Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/4f8514-2e20-4935-995c-a084f76c8e2b/1/uGyzMEcKq7V06JI6cFATB7_vE6I.roa
File: uGyzMEcKq7V06JI6cFATB7_vE6I.roa (raw, json)
Hash identifier: HwWlH3+CN/Lhs6FTK9Gm7ksN0WfTJ8R3JciE33YES0M=
Subject key identifier: B8:6C:B3:30:47:0A:AB:B5:74:E8:92:3A:70:50:13:07:BF:EF:13:A2
Certificate issuer: /CN=92f4b1c0bfbad46b811eee568a18fbaa14a9d687
Certificate serial: 0186E5F29AD28D55EC2D6278CCC89BA21985
Authority key identifier: 92:F4:B1:C0:BF:BA:D4:6B:81:1E:EE:56:8A:18:FB:AA:14:A9:D6:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kvSxwL-61GuBHu5Wihj7qhSp1oc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/4f8514-2e20-4935-995c-a084f76c8e2b/1/uGyzMEcKq7V06JI6cFATB7_vE6I.roa
Signing time: Wed 15 Mar 2023 15:45:27 +0000
ROA not before: Wed 15 Mar 2023 15:45:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48176
IP address blocks: 81.177.228.0/22 maxlen: 22
81.177.240.0/21 maxlen: 21
81.177.248.0/22 maxlen: 22
81.177.252.0/23 maxlen: 23
81.177.184.0/24 maxlen: 24
81.177.188.0/22 maxlen: 22
81.177.198.0/23 maxlen: 23
81.177.195.0/24 maxlen: 24
81.177.200.0/22 maxlen: 22
81.177.200.0/21 maxlen: 21
81.177.226.0/23 maxlen: 23
81.177.224.0/20 maxlen: 20
81.177.224.0/23 maxlen: 23
185.8.20.0/22 maxlen: 22
178.237.176.0/20 maxlen: 20
178.237.176.0/21 maxlen: 21
178.237.176.0/22 maxlen: 22
178.237.184.0/21 maxlen: 21
178.237.180.0/22 maxlen: 22
178.237.190.0/23 maxlen: 23
178.237.188.0/23 maxlen: 23
81.177.56.0/21 maxlen: 21
91.207.136.0/23 maxlen: 23
62.122.240.0/21 maxlen: 21
37.18.152.0/21 maxlen: 21
37.18.156.0/22 maxlen: 22
213.222.240.0/21 maxlen: 21
213.222.240.0/20 maxlen: 20
213.59.150.0/24 maxlen: 24
213.59.148.0/23 maxlen: 23
213.59.146.0/24 maxlen: 24
213.59.154.0/24 maxlen: 24
213.222.248.0/21 maxlen: 21
213.59.186.0/23 maxlen: 23
213.59.186.0/24 maxlen: 24
149.255.24.0/21 maxlen: 21
213.59.190.0/23 maxlen: 23
213.59.188.0/22 maxlen: 22
213.222.224.0/22 maxlen: 22
213.222.224.0/21 maxlen: 21
213.222.232.0/22 maxlen: 22
213.222.232.0/21 maxlen: 21
213.222.236.0/22 maxlen: 22
213.59.144.0/22 maxlen: 22
2a03:aa00::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e5:f2:9a:d2:8d:55:ec:2d:62:78:cc:c8:9b:a2:19:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92f4b1c0bfbad46b811eee568a18fbaa14a9d687
Validity
Not Before: Mar 15 15:45:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b86cb330470aabb574e8923a70501307bfef13a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:02:62:2b:76:9c:07:f5:2c:0a:af:af:dd:2f:
dc:22:d9:a0:ff:bc:c5:a8:50:4b:1a:52:20:e8:c0:
f7:08:ad:8a:aa:9b:fd:db:3a:fd:67:3d:77:b0:ca:
ef:26:6d:f3:5d:e6:a8:75:4f:36:0f:9a:bb:72:c6:
58:92:86:c5:bf:f4:ac:bf:1f:13:cb:2c:c7:c6:24:
53:a1:29:4a:ec:09:bf:bc:9e:7a:dc:29:28:98:79:
4f:6d:4a:36:86:47:77:67:76:8d:a1:b0:62:97:9e:
bc:0e:c6:93:83:54:cd:e6:cc:5c:a8:12:f6:a2:63:
7d:f7:8b:26:fb:10:eb:46:44:85:e7:4b:b6:6e:da:
9c:c5:33:60:72:49:2f:ca:65:7a:f2:23:1b:d5:32:
0e:d2:bd:18:bd:04:9c:24:d8:ba:df:42:4b:43:26:
5c:ae:f5:3e:9a:36:f8:0f:62:ae:56:4c:08:79:b5:
3d:e4:5f:0e:a3:f8:28:1a:64:bc:57:a0:ca:d1:01:
a7:09:75:44:67:5b:12:b5:69:28:73:16:69:a4:da:
38:1b:25:3d:89:d3:89:b5:85:11:df:4e:9a:e6:97:
51:9c:54:f8:cd:da:c4:1c:11:26:43:89:56:01:67:
c6:9b:60:f7:5b:6e:c1:0e:29:79:23:8e:55:ac:33:
d4:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:6C:B3:30:47:0A:AB:B5:74:E8:92:3A:70:50:13:07:BF:EF:13:A2
X509v3 Authority Key Identifier:
keyid:92:F4:B1:C0:BF:BA:D4:6B:81:1E:EE:56:8A:18:FB:AA:14:A9:D6:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kvSxwL-61GuBHu5Wihj7qhSp1oc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/4f8514-2e20-4935-995c-a084f76c8e2b/1/uGyzMEcKq7V06JI6cFATB7_vE6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/4f8514-2e20-4935-995c-a084f76c8e2b/1/kvSxwL-61GuBHu5Wihj7qhSp1oc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.152.0/21
62.122.240.0/21
81.177.56.0/21
81.177.184.0/24
81.177.188.0/22
81.177.195.0/24
81.177.198.0-81.177.207.255
81.177.224.0-81.177.253.255
91.207.136.0/23
149.255.24.0/21
178.237.176.0/20
185.8.20.0/22
213.59.144.0-213.59.150.255
213.59.154.0/24
213.59.186.0-213.59.191.255
213.222.224.0/19
IPv6:
2a03:aa00::/36
Signature Algorithm: sha256WithRSAEncryption
37:8b:28:a0:2c:06:b5:ec:49:d8:14:f5:c0:ab:0a:c9:f8:fc:
d8:52:9e:43:59:8e:75:16:8f:cc:29:78:18:dd:5b:71:c8:81:
78:93:bd:6b:b2:15:3e:f1:64:d6:e5:23:c7:13:61:c2:08:10:
7b:3a:b2:99:7b:76:6c:90:c6:eb:7d:cf:4c:9e:34:bd:05:cd:
71:84:bd:4a:49:f6:08:0a:0d:9f:bd:d5:dc:95:4a:82:3c:3f:
ad:19:97:03:64:06:92:bf:82:18:03:e3:8d:a8:80:cd:c7:ac:
32:af:11:8b:c0:86:51:cb:da:0e:15:9b:74:74:84:f9:0f:3f:
55:ee:a9:3b:3a:53:fd:88:cf:40:4e:4c:d7:1b:a1:c2:ae:f4:
ee:43:93:9a:58:ad:00:7a:f3:c2:09:00:6f:33:e8:68:b2:9e:
f4:02:68:4c:11:bc:bf:86:6c:dd:9c:41:ae:dc:3a:3e:31:2e:
d6:a6:88:c2:b5:3a:03:c8:a6:c5:c7:ed:0f:96:dc:0d:3e:c9:
86:d7:4b:75:cf:4d:68:ff:fb:7e:63:4e:9f:43:37:75:ed:39:
f5:f1:67:e5:58:e3:01:24:c7:6d:4d:2d:ba:92:b8:ef:33:12:
db:45:8c:93:98:a7:e7:84:83:22:cb:e2:55:c1:c6:62:c0:b5:
ad:d0:92:ca
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAYbl8prSjVXsLWJ4zMibohmFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZjRiMWMwYmZiYWQ0NmI4MTFlZWU1NjhhMThmYmFhMTRh
OWQ2ODcwHhcNMjMwMzE1MTU0NTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODZjYjMzMDQ3MGFhYmI1NzRlODkyM2E3MDUwMTMwN2JmZWYxM2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQJiK3acB/UsCq+v3S/cItmg/7zF
qFBLGlIg6MD3CK2Kqpv92zr9Zz13sMrvJm3zXeaodU82D5q7csZYkobFv/Ssvx8T
yyzHxiRToSlK7Am/vJ563CkomHlPbUo2hkd3Z3aNobBil568DsaTg1TN5sxcqBL2
omN994sm+xDrRkSF50u2btqcxTNgckkvymV68iMb1TIO0r0YvQScJNi630JLQyZc
rvU+mjb4D2KuVkwIebU95F8Oo/goGmS8V6DK0QGnCXVEZ1sStWkocxZppNo4GyU9
idOJtYUR306a5pdRnFT4zdrEHBEmQ4lWAWfGm2D3W27BDil5I45VrDPUxwIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFLhsszBHCqu1dOiSOnBQEwe/7xOiMB8GA1UdIwQY
MBaAFJL0scC/utRrgR7uVooY+6oUqdaHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3ZTeHdMLTYxR3VCSHU1V2loajdxaFNwMW9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi80Zjg1MTQtMmUyMC00OTM1LTk5NWMt
YTA4NGY3NmM4ZTJiLzEvdUd5ek1FY0txN1YwNkpJNmNGQVRCN192RTZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi80Zjg1MTQtMmUyMC00OTM1LTk5NWMtYTA4NGY3NmM4ZTJi
LzEva3ZTeHdMLTYxR3VCSHU1V2loajdxaFNwMW9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjCBhwQCAAEwgYADBAMl
EpgDBAM+evADBANRsTgDBABRsbgDBAJRsbwDBABRscMwDAMEAVGxxgMEBFGxwDAM
AwQFUbHgAwQBUbH8AwQBW8+IAwQDlf8YAwQEsu2wAwQCuQgUMAwDBATVO5ADBADV
O5YDBADVO5owDAMEAdU7ugMEBtU7gAMEBdXe4DAOBAIAAjAIAwYEKgOqAAAwDQYJ
KoZIhvcNAQELBQADggEBADeLKKAsBrXsSdgU9cCrCsn4/NhSnkNZjnUWj8wpeBjd
W3HIgXiTvWuyFT7xZNblI8cTYcIIEHs6spl7dmyQxut9z0yeNL0FzXGEvUpJ9ggK
DZ+91dyVSoI8P60ZlwNkBpK/ghgD442ogM3HrDKvEYvAhlHL2g4Vm3R0hPkPP1Xu
qTs6U/2Iz0BOTNcbocKu9O5Dk5pYrQB688IJAG8z6GiynvQCaEwRvL+GbN2cQa7c
Oj4xLtamiMK1OgPIpsXH7Q+W3A0+yYbXS3XPTWj/+35jTp9DN3XtOfXxZ+VY4wEk
x21NLbqSuO8zEttFjJOYp+eEgyLL4lXBxmLAta3Qkso=
-----END CERTIFICATE-----
Generated at Wed Apr 30 08:22:17 2025 by rpki-client