Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/uMXdS3Gxw6oWb1D9C4593E_hJrc.roa
File: uMXdS3Gxw6oWb1D9C4593E_hJrc.roa (raw, json)
Hash identifier: ANZ7/b9EvpCZvSXIOEikKtXBYsIaBVKY7CmYTSQTAko=
Subject key identifier: B8:C5:DD:4B:71:B1:C3:AA:16:6F:50:FD:0B:8E:7D:DC:4F:E1:26:B7
Certificate issuer: /CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Certificate serial: 136D2959
Authority key identifier: 1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/uMXdS3Gxw6oWb1D9C4593E_hJrc.roa
Signing time: Sat 01 Jan 2022 05:58:24 +0000
ROA not before: Sat 01 Jan 2022 05:58:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51906
IP address blocks: 82.197.132.0/23 maxlen: 23
2001:7f0:101::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 325921113 (0x136d2959)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Validity
Not Before: Jan 1 05:58:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b8c5dd4b71b1c3aa166f50fd0b8e7ddc4fe126b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b2:43:31:0d:9f:2f:2a:d3:73:d6:b0:4e:3e:
d2:67:1c:f2:ef:98:87:f3:e0:6e:be:7b:60:18:5d:
73:50:d3:da:2c:78:1b:09:a2:ce:20:ac:c9:93:f2:
55:d9:3d:76:ae:6b:95:ec:88:fb:34:9a:30:25:5a:
3a:e1:6f:7e:02:d9:2c:93:f8:d4:39:d7:ee:eb:56:
42:95:9c:37:92:5e:0f:01:4b:25:3a:0e:6a:5c:eb:
83:7d:5b:06:8a:f4:07:4a:27:88:1c:29:ee:1d:ff:
e6:84:21:8b:34:40:4b:b2:b4:ed:07:5b:b0:0a:74:
08:c8:2a:47:26:4b:94:c3:c9:a5:35:8e:02:01:6f:
97:1c:80:97:c2:ba:9c:fd:e6:4e:83:f8:58:ad:43:
b9:34:9b:a5:51:f9:80:cf:d0:e4:43:d1:e6:76:45:
6b:96:af:02:d9:8a:3f:6b:d3:bc:58:30:67:41:c5:
08:a4:d2:28:b7:7d:9b:31:50:2d:76:af:cd:d8:03:
48:76:f9:dc:bb:5c:18:8f:45:1f:19:0c:68:d3:0a:
b0:a2:18:56:dc:80:53:ec:85:4b:b4:57:09:64:b5:
76:c0:fe:1f:26:05:da:5f:3e:05:8f:1c:26:c8:45:
2b:f4:c3:9a:3a:81:e7:e2:e6:bc:2b:98:90:ab:8c:
b9:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:C5:DD:4B:71:B1:C3:AA:16:6F:50:FD:0B:8E:7D:DC:4F:E1:26:B7
X509v3 Authority Key Identifier:
keyid:1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/uMXdS3Gxw6oWb1D9C4593E_hJrc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.197.132.0/23
IPv6:
2001:7f0:101::/48
Signature Algorithm: sha256WithRSAEncryption
01:49:d4:7a:4c:57:fa:0c:78:79:34:91:39:84:b2:7a:bf:c2:
5a:f6:3d:7b:73:a6:09:ca:3e:07:f8:4c:57:43:ef:f9:79:e0:
03:0e:ff:be:bb:b3:b5:83:cb:b0:d6:24:11:6e:b9:3d:9c:31:
9b:b8:9f:c3:3f:8b:48:d4:84:1b:06:c0:be:ed:3d:35:92:bb:
d2:3b:f7:51:37:ec:b5:c1:34:87:25:c4:b3:d3:ed:02:55:34:
64:49:75:a8:7d:9f:53:1e:e0:81:df:ca:21:b8:b2:f0:a9:22:
fe:07:b6:84:d5:1f:88:0a:0f:5b:5d:c0:81:e0:7e:fb:8e:29:
fa:c6:97:f3:b6:3f:a9:8f:98:02:86:75:6b:02:a3:90:67:d5:
dc:2e:6e:9c:e4:18:7f:0d:37:b2:51:9f:ee:47:25:bb:6b:71:
cf:b7:f6:75:a8:ba:c1:db:8f:8a:9c:f4:2e:ab:ea:3c:6c:26:
d1:0f:3e:15:d3:7d:4d:74:3f:8b:59:b5:22:ec:3b:0f:44:0b:
e3:61:87:fd:88:97:88:e1:e3:eb:a4:ff:4c:d7:cf:4d:ca:f3:
b0:3c:77:9c:6d:19:85:15:94:cb:c8:7f:64:b1:2d:7a:fd:fd:
a2:76:c0:17:9d:2d:e9:6d:a3:cb:e8:c6:de:89:83:b5:67:54:
4c:b6:c2:97
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEE20pWTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZmU5MGZkZTk3ODRhOTFkOTNhN2EyYWY1OWQ0ZDA0M2YxMTcxZmJhMB4XDTIyMDEw
MTA1NTgyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjhjNWRkNGI3MWIx
YzNhYTE2NmY1MGZkMGI4ZTdkZGM0ZmUxMjZiNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALqyQzENny8q03PWsE4+0mcc8u+Yh/Pgbr57YBhdc1DT2ix4
GwmiziCsyZPyVdk9dq5rleyI+zSaMCVaOuFvfgLZLJP41DnX7utWQpWcN5JeDwFL
JToOalzrg31bBor0B0oniBwp7h3/5oQhizRAS7K07QdbsAp0CMgqRyZLlMPJpTWO
AgFvlxyAl8K6nP3mToP4WK1DuTSbpVH5gM/Q5EPR5nZFa5avAtmKP2vTvFgwZ0HF
CKTSKLd9mzFQLXavzdgDSHb53LtcGI9FHxkMaNMKsKIYVtyAU+yFS7RXCWS1dsD+
HyYF2l8+BY8cJshFK/TDmjqB5+LmvCuYkKuMuZcCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBS4xd1LcbHDqhZvUP0Ljn3cT+EmtzAfBgNVHSMEGDAWgBQf6Q/el4SpHZOn
oq9Z1NBD8RcfujAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0gta1AzcGVFcVIyVHA2S3ZXZFRRUV9FWEg3by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTIvYTk0NWY3LTUzYjMtNGRiNS1hZTA0LTIzNzcyZTdmOTJlMy8x
L3VNWGRTM0d4dzZvV2IxRDlDNDU5M0VfaEpyYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIv
YTk0NWY3LTUzYjMtNGRiNS1hZTA0LTIzNzcyZTdmOTJlMy8xL0gta1AzcGVFcVIy
VHA2S3ZXZFRRUV9FWEg3by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAVLFhDAPBAIAAjAJAwcAIAEH8AEB
MA0GCSqGSIb3DQEBCwUAA4IBAQABSdR6TFf6DHh5NJE5hLJ6v8Ja9j17c6YJyj4H
+ExXQ+/5eeADDv++u7O1g8uw1iQRbrk9nDGbuJ/DP4tI1IQbBsC+7T01krvSO/dR
N+y1wTSHJcSz0+0CVTRkSXWofZ9THuCB38ohuLLwqSL+B7aE1R+ICg9bXcCB4H77
jin6xpfztj+pj5gChnVrAqOQZ9XcLm6c5Bh/DTeyUZ/uRyW7a3HPt/Z1qLrB24+K
nPQuq+o8bCbRDz4V031NdD+LWbUi7DsPRAvjYYf9iJeI4ePrpP9M189NyvOwPHec
bRmFFZTLyH9ksS16/f2idsAXnS3pbaPL6MbeiYO1Z1RMtsKX
-----END CERTIFICATE-----
Generated at Fri Apr 18 02:39:46 2025 by rpki-client