Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/673b1d-6d14-4df5-99ad-2ee2b7295dff/1/U0W-efJChQEw4GR-cUZKk1WxzvY.roa
File: U0W-efJChQEw4GR-cUZKk1WxzvY.roa (raw, json)
Hash identifier: p5735V6S29pFmgGwkWIQDaolq7a67kg8ODH7fhOIbfc=
Subject key identifier: 53:45:BE:79:F2:42:85:01:30:E0:64:7E:71:46:4A:93:55:B1:CE:F6
Certificate issuer: /CN=46d9a0a4b57a0eec7c4e52a119db4b1c656f4db4
Certificate serial: 018571D7BDC4989C50701D42D3FC16F491A5
Authority key identifier: 46:D9:A0:A4:B5:7A:0E:EC:7C:4E:52:A1:19:DB:4B:1C:65:6F:4D:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RtmgpLV6Dux8TlKhGdtLHGVvTbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/673b1d-6d14-4df5-99ad-2ee2b7295dff/1/U0W-efJChQEw4GR-cUZKk1WxzvY.roa
Signing time: Mon 02 Jan 2023 09:37:22 +0000
ROA not before: Mon 02 Jan 2023 09:37:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15681
IP address blocks: 83.137.240.0/24 maxlen: 24
194.29.97.0/24 maxlen: 24
194.29.98.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:bd:c4:98:9c:50:70:1d:42:d3:fc:16:f4:91:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46d9a0a4b57a0eec7c4e52a119db4b1c656f4db4
Validity
Not Before: Jan 2 09:37:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5345be79f242850130e0647e71464a9355b1cef6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c3:b6:3f:58:db:54:1d:02:18:27:bf:b8:cd:
bf:ca:e6:42:70:f0:0b:4d:54:e6:99:24:90:77:0e:
75:39:4f:e9:77:d9:68:cc:9e:0b:b1:cc:bb:58:e4:
1c:9e:4d:4d:96:65:59:29:76:62:b5:af:fd:12:bc:
a2:83:34:8a:9f:69:4d:49:2d:7a:8d:28:39:03:cb:
f6:ba:50:89:e9:94:42:b6:e0:d6:5f:0d:80:a2:d7:
ef:a8:85:da:5d:37:06:2e:6b:a3:53:f1:18:00:94:
70:d5:c6:35:7f:10:be:a4:72:9c:2a:09:04:e1:75:
00:96:ff:73:0a:c0:51:67:83:32:74:eb:64:4f:54:
14:30:80:6f:1f:3a:33:87:f0:88:15:8a:29:33:12:
32:38:80:c7:d1:3d:63:b6:84:8e:f5:da:0a:cb:a2:
35:25:3e:26:65:8d:db:d9:45:81:21:5d:37:98:15:
b4:49:ba:49:cd:c7:d0:f8:59:a5:e4:c3:2e:0a:7e:
09:2d:68:d8:72:d4:df:b4:e8:cb:cb:33:e8:20:99:
0b:6c:29:18:5a:ac:35:24:d7:86:18:c4:c8:17:27:
3b:23:51:d2:d0:b8:cb:c7:ca:09:3d:25:f5:1e:12:
72:5b:12:9f:75:66:be:4d:4f:08:8a:c2:ef:ca:88:
68:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:45:BE:79:F2:42:85:01:30:E0:64:7E:71:46:4A:93:55:B1:CE:F6
X509v3 Authority Key Identifier:
keyid:46:D9:A0:A4:B5:7A:0E:EC:7C:4E:52:A1:19:DB:4B:1C:65:6F:4D:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RtmgpLV6Dux8TlKhGdtLHGVvTbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/673b1d-6d14-4df5-99ad-2ee2b7295dff/1/U0W-efJChQEw4GR-cUZKk1WxzvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/673b1d-6d14-4df5-99ad-2ee2b7295dff/1/RtmgpLV6Dux8TlKhGdtLHGVvTbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.137.240.0/24
194.29.97.0-194.29.98.255
Signature Algorithm: sha256WithRSAEncryption
3e:90:61:97:e0:24:14:02:3d:e2:c7:62:6a:74:d7:17:d0:01:
f0:4c:05:17:01:b0:dc:cb:75:d6:c7:1a:80:5b:39:76:d2:35:
1a:8d:d5:3a:d4:00:8d:26:f5:f8:57:d0:ae:38:99:35:17:8b:
b3:d6:e3:b1:30:a6:65:61:de:41:da:a6:11:ef:88:9a:3e:d5:
d3:1e:21:11:b7:96:05:6a:e9:fa:86:b6:61:07:be:5d:9e:18:
f3:bd:88:08:17:97:9a:f0:4e:0b:e5:18:14:8f:c0:d4:3a:a7:
a7:68:c6:f5:77:70:38:7b:74:9c:1e:d6:7e:1c:42:84:8c:a0:
fe:4d:c8:9e:1b:cb:24:0d:25:a0:38:aa:e3:43:67:ca:88:2f:
f5:29:08:eb:ad:c5:78:58:17:b6:5d:5d:77:5c:0c:e8:12:4c:
60:fb:f1:d5:4f:c9:04:4b:52:8d:b4:58:9f:a9:fa:3b:78:35:
c8:94:81:1d:93:3e:e2:24:0d:6e:76:43:e5:c4:16:85:6b:be:
89:c7:87:f5:6d:4d:56:b7:86:3f:88:99:66:45:1d:84:0e:03:
18:14:e5:5c:07:c2:58:ed:42:f0:5b:4e:cd:f3:bf:4c:87:c1:
6a:35:69:5a:74:47:1d:49:ea:e7:85:76:94:39:d5:98:96:36:
a6:fc:44:8b
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVx173EmJxQcB1C0/wW9JGlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2ZDlhMGE0YjU3YTBlZWM3YzRlNTJhMTE5ZGI0YjFjNjU2
ZjRkYjQwHhcNMjMwMTAyMDkzNzIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzQ1YmU3OWYyNDI4NTAxMzBlMDY0N2U3MTQ2NGE5MzU1YjFjZWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8O2P1jbVB0CGCe/uM2/yuZCcPAL
TVTmmSSQdw51OU/pd9lozJ4Lscy7WOQcnk1NlmVZKXZita/9EryigzSKn2lNSS16
jSg5A8v2ulCJ6ZRCtuDWXw2AotfvqIXaXTcGLmujU/EYAJRw1cY1fxC+pHKcKgkE
4XUAlv9zCsBRZ4MydOtkT1QUMIBvHzozh/CIFYopMxIyOIDH0T1jtoSO9doKy6I1
JT4mZY3b2UWBIV03mBW0SbpJzcfQ+Fml5MMuCn4JLWjYctTftOjLyzPoIJkLbCkY
Wqw1JNeGGMTIFyc7I1HS0LjLx8oJPSX1HhJyWxKfdWa+TU8IisLvyohokQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFFNFvnnyQoUBMOBkfnFGSpNVsc72MB8GA1UdIwQY
MBaAFEbZoKS1eg7sfE5SoRnbSxxlb020MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnRtZ3BMVjZEdXg4VGxLaEdkdExIR1Z2VGJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS82NzNiMWQtNmQxNC00ZGY1LTk5YWQt
MmVlMmI3Mjk1ZGZmLzEvVTBXLWVmSkNoUUV3NEdSLWNVWktrMVd4enZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS82NzNiMWQtNmQxNC00ZGY1LTk5YWQtMmVlMmI3Mjk1ZGZm
LzEvUnRtZ3BMVjZEdXg4VGxLaEdkdExIR1Z2VGJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAU4nwMAwD
BADCHWEDBADCHWIwDQYJKoZIhvcNAQELBQADggEBAD6QYZfgJBQCPeLHYmp01xfQ
AfBMBRcBsNzLddbHGoBbOXbSNRqN1TrUAI0m9fhX0K44mTUXi7PW47EwpmVh3kHa
phHviJo+1dMeIRG3lgVq6fqGtmEHvl2eGPO9iAgXl5rwTgvlGBSPwNQ6p6doxvV3
cDh7dJwe1n4cQoSMoP5NyJ4byyQNJaA4quNDZ8qIL/UpCOutxXhYF7ZdXXdcDOgS
TGD78dVPyQRLUo20WJ+p+jt4NciUgR2TPuIkDW52Q+XEFoVrvonHh/VtTVa3hj+I
mWZFHYQOAxgU5VwHwljtQvBbTs3zv0yHwWo1aVp0Rx1J6ueFdpQ51ZiWNqb8RIs=
-----END CERTIFICATE-----
Generated at Mon Apr 7 05:05:32 2025 by rpki-client