Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/db75db-25b2-43dc-aa12-ed001a2889ad/1/UQwLKxddABPoeEiJBfuiLImbxS8.roa
File: UQwLKxddABPoeEiJBfuiLImbxS8.roa (raw, json)
Hash identifier: /cas7CxXR3MLbxre0YErCpmbJGgglNYxP8TVd1njRno=
Subject key identifier: 51:0C:0B:2B:17:5D:00:13:E8:78:48:89:05:FB:A2:2C:89:9B:C5:2F
Certificate issuer: /CN=0ad06dd27bd93a380da4c75d1a8bf076828fd64a
Certificate serial: 01874838BFCB627E9A6F7E521CA82307DB74
Authority key identifier: 0A:D0:6D:D2:7B:D9:3A:38:0D:A4:C7:5D:1A:8B:F0:76:82:8F:D6:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CtBt0nvZOjgNpMddGovwdoKP1ko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/db75db-25b2-43dc-aa12-ed001a2889ad/1/UQwLKxddABPoeEiJBfuiLImbxS8.roa
Signing time: Mon 03 Apr 2023 17:44:51 +0000
ROA not before: Mon 03 Apr 2023 17:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62236
IP address blocks: 185.224.28.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:48:38:bf:cb:62:7e:9a:6f:7e:52:1c:a8:23:07:db:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ad06dd27bd93a380da4c75d1a8bf076828fd64a
Validity
Not Before: Apr 3 17:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=510c0b2b175d0013e878488905fba22c899bc52f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:c9:09:dc:37:7a:91:5d:59:89:3b:cf:17:77:
d2:fb:1c:59:ec:9f:22:a8:a2:69:1c:bc:c1:d0:27:
39:64:47:d4:65:59:55:66:bf:39:f4:43:81:88:11:
22:58:14:28:43:65:eb:59:06:9d:8a:e7:9f:a7:be:
cf:09:d5:b1:7d:23:ec:c9:f4:ea:24:8c:77:69:c3:
91:3a:ba:aa:03:34:f1:bb:fc:3b:d9:4e:5e:dd:5e:
af:d7:64:5e:32:20:68:b6:53:c6:aa:5e:3e:35:17:
63:b6:b7:20:8d:0b:d7:99:e4:8d:12:b5:6e:4a:be:
b9:2c:79:8c:07:88:76:0d:c9:65:b1:06:30:a1:35:
b6:47:05:72:16:38:41:12:44:f8:44:53:2f:3f:c6:
fe:df:f0:0f:49:5d:d1:58:cb:4d:fa:fc:5a:f5:2b:
e8:74:63:25:f3:75:44:d8:cc:eb:f5:bb:da:01:90:
48:38:76:8a:67:2c:b1:4e:e3:9f:cb:0e:4f:c4:b6:
0a:a9:08:07:f5:5b:d0:10:dd:c6:27:9b:fe:59:3f:
f7:a3:1f:35:92:7c:30:28:39:bc:fc:fb:98:d7:ee:
22:19:ca:d6:dc:c7:dc:5e:30:53:2b:9f:ed:2e:73:
3a:67:c9:cd:fb:b2:7f:be:db:e0:b3:90:91:86:37:
5c:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:0C:0B:2B:17:5D:00:13:E8:78:48:89:05:FB:A2:2C:89:9B:C5:2F
X509v3 Authority Key Identifier:
keyid:0A:D0:6D:D2:7B:D9:3A:38:0D:A4:C7:5D:1A:8B:F0:76:82:8F:D6:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CtBt0nvZOjgNpMddGovwdoKP1ko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/db75db-25b2-43dc-aa12-ed001a2889ad/1/UQwLKxddABPoeEiJBfuiLImbxS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/db75db-25b2-43dc-aa12-ed001a2889ad/1/CtBt0nvZOjgNpMddGovwdoKP1ko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.224.28.0/24
Signature Algorithm: sha256WithRSAEncryption
52:c4:cb:a8:0e:a4:69:aa:19:a8:f6:88:c5:b6:95:5f:99:fa:
31:23:30:b0:6f:f3:f3:79:00:7d:74:44:a4:b8:d0:dc:4b:57:
48:ec:f5:51:96:9a:03:8c:14:4b:22:c4:bc:a7:01:5b:6f:8e:
10:ca:25:f3:e2:02:c9:5d:93:75:42:59:08:72:ae:b6:e1:e3:
f9:50:8c:ce:8f:1c:a0:a2:71:f0:3e:1c:27:e5:83:2a:ab:e2:
6c:41:ec:f5:b1:fe:f7:0a:68:92:75:5d:5b:25:d8:14:cc:3c:
26:cc:86:f2:57:af:f5:46:f7:e7:07:62:cd:37:1a:24:45:a1:
c4:73:26:a3:cd:07:70:9b:c8:b3:f9:c1:7e:31:0d:84:47:05:
7e:94:fb:0d:27:c9:b2:55:78:8b:3e:77:2e:97:61:d1:7d:e3:
60:af:06:24:a2:07:cd:2f:b7:2b:99:21:2f:15:d1:a4:fe:de:
55:42:d4:e9:ed:9d:b8:a6:f5:e8:80:97:b2:37:72:d6:91:61:
59:7d:ad:9a:fd:0a:e4:42:b2:ac:1b:da:e0:ec:a1:6f:c7:0f:
09:96:31:d6:c8:a2:9d:86:c7:1a:c7:36:fa:af:1b:30:61:37:
5c:53:e4:0d:ea:8b:8e:66:16:22:c5:96:1f:aa:ba:dd:74:ac:
4d:07:41:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdIOL/LYn6ab35SHKgjB9t0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhZDA2ZGQyN2JkOTNhMzgwZGE0Yzc1ZDFhOGJmMDc2ODI4
ZmQ2NGEwHhcNMjMwNDAzMTc0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTBjMGIyYjE3NWQwMDEzZTg3ODQ4ODkwNWZiYTIyYzg5OWJjNTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8kJ3Dd6kV1ZiTvPF3fS+xxZ7J8i
qKJpHLzB0Cc5ZEfUZVlVZr859EOBiBEiWBQoQ2XrWQadiuefp77PCdWxfSPsyfTq
JIx3acOROrqqAzTxu/w72U5e3V6v12ReMiBotlPGql4+NRdjtrcgjQvXmeSNErVu
Sr65LHmMB4h2DcllsQYwoTW2RwVyFjhBEkT4RFMvP8b+3/APSV3RWMtN+vxa9Svo
dGMl83VE2Mzr9bvaAZBIOHaKZyyxTuOfyw5PxLYKqQgH9VvQEN3GJ5v+WT/3ox81
knwwKDm8/PuY1+4iGcrW3MfcXjBTK5/tLnM6Z8nN+7J/vtvgs5CRhjdcjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFEMCysXXQAT6HhIiQX7oiyJm8UvMB8GA1UdIwQY
MBaAFArQbdJ72To4DaTHXRqL8HaCj9ZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3RCdDBudlpPamdOcE1kZEdvdndkb0tQMWtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kYjc1ZGItMjViMi00M2RjLWFhMTIt
ZWQwMDFhMjg4OWFkLzEvVVF3TEt4ZGRBQlBvZUVpSkJmdWlMSW1ieFM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kYjc1ZGItMjViMi00M2RjLWFhMTItZWQwMDFhMjg4OWFk
LzEvQ3RCdDBudlpPamdOcE1kZEdvdndkb0tQMWtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueAcMA0G
CSqGSIb3DQEBCwUAA4IBAQBSxMuoDqRpqhmo9ojFtpVfmfoxIzCwb/PzeQB9dESk
uNDcS1dI7PVRlpoDjBRLIsS8pwFbb44QyiXz4gLJXZN1QlkIcq624eP5UIzOjxyg
onHwPhwn5YMqq+JsQez1sf73CmiSdV1bJdgUzDwmzIbyV6/1RvfnB2LNNxokRaHE
cyajzQdwm8iz+cF+MQ2ERwV+lPsNJ8myVXiLPncul2HRfeNgrwYkogfNL7crmSEv
FdGk/t5VQtTp7Z24pvXogJeyN3LWkWFZfa2a/QrkQrKsG9rg7KFvxw8JljHWyKKd
hscaxzb6rxswYTdcU+QN6ouOZhYixZYfqrrddKxNB0HS
-----END CERTIFICATE-----
Generated at Sat Apr 19 14:08:40 2025 by rpki-client