Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/b8c3bd-16ef-4f2c-9400-db099e585e4b/1/_ueDe4pDHyUbxE52R2gMExHiZaE.roa
File: _ueDe4pDHyUbxE52R2gMExHiZaE.roa (raw, json)
Hash identifier: nmmAxkE4TcaC9QISddueDF3iv7lrHXtL9Kc65v1uF2s=
Subject key identifier: FE:E7:83:7B:8A:43:1F:25:1B:C4:4E:76:47:68:0C:13:11:E2:65:A1
Certificate issuer: /CN=ad8e857fc00be14ed92b9e78cc3ca69b8adc2485
Certificate serial: 01856E8B1089E6FD1FDA25FEAA6B8125D981
Authority key identifier: AD:8E:85:7F:C0:0B:E1:4E:D9:2B:9E:78:CC:3C:A6:9B:8A:DC:24:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rY6Ff8AL4U7ZK554zDymm4rcJIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/b8c3bd-16ef-4f2c-9400-db099e585e4b/1/_ueDe4pDHyUbxE52R2gMExHiZaE.roa
Signing time: Sun 01 Jan 2023 18:14:45 +0000
ROA not before: Sun 01 Jan 2023 18:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59439
IP address blocks: 185.168.52.0/23 maxlen: 23
91.240.178.0/24 maxlen: 24
2a0d:c0c0:4e1::/48 maxlen: 48
2a0d:c0c0:3e1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:8b:10:89:e6:fd:1f:da:25:fe:aa:6b:81:25:d9:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad8e857fc00be14ed92b9e78cc3ca69b8adc2485
Validity
Not Before: Jan 1 18:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fee7837b8a431f251bc44e7647680c1311e265a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:69:81:04:fd:dd:09:2b:f2:32:2a:30:0a:b7:
c4:cd:2a:b5:68:06:ea:76:ee:da:1d:b9:09:f3:4e:
5f:e8:90:3b:a8:15:56:ac:3c:b4:b7:90:45:5e:47:
d8:58:7d:81:ba:2d:bf:40:cc:04:85:f6:50:e0:bc:
ef:34:10:6a:17:55:ff:bc:c6:51:06:40:1c:3f:4e:
17:1e:20:59:a2:aa:4f:3c:c9:f9:44:2a:ab:87:48:
74:35:57:fb:fc:fd:3c:bd:5c:96:6c:7b:73:19:00:
ab:a6:26:b8:68:a1:1b:40:da:40:2a:9c:87:74:ca:
13:0f:3a:11:af:3f:ac:da:a5:66:f4:ea:1a:3e:f0:
4b:c4:e1:a6:c1:9a:f9:25:60:90:a6:0f:0e:19:2d:
32:bf:72:c6:7f:24:0f:a6:b6:cd:1c:85:2e:e0:33:
a2:7c:03:89:c3:cd:53:54:29:62:60:b9:0d:46:75:
06:fa:51:04:9c:e6:ea:15:be:ac:7b:59:3e:12:64:
2c:5e:a8:03:f9:a0:d7:54:0f:1a:77:b4:dc:66:2e:
c5:22:3d:35:6e:ac:55:d4:98:de:e4:cb:43:6b:f3:
21:49:1b:97:54:bc:75:cf:fd:2f:94:19:93:2a:6d:
24:fc:85:a3:3f:42:1f:19:50:4b:4f:cf:cc:9e:42:
7e:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:E7:83:7B:8A:43:1F:25:1B:C4:4E:76:47:68:0C:13:11:E2:65:A1
X509v3 Authority Key Identifier:
keyid:AD:8E:85:7F:C0:0B:E1:4E:D9:2B:9E:78:CC:3C:A6:9B:8A:DC:24:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rY6Ff8AL4U7ZK554zDymm4rcJIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/b8c3bd-16ef-4f2c-9400-db099e585e4b/1/_ueDe4pDHyUbxE52R2gMExHiZaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/b8c3bd-16ef-4f2c-9400-db099e585e4b/1/rY6Ff8AL4U7ZK554zDymm4rcJIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.178.0/24
185.168.52.0/23
IPv6:
2a0d:c0c0:3e1::/48
2a0d:c0c0:4e1::/48
Signature Algorithm: sha256WithRSAEncryption
b5:c1:51:f2:62:78:ef:ad:95:a2:3e:1d:d8:4f:4b:97:2c:fc:
39:0c:ec:a7:a3:98:19:1a:0f:9a:ce:02:fb:63:3b:80:ab:99:
54:03:d3:51:e9:05:c9:3b:8c:19:8c:a4:03:4f:dc:77:14:07:
90:a8:23:a9:e5:05:dc:67:d4:7f:a0:0a:10:cb:65:d5:02:2a:
d9:8b:d5:b6:92:7a:a8:8a:de:96:33:f5:ca:d6:3e:84:5d:ef:
71:4a:99:7e:7b:d4:20:0c:1b:4f:39:b7:82:d6:eb:33:03:cc:
85:da:3d:d7:a0:b4:5d:26:8d:7f:e6:90:b9:11:86:07:27:b3:
20:18:85:2f:b3:f6:a1:03:4b:7a:ad:9e:0c:61:87:22:a9:83:
65:c6:57:c0:3f:2a:f3:de:71:56:ee:51:9e:98:1a:9c:8b:77:
8e:9c:57:07:2f:eb:68:cb:8a:be:fc:33:71:94:a2:4c:72:80:
ce:7e:1d:1d:c0:1f:88:27:e9:b9:c1:9b:75:9b:12:6f:7f:61:
52:22:a6:d6:18:b9:d7:1d:9a:c0:75:60:23:1c:99:6d:92:45:
83:78:74:f7:65:fc:a4:3f:69:84:ab:92:5c:80:58:f3:98:dc:
70:f9:9e:d8:4a:6d:24:db:4d:1d:66:f7:4d:be:5d:08:98:74:
a6:a8:1a:8d
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVuixCJ5v0f2iX+qmuBJdmBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkOGU4NTdmYzAwYmUxNGVkOTJiOWU3OGNjM2NhNjliOGFk
YzI0ODUwHhcNMjMwMTAxMTgxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWU3ODM3YjhhNDMxZjI1MWJjNDRlNzY0NzY4MGMxMzExZTI2NWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiGmBBP3dCSvyMiowCrfEzSq1aAbq
du7aHbkJ805f6JA7qBVWrDy0t5BFXkfYWH2Bui2/QMwEhfZQ4LzvNBBqF1X/vMZR
BkAcP04XHiBZoqpPPMn5RCqrh0h0NVf7/P08vVyWbHtzGQCrpia4aKEbQNpAKpyH
dMoTDzoRrz+s2qVm9OoaPvBLxOGmwZr5JWCQpg8OGS0yv3LGfyQPprbNHIUu4DOi
fAOJw81TVCliYLkNRnUG+lEEnObqFb6se1k+EmQsXqgD+aDXVA8ad7TcZi7FIj01
bqxV1Jje5MtDa/MhSRuXVLx1z/0vlBmTKm0k/IWjP0IfGVBLT8/MnkJ+ZQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFP7ng3uKQx8lG8ROdkdoDBMR4mWhMB8GA1UdIwQY
MBaAFK2OhX/AC+FO2SueeMw8ppuK3CSFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclk2RmY4QUw0VTdaSzU1NHpEeW1tNHJjSklVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9iOGMzYmQtMTZlZi00ZjJjLTk0MDAt
ZGIwOTllNTg1ZTRiLzEvX3VlRGU0cERIeVVieEU1MlIyZ01FeEhpWmFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9iOGMzYmQtMTZlZi00ZjJjLTk0MDAtZGIwOTllNTg1ZTRi
LzEvclk2RmY4QUw0VTdaSzU1NHpEeW1tNHJjSklVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAW/CyAwQB
uag0MBgEAgACMBIDBwAqDcDAA+EDBwAqDcDABOEwDQYJKoZIhvcNAQELBQADggEB
ALXBUfJieO+tlaI+HdhPS5cs/DkM7KejmBkaD5rOAvtjO4CrmVQD01HpBck7jBmM
pANP3HcUB5CoI6nlBdxn1H+gChDLZdUCKtmL1baSeqiK3pYz9crWPoRd73FKmX57
1CAMG085t4LW6zMDzIXaPdegtF0mjX/mkLkRhgcnsyAYhS+z9qEDS3qtngxhhyKp
g2XGV8A/KvPecVbuUZ6YGpyLd46cVwcv62jLir78M3GUokxygM5+HR3AH4gn6bnB
m3WbEm9/YVIiptYYudcdmsB1YCMcmW2SRYN4dPdl/KQ/aYSrklyAWPOY3HD5nthK
bSTbTR1m902+XQiYdKaoGo0=
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:03:04 2025 by rpki-client