Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/5506de-0b1a-47ee-99d1-a520d434654a/1/UGRw9F7cuVhUyKRhZU7-yNAV3Vk.roa
File: UGRw9F7cuVhUyKRhZU7-yNAV3Vk.roa (raw, json)
Hash identifier: 6nFcM1xkQ0+04GidMEGyRnDlR7yH62CI07b5e+YP8K8=
Subject key identifier: 50:64:70:F4:5E:DC:B9:58:54:C8:A4:61:65:4E:FE:C8:D0:15:DD:59
Certificate issuer: /CN=b65918f25d56000f881da98de323d91a064e0087
Certificate serial: 018456EE8A65D2778C00B4302FB5CE75AF5B
Authority key identifier: B6:59:18:F2:5D:56:00:0F:88:1D:A9:8D:E3:23:D9:1A:06:4E:00:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tlkY8l1WAA-IHamN4yPZGgZOAIc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/5506de-0b1a-47ee-99d1-a520d434654a/1/UGRw9F7cuVhUyKRhZU7-yNAV3Vk.roa
Signing time: Tue 08 Nov 2022 11:09:44 +0000
ROA not before: Tue 08 Nov 2022 11:09:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207125
IP address blocks: 185.165.117.0/24 maxlen: 24
185.165.116.0/23 maxlen: 23
185.165.116.0/24 maxlen: 24
185.165.118.0/23 maxlen: 23
185.165.118.0/24 maxlen: 24
185.165.119.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:56:ee:8a:65:d2:77:8c:00:b4:30:2f:b5:ce:75:af:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b65918f25d56000f881da98de323d91a064e0087
Validity
Not Before: Nov 8 11:09:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=506470f45edcb95854c8a461654efec8d015dd59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:da:61:bc:34:9f:1f:ff:df:5f:ff:9e:e4:33:
51:73:a2:10:e5:75:ca:28:a5:73:dd:79:36:9c:a5:
eb:fc:cc:88:ba:17:8b:37:10:60:9d:74:78:ef:52:
58:6f:08:ce:f2:d0:ee:44:c7:b1:6e:5f:e8:3e:74:
e4:46:82:c3:13:41:0a:c0:1a:35:44:2d:b8:54:0a:
1c:66:6a:b7:e1:b6:c8:9a:a7:3d:b2:94:f4:95:f7:
ca:81:21:73:72:f7:e5:1f:60:bf:47:f6:24:6b:46:
6b:90:f0:30:98:1c:bd:86:7b:aa:95:26:e6:ce:50:
a4:6e:c4:85:82:68:ee:84:a4:e6:16:93:b8:39:b0:
78:5d:5a:dd:a5:52:dc:5f:42:25:4d:64:f6:30:40:
4b:1d:dc:7c:b9:b6:58:2e:7d:50:5e:db:56:9f:39:
b1:5a:4c:05:f8:8f:44:8a:e9:dd:46:cc:33:bc:67:
12:41:8d:bc:34:94:82:71:94:a8:ea:8f:bc:ed:73:
73:44:62:3f:c4:d2:63:b2:bd:3e:15:1c:09:5f:a1:
06:81:17:c3:b6:30:30:dc:0d:db:f4:dd:c8:24:cf:
ba:b8:d1:b8:44:16:62:a6:a4:9d:0d:6a:f8:23:fb:
bd:29:63:5b:ba:66:bc:9e:cb:a8:e8:90:79:41:47:
8b:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:64:70:F4:5E:DC:B9:58:54:C8:A4:61:65:4E:FE:C8:D0:15:DD:59
X509v3 Authority Key Identifier:
keyid:B6:59:18:F2:5D:56:00:0F:88:1D:A9:8D:E3:23:D9:1A:06:4E:00:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tlkY8l1WAA-IHamN4yPZGgZOAIc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/5506de-0b1a-47ee-99d1-a520d434654a/1/UGRw9F7cuVhUyKRhZU7-yNAV3Vk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/5506de-0b1a-47ee-99d1-a520d434654a/1/tlkY8l1WAA-IHamN4yPZGgZOAIc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.165.116.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:00:9e:bb:29:66:95:18:d0:57:7b:84:d1:da:b4:ed:1a:39:
40:8a:97:c3:38:e9:bd:ad:5c:16:0f:26:5d:64:30:11:84:9a:
71:36:4b:8d:db:eb:5f:51:3c:f1:c2:14:e8:a2:03:c0:f4:ec:
75:72:a2:54:50:7a:ae:a7:a8:e4:7d:74:c0:20:50:0e:8d:b9:
7e:aa:97:ec:ae:6d:12:0f:59:7b:81:33:db:5a:36:0c:c0:6c:
82:33:6b:bc:62:a6:24:76:ad:2e:e2:66:1b:d3:26:4a:dc:82:
f7:8a:f6:a2:8c:97:f8:43:ae:9a:d2:2e:96:bf:c7:f8:88:44:
d5:da:7d:c6:6b:dd:9c:89:8a:dc:f3:e6:54:24:18:0b:f3:85:
19:57:45:a9:1c:28:23:55:a4:20:86:30:59:a3:3c:90:53:8e:
8a:c1:b8:b0:15:0e:15:05:a4:dd:ec:bc:5b:5c:df:ee:b4:a3:
57:fb:5e:a1:43:ce:05:a7:4e:a2:a9:b4:a6:e4:02:81:83:70:
ea:c5:96:3c:93:58:29:ce:34:87:ef:e2:4c:4b:1f:39:8e:7e:
3a:70:d6:e3:a0:1b:fd:59:42:4e:23:d8:21:61:52:e7:f1:4f:
90:d2:ae:04:26:f9:c1:56:40:8d:df:69:26:da:06:c8:6f:f3:
e6:96:b5:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYRW7opl0neMALQwL7XOda9bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2NTkxOGYyNWQ1NjAwMGY4ODFkYTk4ZGUzMjNkOTFhMDY0
ZTAwODcwHhcNMjIxMTA4MTEwOTQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDY0NzBmNDVlZGNiOTU4NTRjOGE0NjE2NTRlZmVjOGQwMTVkZDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNphvDSfH//fX/+e5DNRc6IQ5XXK
KKVz3Xk2nKXr/MyIuheLNxBgnXR471JYbwjO8tDuRMexbl/oPnTkRoLDE0EKwBo1
RC24VAocZmq34bbImqc9spT0lffKgSFzcvflH2C/R/Yka0ZrkPAwmBy9hnuqlSbm
zlCkbsSFgmjuhKTmFpO4ObB4XVrdpVLcX0IlTWT2MEBLHdx8ubZYLn1QXttWnzmx
WkwF+I9EiundRswzvGcSQY28NJSCcZSo6o+87XNzRGI/xNJjsr0+FRwJX6EGgRfD
tjAw3A3b9N3IJM+6uNG4RBZipqSdDWr4I/u9KWNbuma8nsuo6JB5QUeLLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFBkcPRe3LlYVMikYWVO/sjQFd1ZMB8GA1UdIwQY
MBaAFLZZGPJdVgAPiB2pjeMj2RoGTgCHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGxrWThsMVdBQS1JSGFtTjR5UFpHZ1pPQUljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC81NTA2ZGUtMGIxYS00N2VlLTk5ZDEt
YTUyMGQ0MzQ2NTRhLzEvVUdSdzlGN2N1VmhVeUtSaFpVNy15TkFWM1ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC81NTA2ZGUtMGIxYS00N2VlLTk5ZDEtYTUyMGQ0MzQ2NTRh
LzEvdGxrWThsMVdBQS1JSGFtTjR5UFpHZ1pPQUljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaV0MA0G
CSqGSIb3DQEBCwUAA4IBAQBrAJ67KWaVGNBXe4TR2rTtGjlAipfDOOm9rVwWDyZd
ZDARhJpxNkuN2+tfUTzxwhToogPA9Ox1cqJUUHqup6jkfXTAIFAOjbl+qpfsrm0S
D1l7gTPbWjYMwGyCM2u8YqYkdq0u4mYb0yZK3IL3ivaijJf4Q66a0i6Wv8f4iETV
2n3Ga92ciYrc8+ZUJBgL84UZV0WpHCgjVaQghjBZozyQU46KwbiwFQ4VBaTd7Lxb
XN/utKNX+16hQ84Fp06iqbSm5AKBg3DqxZY8k1gpzjSH7+JMSx85jn46cNbjoBv9
WUJOI9ghYVLn8U+Q0q4EJvnBVkCN32km2gbIb/PmlrWv
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:09:45 2025 by rpki-client