Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/UQi-UpfvVOkMp6rvMxiGWYK4_2s.roa
File: UQi-UpfvVOkMp6rvMxiGWYK4_2s.roa (raw, json)
Hash identifier: wkQTFuyY5q3d2p0bZtKBZz5xBwb93tQRgXoQDFjswyg=
Subject key identifier: 51:08:BE:52:97:EF:54:E9:0C:A7:AA:EF:33:18:86:59:82:B8:FF:6B
Certificate issuer: /CN=1c7b06bf41300dc4d30f3d0e180c9b95d2bcddff
Certificate serial: 01856D01CF9DB60CF40F7001E1ED3A64752A
Authority key identifier: 1C:7B:06:BF:41:30:0D:C4:D3:0F:3D:0E:18:0C:9B:95:D2:BC:DD:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HHsGv0EwDcTTDz0OGAybldK83f8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/UQi-UpfvVOkMp6rvMxiGWYK4_2s.roa
Signing time: Sun 01 Jan 2023 11:05:13 +0000
ROA not before: Sun 01 Jan 2023 11:05:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205403
IP address blocks: 145.14.6.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:cf:9d:b6:0c:f4:0f:70:01:e1:ed:3a:64:75:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c7b06bf41300dc4d30f3d0e180c9b95d2bcddff
Validity
Not Before: Jan 1 11:05:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5108be5297ef54e90ca7aaef3318865982b8ff6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:3e:c0:fc:ad:18:29:2b:7b:6b:62:40:11:53:
9e:a2:7d:d0:ee:a9:5b:6e:46:40:0e:4c:c9:45:13:
3c:d7:54:b4:6a:30:e6:9c:a6:2e:16:ec:b0:84:ef:
d7:fb:2f:ae:0c:4c:a8:af:81:8a:6a:33:24:4d:7e:
28:2c:02:47:af:3e:6b:dc:25:80:99:98:81:02:b2:
d3:42:59:b9:57:4b:ad:28:5a:35:80:72:6a:bc:7b:
8f:45:b9:2f:5d:28:7a:0d:6e:d2:1b:09:35:7d:f7:
19:72:6e:e8:68:22:5d:19:aa:e2:a9:b4:8a:96:46:
77:32:63:b9:51:c5:fa:a3:a9:30:94:89:bc:89:d6:
ff:e5:16:e7:49:4f:8b:21:7e:3e:92:f4:84:ca:de:
89:a2:4d:38:f9:35:bf:cb:6f:a9:fd:1a:b4:7f:ef:
73:17:55:bc:b6:e8:28:d6:6b:c5:93:46:34:b5:bc:
7d:cb:ea:a8:a6:2f:b0:94:50:fa:c9:39:c3:13:81:
6c:e8:97:15:90:7b:3c:4d:38:d6:bf:34:57:1d:91:
1d:57:a4:2c:51:b5:28:12:7a:68:4e:b3:7f:a8:32:
1b:b8:ea:90:15:b4:c5:22:53:4a:fb:e7:35:a0:a3:
03:8e:aa:02:a1:27:00:fa:df:e4:22:fc:04:1c:50:
57:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:08:BE:52:97:EF:54:E9:0C:A7:AA:EF:33:18:86:59:82:B8:FF:6B
X509v3 Authority Key Identifier:
keyid:1C:7B:06:BF:41:30:0D:C4:D3:0F:3D:0E:18:0C:9B:95:D2:BC:DD:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHsGv0EwDcTTDz0OGAybldK83f8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/UQi-UpfvVOkMp6rvMxiGWYK4_2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/HHsGv0EwDcTTDz0OGAybldK83f8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.14.6.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:a8:6e:09:01:11:12:1d:6b:c9:7d:2f:9d:a9:41:c5:d4:41:
85:82:81:23:e9:25:29:d6:97:a2:83:4f:de:7e:73:6c:7b:1f:
f6:97:d1:91:cb:00:a7:e5:eb:7c:f9:01:82:36:d8:c9:b0:97:
dd:9a:dd:e3:52:81:13:6b:14:a3:b3:0e:f1:78:83:5d:20:4a:
0e:67:65:28:87:2d:aa:8a:e1:ce:6d:1a:50:d5:83:13:d6:52:
c2:66:2f:ab:ec:4a:c1:29:02:e3:6e:f3:92:c1:8c:da:ce:9d:
94:3e:57:d6:62:ad:e0:f0:db:37:a3:5f:8c:c9:ae:64:b6:c9:
4f:81:fa:e6:ff:23:fe:dc:4d:4a:ba:d1:eb:07:ad:41:d5:01:
29:e8:f5:d9:1a:68:45:86:48:fb:be:d5:37:7a:8a:ac:d1:4b:
8f:fd:cf:0f:5f:2f:24:ee:1d:40:ab:b5:91:24:ac:2b:02:aa:
b8:62:0d:5f:71:ca:d7:13:32:41:e1:41:1d:5b:fd:af:5c:27:
ad:e4:b0:5c:db:c4:87:5f:17:7d:e7:64:33:22:0d:5d:7d:c1:
f6:b4:c2:df:c5:85:93:7a:73:1c:f0:2a:00:74:6c:f0:a4:dd:
31:c4:8a:a3:c3:ac:93:12:6c:60:a1:c3:93:b7:82:cc:82:ba:
ac:8b:87:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtAc+dtgz0D3AB4e06ZHUqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjN2IwNmJmNDEzMDBkYzRkMzBmM2QwZTE4MGM5Yjk1ZDJi
Y2RkZmYwHhcNMjMwMTAxMTEwNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTA4YmU1Mjk3ZWY1NGU5MGNhN2FhZWYzMzE4ODY1OTgyYjhmZjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlj7A/K0YKSt7a2JAEVOeon3Q7qlb
bkZADkzJRRM811S0ajDmnKYuFuywhO/X+y+uDEyor4GKajMkTX4oLAJHrz5r3CWA
mZiBArLTQlm5V0utKFo1gHJqvHuPRbkvXSh6DW7SGwk1ffcZcm7oaCJdGariqbSK
lkZ3MmO5UcX6o6kwlIm8idb/5RbnSU+LIX4+kvSEyt6Jok04+TW/y2+p/Rq0f+9z
F1W8tugo1mvFk0Y0tbx9y+qopi+wlFD6yTnDE4Fs6JcVkHs8TTjWvzRXHZEdV6Qs
UbUoEnpoTrN/qDIbuOqQFbTFIlNK++c1oKMDjqoCoScA+t/kIvwEHFBXIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFEIvlKX71TpDKeq7zMYhlmCuP9rMB8GA1UdIwQY
MBaAFBx7Br9BMA3E0w89DhgMm5XSvN3/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhzR3YwRXdEY1RURHowT0dBeWJsZEs4M2Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83MDJiMjgtZTE1OC00MGMwLTgzMzAt
MjRmZGRjNmQxNDdiLzEvVVFpLVVwZnZWT2tNcDZydk14aUdXWUs0XzJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83MDJiMjgtZTE1OC00MGMwLTgzMzAtMjRmZGRjNmQxNDdi
LzEvSEhzR3YwRXdEY1RURHowT0dBeWJsZEs4M2Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkQ4GMA0G
CSqGSIb3DQEBCwUAA4IBAQCsqG4JARESHWvJfS+dqUHF1EGFgoEj6SUp1peig0/e
fnNsex/2l9GRywCn5et8+QGCNtjJsJfdmt3jUoETaxSjsw7xeINdIEoOZ2Uohy2q
iuHObRpQ1YMT1lLCZi+r7ErBKQLjbvOSwYzazp2UPlfWYq3g8Ns3o1+Mya5ktslP
gfrm/yP+3E1KutHrB61B1QEp6PXZGmhFhkj7vtU3eoqs0UuP/c8PXy8k7h1Aq7WR
JKwrAqq4Yg1fccrXEzJB4UEdW/2vXCet5LBc28SHXxd952QzIg1dfcH2tMLfxYWT
enMc8CoAdGzwpN0xxIqjw6yTEmxgocOTt4LMgrqsi4dA
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:19:03 2025 by rpki-client