Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/3e23d7-a3b7-416f-8810-1efa7cf773a0/1/uVrTZtFhtOZEVDRzY83qm_-ZoW8.roa
File: uVrTZtFhtOZEVDRzY83qm_-ZoW8.roa (raw, json)
Hash identifier: 04pIaEoiW17/ApI+bmbJLddkLo1bn6wmT3SO4auGR4Q=
Subject key identifier: B9:5A:D3:66:D1:61:B4:E6:44:54:34:73:63:CD:EA:9B:FF:99:A1:6F
Certificate issuer: /CN=5ea68c853810d0320b156844f29317701b58610d
Certificate serial: 018570304E0BB6E589884A631D32E020667D
Authority key identifier: 5E:A6:8C:85:38:10:D0:32:0B:15:68:44:F2:93:17:70:1B:58:61:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XqaMhTgQ0DILFWhE8pMXcBtYYQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/3e23d7-a3b7-416f-8810-1efa7cf773a0/1/uVrTZtFhtOZEVDRzY83qm_-ZoW8.roa
Signing time: Mon 02 Jan 2023 01:54:51 +0000
ROA not before: Mon 02 Jan 2023 01:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41901
IP address blocks: 194.169.231.0/24 maxlen: 24
194.34.12.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:4e:0b:b6:e5:89:88:4a:63:1d:32:e0:20:66:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ea68c853810d0320b156844f29317701b58610d
Validity
Not Before: Jan 2 01:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b95ad366d161b4e64454347363cdea9bff99a16f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:5d:c5:d2:20:d4:02:ad:62:b0:0b:1c:32:93:
bf:c8:6a:21:f0:4d:f4:aa:73:b0:6d:55:9d:a4:71:
6a:5e:a2:6f:a3:b7:93:c9:92:ac:34:fb:55:7c:0c:
cc:0c:79:3b:89:8c:a3:16:ef:9e:a2:eb:a8:4d:77:
c0:02:82:b3:83:52:38:77:82:5b:d4:d1:f6:b6:60:
50:b4:41:22:f6:01:f4:a9:85:d1:8f:27:48:ed:7f:
7c:aa:0d:7c:d6:0e:f9:8a:07:08:6f:33:59:cf:c6:
7d:e0:10:da:77:dd:40:bf:e8:ed:5c:9b:01:c3:71:
9c:f7:db:04:f0:af:5e:0f:00:27:34:4e:3c:3d:2c:
9e:a4:96:80:0f:e6:88:09:16:7c:01:a1:c2:7d:8b:
5c:10:59:4f:a0:25:08:de:d7:1f:25:7a:62:ea:6b:
c6:63:d1:24:63:59:cf:76:45:b0:a0:82:ad:91:5d:
6e:4f:eb:fd:8d:61:16:b3:49:ab:a7:4c:a3:95:b5:
ec:69:26:82:8d:4b:bf:32:12:4f:b2:7d:4e:5e:71:
aa:2e:f5:66:78:af:11:5b:8f:c3:9e:85:ae:a6:40:
b8:e1:bb:07:81:6e:e8:77:ff:90:84:53:0d:69:72:
11:be:c3:88:d0:df:21:25:38:00:03:a2:46:3d:3e:
d8:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:5A:D3:66:D1:61:B4:E6:44:54:34:73:63:CD:EA:9B:FF:99:A1:6F
X509v3 Authority Key Identifier:
keyid:5E:A6:8C:85:38:10:D0:32:0B:15:68:44:F2:93:17:70:1B:58:61:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XqaMhTgQ0DILFWhE8pMXcBtYYQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/3e23d7-a3b7-416f-8810-1efa7cf773a0/1/uVrTZtFhtOZEVDRzY83qm_-ZoW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/3e23d7-a3b7-416f-8810-1efa7cf773a0/1/XqaMhTgQ0DILFWhE8pMXcBtYYQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.34.12.0/24
194.169.231.0/24
Signature Algorithm: sha256WithRSAEncryption
22:5f:75:13:53:02:5b:bf:2e:d6:32:80:cd:ca:50:c6:1a:eb:
ca:26:7d:21:fa:1b:4f:60:e8:40:36:92:29:70:b5:68:0b:2f:
9e:19:f0:9f:47:9b:96:17:9f:24:57:89:05:8d:ae:d6:bf:0b:
5a:ce:34:2c:1b:a8:9b:43:ef:53:f7:1b:52:72:bd:84:e9:3c:
60:0b:9c:8b:f4:62:6c:63:b4:bc:9c:ce:f5:e5:2a:78:d9:94:
94:61:d8:4a:49:95:53:6f:a3:a6:14:be:1c:52:2b:4c:9c:48:
3f:92:72:58:17:5c:f7:58:32:10:48:af:da:86:cc:05:98:9e:
c0:de:90:23:34:37:e4:3a:03:0d:90:00:8b:26:99:83:7b:0a:
3f:13:77:69:c7:7b:07:84:3c:e6:42:5b:60:42:ae:a3:26:3c:
2a:8d:6f:c1:33:a9:f5:82:82:cb:ef:e9:dc:5b:05:76:bd:d3:
af:1e:c0:53:87:f6:7b:7d:1c:e7:fd:84:a3:99:1f:c2:a0:4f:
8c:f6:4a:c8:dc:4d:83:38:4f:3e:48:63:1c:a9:58:0f:49:34:
06:5c:53:5b:35:e4:d8:e8:fa:d7:e5:5b:5e:ad:2b:66:f5:0f:
e4:4b:f3:f6:da:88:a8:25:1b:96:1e:e9:56:f8:a4:bc:b6:29:
dd:59:c4:de
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwME4LtuWJiEpjHTLgIGZ9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYTY4Yzg1MzgxMGQwMzIwYjE1Njg0NGYyOTMxNzcwMWI1
ODYxMGQwHhcNMjMwMTAyMDE1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTVhZDM2NmQxNjFiNGU2NDQ1NDM0NzM2M2NkZWE5YmZmOTlhMTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAol3F0iDUAq1isAscMpO/yGoh8E30
qnOwbVWdpHFqXqJvo7eTyZKsNPtVfAzMDHk7iYyjFu+eouuoTXfAAoKzg1I4d4Jb
1NH2tmBQtEEi9gH0qYXRjydI7X98qg181g75igcIbzNZz8Z94BDad91Av+jtXJsB
w3Gc99sE8K9eDwAnNE48PSyepJaAD+aICRZ8AaHCfYtcEFlPoCUI3tcfJXpi6mvG
Y9EkY1nPdkWwoIKtkV1uT+v9jWEWs0mrp0yjlbXsaSaCjUu/MhJPsn1OXnGqLvVm
eK8RW4/DnoWupkC44bsHgW7od/+QhFMNaXIRvsOI0N8hJTgAA6JGPT7Y4wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLla02bRYbTmRFQ0c2PN6pv/maFvMB8GA1UdIwQY
MBaAFF6mjIU4ENAyCxVoRPKTF3AbWGENMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHFhTWhUZ1EwRElMRldoRThwTVhjQnRZWVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8zZTIzZDctYTNiNy00MTZmLTg4MTAt
MWVmYTdjZjc3M2EwLzEvdVZyVFp0Rmh0T1pFVkRSelk4M3FtXy1ab1c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8zZTIzZDctYTNiNy00MTZmLTg4MTAtMWVmYTdjZjc3M2Ew
LzEvWHFhTWhUZ1EwRElMRldoRThwTVhjQnRZWVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwiIMAwQA
wqnnMA0GCSqGSIb3DQEBCwUAA4IBAQAiX3UTUwJbvy7WMoDNylDGGuvKJn0h+htP
YOhANpIpcLVoCy+eGfCfR5uWF58kV4kFja7WvwtazjQsG6ibQ+9T9xtScr2E6Txg
C5yL9GJsY7S8nM715Sp42ZSUYdhKSZVTb6OmFL4cUitMnEg/knJYF1z3WDIQSK/a
hswFmJ7A3pAjNDfkOgMNkACLJpmDewo/E3dpx3sHhDzmQltgQq6jJjwqjW/BM6n1
goLL7+ncWwV2vdOvHsBTh/Z7fRzn/YSjmR/CoE+M9krI3E2DOE8+SGMcqVgPSTQG
XFNbNeTY6PrX5VterStm9Q/kS/P22oioJRuWHulW+KS8tindWcTe
-----END CERTIFICATE-----
Generated at Tue Apr 22 11:19:50 2025 by rpki-client