Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/UJvMu7SgAwiZspo2c2YRQnETVJk.roa
File: UJvMu7SgAwiZspo2c2YRQnETVJk.roa (raw, json)
Hash identifier: F6Muu8Xyea9tupdLti09P7sX7Pz7w88I0aoDO4o3oqs=
Subject key identifier: 50:9B:CC:BB:B4:A0:03:08:99:B2:9A:36:73:66:11:42:71:13:54:99
Certificate issuer: /CN=f14a6318b2ed6d0c8234f98208f88de0e9d4698e
Certificate serial: 018C82F865B4842436E5DCC1649080A7D5B2
Authority key identifier: F1:4A:63:18:B2:ED:6D:0C:82:34:F9:82:08:F8:8D:E0:E9:D4:69:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8UpjGLLtbQyCNPmCCPiN4OnUaY4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/UJvMu7SgAwiZspo2c2YRQnETVJk.roa
Signing time: Tue 19 Dec 2023 16:46:06 +0000
ROA not before: Tue 19 Dec 2023 16:46:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56798
IP address blocks: 45.86.36.0/24 maxlen: 24
193.17.33.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:82:f8:65:b4:84:24:36:e5:dc:c1:64:90:80:a7:d5:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f14a6318b2ed6d0c8234f98208f88de0e9d4698e
Validity
Not Before: Dec 19 16:46:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=509bccbbb4a0030899b29a367366114271135499
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:5d:1e:36:46:a3:0a:27:7b:ca:c8:11:44:04:
1a:d6:fe:af:03:a2:b8:18:44:13:51:0b:69:06:83:
3d:75:07:84:16:77:e3:57:49:65:ee:f5:95:5b:8a:
5d:17:76:bd:18:65:71:bf:df:18:33:a5:52:e1:b3:
4a:0b:ee:85:49:fb:20:3c:ad:4c:7b:e3:8a:bd:40:
f8:43:80:77:89:9e:7e:7d:07:72:64:69:93:12:ef:
6d:7d:5d:e2:c9:00:ec:e9:8b:5c:41:30:d2:60:34:
78:17:28:8e:83:99:ad:d8:c4:d3:2a:e8:a4:c6:f9:
3b:0a:b5:14:03:ec:ca:c3:6c:24:ed:c8:12:31:ee:
8a:b0:91:4b:78:04:86:04:f8:12:15:3e:2c:34:9a:
6b:f7:f5:0f:e6:8e:16:f3:66:c4:6d:b5:81:ed:01:
93:6f:39:86:eb:62:5c:e3:6d:bc:a1:de:fe:5c:91:
a4:6d:c8:89:23:1c:e1:f7:cb:70:be:a0:ae:ff:51:
d9:11:ba:cf:3a:d7:fb:02:6c:7a:3f:7c:75:ea:a1:
b0:2f:bb:e3:a0:19:24:69:4b:54:0d:ef:b5:3d:31:
86:e1:ee:3e:96:e9:8e:75:54:46:8b:bc:10:62:1a:
4e:15:7a:d0:b9:29:f9:99:a4:9e:5d:f2:0b:ad:05:
e1:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:9B:CC:BB:B4:A0:03:08:99:B2:9A:36:73:66:11:42:71:13:54:99
X509v3 Authority Key Identifier:
keyid:F1:4A:63:18:B2:ED:6D:0C:82:34:F9:82:08:F8:8D:E0:E9:D4:69:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8UpjGLLtbQyCNPmCCPiN4OnUaY4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/UJvMu7SgAwiZspo2c2YRQnETVJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/8UpjGLLtbQyCNPmCCPiN4OnUaY4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.36.0/24
193.17.33.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:99:ed:42:4e:78:dc:8d:d8:e1:8f:b8:48:cd:a5:28:d3:8b:
1b:32:a1:ff:d7:51:f8:ce:9f:c8:01:89:d2:d8:16:85:98:1b:
75:80:76:71:7f:57:9a:35:f2:e4:e9:49:a6:75:69:0c:04:65:
48:b0:3b:f0:e4:98:6c:8f:e8:8a:c5:09:5b:eb:6e:56:1e:48:
a5:4f:b7:7f:3a:73:a4:37:c9:d4:34:8d:69:8a:0b:b9:8f:5c:
83:47:a5:a9:81:33:5c:59:7c:6d:98:91:65:91:cc:2b:e6:1c:
8f:fe:69:3e:08:a2:c1:cb:38:aa:eb:86:5f:a7:09:12:89:e4:
39:5d:e8:e7:ad:d4:22:1d:99:7d:cd:a7:98:d4:93:5d:32:f6:
80:1f:75:a5:46:51:6d:9a:4e:f2:33:4f:f6:45:96:c2:db:08:
09:2d:3f:86:bb:90:d9:1c:1e:19:cf:c8:54:b8:1e:ca:4c:d1:
44:09:cf:8f:52:a1:f5:eb:98:9f:d7:08:50:58:13:03:7d:7d:
2f:24:c4:92:12:29:06:98:66:4a:4e:b4:07:8f:2d:72:2a:fd:
15:8d:70:1f:7b:23:6d:83:62:e2:70:d8:f5:7b:2e:08:6b:02:
eb:73:bd:a8:32:00:4f:cc:55:cb:d3:ff:59:26:04:07:e3:7c:
6d:b3:ee:12
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYyC+GW0hCQ25dzBZJCAp9WyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNGE2MzE4YjJlZDZkMGM4MjM0Zjk4MjA4Zjg4ZGUwZTlk
NDY5OGUwHhcNMjMxMjE5MTY0NjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDliY2NiYmI0YTAwMzA4OTliMjlhMzY3MzY2MTE0MjcxMTM1NDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvF0eNkajCid7ysgRRAQa1v6vA6K4
GEQTUQtpBoM9dQeEFnfjV0ll7vWVW4pdF3a9GGVxv98YM6VS4bNKC+6FSfsgPK1M
e+OKvUD4Q4B3iZ5+fQdyZGmTEu9tfV3iyQDs6YtcQTDSYDR4FyiOg5mt2MTTKuik
xvk7CrUUA+zKw2wk7cgSMe6KsJFLeASGBPgSFT4sNJpr9/UP5o4W82bEbbWB7QGT
bzmG62Jc4228od7+XJGkbciJIxzh98twvqCu/1HZEbrPOtf7Amx6P3x16qGwL7vj
oBkkaUtUDe+1PTGG4e4+lumOdVRGi7wQYhpOFXrQuSn5maSeXfILrQXhnwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFCbzLu0oAMImbKaNnNmEUJxE1SZMB8GA1UdIwQY
MBaAFPFKYxiy7W0MgjT5ggj4jeDp1GmOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFVwakdMTHRiUXlDTlBtQ0NQaU40T25VYVk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8zMzU3OTctOWIyMS00YzUwLWIwNDQt
Yzg2ZWQ0ODYyNTAxLzEvVUp2TXU3U2dBd2lac3BvMmMyWVJRbkVUVkprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8zMzU3OTctOWIyMS00YzUwLWIwNDQtYzg2ZWQ0ODYyNTAx
LzEvOFVwakdMTHRiUXlDTlBtQ0NQaU40T25VYVk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVYkAwQA
wREhMA0GCSqGSIb3DQEBCwUAA4IBAQCeme1CTnjcjdjhj7hIzaUo04sbMqH/11H4
zp/IAYnS2BaFmBt1gHZxf1eaNfLk6UmmdWkMBGVIsDvw5Jhsj+iKxQlb625WHkil
T7d/OnOkN8nUNI1pigu5j1yDR6WpgTNcWXxtmJFlkcwr5hyP/mk+CKLByziq64Zf
pwkSieQ5XejnrdQiHZl9zaeY1JNdMvaAH3WlRlFtmk7yM0/2RZbC2wgJLT+Gu5DZ
HB4Zz8hUuB7KTNFECc+PUqH165if1whQWBMDfX0vJMSSEikGmGZKTrQHjy1yKv0V
jXAfeyNtg2LicNj1ey4IawLrc72oMgBPzFXL0/9ZJgQH43xts+4S
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:22:52 2025 by rpki-client