Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/UGrl8JT1r7Mxjv_bwziTKL7nOYM.roa
File: UGrl8JT1r7Mxjv_bwziTKL7nOYM.roa (raw, json)
Hash identifier: 4OnJQ1lRDow2T4PL5iWBp/IuC+MkSZRHJWVPkfOpOvI=
Subject key identifier: 50:6A:E5:F0:94:F5:AF:B3:31:8E:FF:DB:C3:38:93:28:BE:E7:39:83
Certificate issuer: /CN=5e400ac2396ae228d2b2e56f4b06739969379e44
Certificate serial: 018572FA644BCF6A3C64AD483BE03B863491
Authority key identifier: 5E:40:0A:C2:39:6A:E2:28:D2:B2:E5:6F:4B:06:73:99:69:37:9E:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/UGrl8JT1r7Mxjv_bwziTKL7nOYM.roa
Signing time: Mon 02 Jan 2023 14:54:50 +0000
ROA not before: Mon 02 Jan 2023 14:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201313
IP address blocks: 89.30.109.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:fa:64:4b:cf:6a:3c:64:ad:48:3b:e0:3b:86:34:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e400ac2396ae228d2b2e56f4b06739969379e44
Validity
Not Before: Jan 2 14:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=506ae5f094f5afb3318effdbc3389328bee73983
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:24:a7:49:b4:40:91:38:dd:67:8d:12:d0:35:
61:de:11:f2:5b:e8:f3:7e:62:1d:e7:89:cb:13:a4:
95:45:7a:a9:e3:57:82:c5:72:dd:b5:95:28:3c:70:
a2:fb:92:76:aa:b1:24:67:95:81:92:55:3e:2a:71:
c2:d3:56:22:16:b0:94:0a:be:67:ea:b4:39:ae:de:
2d:e1:e3:89:e3:a8:df:8f:c5:5b:e7:c8:ae:9d:fe:
a7:fa:53:c5:a2:b6:38:df:ba:6a:a4:73:c7:e3:42:
a2:19:ed:c8:1d:f7:d0:03:6c:77:45:39:fc:4b:cf:
67:f1:63:fc:b5:ca:a8:b4:32:86:b3:82:a6:06:83:
0e:8e:fa:f0:a7:dd:33:da:49:f0:78:c7:01:0a:34:
bd:39:06:48:2b:0f:40:e2:01:6d:7c:bb:1d:77:9e:
59:fa:04:6e:bf:6a:8d:42:ef:e6:56:5c:90:32:54:
0e:19:a5:52:72:0d:39:a6:e4:bd:a9:8b:08:92:64:
e4:c5:d9:44:d6:8b:ac:25:bb:db:f0:1d:98:9b:e7:
33:67:b4:75:e8:ee:5b:24:15:43:2a:ba:c7:7f:89:
90:be:74:33:1a:b1:ca:19:3f:a5:bb:60:29:8d:98:
17:01:a9:fd:44:a2:ca:83:b4:53:16:88:83:3b:65:
2a:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:6A:E5:F0:94:F5:AF:B3:31:8E:FF:DB:C3:38:93:28:BE:E7:39:83
X509v3 Authority Key Identifier:
keyid:5E:40:0A:C2:39:6A:E2:28:D2:B2:E5:6F:4B:06:73:99:69:37:9E:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/UGrl8JT1r7Mxjv_bwziTKL7nOYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.30.109.0/24
Signature Algorithm: sha256WithRSAEncryption
c3:4f:d9:a0:3c:9f:36:e6:ca:a7:e2:e9:8f:ee:26:64:89:38:
53:c9:cd:d8:4b:f7:5f:58:8c:4f:40:bf:d4:6c:4e:71:ed:2b:
11:3c:c1:c9:67:0b:bf:fb:77:b8:79:cf:7b:00:c2:43:b0:01:
8a:ea:81:48:af:d9:78:56:83:9d:fc:4d:21:29:e6:f1:9d:b4:
4f:0c:1a:d8:b8:87:19:ff:e5:0e:4f:ef:bb:e9:a3:31:57:5c:
19:48:73:54:a5:75:07:d7:6f:61:b4:09:78:0d:db:84:f7:9a:
f1:66:0b:f1:e4:73:8a:53:a9:62:74:4d:b7:44:e7:b1:1a:7a:
09:57:27:31:c9:67:25:ec:ab:89:09:77:dc:14:aa:2f:0c:ed:
8e:ae:de:7f:a9:ae:b8:58:eb:ad:bc:40:27:4b:0e:f6:7b:c0:
60:a3:da:c2:1a:a8:de:11:7d:f6:0a:f8:42:b6:cd:37:60:cc:
05:06:04:d7:a2:89:8f:6f:c3:d5:e8:24:f1:ef:76:71:41:4a:
05:1a:43:08:4f:2c:5c:97:b5:54:36:8e:c7:ee:7f:da:fb:52:
aa:86:db:af:36:e7:07:66:06:47:a5:b4:c4:0d:03:4a:be:f3:
32:0e:b7:e6:2e:ac:9d:41:ae:71:a6:bd:f7:b3:d5:53:d4:80:
35:97:3e:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVy+mRLz2o8ZK1IO+A7hjSRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNDAwYWMyMzk2YWUyMjhkMmIyZTU2ZjRiMDY3Mzk5Njkz
NzllNDQwHhcNMjMwMTAyMTQ1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDZhZTVmMDk0ZjVhZmIzMzE4ZWZmZGJjMzM4OTMyOGJlZTczOTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCSnSbRAkTjdZ40S0DVh3hHyW+jz
fmId54nLE6SVRXqp41eCxXLdtZUoPHCi+5J2qrEkZ5WBklU+KnHC01YiFrCUCr5n
6rQ5rt4t4eOJ46jfj8Vb58iunf6n+lPForY437pqpHPH40KiGe3IHffQA2x3RTn8
S89n8WP8tcqotDKGs4KmBoMOjvrwp90z2knweMcBCjS9OQZIKw9A4gFtfLsdd55Z
+gRuv2qNQu/mVlyQMlQOGaVScg05puS9qYsIkmTkxdlE1ousJbvb8B2Ym+czZ7R1
6O5bJBVDKrrHf4mQvnQzGrHKGT+lu2ApjZgXAan9RKLKg7RTFoiDO2UqZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFBq5fCU9a+zMY7/28M4kyi+5zmDMB8GA1UdIwQY
MBaAFF5ACsI5auIo0rLlb0sGc5lpN55EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGtBS3dqbHE0aWpTc3VWdlN3WnptV2szbmtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9kNjdhOTUtY2IzNi00OTM3LTkyMjYt
ZGZlZDEyZjFhMDFlLzEvVUdybDhKVDFyN014anZfYnd6aVRLTDduT1lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9kNjdhOTUtY2IzNi00OTM3LTkyMjYtZGZlZDEyZjFhMDFl
LzEvWGtBS3dqbHE0aWpTc3VWdlN3WnptV2szbmtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWR5tMA0G
CSqGSIb3DQEBCwUAA4IBAQDDT9mgPJ825sqn4umP7iZkiThTyc3YS/dfWIxPQL/U
bE5x7SsRPMHJZwu/+3e4ec97AMJDsAGK6oFIr9l4VoOd/E0hKebxnbRPDBrYuIcZ
/+UOT++76aMxV1wZSHNUpXUH129htAl4DduE95rxZgvx5HOKU6lidE23ROexGnoJ
VycxyWcl7KuJCXfcFKovDO2Ort5/qa64WOutvEAnSw72e8Bgo9rCGqjeEX32CvhC
ts03YMwFBgTXoomPb8PV6CTx73ZxQUoFGkMITyxcl7VUNo7H7n/a+1KqhtuvNucH
ZgZHpbTEDQNKvvMyDrfmLqydQa5xpr33s9VT1IA1lz4x
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:40 2025 by rpki-client