Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/c6d4ec-a072-4f3e-acda-0cf6384a5610/1/UA67rCvU-k9MJJF_19xIOkDNsCU.roa
File: UA67rCvU-k9MJJF_19xIOkDNsCU.roa (raw, json)
Hash identifier: aUF1KKl+ruoX3drfqLwtWfcK70xhIMu55r8b85hDSDw=
Subject key identifier: 50:0E:BB:AC:2B:D4:FA:4F:4C:24:91:7F:D7:DC:48:3A:40:CD:B0:25
Certificate issuer: /CN=3357ad406df9934b5048b5fa21de31450b936fa9
Certificate serial: 1AF50C0B
Authority key identifier: 33:57:AD:40:6D:F9:93:4B:50:48:B5:FA:21:DE:31:45:0B:93:6F:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M1etQG35k0tQSLX6Id4xRQuTb6k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/c6d4ec-a072-4f3e-acda-0cf6384a5610/1/UA67rCvU-k9MJJF_19xIOkDNsCU.roa
Signing time: Sat 01 Jan 2022 04:03:28 +0000
ROA not before: Sat 01 Jan 2022 04:03:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199283
IP address blocks: 31.169.119.0/24 maxlen: 24
185.87.208.0/22 maxlen: 22
185.87.208.0/24 maxlen: 24
185.87.209.0/24 maxlen: 24
185.87.210.0/24 maxlen: 24
185.87.211.0/24 maxlen: 24
31.169.112.0/23 maxlen: 23
31.169.114.0/24 maxlen: 24
31.169.115.0/24 maxlen: 24
31.169.116.0/24 maxlen: 24
31.169.117.0/24 maxlen: 24
31.169.112.0/21 maxlen: 21
31.169.118.0/24 maxlen: 24
95.87.104.0/24 maxlen: 24
95.87.105.0/24 maxlen: 24
95.87.104.0/21 maxlen: 21
95.87.109.0/24 maxlen: 24
95.87.110.0/24 maxlen: 24
95.87.111.0/24 maxlen: 24
95.87.106.0/24 maxlen: 24
95.87.107.0/24 maxlen: 24
95.87.108.0/24 maxlen: 24
2a04:2140::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 452267019 (0x1af50c0b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3357ad406df9934b5048b5fa21de31450b936fa9
Validity
Not Before: Jan 1 04:03:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=500ebbac2bd4fa4f4c24917fd7dc483a40cdb025
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:4a:47:8f:39:7d:db:72:2a:8c:b3:8d:1b:94:
e6:bf:2c:ea:23:fa:a4:bc:06:37:67:8a:38:44:43:
9a:94:ea:97:3f:a1:27:a0:f0:6f:62:d0:3a:cb:e4:
25:0d:02:05:2d:37:26:5e:1d:5d:fc:b5:e8:2e:e1:
6e:61:a8:30:d4:15:1e:38:4a:5e:68:82:3d:3a:72:
4c:9b:33:ab:1d:d4:f1:32:56:71:23:0e:ab:8e:c5:
e7:e2:71:da:b3:8a:51:81:27:29:92:8b:ef:7f:ea:
c9:41:44:4a:e0:b5:dc:b9:b3:20:e5:8e:73:be:ba:
68:45:cf:5a:94:d9:57:f2:42:38:e9:f9:c8:1c:a5:
74:30:5c:d6:2f:9d:41:e0:80:bd:5a:ee:26:2c:7b:
2b:f3:e8:20:95:91:bf:d0:85:c6:0c:d9:a3:b7:cb:
0d:fa:72:25:f9:1f:6e:3a:d4:18:e2:0a:6a:95:3f:
64:d3:9d:24:4c:a7:21:1a:06:53:b1:e8:ae:3c:3e:
38:51:66:cd:25:48:44:84:89:bf:f6:8a:8e:0a:89:
d6:f4:31:0b:47:53:2f:61:02:46:78:79:f9:57:f3:
c3:d5:61:f7:8c:f2:41:21:94:3d:7f:18:38:c2:6f:
02:20:a3:0a:c1:c9:55:d8:46:60:65:a6:3d:96:46:
e3:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:0E:BB:AC:2B:D4:FA:4F:4C:24:91:7F:D7:DC:48:3A:40:CD:B0:25
X509v3 Authority Key Identifier:
keyid:33:57:AD:40:6D:F9:93:4B:50:48:B5:FA:21:DE:31:45:0B:93:6F:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M1etQG35k0tQSLX6Id4xRQuTb6k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c6d4ec-a072-4f3e-acda-0cf6384a5610/1/UA67rCvU-k9MJJF_19xIOkDNsCU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c6d4ec-a072-4f3e-acda-0cf6384a5610/1/M1etQG35k0tQSLX6Id4xRQuTb6k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.112.0/21
95.87.104.0/21
185.87.208.0/22
IPv6:
2a04:2140::/29
Signature Algorithm: sha256WithRSAEncryption
45:9d:3d:fd:a6:26:5b:72:6c:5e:3a:ba:7c:aa:f8:91:61:d2:
53:8c:7f:18:42:1e:20:dc:8b:91:af:5d:04:0b:69:cc:b8:51:
10:cf:06:d0:f3:7c:71:26:ca:4b:f0:e0:26:ba:1f:4f:10:75:
91:66:93:55:14:16:f8:60:2e:8f:57:5f:89:ef:97:70:1d:26:
4d:36:99:a8:75:0e:68:da:b8:42:a5:03:19:52:31:ce:36:1a:
4a:4c:10:35:9f:03:44:b9:a4:cb:19:6e:70:26:c1:98:24:42:
a6:a8:c7:39:7e:8a:72:a3:9d:7d:2b:ff:dc:bd:ea:35:43:ab:
d4:47:36:3b:c1:5b:1b:7b:d9:a4:96:22:be:57:ca:b6:3e:9e:
a5:5a:9a:95:8b:39:2b:56:ac:8a:24:7e:eb:95:1e:08:25:05:
d2:d2:57:c5:82:60:4e:ac:ca:0d:fa:55:67:07:90:20:ec:73:
67:73:4a:a3:4c:d5:12:0a:84:e4:93:14:e4:39:e7:b3:f7:96:
55:c6:55:48:53:be:20:62:29:dc:8a:35:14:ff:e5:ec:31:aa:
06:33:37:8f:20:a4:a7:af:16:0c:93:37:a7:64:3d:48:0e:ab:
dc:37:92:16:c8:d5:47:44:98:9b:75:c1:c3:85:b9:ec:6c:0b:
d1:6b:68:15
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEGvUMCzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MzU3YWQ0MDZkZjk5MzRiNTA0OGI1ZmEyMWRlMzE0NTBiOTM2ZmE5MB4XDTIyMDEw
MTA0MDMyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTAwZWJiYWMyYmQ0
ZmE0ZjRjMjQ5MTdmZDdkYzQ4M2E0MGNkYjAyNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK1KR485fdtyKoyzjRuU5r8s6iP6pLwGN2eKOERDmpTqlz+h
J6Dwb2LQOsvkJQ0CBS03Jl4dXfy16C7hbmGoMNQVHjhKXmiCPTpyTJszqx3U8TJW
cSMOq47F5+Jx2rOKUYEnKZKL73/qyUFESuC13LmzIOWOc766aEXPWpTZV/JCOOn5
yByldDBc1i+dQeCAvVruJix7K/PoIJWRv9CFxgzZo7fLDfpyJfkfbjrUGOIKapU/
ZNOdJEynIRoGU7Horjw+OFFmzSVIRISJv/aKjgqJ1vQxC0dTL2ECRnh5+Vfzw9Vh
94zyQSGUPX8YOMJvAiCjCsHJVdhGYGWmPZZG40MCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBRQDrusK9T6T0wkkX/X3Eg6QM2wJTAfBgNVHSMEGDAWgBQzV61AbfmTS1BI
tfoh3jFFC5NvqTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L00xZXRRRzM1azB0UVNMWDZJZDR4UlF1VGI2ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmIvYzZkNGVjLWEwNzItNGYzZS1hY2RhLTBjZjYzODRhNTYxMC8x
L1VBNjdyQ3ZVLWs5TUpKRl8xOXhJT2tETnNDVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmIv
YzZkNGVjLWEwNzItNGYzZS1hY2RhLTBjZjYzODRhNTYxMC8xL00xZXRRRzM1azB0
UVNMWDZJZDR4UlF1VGI2ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAx+pcAMEA19XaAMEArlX0DANBAIA
AjAHAwUDKgQhQDANBgkqhkiG9w0BAQsFAAOCAQEARZ09/aYmW3JsXjq6fKr4kWHS
U4x/GEIeINyLka9dBAtpzLhREM8G0PN8cSbKS/DgJrofTxB1kWaTVRQW+GAuj1df
ie+XcB0mTTaZqHUOaNq4QqUDGVIxzjYaSkwQNZ8DRLmkyxlucCbBmCRCpqjHOX6K
cqOdfSv/3L3qNUOr1Ec2O8FbG3vZpJYivlfKtj6epVqalYs5K1asiiR+65UeCCUF
0tJXxYJgTqzKDfpVZweQIOxzZ3NKo0zVEgqE5JMU5Dnns/eWVcZVSFO+IGIp3Io1
FP/l7DGqBjM3jyCkp68WDJM3p2Q9SA6r3DeSFsjVR0SYm3XBw4W57GwL0WtoFQ==
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:31:27 2025 by rpki-client