Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/93f6ee-05ea-4f31-9af6-dfc5cc64a81e/1/UOQ46P6Z1n4TokFUO6anqWQ4qyY.roa
File: UOQ46P6Z1n4TokFUO6anqWQ4qyY.roa (raw, json)
Hash identifier: gxJkJUdyP3LvlYpEH44j6y9IuAHD8YL8i0N7PgS0NlQ=
Subject key identifier: 50:E4:38:E8:FE:99:D6:7E:13:A2:41:54:3B:A6:A7:A9:64:38:AB:26
Certificate issuer: /CN=3ec8c20e65dcd33ff8a5e3c30a645925c5c9f95f
Certificate serial: 121A9AF6
Authority key identifier: 3E:C8:C2:0E:65:DC:D3:3F:F8:A5:E3:C3:0A:64:59:25:C5:C9:F9:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsjCDmXc0z_4pePDCmRZJcXJ-V8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/93f6ee-05ea-4f31-9af6-dfc5cc64a81e/1/UOQ46P6Z1n4TokFUO6anqWQ4qyY.roa
Signing time: Sat 01 Jan 2022 05:52:43 +0000
ROA not before: Sat 01 Jan 2022 05:52:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35393
IP address blocks: 185.67.152.0/22 maxlen: 24
37.0.72.0/21 maxlen: 24
62.100.128.0/19 maxlen: 24
188.130.0.0/17 maxlen: 24
91.191.144.0/20 maxlen: 24
195.114.18.0/23 maxlen: 24
94.247.176.0/21 maxlen: 24
78.41.232.0/21 maxlen: 24
46.21.192.0/20 maxlen: 24
81.93.240.0/20 maxlen: 24
195.14.0.0/24 maxlen: 24
193.47.184.0/24 maxlen: 24
2001:758::/32 maxlen: 48
2a00:cb80::/32 maxlen: 48
2001:900::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 303733494 (0x121a9af6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec8c20e65dcd33ff8a5e3c30a645925c5c9f95f
Validity
Not Before: Jan 1 05:52:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=50e438e8fe99d67e13a241543ba6a7a96438ab26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:83:a8:06:d9:c6:16:e9:e5:89:ef:43:12:5a:
f5:ff:90:a4:7c:af:79:87:9f:96:57:45:1a:fb:65:
6b:8c:5e:8d:7e:93:e4:14:ac:2d:83:95:01:11:12:
2c:35:28:ea:16:a2:64:5a:8f:88:69:a1:24:6d:c0:
6e:e7:9a:0c:81:a1:52:c8:5e:d9:79:4b:26:18:e8:
32:7a:d6:c0:a4:de:e9:b4:2a:f1:7f:b8:ec:fc:b7:
3f:16:03:5c:ef:b6:4c:a5:2f:98:48:d6:d8:8d:6e:
48:80:23:cd:ee:89:82:2c:e4:90:a1:f2:17:4c:d4:
c7:20:cc:c1:cc:14:aa:fc:4c:22:bf:e1:58:bd:6b:
02:54:89:6a:96:a5:9d:f6:f2:9b:95:98:c3:df:5e:
c7:a2:28:58:51:51:16:cf:1e:51:76:d9:83:06:9f:
2a:29:02:33:f2:e3:ae:49:71:1d:6f:3a:03:f1:38:
67:58:97:09:72:7e:85:89:81:6f:0d:90:22:62:2f:
63:82:87:7d:7f:be:cc:aa:82:c5:f9:c1:bf:dc:91:
91:ac:b3:7c:be:39:69:3b:61:90:8e:bb:8f:be:a8:
fc:3c:a5:0d:f0:cf:a6:d0:7c:19:a8:e9:da:0d:1b:
78:9a:91:95:5d:7c:ac:fa:84:ac:4b:97:79:6a:60:
12:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:E4:38:E8:FE:99:D6:7E:13:A2:41:54:3B:A6:A7:A9:64:38:AB:26
X509v3 Authority Key Identifier:
keyid:3E:C8:C2:0E:65:DC:D3:3F:F8:A5:E3:C3:0A:64:59:25:C5:C9:F9:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsjCDmXc0z_4pePDCmRZJcXJ-V8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/93f6ee-05ea-4f31-9af6-dfc5cc64a81e/1/UOQ46P6Z1n4TokFUO6anqWQ4qyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/93f6ee-05ea-4f31-9af6-dfc5cc64a81e/1/PsjCDmXc0z_4pePDCmRZJcXJ-V8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.0.72.0/21
46.21.192.0/20
62.100.128.0/19
78.41.232.0/21
81.93.240.0/20
91.191.144.0/20
94.247.176.0/21
185.67.152.0/22
188.130.0.0/17
193.47.184.0/24
195.14.0.0/24
195.114.18.0/23
IPv6:
2001:758::/32
2001:900::/32
2a00:cb80::/32
Signature Algorithm: sha256WithRSAEncryption
5d:17:d4:09:83:73:59:77:d1:71:dd:6f:e0:74:2f:33:6e:ba:
a8:8b:7d:80:c0:40:83:e7:90:2d:11:ec:26:28:88:8a:f0:2e:
32:30:cb:73:cd:61:4a:2d:e0:03:18:b5:fa:81:7c:c9:f3:7e:
bd:0e:3e:c7:b1:cb:08:f3:b3:e7:09:be:c5:d5:9e:3f:37:b4:
b7:03:3d:52:17:92:2f:d2:9a:9a:fd:1f:63:5a:56:78:c7:f9:
60:16:55:1d:d2:59:ea:da:d6:42:28:a7:32:4e:58:44:50:97:
18:7e:76:44:30:6d:38:97:5d:d3:49:3c:fe:ae:a9:26:64:df:
f0:51:2b:91:d9:7c:fe:51:37:6c:1a:ef:0b:15:a3:8c:b7:bc:
14:a2:1c:4a:5a:96:da:94:ef:af:10:93:69:b6:8d:aa:f9:5f:
4a:05:ee:0c:01:78:dd:0e:75:0b:b4:e3:7b:35:9b:ef:78:dd:
01:a6:bf:8d:69:6a:95:d4:37:d8:8c:99:b8:f3:38:ba:5d:a2:
25:67:39:d1:22:23:5a:b8:46:d1:66:a7:38:f1:08:cc:a4:ab:
31:55:02:66:bc:1b:0f:cc:be:79:02:37:f1:57:a5:2f:6f:68:
da:49:82:ae:22:99:99:3f:a2:28:f1:1f:ac:0b:ee:f6:1b:d9:
37:af:dd:fc
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgIEEhqa9jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZWM4YzIwZTY1ZGNkMzNmZjhhNWUzYzMwYTY0NTkyNWM1YzlmOTVmMB4XDTIyMDEw
MTA1NTI0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTBlNDM4ZThmZTk5
ZDY3ZTEzYTI0MTU0M2JhNmE3YTk2NDM4YWIyNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOGDqAbZxhbp5YnvQxJa9f+QpHyveYeflldFGvtla4xejX6T
5BSsLYOVARESLDUo6haiZFqPiGmhJG3AbueaDIGhUshe2XlLJhjoMnrWwKTe6bQq
8X+47Py3PxYDXO+2TKUvmEjW2I1uSIAjze6JgizkkKHyF0zUxyDMwcwUqvxMIr/h
WL1rAlSJapalnfbym5WYw99ex6IoWFFRFs8eUXbZgwafKikCM/LjrklxHW86A/E4
Z1iXCXJ+hYmBbw2QImIvY4KHfX++zKqCxfnBv9yRkayzfL45aTthkI67j76o/Dyl
DfDPptB8Gajp2g0beJqRlV18rPqErEuXeWpgEvUCAwEAAaOCAmgwggJkMB0GA1Ud
DgQWBBRQ5Djo/pnWfhOiQVQ7pqepZDirJjAfBgNVHSMEGDAWgBQ+yMIOZdzTP/il
48MKZFklxcn5XzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BzakNEbVhjMHpfNHBlUERDbVJaSmNYSi1WOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmUvOTNmNmVlLTA1ZWEtNGYzMS05YWY2LWRmYzVjYzY0YTgxZS8x
L1VPUTQ2UDZaMW40VG9rRlVPNmFucVdRNHF5WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmUv
OTNmNmVlLTA1ZWEtNGYzMS05YWY2LWRmYzVjYzY0YTgxZS8xL1BzakNEbVhjMHpf
NHBlUERDbVJaSmNYSi1WOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB+
BggrBgEFBQcBBwEB/wRvMG0wTgQCAAEwSAMEAyUASAMEBC4VwAMEBT5kgAMEA04p
6AMEBFFd8AMEBFu/kAMEA173sAMEArlDmAMEB7yCAAMEAMEvuAMEAMMOAAMEAcNy
EjAbBAIAAjAVAwUAIAEHWAMFACABCQADBQAqAMuAMA0GCSqGSIb3DQEBCwUAA4IB
AQBdF9QJg3NZd9Fx3W/gdC8zbrqoi32AwECD55AtEewmKIiK8C4yMMtzzWFKLeAD
GLX6gXzJ8369Dj7HscsI87PnCb7F1Z4/N7S3Az1SF5Iv0pqa/R9jWlZ4x/lgFlUd
0lnq2tZCKKcyTlhEUJcYfnZEMG04l13TSTz+rqkmZN/wUSuR2Xz+UTdsGu8LFaOM
t7wUohxKWpbalO+vEJNpto2q+V9KBe4MAXjdDnULtON7NZvveN0Bpr+NaWqV1DfY
jJm48zi6XaIlZznRIiNauEbRZqc48QjMpKsxVQJmvBsPzL55AjfxV6Uvb2jaSYKu
IpmZP6Io8R+sC+72G9k3r938
-----END CERTIFICATE-----
Generated at Mon Apr 28 01:03:46 2025 by rpki-client