-client.org