Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/e5ea19-0b7b-431f-91bf-abcc905d9ffe/1/UxQ5toRGNE8jI5FD2qtVdtRbPL0.roa
File: UxQ5toRGNE8jI5FD2qtVdtRbPL0.roa (raw, json)
Hash identifier: j+vHMurAZizTdlMYPwZrBPPJ/QekgZm4jtzQbSdXh1M=
Subject key identifier: 53:14:39:B6:84:46:34:4F:23:23:91:43:DA:AB:55:76:D4:5B:3C:BD
Certificate issuer: /CN=6547443e620d63c8e4f54a67178474d1f909af68
Certificate serial: 018BCD451141DABF7E1538420A462B0FFBBD
Authority key identifier: 65:47:44:3E:62:0D:63:C8:E4:F5:4A:67:17:84:74:D1:F9:09:AF:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZUdEPmINY8jk9UpnF4R00fkJr2g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/e5ea19-0b7b-431f-91bf-abcc905d9ffe/1/UxQ5toRGNE8jI5FD2qtVdtRbPL0.roa
Signing time: Tue 14 Nov 2023 09:58:57 +0000
ROA not before: Tue 14 Nov 2023 09:58:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21466
IP address blocks: 213.230.32.0/20 maxlen: 24
213.230.40.0/21 maxlen: 24
185.166.80.0/22 maxlen: 24
213.202.32.0/19 maxlen: 24
213.202.40.0/21 maxlen: 24
213.202.48.0/20 maxlen: 24
2a06:3f40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:cd:45:11:41:da:bf:7e:15:38:42:0a:46:2b:0f:fb:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6547443e620d63c8e4f54a67178474d1f909af68
Validity
Not Before: Nov 14 09:58:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=531439b68446344f23239143daab5576d45b3cbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:fa:9d:52:ab:9f:f5:14:7d:90:25:4a:f2:61:
32:16:f0:d8:aa:d2:58:04:f1:d1:6f:2d:1a:fa:d7:
85:18:49:b8:45:7a:00:77:a7:b9:5c:55:37:4e:0b:
b0:ed:71:40:a4:b8:eb:cb:0d:3e:eb:5e:68:29:74:
f6:45:84:f1:a3:12:28:51:2c:97:11:77:b8:0b:6c:
3d:35:ff:36:ed:3c:b8:d1:8c:78:d5:8c:4f:f2:3f:
b6:05:8d:21:33:50:9f:2c:1b:d5:11:25:9d:7d:d6:
06:b7:88:17:29:12:25:99:49:58:44:dd:f4:0a:79:
47:28:2d:74:90:46:f8:81:0c:8d:b7:5d:ba:fa:4f:
90:0e:aa:9f:f4:75:25:34:39:3b:8d:d2:2d:1a:74:
41:a9:d4:af:8c:b8:a5:b4:0f:8c:c1:d9:d8:1a:27:
95:5b:38:69:1e:6f:6c:66:0d:28:cc:7d:b8:20:59:
ec:2f:cb:e9:78:ad:56:d1:4e:15:ff:e4:3f:10:a6:
0d:de:97:9f:48:e2:44:1f:c4:1c:e0:41:ba:2c:3a:
d0:9f:7d:aa:c5:29:0d:1b:6f:1b:67:8e:e2:fa:cc:
1b:6f:ad:e6:a1:20:2f:f2:25:59:e1:aa:d4:68:e9:
a9:4d:50:d1:4e:fd:c5:6b:cf:82:62:40:f6:cc:17:
69:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:14:39:B6:84:46:34:4F:23:23:91:43:DA:AB:55:76:D4:5B:3C:BD
X509v3 Authority Key Identifier:
keyid:65:47:44:3E:62:0D:63:C8:E4:F5:4A:67:17:84:74:D1:F9:09:AF:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZUdEPmINY8jk9UpnF4R00fkJr2g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/e5ea19-0b7b-431f-91bf-abcc905d9ffe/1/UxQ5toRGNE8jI5FD2qtVdtRbPL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/e5ea19-0b7b-431f-91bf-abcc905d9ffe/1/ZUdEPmINY8jk9UpnF4R00fkJr2g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.80.0/22
213.202.32.0/19
213.230.32.0/20
IPv6:
2a06:3f40::/29
Signature Algorithm: sha256WithRSAEncryption
51:99:0c:1a:65:d7:18:82:c9:20:8b:85:1c:4e:56:5b:a5:20:
ba:cb:74:4b:2c:ef:5e:68:65:27:03:d7:07:be:ca:2e:c8:27:
ec:a2:09:24:ef:5d:4b:d8:b2:5c:ef:1f:05:61:a9:2b:0c:7c:
56:82:17:3d:1f:36:1f:57:d0:00:bf:1d:30:fd:a5:c1:c5:15:
f3:09:89:75:ac:3c:a9:ee:65:f9:e3:54:bc:79:06:fa:9e:f9:
2d:bd:c3:66:8d:c9:bc:3f:f3:80:23:74:3c:35:bf:2f:82:4e:
82:d6:3b:49:7b:9f:ae:aa:fb:1b:1d:a7:cc:6b:2b:a0:0f:de:
dc:33:74:0e:1d:11:38:88:e1:bc:df:8d:c2:9f:33:3a:42:5c:
c7:60:fa:4d:ba:bd:dd:98:fc:c0:fc:4b:96:1a:1f:15:94:3a:
34:ed:3a:bd:f4:fd:2d:7c:40:0b:88:ba:cc:ff:70:14:91:8f:
10:a2:54:01:5d:96:8a:63:71:46:22:78:d3:38:7d:ad:c0:cb:
93:03:89:0a:47:aa:b9:5f:bb:5b:99:9b:c9:91:af:52:27:5b:
4d:5a:de:d9:25:6d:e8:d2:9e:64:15:e4:5f:4e:21:2d:d1:3e:
c7:b1:65:57:6d:bc:8b:11:0e:26:3c:70:4f:04:eb:17:ac:f1:
98:a9:3a:e1
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYvNRRFB2r9+FThCCkYrD/u9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1NDc0NDNlNjIwZDYzYzhlNGY1NGE2NzE3ODQ3NGQxZjkw
OWFmNjgwHhcNMjMxMTE0MDk1ODU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzE0MzliNjg0NDYzNDRmMjMyMzkxNDNkYWFiNTU3NmQ0NWIzY2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofqdUquf9RR9kCVK8mEyFvDYqtJY
BPHRby0a+teFGEm4RXoAd6e5XFU3Tguw7XFApLjryw0+615oKXT2RYTxoxIoUSyX
EXe4C2w9Nf827Ty40Yx41YxP8j+2BY0hM1CfLBvVESWdfdYGt4gXKRIlmUlYRN30
CnlHKC10kEb4gQyNt126+k+QDqqf9HUlNDk7jdItGnRBqdSvjLiltA+MwdnYGieV
WzhpHm9sZg0ozH24IFnsL8vpeK1W0U4V/+Q/EKYN3pefSOJEH8Qc4EG6LDrQn32q
xSkNG28bZ47i+swbb63moSAv8iVZ4arUaOmpTVDRTv3Fa8+CYkD2zBdpTwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFMUObaERjRPIyORQ9qrVXbUWzy9MB8GA1UdIwQY
MBaAFGVHRD5iDWPI5PVKZxeEdNH5Ca9oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlVkRVBtSU5ZOGprOVVwbkY0UjAwZmtKcjJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9lNWVhMTktMGI3Yi00MzFmLTkxYmYt
YWJjYzkwNWQ5ZmZlLzEvVXhRNXRvUkdORThqSTVGRDJxdFZkdFJiUEwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9lNWVhMTktMGI3Yi00MzFmLTkxYmYtYWJjYzkwNWQ5ZmZl
LzEvWlVkRVBtSU5ZOGprOVVwbkY0UjAwZmtKcjJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuaZQAwQF
1cogAwQE1eYgMA0EAgACMAcDBQMqBj9AMA0GCSqGSIb3DQEBCwUAA4IBAQBRmQwa
ZdcYgskgi4UcTlZbpSC6y3RLLO9eaGUnA9cHvsouyCfsogkk711L2LJc7x8FYakr
DHxWghc9HzYfV9AAvx0w/aXBxRXzCYl1rDyp7mX541S8eQb6nvktvcNmjcm8P/OA
I3Q8Nb8vgk6C1jtJe5+uqvsbHafMayugD97cM3QOHRE4iOG8343CnzM6QlzHYPpN
ur3dmPzA/EuWGh8VlDo07Tq99P0tfEALiLrM/3AUkY8QolQBXZaKY3FGInjTOH2t
wMuTA4kKR6q5X7tbmZvJka9SJ1tNWt7ZJW3o0p5kFeRfTiEt0T7HsWVXbbyLEQ4m
PHBPBOsXrPGYqTrh
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:57 2025 by rpki-client