Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/8fd6e7-496f-47cf-80fb-5468b2cf0a77/1/uOV_EdtgjJbQiQxgm4cnE900X9M.roa
File: uOV_EdtgjJbQiQxgm4cnE900X9M.roa (raw, json)
Hash identifier: tPBStd3N4i8AxYOkXqKF6NZQw3+3lqARYTuJj2MoKlk=
Subject key identifier: B8:E5:7F:11:DB:60:8C:96:D0:89:0C:60:9B:87:27:13:DD:34:5F:D3
Certificate issuer: /CN=b155daddb871b9d6a53cd6b47f776250837f7774
Certificate serial: 0186DED56BAFD3F55ECE6F5EDF7145B3779F
Authority key identifier: B1:55:DA:DD:B8:71:B9:D6:A5:3C:D6:B4:7F:77:62:50:83:7F:77:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVXa3bhxudalPNa0f3diUIN_d3Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/8fd6e7-496f-47cf-80fb-5468b2cf0a77/1/uOV_EdtgjJbQiQxgm4cnE900X9M.roa
Signing time: Tue 14 Mar 2023 06:36:14 +0000
ROA not before: Tue 14 Mar 2023 06:36:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9066
IP address blocks: 213.252.128.0/18 maxlen: 24
62.89.160.0/19 maxlen: 24
212.68.64.0/19 maxlen: 24
2a01:ac00::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:de:d5:6b:af:d3:f5:5e:ce:6f:5e:df:71:45:b3:77:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155daddb871b9d6a53cd6b47f776250837f7774
Validity
Not Before: Mar 14 06:36:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b8e57f11db608c96d0890c609b872713dd345fd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:34:a1:c8:73:40:c3:98:9d:6d:6e:1c:50:57:
ad:5e:12:64:3a:92:cd:8d:6d:e2:77:f7:5a:9a:80:
aa:bd:9e:9f:8d:18:19:ac:7c:cc:fe:d2:18:e9:78:
5e:d5:bc:e0:93:40:f7:a6:6e:d7:aa:54:e8:53:c4:
05:29:4b:fd:7a:10:b6:ee:01:94:b4:6f:81:80:e6:
cc:13:f8:ab:a0:0e:fb:30:43:09:e5:11:ed:35:49:
bb:5a:57:40:38:b3:19:6a:08:08:51:4e:c3:0a:c0:
60:7f:c1:ed:15:69:dd:87:be:3e:19:37:97:65:64:
20:00:4f:16:b1:c2:cd:a8:b0:31:f2:79:ee:da:d6:
23:61:b1:0f:2b:24:e4:fb:31:84:5a:b9:46:0c:70:
ec:4a:29:87:8c:de:c6:90:f7:4e:7f:18:55:37:63:
2d:7f:dc:bf:cc:a0:6f:f3:53:7a:53:64:08:bb:2a:
b2:13:10:4e:18:4c:10:09:88:66:59:5e:d8:5f:d5:
01:b4:7d:8f:2f:8a:82:3f:ac:aa:98:a1:96:15:df:
28:f6:89:f8:c0:87:79:0c:d1:4c:5f:3c:81:40:71:
8b:1d:42:76:7d:91:76:16:ed:50:46:a4:ea:29:93:
51:a7:dd:1c:a9:97:c5:4d:b2:50:b0:6e:34:25:70:
8b:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:E5:7F:11:DB:60:8C:96:D0:89:0C:60:9B:87:27:13:DD:34:5F:D3
X509v3 Authority Key Identifier:
keyid:B1:55:DA:DD:B8:71:B9:D6:A5:3C:D6:B4:7F:77:62:50:83:7F:77:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVXa3bhxudalPNa0f3diUIN_d3Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/8fd6e7-496f-47cf-80fb-5468b2cf0a77/1/uOV_EdtgjJbQiQxgm4cnE900X9M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/8fd6e7-496f-47cf-80fb-5468b2cf0a77/1/sVXa3bhxudalPNa0f3diUIN_d3Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.89.160.0/19
212.68.64.0/19
213.252.128.0/18
IPv6:
2a01:ac00::/32
Signature Algorithm: sha256WithRSAEncryption
71:0f:5d:7d:f8:e7:3b:bb:3f:12:4e:af:64:26:50:45:b1:7f:
9d:e2:a0:e8:7b:d2:30:85:da:83:76:2c:1c:c1:6c:b0:f1:99:
21:03:da:d7:9c:69:f8:fb:54:5f:1f:0a:aa:35:61:b6:9d:93:
da:43:6b:a8:8a:88:f1:81:53:1c:5c:3c:55:d6:09:82:ff:a0:
ee:5f:0e:0c:0e:94:a3:b5:ac:81:64:69:8b:ec:01:e2:85:72:
e0:94:72:69:32:e3:34:99:ed:52:87:34:86:e0:1d:14:e1:89:
36:bd:d8:67:eb:71:6c:30:46:12:73:e8:79:1a:7c:a7:08:7d:
97:e4:b6:bc:92:32:31:fe:44:7e:bd:5b:1d:8c:c7:a2:6a:67:
38:3d:f0:17:22:8d:79:f6:6e:8e:7c:0b:a5:4c:58:50:92:c1:
aa:da:42:ce:0c:93:b4:f1:94:76:35:99:68:67:e0:e7:ea:d7:
68:a3:91:1b:da:7b:bb:fd:fc:e5:4d:e5:5f:47:ef:31:4c:75:
83:f4:19:56:da:b2:68:e6:58:80:c6:61:a9:75:1e:95:4a:5a:
63:c7:78:ec:64:0e:e4:64:1e:4e:ce:1d:29:b1:64:20:81:2a:
4e:b2:a3:70:c0:bc:94:a4:f0:86:d4:4f:01:b6:f3:56:a4:4f:
97:ba:80:b6
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYbe1Wuv0/Vezm9e33FFs3efMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTVkYWRkYjg3MWI5ZDZhNTNjZDZiNDdmNzc2MjUwODM3
Zjc3NzQwHhcNMjMwMzE0MDYzNjE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGU1N2YxMWRiNjA4Yzk2ZDA4OTBjNjA5Yjg3MjcxM2RkMzQ1ZmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjShyHNAw5idbW4cUFetXhJkOpLN
jW3id/damoCqvZ6fjRgZrHzM/tIY6Xhe1bzgk0D3pm7XqlToU8QFKUv9ehC27gGU
tG+BgObME/iroA77MEMJ5RHtNUm7WldAOLMZaggIUU7DCsBgf8HtFWndh74+GTeX
ZWQgAE8WscLNqLAx8nnu2tYjYbEPKyTk+zGEWrlGDHDsSimHjN7GkPdOfxhVN2Mt
f9y/zKBv81N6U2QIuyqyExBOGEwQCYhmWV7YX9UBtH2PL4qCP6yqmKGWFd8o9on4
wId5DNFMXzyBQHGLHUJ2fZF2Fu1QRqTqKZNRp90cqZfFTbJQsG40JXCLSwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLjlfxHbYIyW0IkMYJuHJxPdNF/TMB8GA1UdIwQY
MBaAFLFV2t24cbnWpTzWtH93YlCDf3d0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZYYTNiaHh1ZGFsUE5hMGYzZGlVSU5fZDNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS84ZmQ2ZTctNDk2Zi00N2NmLTgwZmIt
NTQ2OGIyY2YwYTc3LzEvdU9WX0VkdGdqSmJRaVF4Z200Y25FOTAwWDlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS84ZmQ2ZTctNDk2Zi00N2NmLTgwZmItNTQ2OGIyY2YwYTc3
LzEvc1ZYYTNiaHh1ZGFsUE5hMGYzZGlVSU5fZDNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFPlmgAwQF
1ERAAwQG1fyAMA0EAgACMAcDBQAqAawAMA0GCSqGSIb3DQEBCwUAA4IBAQBxD119
+Oc7uz8STq9kJlBFsX+d4qDoe9IwhdqDdiwcwWyw8ZkhA9rXnGn4+1RfHwqqNWG2
nZPaQ2uoiojxgVMcXDxV1gmC/6DuXw4MDpSjtayBZGmL7AHihXLglHJpMuM0me1S
hzSG4B0U4Yk2vdhn63FsMEYSc+h5GnynCH2X5La8kjIx/kR+vVsdjMeiamc4PfAX
Io159m6OfAulTFhQksGq2kLODJO08ZR2NZloZ+Dn6tdoo5Eb2nu7/fzlTeVfR+8x
THWD9BlW2rJo5liAxmGpdR6VSlpjx3jsZA7kZB5Ozh0psWQggSpOsqNwwLyUpPCG
1E8BtvNWpE+XuoC2
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:30:18 2025 by rpki-client