Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/afa6d6-50f9-41d4-b7cf-a33649e3e2c5/1/ucGohwg3TiaHrh2UspGume0mptU.roa
File: ucGohwg3TiaHrh2UspGume0mptU.roa (raw, json)
Hash identifier: BzULILF4vHezGTSWyc6rc/4xkAcNQ4SPWggLea3+xv4=
Subject key identifier: B9:C1:A8:87:08:37:4E:26:87:AE:1D:94:B2:91:AE:99:ED:26:A6:D5
Certificate issuer: /CN=f5ada901d408bf7f5b9435921e4800a8f82dbdab
Certificate serial: 01856C0108B6E3339828E1F63EAA2A47ECA4
Authority key identifier: F5:AD:A9:01:D4:08:BF:7F:5B:94:35:92:1E:48:00:A8:F8:2D:BD:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9a2pAdQIv39blDWSHkgAqPgtvas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/afa6d6-50f9-41d4-b7cf-a33649e3e2c5/1/ucGohwg3TiaHrh2UspGume0mptU.roa
Signing time: Sun 01 Jan 2023 06:24:45 +0000
ROA not before: Sun 01 Jan 2023 06:24:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205572
IP address blocks: 185.213.84.0/22 maxlen: 22
2a0b:8540::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:01:08:b6:e3:33:98:28:e1:f6:3e:aa:2a:47:ec:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5ada901d408bf7f5b9435921e4800a8f82dbdab
Validity
Not Before: Jan 1 06:24:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b9c1a88708374e2687ae1d94b291ae99ed26a6d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:00:a2:ee:44:6b:b7:6e:72:fa:1c:50:13:7e:
6f:37:2e:89:94:9b:f8:95:a2:1b:15:aa:20:4e:cc:
59:0a:ed:bc:f3:63:f5:94:50:94:61:2c:22:9a:4a:
5a:54:b5:39:21:c3:55:02:0b:11:93:43:87:94:93:
b7:3b:9d:d2:ff:64:e1:46:32:52:ce:61:9b:22:e7:
ba:0a:43:37:ca:7a:2d:66:3d:0c:8d:01:61:92:ae:
f7:a8:de:da:61:e2:2c:38:4a:6f:fe:c6:28:bd:63:
b8:44:80:12:50:63:56:fd:1d:a6:9c:7a:81:49:52:
b9:81:1d:52:e1:ac:fe:43:2a:17:04:a2:9d:9c:4c:
93:5d:86:07:ff:3e:2f:fe:b3:57:90:6f:f7:5e:2d:
9d:aa:3c:2b:61:17:fe:f9:20:4e:6e:69:33:94:cf:
bd:d6:bd:f9:04:69:d4:8b:1d:d5:26:66:3d:ad:6f:
e2:4f:70:7e:c8:c2:8c:a4:f6:d5:d2:93:30:b1:37:
a6:18:67:50:63:aa:c5:f3:26:a0:5a:44:91:e3:92:
32:e1:b6:aa:a6:4b:4a:8a:a5:86:5c:c3:32:1a:e0:
30:25:b7:f7:f1:d3:c8:ee:e7:51:66:d8:ec:ca:7e:
01:0c:32:f9:9f:34:13:11:09:66:50:80:88:17:af:
a2:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:C1:A8:87:08:37:4E:26:87:AE:1D:94:B2:91:AE:99:ED:26:A6:D5
X509v3 Authority Key Identifier:
keyid:F5:AD:A9:01:D4:08:BF:7F:5B:94:35:92:1E:48:00:A8:F8:2D:BD:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a2pAdQIv39blDWSHkgAqPgtvas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/afa6d6-50f9-41d4-b7cf-a33649e3e2c5/1/ucGohwg3TiaHrh2UspGume0mptU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/afa6d6-50f9-41d4-b7cf-a33649e3e2c5/1/9a2pAdQIv39blDWSHkgAqPgtvas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.84.0/22
IPv6:
2a0b:8540::/29
Signature Algorithm: sha256WithRSAEncryption
63:78:cf:00:c9:88:8f:57:5d:29:6f:74:e3:7e:0c:e6:b6:91:
a1:66:41:37:e3:9b:a2:d1:5b:15:8f:f8:48:f5:9a:1a:c6:7d:
35:00:e2:23:ca:99:f4:85:1b:0a:8f:6a:92:28:47:a3:79:e8:
39:5f:ce:2c:49:57:14:b1:09:df:98:0b:27:58:d5:cd:95:b5:
79:57:62:57:5e:d9:49:f5:52:70:84:26:0e:7e:8e:79:dc:a5:
46:45:9e:bb:a0:a4:f4:9e:ee:98:63:95:cf:6e:7c:2b:b3:44:
6e:73:26:7f:1e:52:ae:6e:c2:a5:18:b1:f6:e9:6c:a9:7a:42:
17:32:b2:d4:3c:a8:d1:74:e5:ed:7b:6b:43:0b:ba:47:15:b2:
ac:e6:e4:f5:61:f6:b9:d7:9a:65:e3:ab:ec:c0:28:20:75:d7:
da:5e:d8:b9:b3:92:4c:0f:b3:de:af:87:4d:db:95:24:35:d9:
e0:16:d8:d7:3e:27:0d:f9:b1:1d:17:08:bc:18:c6:72:1f:87:
9c:6d:53:ef:d2:20:7c:79:ec:15:cd:ab:34:cc:8d:56:32:ad:
e5:de:f3:3a:83:e0:d1:e5:2e:88:4d:16:8e:66:29:8c:24:d7:
c4:65:b7:df:5d:5d:58:a1:49:36:74:1a:5c:ca:bb:69:99:4a:
63:b2:db:1e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsAQi24zOYKOH2PqoqR+ykMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1YWRhOTAxZDQwOGJmN2Y1Yjk0MzU5MjFlNDgwMGE4Zjgy
ZGJkYWIwHhcNMjMwMTAxMDYyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWMxYTg4NzA4Mzc0ZTI2ODdhZTFkOTRiMjkxYWU5OWVkMjZhNmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgCi7kRrt25y+hxQE35vNy6JlJv4
laIbFaogTsxZCu2882P1lFCUYSwimkpaVLU5IcNVAgsRk0OHlJO3O53S/2ThRjJS
zmGbIue6CkM3ynotZj0MjQFhkq73qN7aYeIsOEpv/sYovWO4RIASUGNW/R2mnHqB
SVK5gR1S4az+QyoXBKKdnEyTXYYH/z4v/rNXkG/3Xi2dqjwrYRf++SBObmkzlM+9
1r35BGnUix3VJmY9rW/iT3B+yMKMpPbV0pMwsTemGGdQY6rF8yagWkSR45Iy4baq
pktKiqWGXMMyGuAwJbf38dPI7udRZtjsyn4BDDL5nzQTEQlmUICIF6+iXwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLnBqIcIN04mh64dlLKRrpntJqbVMB8GA1UdIwQY
MBaAFPWtqQHUCL9/W5Q1kh5IAKj4Lb2rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWEycEFkUUl2MzlibERXU0hrZ0FxUGd0dmFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9hZmE2ZDYtNTBmOS00MWQ0LWI3Y2Yt
YTMzNjQ5ZTNlMmM1LzEvdWNHb2h3ZzNUaWFIcmgyVXNwR3VtZTBtcHRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9hZmE2ZDYtNTBmOS00MWQ0LWI3Y2YtYTMzNjQ5ZTNlMmM1
LzEvOWEycEFkUUl2MzlibERXU0hrZ0FxUGd0dmFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudVUMA0E
AgACMAcDBQMqC4VAMA0GCSqGSIb3DQEBCwUAA4IBAQBjeM8AyYiPV10pb3Tjfgzm
tpGhZkE345ui0VsVj/hI9Zoaxn01AOIjypn0hRsKj2qSKEejeeg5X84sSVcUsQnf
mAsnWNXNlbV5V2JXXtlJ9VJwhCYOfo553KVGRZ67oKT0nu6YY5XPbnwrs0RucyZ/
HlKubsKlGLH26WypekIXMrLUPKjRdOXte2tDC7pHFbKs5uT1Yfa515pl46vswCgg
ddfaXti5s5JMD7Per4dN25UkNdngFtjXPicN+bEdFwi8GMZyH4ecbVPv0iB8eewV
zas0zI1WMq3l3vM6g+DR5S6ITRaOZimMJNfEZbffXV1YoUk2dBpcyrtpmUpjstse
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:24:06 2025 by rpki-client