Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/da2447-b252-4b6a-a82f-dcbe53da7860/1/UgdiMtBKZEuGMJtdaqiQDxYnaV4.roa
File: UgdiMtBKZEuGMJtdaqiQDxYnaV4.roa (raw, json)
Hash identifier: WlqSktpim+KdbMJyxQXVDVBkPUNX8Za81ZBiM9ckbIg=
Subject key identifier: 52:07:62:32:D0:4A:64:4B:86:30:9B:5D:6A:A8:90:0F:16:27:69:5E
Certificate issuer: /CN=9bc6fd3f32ca4594c96075659a7089b27ae3fef3
Certificate serial: 03AFB10C
Authority key identifier: 9B:C6:FD:3F:32:CA:45:94:C9:60:75:65:9A:70:89:B2:7A:E3:FE:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m8b9PzLKRZTJYHVlmnCJsnrj_vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/da2447-b252-4b6a-a82f-dcbe53da7860/1/UgdiMtBKZEuGMJtdaqiQDxYnaV4.roa
Signing time: Mon 20 Jun 2022 12:02:44 +0000
ROA not before: Mon 20 Jun 2022 12:02:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12312
IP address blocks: 192.109.111.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61845772 (0x3afb10c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bc6fd3f32ca4594c96075659a7089b27ae3fef3
Validity
Not Before: Jun 20 12:02:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=52076232d04a644b86309b5d6aa8900f1627695e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:0f:ca:f1:19:f1:f2:04:6a:d2:65:2c:9e:9f:
2a:7a:53:d7:71:d5:40:5a:76:0f:81:3d:f4:93:a2:
34:22:ef:b1:04:02:14:67:f7:1b:d6:fe:d3:a1:8d:
09:33:f2:aa:1f:c3:a7:e8:f6:ba:8b:60:bc:36:7d:
e5:b8:50:78:4b:bd:59:6a:ae:c3:86:95:67:b6:5f:
b6:6a:f0:71:77:7d:78:76:ca:75:4f:e5:5e:4f:93:
82:6a:8a:ee:77:16:dd:45:45:58:e2:1a:dc:07:83:
bf:3d:47:04:b6:1a:ba:b4:8f:41:2b:71:33:0d:b5:
21:4f:90:42:5f:70:b1:56:e1:d8:6b:3f:9c:e2:a1:
6f:36:3a:fe:5e:53:cc:2f:6f:b6:f7:60:58:61:7b:
00:d7:a9:f9:d0:41:e4:23:a6:ad:ed:1f:6c:d8:94:
52:c7:08:e5:e8:ea:12:eb:37:8d:ab:85:7c:a0:da:
b0:68:02:b0:26:9a:65:b9:00:64:8f:d9:3c:30:6b:
f4:33:58:c9:d9:d4:a3:50:1f:30:64:5f:5c:2d:fb:
69:6f:3e:f9:92:0f:96:c3:a0:65:e6:f4:9e:37:a4:
af:e2:96:8a:76:12:91:35:82:c3:30:2d:05:b6:1c:
d0:e3:ec:df:51:7e:52:27:fa:2a:ac:83:03:bc:64:
0e:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:07:62:32:D0:4A:64:4B:86:30:9B:5D:6A:A8:90:0F:16:27:69:5E
X509v3 Authority Key Identifier:
keyid:9B:C6:FD:3F:32:CA:45:94:C9:60:75:65:9A:70:89:B2:7A:E3:FE:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m8b9PzLKRZTJYHVlmnCJsnrj_vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/da2447-b252-4b6a-a82f-dcbe53da7860/1/UgdiMtBKZEuGMJtdaqiQDxYnaV4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/da2447-b252-4b6a-a82f-dcbe53da7860/1/m8b9PzLKRZTJYHVlmnCJsnrj_vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.111.0/24
Signature Algorithm: sha256WithRSAEncryption
80:5d:5e:81:22:14:e2:a1:29:0e:f3:1f:65:a1:39:ff:44:38:
b0:cc:0f:d1:ae:af:40:38:33:f3:24:66:4f:9d:2a:c4:02:49:
00:bc:6e:f0:92:bf:45:32:96:f5:8f:63:56:f2:0d:64:b5:e6:
3c:70:65:84:f4:5d:09:0c:91:36:32:81:47:a2:bc:42:98:8d:
85:f9:c8:0c:f9:a2:35:c6:8f:34:f8:5c:d9:34:ca:9f:a7:06:
a8:08:34:3c:7d:89:b7:4d:54:31:b8:81:1f:1e:f0:fe:ee:2b:
5b:60:8d:3c:70:e0:35:c9:ab:41:c6:d7:92:d9:6d:2e:56:8b:
9e:c4:02:30:8f:1d:3d:a2:ee:d1:7b:20:95:b4:38:f6:15:38:
5d:35:39:b1:af:57:70:cd:db:6e:98:ff:a7:77:35:6b:4c:b4:
b0:b8:2a:5c:fe:8c:6f:b4:14:87:66:eb:c1:9f:1a:a3:46:a8:
a7:b5:68:2e:2f:90:55:52:cc:96:5a:19:6a:6d:e7:8f:3a:ac:
21:6f:7c:ff:96:4c:d3:f1:84:20:b6:26:17:32:f0:14:79:48:
b7:c8:cf:c1:26:8f:55:80:35:3e:97:b0:00:48:a4:b1:83:38:
c2:3e:c3:ac:7d:7a:27:c5:eb:d4:ab:86:3e:2b:77:d7:b6:ad:
d4:7d:4b:6b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA6+xDDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YmM2ZmQzZjMyY2E0NTk0Yzk2MDc1NjU5YTcwODliMjdhZTNmZWYzMB4XDTIyMDYy
MDEyMDI0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTIwNzYyMzJkMDRh
NjQ0Yjg2MzA5YjVkNmFhODkwMGYxNjI3Njk1ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALMPyvEZ8fIEatJlLJ6fKnpT13HVQFp2D4E99JOiNCLvsQQC
FGf3G9b+06GNCTPyqh/Dp+j2uotgvDZ95bhQeEu9WWquw4aVZ7ZftmrwcXd9eHbK
dU/lXk+TgmqK7ncW3UVFWOIa3AeDvz1HBLYaurSPQStxMw21IU+QQl9wsVbh2Gs/
nOKhbzY6/l5TzC9vtvdgWGF7ANep+dBB5COmre0fbNiUUscI5ejqEus3jauFfKDa
sGgCsCaaZbkAZI/ZPDBr9DNYydnUo1AfMGRfXC37aW8++ZIPlsOgZeb0njekr+KW
inYSkTWCwzAtBbYc0OPs31F+Uif6KqyDA7xkDkUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRSB2Iy0EpkS4Ywm11qqJAPFidpXjAfBgNVHSMEGDAWgBSbxv0/MspFlMlg
dWWacImyeuP+8zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L204YjlQekxLUlpUSllIVmxtbkNKc25yal92TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjYvZGEyNDQ3LWIyNTItNGI2YS1hODJmLWRjYmU1M2RhNzg2MC8x
L1VnZGlNdEJLWkV1R01KdGRhcWlRRHhZbmFWNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjYv
ZGEyNDQ3LWIyNTItNGI2YS1hODJmLWRjYmU1M2RhNzg2MC8xL204YjlQekxLUlpU
SllIVmxtbkNKc25yal92TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMBtbzANBgkqhkiG9w0BAQsFAAOC
AQEAgF1egSIU4qEpDvMfZaE5/0Q4sMwP0a6vQDgz8yRmT50qxAJJALxu8JK/RTKW
9Y9jVvINZLXmPHBlhPRdCQyRNjKBR6K8QpiNhfnIDPmiNcaPNPhc2TTKn6cGqAg0
PH2Jt01UMbiBHx7w/u4rW2CNPHDgNcmrQcbXktltLlaLnsQCMI8dPaLu0XsglbQ4
9hU4XTU5sa9XcM3bbpj/p3c1a0y0sLgqXP6Mb7QUh2brwZ8ao0aop7VoLi+QVVLM
lloZam3njzqsIW98/5ZM0/GEILYmFzLwFHlIt8jPwSaPVYA1PpewAEiksYM4wj7D
rH16J8Xr1KuGPit317at1H1Law==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:57 2024 by rpki-client on console-ams.rpki-client.org