Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/be3c40-1210-4272-a5ea-7835d3208396/1/uKu_zEj1HJwasLqCSD4G7LZaKMI.roa
File: uKu_zEj1HJwasLqCSD4G7LZaKMI.roa (raw, json)
Hash identifier: kqDhfJPGshIsE8heyyR6N3g57YW+QKfJFB56ezKot0E=
Subject key identifier: B8:AB:BF:CC:48:F5:1C:9C:1A:B0:BA:82:48:3E:06:EC:B6:5A:28:C2
Certificate issuer: /CN=15fd3804e00b9e06a82ced9f07b34fe3fd80394e
Certificate serial: 01830CFB8976DC7A6513229BA55901CEE418
Authority key identifier: 15:FD:38:04:E0:0B:9E:06:A8:2C:ED:9F:07:B3:4F:E3:FD:80:39:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ff04BOALngaoLO2fB7NP4_2AOU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/be3c40-1210-4272-a5ea-7835d3208396/1/uKu_zEj1HJwasLqCSD4G7LZaKMI.roa
Signing time: Mon 05 Sep 2022 09:29:14 +0000
ROA not before: Mon 05 Sep 2022 09:29:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61173
IP address blocks: 45.159.112.0/24 maxlen: 24
45.159.115.0/24 maxlen: 24
45.159.114.0/24 maxlen: 24
45.159.113.0/24 maxlen: 24
185.255.88.0/24 maxlen: 24
185.255.89.0/24 maxlen: 24
185.255.91.0/24 maxlen: 24
185.255.90.0/24 maxlen: 24
193.141.65.0/24 maxlen: 24
185.50.38.0/24 maxlen: 24
185.50.37.0/24 maxlen: 24
185.50.39.0/24 maxlen: 24
185.213.164.0/24 maxlen: 24
185.213.166.0/24 maxlen: 24
193.141.64.0/24 maxlen: 24
185.213.167.0/24 maxlen: 24
193.141.127.0/24 maxlen: 24
193.141.126.0/24 maxlen: 24
185.4.31.0/24 maxlen: 24
185.4.28.0/24 maxlen: 24
185.4.30.0/24 maxlen: 24
185.4.29.0/24 maxlen: 24
185.116.163.0/24 maxlen: 24
185.116.160.0/24 maxlen: 24
185.116.162.0/24 maxlen: 24
185.116.161.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:0c:fb:89:76:dc:7a:65:13:22:9b:a5:59:01:ce:e4:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15fd3804e00b9e06a82ced9f07b34fe3fd80394e
Validity
Not Before: Sep 5 09:29:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b8abbfcc48f51c9c1ab0ba82483e06ecb65a28c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:1e:cb:54:c1:b6:c4:0e:69:ad:63:d7:60:1b:
83:6c:3b:89:8c:a4:1c:81:53:46:a4:82:65:7f:d8:
96:4a:af:27:d2:93:43:eb:cb:21:9c:eb:6f:03:46:
b2:0f:4d:ab:e2:1f:81:63:2f:d9:86:2e:d0:77:89:
a8:90:af:6b:c7:83:49:b6:f6:ee:7c:d7:07:ea:f5:
1a:e9:72:4c:61:46:fc:ae:50:9e:d9:aa:cc:58:31:
c7:46:2e:bd:25:e3:f4:cd:85:d4:ae:34:41:2d:19:
5a:4c:09:0c:23:3a:cc:75:30:1e:f8:63:40:58:67:
e8:9c:af:5a:ec:ce:17:01:f0:31:e8:80:b3:dc:17:
9d:fa:e6:d5:93:fe:a5:0f:2a:a0:06:1a:3c:1e:35:
95:07:9a:be:0f:df:89:a7:bd:7f:fa:30:26:46:eb:
0d:a3:29:8f:e1:c4:80:9e:b2:12:24:ba:ac:61:a8:
63:6c:ac:5f:82:e2:cb:97:e4:5a:5c:79:a1:c7:3e:
27:d9:a5:e8:10:8d:c4:5b:39:f6:87:51:b0:1f:dc:
0e:72:42:e7:b5:82:f4:0a:95:07:2b:81:1a:1f:11:
a2:13:1d:09:e3:1d:37:2c:eb:14:5f:71:85:eb:e3:
15:f0:65:1d:52:5e:e5:a1:e4:b7:99:aa:76:c1:c3:
56:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:AB:BF:CC:48:F5:1C:9C:1A:B0:BA:82:48:3E:06:EC:B6:5A:28:C2
X509v3 Authority Key Identifier:
keyid:15:FD:38:04:E0:0B:9E:06:A8:2C:ED:9F:07:B3:4F:E3:FD:80:39:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ff04BOALngaoLO2fB7NP4_2AOU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/be3c40-1210-4272-a5ea-7835d3208396/1/uKu_zEj1HJwasLqCSD4G7LZaKMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/be3c40-1210-4272-a5ea-7835d3208396/1/Ff04BOALngaoLO2fB7NP4_2AOU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.112.0/22
185.4.28.0/22
185.50.37.0-185.50.39.255
185.116.160.0/22
185.213.164.0/24
185.213.166.0/23
185.255.88.0/22
193.141.64.0/23
193.141.126.0/23
Signature Algorithm: sha256WithRSAEncryption
13:bb:3d:57:f4:b7:82:ef:a1:c1:44:1f:ae:06:3e:67:5f:82:
22:5e:46:41:c9:41:20:71:e5:d2:7b:c7:6c:2c:8c:95:27:6a:
10:72:9a:79:13:d3:b3:34:fe:33:eb:41:9f:a1:88:27:b2:93:
72:f7:75:9a:02:38:fd:ed:f4:88:d6:d2:e8:4f:aa:64:7d:44:
09:a9:3b:2c:85:b8:31:c7:a5:c0:13:ba:ab:1b:ca:19:37:05:
d7:67:02:c8:3d:d7:e7:25:19:92:25:cc:f0:b5:a7:bd:7d:7d:
57:b7:41:87:8f:c1:47:70:89:f0:4a:5e:ed:49:71:8d:0f:9d:
e4:49:9c:cc:4d:a7:4e:b7:2f:a8:2b:0a:f5:9e:18:f0:39:8a:
6c:9a:c8:7c:03:64:47:ce:de:d6:15:99:6a:33:23:d2:c5:1f:
de:09:f2:f8:b9:aa:8b:c2:6e:59:a1:c5:b7:7b:36:fd:75:05:
7d:79:50:b0:54:4a:ba:a7:b2:e9:20:4f:9a:31:dd:b6:6e:65:
27:a9:f6:4e:02:7e:8a:37:e0:7d:e1:70:85:ee:02:0b:8e:9e:
0c:b7:f4:9b:c7:84:ff:c0:77:54:d4:a5:17:b6:7d:aa:20:e3:
72:15:af:c4:fc:22:8f:a2:1d:3d:9d:13:68:a4:fe:2d:9d:cd:
df:49:62:6b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYMM+4l23HplEyKbpVkBzuQYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZmQzODA0ZTAwYjllMDZhODJjZWQ5ZjA3YjM0ZmUzZmQ4
MDM5NGUwHhcNMjIwOTA1MDkyOTE0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGFiYmZjYzQ4ZjUxYzljMWFiMGJhODI0ODNlMDZlY2I2NWEyOGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0B7LVMG2xA5prWPXYBuDbDuJjKQc
gVNGpIJlf9iWSq8n0pND68shnOtvA0ayD02r4h+BYy/Zhi7Qd4mokK9rx4NJtvbu
fNcH6vUa6XJMYUb8rlCe2arMWDHHRi69JeP0zYXUrjRBLRlaTAkMIzrMdTAe+GNA
WGfonK9a7M4XAfAx6ICz3Bed+ubVk/6lDyqgBho8HjWVB5q+D9+Jp71/+jAmRusN
oymP4cSAnrISJLqsYahjbKxfguLLl+RaXHmhxz4n2aXoEI3EWzn2h1GwH9wOckLn
tYL0CpUHK4EaHxGiEx0J4x03LOsUX3GF6+MV8GUdUl7loeS3map2wcNWeQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFLirv8xI9RycGrC6gkg+Buy2WijCMB8GA1UdIwQY
MBaAFBX9OATgC54GqCztnwezT+P9gDlOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmYwNEJPQUxuZ2FvTE8yZkI3TlA0XzJBT1U0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9iZTNjNDAtMTIxMC00MjcyLWE1ZWEt
NzgzNWQzMjA4Mzk2LzEvdUt1X3pFajFISndhc0xxQ1NENEc3TFphS01JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9iZTNjNDAtMTIxMC00MjcyLWE1ZWEtNzgzNWQzMjA4Mzk2
LzEvRmYwNEJPQUxuZ2FvTE8yZkI3TlA0XzJBT1U0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQCLZ9wAwQC
uQQcMAwDBAC5MiUDBAO5MiADBAK5dKADBAC51aQDBAG51aYDBAK5/1gDBAHBjUAD
BAHBjX4wDQYJKoZIhvcNAQELBQADggEBABO7PVf0t4LvocFEH64GPmdfgiJeRkHJ
QSBx5dJ7x2wsjJUnahBymnkT07M0/jPrQZ+hiCeyk3L3dZoCOP3t9IjW0uhPqmR9
RAmpOyyFuDHHpcATuqsbyhk3BddnAsg91+clGZIlzPC1p719fVe3QYePwUdwifBK
Xu1JcY0PneRJnMxNp063L6grCvWeGPA5imyayHwDZEfO3tYVmWozI9LFH94J8vi5
qovCblmhxbd7Nv11BX15ULBUSrqnsukgT5ox3bZuZSep9k4Cfoo34H3hcIXuAguO
ngy39JvHhP/Ad1TUpRe2faog43IVr8T8Io+iHT2dE2ik/i2dzd9JYms=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:44 2023 by rpki-client on console-fra.rpki-client.org