Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/UVpTko8opNsAbpMU84egsxdaieU.roa
File: UVpTko8opNsAbpMU84egsxdaieU.roa (raw, json)
Hash identifier: pK6yD/Lsij3b3ZvOYp8CKFHtfq8rS2Fgp4MZ3Z6fTHE=
Subject key identifier: 51:5A:53:92:8F:28:A4:DB:00:6E:93:14:F3:87:A0:B3:17:5A:89:E5
Certificate issuer: /CN=9eb50e5386c809a0fae6530aa5e8d9825251ded0
Certificate serial: 0189749063B316AA975EDCDE30283E617182
Authority key identifier: 9E:B5:0E:53:86:C8:09:A0:FA:E6:53:0A:A5:E8:D9:82:52:51:DE:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nrUOU4bICaD65lMKpejZglJR3tA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/UVpTko8opNsAbpMU84egsxdaieU.roa
Signing time: Thu 20 Jul 2023 18:29:27 +0000
ROA not before: Thu 20 Jul 2023 18:29:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25198
IP address blocks: 85.204.107.0/24 maxlen: 24
195.74.93.0/24 maxlen: 24
46.229.243.0/24 maxlen: 24
46.229.253.0/24 maxlen: 24
2a12:3200:1000::/36 maxlen: 36
2a12:3200::/36 maxlen: 36
2a12:3200:2000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:74:90:63:b3:16:aa:97:5e:dc:de:30:28:3e:61:71:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9eb50e5386c809a0fae6530aa5e8d9825251ded0
Validity
Not Before: Jul 20 18:29:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=515a53928f28a4db006e9314f387a0b3175a89e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:7f:b3:81:79:86:98:b0:c1:aa:dd:db:ff:37:
b1:48:d1:d9:85:4b:54:12:9d:21:48:74:46:dc:a4:
06:be:87:c9:51:74:bb:a3:4d:6a:79:46:1c:6f:50:
ff:ae:0d:6b:d7:8d:2c:8d:8e:1f:c9:8f:8c:65:93:
66:bb:bf:07:14:df:9b:e6:32:5d:a6:5f:bf:8f:57:
92:3f:fe:e7:14:df:93:95:9b:08:62:f9:eb:6b:8c:
9f:9b:a0:e0:05:2f:f3:4f:4d:e3:51:ea:9d:4d:5c:
08:b5:9c:07:ef:b6:cf:0f:fb:c1:47:b6:6a:58:17:
66:e5:5b:14:c2:0c:ab:e6:37:45:ce:b1:17:ef:06:
af:50:cf:7e:17:3d:20:ea:a3:37:a8:cd:6b:49:67:
45:ff:9f:c7:ac:74:64:a2:db:09:ec:97:c4:e8:1b:
c4:2d:56:95:28:10:e8:e8:4a:da:04:4c:d6:70:67:
d5:cb:96:46:1a:d9:4b:db:46:80:94:67:2c:3e:43:
44:f0:fa:48:fd:5b:35:63:15:69:08:5a:73:54:a6:
16:0a:b5:ea:ae:86:2a:05:7e:85:b5:81:f7:e2:ea:
b7:c5:ed:5f:63:43:f1:9f:56:99:f0:cb:21:cf:b5:
a5:78:19:cb:6f:0b:d2:f1:09:cd:b0:a9:0e:c4:9b:
40:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:5A:53:92:8F:28:A4:DB:00:6E:93:14:F3:87:A0:B3:17:5A:89:E5
X509v3 Authority Key Identifier:
keyid:9E:B5:0E:53:86:C8:09:A0:FA:E6:53:0A:A5:E8:D9:82:52:51:DE:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nrUOU4bICaD65lMKpejZglJR3tA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/UVpTko8opNsAbpMU84egsxdaieU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/nrUOU4bICaD65lMKpejZglJR3tA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.229.243.0/24
46.229.253.0/24
85.204.107.0/24
195.74.93.0/24
IPv6:
2a12:3200::-2a12:3200:2fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
71:f7:71:66:a3:75:46:9e:a1:09:a4:bb:c9:a7:c4:40:ed:0b:
04:50:bf:5f:f6:c6:bb:67:9c:fd:42:4d:a2:3a:82:58:26:21:
d7:7a:79:51:8c:ed:cf:a6:10:f7:80:c9:d2:e2:b7:cb:69:b5:
af:15:55:91:17:5c:8d:48:67:7d:74:df:cf:33:84:a0:39:fb:
ac:e6:2a:d7:4c:bf:c3:15:95:c3:7c:da:52:fd:4a:8c:61:0a:
e0:3b:9e:75:89:b6:6c:f7:ac:6d:13:b6:f1:e0:1b:7e:94:63:
42:95:68:4c:7d:9f:91:d9:10:36:6e:98:2c:ed:86:6a:78:1a:
c0:23:1f:b5:93:34:bb:3c:01:45:c5:02:4e:23:a2:17:4e:a5:
a8:57:6d:9b:6d:c1:5e:e9:f9:10:b4:70:9f:1b:f6:76:bb:58:
57:cf:b3:0c:3c:ca:b7:f7:2d:17:1e:9e:01:0f:cb:a0:f7:1a:
cf:59:88:f5:8c:16:65:cd:d4:35:aa:cf:db:bd:f6:6e:9c:fc:
3f:38:71:51:71:4e:ec:22:24:ea:f9:c7:f8:73:14:a6:4a:6a:
f5:d0:f2:32:26:45:7d:c2:f1:39:1d:3a:65:ea:4a:f3:c8:7a:
65:6c:b6:37:b6:12:81:bc:17:90:79:6c:8a:9e:7f:33:59:61:
0d:56:b1:ea
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYl0kGOzFqqXXtzeMCg+YXGCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllYjUwZTUzODZjODA5YTBmYWU2NTMwYWE1ZThkOTgyNTI1
MWRlZDAwHhcNMjMwNzIwMTgyOTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTVhNTM5MjhmMjhhNGRiMDA2ZTkzMTRmMzg3YTBiMzE3NWE4OWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmH+zgXmGmLDBqt3b/zexSNHZhUtU
Ep0hSHRG3KQGvofJUXS7o01qeUYcb1D/rg1r140sjY4fyY+MZZNmu78HFN+b5jJd
pl+/j1eSP/7nFN+TlZsIYvnra4yfm6DgBS/zT03jUeqdTVwItZwH77bPD/vBR7Zq
WBdm5VsUwgyr5jdFzrEX7wavUM9+Fz0g6qM3qM1rSWdF/5/HrHRkotsJ7JfE6BvE
LVaVKBDo6EraBEzWcGfVy5ZGGtlL20aAlGcsPkNE8PpI/Vs1YxVpCFpzVKYWCrXq
roYqBX6FtYH34uq3xe1fY0Pxn1aZ8Mshz7WleBnLbwvS8QnNsKkOxJtAcwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFFFaU5KPKKTbAG6TFPOHoLMXWonlMB8GA1UdIwQY
MBaAFJ61DlOGyAmg+uZTCqXo2YJSUd7QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnJVT1U0YklDYUQ2NWxNS3BlalpnbEpSM3RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iNTQ2NDEtYTk1YS00YWRkLWE0NWUt
MWNhZGE2ZThiMWE5LzEvVVZwVGtvOG9wTnNBYnBNVTg0ZWdzeGRhaWVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9iNTQ2NDEtYTk1YS00YWRkLWE0NWUtMWNhZGE2ZThiMWE5
LzEvbnJVT1U0YklDYUQ2NWxNS3BlalpnbEpSM3RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAeBAIAATAYAwQALuXzAwQA
LuX9AwQAVcxrAwQAw0pdMBYEAgACMBAwDgMEASoSMgMGBCoSMgAgMA0GCSqGSIb3
DQEBCwUAA4IBAQBx93Fmo3VGnqEJpLvJp8RA7QsEUL9f9sa7Z5z9Qk2iOoJYJiHX
enlRjO3PphD3gMnS4rfLabWvFVWRF1yNSGd9dN/PM4SgOfus5irXTL/DFZXDfNpS
/UqMYQrgO551ibZs96xtE7bx4Bt+lGNClWhMfZ+R2RA2bpgs7YZqeBrAIx+1kzS7
PAFFxQJOI6IXTqWoV22bbcFe6fkQtHCfG/Z2u1hXz7MMPMq39y0XHp4BD8ug9xrP
WYj1jBZlzdQ1qs/bvfZunPw/OHFRcU7sIiTq+cf4cxSmSmr10PIyJkV9wvE5HTpl
6krzyHplbLY3thKBvBeQeWyKnn8zWWENVrHq
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:27:44 2025 by rpki-client