Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/Ut0IsQIC3EzI_B2OapHBIUAbErs.roa
File: Ut0IsQIC3EzI_B2OapHBIUAbErs.roa (raw, json)
Hash identifier: w5GmV1jfACMuRx2hq4m6+lGQp7Fs27ghhN7ROSMHEtk=
Subject key identifier: 52:DD:08:B1:02:02:DC:4C:C8:FC:1D:8E:6A:91:C1:21:40:1B:12:BB
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 018996DB637D94D53CDFA9F3EDDFFD67C2F4
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/Ut0IsQIC3EzI_B2OapHBIUAbErs.roa
Signing time: Thu 27 Jul 2023 10:18:27 +0000
ROA not before: Thu 27 Jul 2023 10:18:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212949
IP address blocks: 176.227.157.0/24 maxlen: 24
84.232.88.0/23 maxlen: 23
84.236.140.0/23 maxlen: 23
88.148.42.0/23 maxlen: 23
94.176.142.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:96:db:63:7d:94:d5:3c:df:a9:f3:ed:df:fd:67:c2:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jul 27 10:18:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52dd08b10202dc4cc8fc1d8e6a91c121401b12bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:f7:4f:ae:fb:d0:fa:ff:f0:3f:2f:b7:5e:15:
14:35:72:72:3d:4b:0e:32:0c:61:e8:5b:24:19:c4:
7e:d7:84:b7:a8:53:ab:91:ee:d7:e4:a7:dd:88:9e:
bb:87:47:e3:4f:15:f4:30:24:ef:d0:d6:7b:8d:93:
62:1d:c0:7a:24:17:39:25:1c:9d:59:41:5d:c0:65:
db:7f:2c:66:92:e9:d6:cf:97:1b:0d:a6:e4:79:f9:
3e:26:5a:34:5f:a9:23:74:79:c6:2e:c9:66:fa:73:
d0:0c:0e:dc:f3:25:c9:01:b8:f9:13:e4:ff:87:c4:
b0:fa:62:53:cb:0e:b9:de:b5:06:84:09:c0:3c:57:
bb:74:58:01:b8:50:a0:f9:97:bb:8c:41:9d:4d:e3:
0b:42:84:36:30:27:a5:3c:d3:ad:7b:26:ce:80:55:
2e:2d:fa:94:6f:12:30:39:07:a5:62:e0:c1:44:80:
db:3b:b2:6a:61:e8:af:86:ca:9c:4a:a2:6f:cf:a8:
89:b8:30:57:04:89:93:88:6d:8c:38:f5:48:0a:05:
43:f0:0d:66:60:d1:60:b0:7c:21:0c:ee:c9:cf:05:
a5:c4:ef:fe:f4:c5:11:61:19:59:10:d0:08:6a:c1:
c2:38:70:a7:5e:ca:29:eb:a2:07:d3:5b:01:59:32:
12:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:DD:08:B1:02:02:DC:4C:C8:FC:1D:8E:6A:91:C1:21:40:1B:12:BB
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/Ut0IsQIC3EzI_B2OapHBIUAbErs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.232.88.0/23
84.236.140.0/23
88.148.42.0/23
94.176.142.0/24
176.227.157.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:a8:f9:3d:ef:47:9a:35:6b:f3:bc:04:af:2a:0d:fc:17:b7:
02:a4:a2:29:42:bb:d6:69:ab:48:9d:72:0e:b5:fa:bd:61:6b:
c0:60:3d:fb:e2:13:04:97:95:ca:4c:e6:ac:65:73:b4:83:1f:
04:69:61:9a:68:a0:74:dc:ec:2b:d9:20:ee:6b:53:8e:c4:77:
00:a5:50:4a:46:6c:e6:2e:70:7c:0d:c4:34:8b:58:14:6f:76:
21:ef:91:ab:71:a5:f8:51:ee:c1:a7:21:a3:5f:40:2c:fc:14:
02:a9:25:ff:5a:95:ed:5e:5f:56:90:95:e3:59:90:14:7e:ac:
46:b7:6b:74:4c:2a:41:be:c0:db:3c:a7:20:ab:b5:ec:e9:e8:
46:f9:5f:e0:10:9c:04:11:9b:a0:38:ab:38:4b:91:c7:98:a0:
73:26:1a:93:5e:66:80:07:d4:94:70:67:3f:87:c2:9b:89:27:
29:eb:b4:93:3d:0e:19:08:41:4e:bb:d7:85:8b:3f:a5:3f:35:
4f:d2:c3:c0:5e:e3:74:4c:e0:67:74:57:66:fd:98:41:b2:cf:
f2:c5:4e:f3:52:3b:68:c1:4e:02:bb:4b:87:75:75:bb:95:6d:
e7:1d:89:3b:1f:4a:55:78:2b:5b:b2:c1:68:7b:d8:03:7c:54:
17:85:70:82
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYmW22N9lNU836nz7d/9Z8L0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjMwNzI3MTAxODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmRkMDhiMTAyMDJkYzRjYzhmYzFkOGU2YTkxYzEyMTQwMWIxMmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfdPrvvQ+v/wPy+3XhUUNXJyPUsO
Mgxh6FskGcR+14S3qFOrke7X5KfdiJ67h0fjTxX0MCTv0NZ7jZNiHcB6JBc5JRyd
WUFdwGXbfyxmkunWz5cbDabkefk+Jlo0X6kjdHnGLslm+nPQDA7c8yXJAbj5E+T/
h8Sw+mJTyw653rUGhAnAPFe7dFgBuFCg+Ze7jEGdTeMLQoQ2MCelPNOteybOgFUu
LfqUbxIwOQelYuDBRIDbO7JqYeivhsqcSqJvz6iJuDBXBImTiG2MOPVICgVD8A1m
YNFgsHwhDO7JzwWlxO/+9MURYRlZENAIasHCOHCnXsop66IH01sBWTISpwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFLdCLECAtxMyPwdjmqRwSFAGxK7MB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvVXQwSXNRSUMzRXpJX0IyT2FwSEJJVUFiRXJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBVOhYAwQB
VOyMAwQBWJQqAwQAXrCOAwQAsOOdMA0GCSqGSIb3DQEBCwUAA4IBAQChqPk970ea
NWvzvASvKg38F7cCpKIpQrvWaatInXIOtfq9YWvAYD374hMEl5XKTOasZXO0gx8E
aWGaaKB03Owr2SDua1OOxHcApVBKRmzmLnB8DcQ0i1gUb3Yh75GrcaX4Ue7BpyGj
X0As/BQCqSX/WpXtXl9WkJXjWZAUfqxGt2t0TCpBvsDbPKcgq7Xs6ehG+V/gEJwE
EZugOKs4S5HHmKBzJhqTXmaAB9SUcGc/h8KbiScp67STPQ4ZCEFOu9eFiz+lPzVP
0sPAXuN0TOBndFdm/ZhBss/yxU7zUjtowU4Cu0uHdXW7lW3nHYk7H0pVeCtbssFo
e9gDfFQXhXCC
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:15:05 2025 by rpki-client