Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/ucz0OlIF8hfwkwz3Tf93p8ggFaE.roa
File: ucz0OlIF8hfwkwz3Tf93p8ggFaE.roa (raw, json)
Hash identifier: QlEzXT0eXeVZVFvUIHx/g8QINxU6xEzWpF8c6l53Sbk=
Subject key identifier: B9:CC:F4:3A:52:05:F2:17:F0:93:0C:F7:4D:FF:77:A7:C8:20:15:A1
Certificate issuer: /CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Certificate serial: 018572BA7C2F3A061CB94DC8ECE4DEFC1E91
Authority key identifier: 68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/ucz0OlIF8hfwkwz3Tf93p8ggFaE.roa
Signing time: Mon 02 Jan 2023 13:45:02 +0000
ROA not before: Mon 02 Jan 2023 13:45:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41406
IP address blocks: 194.9.24.0/24 maxlen: 24
194.9.25.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:7c:2f:3a:06:1c:b9:4d:c8:ec:e4:de:fc:1e:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Validity
Not Before: Jan 2 13:45:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b9ccf43a5205f217f0930cf74dff77a7c82015a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:93:d6:68:7c:75:34:c3:aa:78:45:aa:6f:cf:
46:1b:da:46:26:44:37:10:27:f5:39:5c:fd:08:0f:
f3:ad:4a:52:63:bb:ba:c0:9c:25:27:b5:4b:3c:90:
44:49:1a:81:42:38:97:df:dd:2e:5a:67:05:b1:94:
3e:58:7c:fe:d7:c4:d8:0c:ae:49:1d:3c:35:3c:a4:
d9:53:7e:64:71:48:ae:6e:69:6b:9d:16:95:9c:60:
a8:55:70:ef:ea:c3:2e:80:59:66:eb:f4:67:60:08:
37:b2:6a:59:eb:9c:a8:61:19:46:0a:1f:80:a1:83:
33:3c:72:c3:07:16:f4:0c:4a:a0:65:fe:a7:71:59:
06:47:58:87:02:5f:ba:73:0f:20:7a:84:47:83:2d:
8d:e8:0d:67:01:71:37:62:bb:82:74:8f:50:bb:1a:
12:a3:da:ab:49:ad:ea:b8:83:13:c4:42:e4:13:92:
0d:53:a2:25:82:a4:b9:9c:24:74:26:a1:f1:f4:aa:
e7:5f:b5:6d:dc:97:f0:ad:43:95:44:63:27:5b:7d:
0c:04:22:1e:85:2b:27:79:39:77:a8:b6:c1:04:9b:
88:40:85:91:12:44:32:6c:81:0d:e2:f0:5d:f3:72:
7d:63:d1:71:02:67:ed:77:eb:32:7c:ad:56:0d:c0:
63:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:CC:F4:3A:52:05:F2:17:F0:93:0C:F7:4D:FF:77:A7:C8:20:15:A1
X509v3 Authority Key Identifier:
keyid:68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/ucz0OlIF8hfwkwz3Tf93p8ggFaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.9.24.0/23
Signature Algorithm: sha256WithRSAEncryption
45:a2:69:9d:e5:31:5e:2a:70:89:9c:37:f8:78:64:18:67:23:
dd:d1:6f:b0:b6:46:3c:9f:1c:cf:5f:a7:c1:3c:53:2b:c4:bc:
78:30:89:05:5a:98:cf:9e:53:10:0e:2c:6d:78:18:b9:2c:93:
53:78:43:84:65:9a:76:ca:d2:f2:2e:1f:a4:01:cc:f7:9f:05:
65:a4:86:41:61:8d:d1:45:b0:f1:33:5a:cf:01:89:bd:dd:cf:
92:44:7b:b2:46:92:42:94:a5:6e:f8:1e:bd:2b:15:4e:f8:91:
99:9d:7a:ea:59:e6:49:fa:d4:4f:6d:21:ec:8c:e4:43:41:af:
86:34:1e:a8:1a:44:f1:14:f6:5a:75:c8:90:97:c7:57:f6:e9:
0d:00:99:94:de:47:f1:ce:84:93:0b:f5:0b:40:af:0e:3e:78:
22:32:b7:a9:82:d6:eb:ed:28:31:e5:80:fb:aa:dc:cf:46:d7:
bc:f8:68:de:cc:b9:f4:77:b7:87:bb:06:95:67:d7:d3:3e:f6:
f2:f5:fe:62:80:8a:80:5e:5b:f1:e0:c5:73:e3:30:83:dc:54:
8b:d2:61:0f:a8:7c:7a:60:0c:62:8f:63:26:46:b8:84:09:90:
0d:35:10:4a:6a:cb:b1:21:69:ea:fe:ef:0f:32:7e:5c:10:0d:
4d:20:5d:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyunwvOgYcuU3I7OTe/B6RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzUxMGZjOWI4NjVkOTZlM2FmYzdjNTYwNTZlZmFkOWEz
MzBjNWIwHhcNMjMwMTAyMTM0NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWNjZjQzYTUyMDVmMjE3ZjA5MzBjZjc0ZGZmNzdhN2M4MjAxNWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZPWaHx1NMOqeEWqb89GG9pGJkQ3
ECf1OVz9CA/zrUpSY7u6wJwlJ7VLPJBESRqBQjiX390uWmcFsZQ+WHz+18TYDK5J
HTw1PKTZU35kcUiubmlrnRaVnGCoVXDv6sMugFlm6/RnYAg3smpZ65yoYRlGCh+A
oYMzPHLDBxb0DEqgZf6ncVkGR1iHAl+6cw8geoRHgy2N6A1nAXE3YruCdI9QuxoS
o9qrSa3quIMTxELkE5INU6IlgqS5nCR0JqHx9KrnX7Vt3JfwrUOVRGMnW30MBCIe
hSsneTl3qLbBBJuIQIWREkQybIEN4vBd83J9Y9FxAmftd+syfK1WDcBjYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLnM9DpSBfIX8JMM903/d6fIIBWhMB8GA1UdIwQY
MBaAFGjFEPybhl2W46/HxWBW762aMwxbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEt
NWQ2NjVlOTk4ZjZhLzEvdWN6ME9sSUY4aGZ3a3d6M1RmOTNwOGdnRmFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEtNWQ2NjVlOTk4ZjZh
LzEvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwgkYMA0G
CSqGSIb3DQEBCwUAA4IBAQBFommd5TFeKnCJnDf4eGQYZyPd0W+wtkY8nxzPX6fB
PFMrxLx4MIkFWpjPnlMQDixteBi5LJNTeEOEZZp2ytLyLh+kAcz3nwVlpIZBYY3R
RbDxM1rPAYm93c+SRHuyRpJClKVu+B69KxVO+JGZnXrqWeZJ+tRPbSHsjORDQa+G
NB6oGkTxFPZadciQl8dX9ukNAJmU3kfxzoSTC/ULQK8OPngiMrepgtbr7Sgx5YD7
qtzPRte8+GjezLn0d7eHuwaVZ9fTPvby9f5igIqAXlvx4MVz4zCD3FSL0mEPqHx6
YAxij2MmRriECZANNRBKasuxIWnq/u8PMn5cEA1NIF3b
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:46 2025 by rpki-client