Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/b816b9-91b0-46da-8e58-91488a34fcc8/1/uj27SU0pkVkMgg58qFRLRaTAkP0.roa
File: uj27SU0pkVkMgg58qFRLRaTAkP0.roa (raw, json)
Hash identifier: gRr5QCDWAqMgnoSoTHuxm73NBdOURgK0Kg7ngYCXrRI=
Subject key identifier: BA:3D:BB:49:4D:29:91:59:0C:82:0E:7C:A8:54:4B:45:A4:C0:90:FD
Certificate issuer: /CN=bc9c405f142e53eb67b1c49923ab795e84328c9b
Certificate serial: 018572E80D69A2B9CD77F221757C65D53AE2
Authority key identifier: BC:9C:40:5F:14:2E:53:EB:67:B1:C4:99:23:AB:79:5E:84:32:8C:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vJxAXxQuU-tnscSZI6t5XoQyjJs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/b816b9-91b0-46da-8e58-91488a34fcc8/1/uj27SU0pkVkMgg58qFRLRaTAkP0.roa
Signing time: Mon 02 Jan 2023 14:34:48 +0000
ROA not before: Mon 02 Jan 2023 14:34:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50289
IP address blocks: 62.78.32.0/19 maxlen: 24
185.142.64.0/22 maxlen: 24
37.123.216.0/21 maxlen: 24
2a03:a400::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:e8:0d:69:a2:b9:cd:77:f2:21:75:7c:65:d5:3a:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc9c405f142e53eb67b1c49923ab795e84328c9b
Validity
Not Before: Jan 2 14:34:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ba3dbb494d2991590c820e7ca8544b45a4c090fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:21:c3:25:89:ed:75:8b:92:4b:36:d1:88:ae:
95:60:6c:27:5d:d9:54:c3:f9:f5:5b:ef:0b:53:b5:
bc:80:43:07:bf:07:70:5c:18:c5:24:bf:c7:7b:3a:
2f:35:58:97:f4:9a:10:82:70:bc:55:82:c3:d7:e8:
5b:c7:5f:66:b7:d7:0e:99:cb:ab:86:2b:b9:e6:62:
0c:eb:3f:7a:76:df:0f:48:46:d1:2d:48:2e:97:37:
79:ca:3f:04:e7:09:9d:62:5d:53:3f:3e:1b:78:ac:
ae:8d:d7:0a:db:98:a3:81:c1:c8:25:ec:11:25:8b:
b6:8f:09:09:8f:a6:04:3e:e2:ee:50:72:66:c6:2f:
f4:35:e7:4f:36:b9:f6:2e:43:4b:9c:86:41:8a:c8:
d6:67:96:bf:31:62:7b:3d:5a:ba:f4:b4:b6:93:e7:
93:31:47:35:11:c8:c5:5f:bd:3f:88:36:1c:4b:dc:
3d:57:fe:ae:75:69:bf:c2:74:5f:cf:bf:36:da:50:
62:f2:e1:cd:5f:33:97:06:d3:5f:c7:48:c2:f4:ab:
4c:17:cd:c1:46:2a:7a:17:ad:50:48:54:cc:84:29:
f9:02:6b:a9:1d:82:fc:8e:61:40:d3:71:0c:16:a8:
84:d7:fb:db:19:6f:7f:bc:65:48:1e:d3:2b:1d:8d:
39:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:3D:BB:49:4D:29:91:59:0C:82:0E:7C:A8:54:4B:45:A4:C0:90:FD
X509v3 Authority Key Identifier:
keyid:BC:9C:40:5F:14:2E:53:EB:67:B1:C4:99:23:AB:79:5E:84:32:8C:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vJxAXxQuU-tnscSZI6t5XoQyjJs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b816b9-91b0-46da-8e58-91488a34fcc8/1/uj27SU0pkVkMgg58qFRLRaTAkP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b816b9-91b0-46da-8e58-91488a34fcc8/1/vJxAXxQuU-tnscSZI6t5XoQyjJs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.123.216.0/21
62.78.32.0/19
185.142.64.0/22
IPv6:
2a03:a400::/32
Signature Algorithm: sha256WithRSAEncryption
56:ca:6a:b0:88:67:4f:4d:69:e9:2d:e0:66:92:8a:4c:68:c8:
07:2a:f2:c8:17:fd:d4:61:98:4b:40:f2:03:2f:fe:c4:b6:e6:
4c:15:2a:7e:9f:c5:b7:7c:2f:f7:3c:16:0d:fa:4c:45:c9:54:
0d:c1:99:c3:28:d0:a4:97:91:24:ea:63:6b:93:61:c3:54:0f:
6c:f0:41:9f:0f:9e:c6:33:95:81:ae:2d:3c:39:9f:2c:b4:8a:
09:80:68:ad:5b:e7:41:24:0f:ca:0c:45:39:9c:96:98:21:21:
38:1a:a8:0d:01:8a:db:08:df:52:a0:e3:c9:f6:d5:92:99:94:
83:09:b7:ca:da:4f:9d:89:77:c9:54:39:33:af:c0:b6:1c:61:
e7:2a:51:bc:8b:98:b9:91:3c:a1:d3:92:4c:46:51:71:a4:e5:
da:e1:db:65:93:fa:97:cf:1b:b0:84:90:68:8c:0f:f6:7e:c9:
de:b9:0c:21:80:21:e6:ea:e3:43:cb:10:ef:c3:70:b2:5f:6d:
10:68:85:07:09:d3:13:ca:11:2b:4b:f0:04:67:d5:45:c5:03:
49:d2:9a:cb:74:59:ce:99:17:d9:5f:18:0c:14:af:a7:37:e3:
28:ec:04:92:f0:34:8f:92:d1:c4:af:0b:d2:c7:34:2a:5c:a2:
54:30:f1:fa
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVy6A1pornNd/IhdXxl1TriMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjOWM0MDVmMTQyZTUzZWI2N2IxYzQ5OTIzYWI3OTVlODQz
MjhjOWIwHhcNMjMwMTAyMTQzNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTNkYmI0OTRkMjk5MTU5MGM4MjBlN2NhODU0NGI0NWE0YzA5MGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSHDJYntdYuSSzbRiK6VYGwnXdlU
w/n1W+8LU7W8gEMHvwdwXBjFJL/HezovNViX9JoQgnC8VYLD1+hbx19mt9cOmcur
hiu55mIM6z96dt8PSEbRLUgulzd5yj8E5wmdYl1TPz4beKyujdcK25ijgcHIJewR
JYu2jwkJj6YEPuLuUHJmxi/0NedPNrn2LkNLnIZBisjWZ5a/MWJ7PVq69LS2k+eT
MUc1EcjFX70/iDYcS9w9V/6udWm/wnRfz7822lBi8uHNXzOXBtNfx0jC9KtMF83B
Rip6F61QSFTMhCn5AmupHYL8jmFA03EMFqiE1/vbGW9/vGVIHtMrHY056wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLo9u0lNKZFZDIIOfKhUS0WkwJD9MB8GA1UdIwQY
MBaAFLycQF8ULlPrZ7HEmSOreV6EMoybMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkp4QVh4UXVVLXRuc2NTWkk2dDVYb1F5akpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9iODE2YjktOTFiMC00NmRhLThlNTgt
OTE0ODhhMzRmY2M4LzEvdWoyN1NVMHBrVmtNZ2c1OHFGUkxSYVRBa1AwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9iODE2YjktOTFiMC00NmRhLThlNTgtOTE0ODhhMzRmY2M4
LzEvdkp4QVh4UXVVLXRuc2NTWkk2dDVYb1F5akpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDJXvYAwQF
Pk4gAwQCuY5AMA0EAgACMAcDBQAqA6QAMA0GCSqGSIb3DQEBCwUAA4IBAQBWymqw
iGdPTWnpLeBmkopMaMgHKvLIF/3UYZhLQPIDL/7EtuZMFSp+n8W3fC/3PBYN+kxF
yVQNwZnDKNCkl5Ek6mNrk2HDVA9s8EGfD57GM5WBri08OZ8stIoJgGitW+dBJA/K
DEU5nJaYISE4GqgNAYrbCN9SoOPJ9tWSmZSDCbfK2k+diXfJVDkzr8C2HGHnKlG8
i5i5kTyh05JMRlFxpOXa4dtlk/qXzxuwhJBojA/2fsneuQwhgCHm6uNDyxDvw3Cy
X20QaIUHCdMTyhErS/AEZ9VFxQNJ0prLdFnOmRfZXxgMFK+nN+Mo7ASS8DSPktHE
rwvSxzQqXKJUMPH6
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:35 2025 by rpki-client