Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/uj1RTW05P_fs6OfPCNaKtqhzfDs.roa
File: uj1RTW05P_fs6OfPCNaKtqhzfDs.roa (raw, json)
Hash identifier: ZP4jBJ0cZqVosgHYCwwZsOsw/1+I/sglhWJkPwL0YbA=
Subject key identifier: BA:3D:51:4D:6D:39:3F:F7:EC:E8:E7:CF:08:D6:8A:B6:A8:73:7C:3B
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 50DCDEFC
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/uj1RTW05P_fs6OfPCNaKtqhzfDs.roa
Signing time: Sat 01 Jan 2022 16:01:52 +0000
ROA not before: Sat 01 Jan 2022 16:01:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51820
IP address blocks: 138.188.138.0/24 maxlen: 24
138.188.136.0/24 maxlen: 24
195.65.47.0/24 maxlen: 24
194.209.67.0/24 maxlen: 24
193.5.63.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1356652284 (0x50dcdefc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 16:01:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ba3d514d6d393ff7ece8e7cf08d68ab6a8737c3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:9f:bd:55:66:03:31:fe:94:96:f1:35:d2:e1:
a8:e0:a8:eb:0f:79:6e:11:bb:67:fd:ef:35:14:20:
42:7c:40:28:63:97:a7:db:23:d9:a6:5e:ae:be:bb:
c1:18:4c:c1:df:05:76:bd:89:67:1c:75:59:9f:cc:
0b:9a:ed:75:1e:4b:e4:64:fc:63:ba:29:e8:0c:fc:
07:d1:de:83:ac:d5:87:c6:54:43:20:b8:b2:ea:ac:
00:a6:d3:2c:bb:88:4a:f1:45:3c:f4:a8:28:8f:52:
aa:99:0e:42:c8:7b:b6:61:d4:93:fd:20:51:c8:54:
97:e8:e6:f0:d7:a8:db:77:60:52:18:4e:1d:7e:1d:
29:69:cd:51:13:d6:85:cd:93:db:33:40:30:af:39:
1c:a2:ac:51:19:4d:61:72:25:5e:61:14:3c:38:58:
22:cf:a5:28:45:94:9b:2e:20:16:2f:cf:b5:a3:4d:
67:4a:6d:26:d4:eb:6a:2a:7e:4f:9f:cd:92:e5:fc:
89:38:c8:c9:e0:8a:44:1c:89:80:87:ea:f1:ad:1c:
77:2e:51:a2:15:d6:3d:76:15:c1:d4:02:8b:25:d0:
33:3a:28:c2:f0:d8:49:65:e3:a3:1c:2f:36:55:cf:
03:38:5f:18:ad:5b:b5:a9:4a:73:67:85:ac:3f:a5:
6a:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:3D:51:4D:6D:39:3F:F7:EC:E8:E7:CF:08:D6:8A:B6:A8:73:7C:3B
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/uj1RTW05P_fs6OfPCNaKtqhzfDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.188.136.0/24
138.188.138.0/24
193.5.63.0/24
194.209.67.0/24
195.65.47.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:00:00:1b:ab:47:8e:20:36:72:8f:b3:0a:af:69:5c:3e:4b:
1e:44:23:91:d5:25:2f:48:64:d3:31:82:79:c2:f0:84:51:c8:
43:cd:5f:c3:e5:83:23:ea:54:76:28:21:76:a7:63:49:81:5e:
c4:2d:21:66:12:86:d5:29:64:6c:74:ba:46:dd:84:ab:8e:1f:
1d:42:f5:e5:e0:74:ce:9f:d6:bf:9b:d4:d7:07:45:64:f4:a7:
8e:8f:a3:a4:f5:44:29:8e:bc:2c:e0:c6:9c:c1:c9:56:55:3e:
26:ea:c7:72:d3:2d:62:a9:b6:aa:74:4c:34:4a:c9:f2:b5:02:
97:f2:ef:e5:a4:04:bf:ea:d1:8e:c0:5d:4d:b8:38:ca:e5:c0:
f9:ef:c1:3a:c4:fb:9c:44:67:a7:2b:61:3b:60:9a:8c:f7:5e:
ca:e7:6f:7b:1c:dd:1d:3b:14:eb:c9:f9:37:ef:1c:47:2d:cc:
72:00:31:36:b5:24:33:f2:75:3a:14:cb:e8:43:a7:8b:49:45:
78:9c:ab:f4:45:f7:9c:97:71:b8:58:b7:7a:57:7a:cd:6c:ad:
d5:21:3d:64:4d:19:f8:a7:89:4d:04:c5:fd:66:c3:c9:3c:27:
7c:b0:2c:fd:76:92:2a:f2:b7:6e:71:a8:95:c4:bd:fd:91:0c:
4b:ae:e4:01
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEUNze/DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NjYzZjNkYjE1MmUwNTVhYzE0NWJkYmI0MjllMDE4NjU0MjA0YzhkMB4XDTIyMDEw
MTE2MDE1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmEzZDUxNGQ2ZDM5
M2ZmN2VjZThlN2NmMDhkNjhhYjZhODczN2MzYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKifvVVmAzH+lJbxNdLhqOCo6w95bhG7Z/3vNRQgQnxAKGOX
p9sj2aZerr67wRhMwd8Fdr2JZxx1WZ/MC5rtdR5L5GT8Y7op6Az8B9Heg6zVh8ZU
QyC4suqsAKbTLLuISvFFPPSoKI9SqpkOQsh7tmHUk/0gUchUl+jm8Neo23dgUhhO
HX4dKWnNURPWhc2T2zNAMK85HKKsURlNYXIlXmEUPDhYIs+lKEWUmy4gFi/PtaNN
Z0ptJtTraip+T5/NkuX8iTjIyeCKRByJgIfq8a0cdy5RohXWPXYVwdQCiyXQMzoo
wvDYSWXjoxwvNlXPAzhfGK1btalKc2eFrD+lajcCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBS6PVFNbTk/9+zo588I1oq2qHN8OzAfBgNVHSMEGDAWgBQmY/PbFS4FWsFF
vbtCngGGVCBMjTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ptUHoyeFV1QlZyQlJiMjdRcDRCaGxRZ1RJMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvYzhjNmY2LTU5NWMtNDViMS1hNzZlLWJkMTkyNjc2YzliYi8x
L3VqMVJUVzA1UF9mczZPZlBDTmFLdHFoemZEcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
YzhjNmY2LTU5NWMtNDViMS1hNzZlLWJkMTkyNjc2YzliYi8xL0ptUHoyeFV1QlZy
QlJiMjdRcDRCaGxRZ1RJMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAIq8iAMEAIq8igMEAMEFPwMEAMLR
QwMEAMNBLzANBgkqhkiG9w0BAQsFAAOCAQEAsgAAG6tHjiA2co+zCq9pXD5LHkQj
kdUlL0hk0zGCecLwhFHIQ81fw+WDI+pUdighdqdjSYFexC0hZhKG1SlkbHS6Rt2E
q44fHUL15eB0zp/Wv5vU1wdFZPSnjo+jpPVEKY68LODGnMHJVlU+JurHctMtYqm2
qnRMNErJ8rUCl/Lv5aQEv+rRjsBdTbg4yuXA+e/BOsT7nERnpythO2CajPdeyudv
exzdHTsU68n5N+8cRy3McgAxNrUkM/J1OhTL6EOni0lFeJyr9EX3nJdxuFi3eld6
zWyt1SE9ZE0Z+KeJTQTF/WbDyTwnfLAs/XaSKvK3bnGolcS9/ZEMS67kAQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:31:39 2025 by rpki-client