Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/35b020-a225-4dff-b172-d0818ef06659/1/UCE6klZEG3zep_bmv2pbDQ1KXug.roa
File: UCE6klZEG3zep_bmv2pbDQ1KXug.roa (raw, json)
Hash identifier: qzpJUxkFf62ZBREG6XqVZxcFq3DmwVsXXQotZmu3mTE=
Subject key identifier: 50:21:3A:92:56:44:1B:7C:DE:A7:F6:E6:BF:6A:5B:0D:0D:4A:5E:E8
Certificate issuer: /CN=8ce8df39e3626087ae16f60ebe61acc8c6d13573
Certificate serial: 018A03CEE2DB939C0AAD9033DB0C3BCB0E43
Authority key identifier: 8C:E8:DF:39:E3:62:60:87:AE:16:F6:0E:BE:61:AC:C8:C6:D1:35:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jOjfOeNiYIeuFvYOvmGsyMbRNXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/35b020-a225-4dff-b172-d0818ef06659/1/UCE6klZEG3zep_bmv2pbDQ1KXug.roa
Signing time: Thu 17 Aug 2023 14:03:24 +0000
ROA not before: Thu 17 Aug 2023 14:03:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59877
IP address blocks: 91.212.33.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:03:ce:e2:db:93:9c:0a:ad:90:33:db:0c:3b:cb:0e:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ce8df39e3626087ae16f60ebe61acc8c6d13573
Validity
Not Before: Aug 17 14:03:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=50213a9256441b7cdea7f6e6bf6a5b0d0d4a5ee8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:56:90:9f:49:e9:72:25:d4:27:ea:ee:ba:09:
c0:b5:e9:d2:cb:58:8d:9c:82:18:8a:eb:29:48:22:
a9:83:2c:fd:bf:3f:c2:b9:41:d3:30:5a:cb:ab:2c:
99:18:fb:f0:0e:e3:52:ec:b7:95:70:08:d0:3b:44:
3b:f8:3d:f4:84:c8:df:cc:22:3a:b7:2a:be:51:9d:
11:6b:7c:30:d0:4a:d2:96:2c:26:b6:4c:5c:8a:94:
6a:f7:e3:42:5d:7f:37:41:bf:07:91:8c:92:34:11:
14:a9:0b:3f:c9:3f:27:34:66:1e:fa:c9:a5:7a:06:
fe:cc:08:ab:45:97:06:46:ba:e7:12:98:8f:a3:43:
9d:93:eb:fa:bf:32:b1:e1:9c:57:74:93:60:ef:48:
9a:e6:79:37:2e:15:48:a8:48:17:c7:f9:a8:9e:a0:
d1:c1:05:d9:d1:30:73:7d:e1:2b:5a:12:58:67:ed:
cd:c9:c9:ad:5b:82:b6:09:20:72:fc:0c:fd:2e:1e:
38:a4:73:61:ce:45:a5:7d:d4:75:b9:97:dc:7c:7e:
33:c2:4e:59:63:7b:f0:15:24:eb:f1:3f:75:1f:8c:
f3:36:0f:6f:ac:1a:83:a6:3f:0e:30:01:05:a2:73:
c5:4a:5f:01:e7:3a:91:5d:f4:75:1f:44:d8:14:00:
c2:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:21:3A:92:56:44:1B:7C:DE:A7:F6:E6:BF:6A:5B:0D:0D:4A:5E:E8
X509v3 Authority Key Identifier:
keyid:8C:E8:DF:39:E3:62:60:87:AE:16:F6:0E:BE:61:AC:C8:C6:D1:35:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jOjfOeNiYIeuFvYOvmGsyMbRNXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/35b020-a225-4dff-b172-d0818ef06659/1/UCE6klZEG3zep_bmv2pbDQ1KXug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/35b020-a225-4dff-b172-d0818ef06659/1/jOjfOeNiYIeuFvYOvmGsyMbRNXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.33.0/24
Signature Algorithm: sha256WithRSAEncryption
85:4c:4d:43:e4:d8:6a:50:15:be:dd:4e:e4:74:e8:f7:b3:57:
3b:b2:1c:22:3a:13:1b:87:29:af:57:7b:c8:dc:67:8e:d4:66:
39:6e:a9:1d:08:73:71:36:21:41:e1:4e:65:40:77:92:b7:58:
6c:3b:9b:1b:8f:35:6a:ff:35:8e:30:41:84:70:70:e5:83:3e:
a1:9a:88:56:12:5c:48:a0:db:b5:6a:63:44:90:43:d6:c2:49:
6f:12:53:38:54:99:d7:4d:34:39:6d:fb:f4:9e:de:26:ce:e5:
dd:88:d9:e2:57:76:12:54:9f:e8:46:6c:f0:59:23:05:6b:41:
d5:47:86:db:7f:03:f5:f4:d8:ac:cb:d0:a2:65:27:aa:0b:99:
54:b6:b7:73:21:bf:c9:9b:91:08:7a:e6:ae:95:9e:db:c7:f7:
a3:15:3f:83:8c:9c:d9:d6:ea:59:18:dd:99:55:f5:28:0b:f2:
87:be:b4:9f:3c:17:3c:e3:9a:90:94:10:e7:e8:81:f0:35:fa:
06:aa:68:ed:fc:ba:f2:04:b3:52:88:9c:15:7c:4e:1f:d4:fd:
5c:bc:d2:13:38:66:51:b8:60:01:09:80:33:28:5f:d7:7b:7b:
b1:5e:27:9f:aa:9c:c3:6b:ff:2a:ac:9e:f4:3f:db:82:73:64:
df:09:f8:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYoDzuLbk5wKrZAz2ww7yw5DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjZThkZjM5ZTM2MjYwODdhZTE2ZjYwZWJlNjFhY2M4YzZk
MTM1NzMwHhcNMjMwODE3MTQwMzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDIxM2E5MjU2NDQxYjdjZGVhN2Y2ZTZiZjZhNWIwZDBkNGE1ZWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVaQn0npciXUJ+ruugnAtenSy1iN
nIIYiuspSCKpgyz9vz/CuUHTMFrLqyyZGPvwDuNS7LeVcAjQO0Q7+D30hMjfzCI6
tyq+UZ0Ra3ww0ErSliwmtkxcipRq9+NCXX83Qb8HkYySNBEUqQs/yT8nNGYe+sml
egb+zAirRZcGRrrnEpiPo0Odk+v6vzKx4ZxXdJNg70ia5nk3LhVIqEgXx/monqDR
wQXZ0TBzfeErWhJYZ+3NycmtW4K2CSBy/Az9Lh44pHNhzkWlfdR1uZfcfH4zwk5Z
Y3vwFSTr8T91H4zzNg9vrBqDpj8OMAEFonPFSl8B5zqRXfR1H0TYFADCawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFAhOpJWRBt83qf25r9qWw0NSl7oMB8GA1UdIwQY
MBaAFIzo3znjYmCHrhb2Dr5hrMjG0TVzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvak9qZk9lTmlZSWV1RnZZT3ZtR3N5TWJSTlhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8zNWIwMjAtYTIyNS00ZGZmLWIxNzIt
ZDA4MThlZjA2NjU5LzEvVUNFNmtsWkVHM3plcF9ibXYycGJEUTFLWHVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8zNWIwMjAtYTIyNS00ZGZmLWIxNzItZDA4MThlZjA2NjU5
LzEvak9qZk9lTmlZSWV1RnZZT3ZtR3N5TWJSTlhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9QhMA0G
CSqGSIb3DQEBCwUAA4IBAQCFTE1D5NhqUBW+3U7kdOj3s1c7shwiOhMbhymvV3vI
3GeO1GY5bqkdCHNxNiFB4U5lQHeSt1hsO5sbjzVq/zWOMEGEcHDlgz6hmohWElxI
oNu1amNEkEPWwklvElM4VJnXTTQ5bfv0nt4mzuXdiNniV3YSVJ/oRmzwWSMFa0HV
R4bbfwP19Nisy9CiZSeqC5lUtrdzIb/Jm5EIeuaulZ7bx/ejFT+DjJzZ1upZGN2Z
VfUoC/KHvrSfPBc845qQlBDn6IHwNfoGqmjt/LryBLNSiJwVfE4f1P1cvNITOGZR
uGABCYAzKF/Xe3uxXiefqpzDa/8qrJ70P9uCc2TfCfiN
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:15 2025 by rpki-client