Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/0b4cdf-b486-4a58-800d-8ed5a79de835/1/uutgRPyx0ljXzko7ozHD1pRfMGE.roa
File: uutgRPyx0ljXzko7ozHD1pRfMGE.roa (raw, json)
Hash identifier: bl0X/KXEFHyj662Y1TZS2gM4NVJJz4LAmRiX/4I90eU=
Subject key identifier: BA:EB:60:44:FC:B1:D2:58:D7:CE:4A:3B:A3:31:C3:D6:94:5F:30:61
Certificate issuer: /CN=4e7cc8371ed24bacf67aca8b902cee706afc624b
Certificate serial: 07D9B88B
Authority key identifier: 4E:7C:C8:37:1E:D2:4B:AC:F6:7A:CA:8B:90:2C:EE:70:6A:FC:62:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TnzINx7SS6z2esqLkCzucGr8Yks.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/0b4cdf-b486-4a58-800d-8ed5a79de835/1/uutgRPyx0ljXzko7ozHD1pRfMGE.roa
Signing time: Sat 01 Jan 2022 14:58:44 +0000
ROA not before: Sat 01 Jan 2022 14:58:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200272
IP address blocks: 84.39.199.0/24 maxlen: 24
84.39.198.0/24 maxlen: 24
84.39.196.0/23 maxlen: 23
2a09:ee00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 131709067 (0x7d9b88b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e7cc8371ed24bacf67aca8b902cee706afc624b
Validity
Not Before: Jan 1 14:58:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=baeb6044fcb1d258d7ce4a3ba331c3d6945f3061
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ca:94:b0:13:48:f8:f2:46:5b:fd:4e:f2:54:
d9:fa:1a:30:d3:26:2a:3d:0d:36:f8:49:f5:c7:79:
3f:15:ff:93:1b:a6:52:6c:c9:09:8d:35:21:10:d4:
06:05:a1:21:2d:a2:37:56:cc:82:e3:c4:84:6d:a2:
79:29:33:01:16:22:d2:64:36:7c:1a:21:7b:26:7d:
bb:06:cc:e6:40:b7:47:f3:1b:4d:b8:42:92:30:95:
4f:79:c1:39:32:bd:1f:aa:74:7f:be:ff:fa:44:19:
18:f1:a8:ae:ad:bb:93:aa:06:bc:d9:4c:18:a2:9f:
a3:c7:94:3a:e7:b5:39:93:8a:fb:6e:f8:c0:3c:84:
b9:38:2b:4b:d0:d3:72:51:24:32:59:e7:7d:3c:90:
76:21:4c:89:4f:40:cd:61:47:e2:70:97:ad:50:e7:
ec:7b:11:8f:06:e6:23:2d:54:e9:91:fc:4d:93:25:
17:18:f6:59:58:8a:c9:a6:ba:0d:b5:7a:af:31:5a:
8c:d2:d5:93:ca:b7:d6:3a:b9:63:62:e1:21:ac:a1:
ce:bd:2e:d5:b6:b0:ec:3c:25:cd:2a:0f:71:7c:82:
1f:b5:16:4a:2c:81:b5:52:2f:56:f9:2c:d7:fe:f2:
c5:31:36:1c:c0:47:7a:de:32:3c:8d:49:dc:70:b7:
c6:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:EB:60:44:FC:B1:D2:58:D7:CE:4A:3B:A3:31:C3:D6:94:5F:30:61
X509v3 Authority Key Identifier:
keyid:4E:7C:C8:37:1E:D2:4B:AC:F6:7A:CA:8B:90:2C:EE:70:6A:FC:62:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TnzINx7SS6z2esqLkCzucGr8Yks.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/0b4cdf-b486-4a58-800d-8ed5a79de835/1/uutgRPyx0ljXzko7ozHD1pRfMGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/0b4cdf-b486-4a58-800d-8ed5a79de835/1/TnzINx7SS6z2esqLkCzucGr8Yks.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.39.196.0/22
IPv6:
2a09:ee00::/29
Signature Algorithm: sha256WithRSAEncryption
0a:5f:fd:90:5a:b7:7d:4a:e9:0b:c6:f7:86:5c:6b:9e:11:a8:
b0:2c:f0:12:ea:af:ea:b4:b7:03:30:1c:2f:56:c1:ef:1c:78:
4a:ff:a3:f5:12:a4:4a:4a:5f:84:c2:36:95:4e:4e:18:b8:09:
e8:9c:3e:76:0d:17:45:e2:df:f3:da:e1:e7:9f:40:21:a6:06:
d5:ad:98:b6:34:8d:6b:ee:fd:ac:35:5c:b3:07:5c:9c:e1:aa:
e6:35:7e:2e:ed:89:f6:d2:9d:5e:dd:4c:b5:74:21:97:b5:c4:
12:ec:eb:5d:3b:d3:99:68:30:8e:20:b6:05:17:ac:36:a2:b7:
ee:32:8b:d6:9a:c4:65:11:d0:5d:89:b7:94:8c:15:73:84:1e:
06:1d:9f:f3:a4:fb:1f:3e:aa:9b:7a:9e:13:64:1a:5e:16:13:
17:68:fe:b7:a3:60:74:4d:f8:e0:ed:91:65:2a:a7:5b:5d:ea:
81:76:d2:85:9b:85:c5:2c:79:b8:2a:6c:46:f8:fc:74:00:36:
9f:15:b5:ee:64:c6:65:eb:be:09:41:67:9f:08:dc:73:6d:a6:
04:ca:1b:7b:74:18:04:ee:6d:13:ad:73:4a:b0:fb:fa:ed:90:
e9:74:05:b8:d3:bd:ab:87:b0:30:3a:d6:5d:ab:67:f2:f1:96:
bc:e5:68:1f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEB9m4izANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZTdjYzgzNzFlZDI0YmFjZjY3YWNhOGI5MDJjZWU3MDZhZmM2MjRiMB4XDTIyMDEw
MTE0NTg0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmFlYjYwNDRmY2Ix
ZDI1OGQ3Y2U0YTNiYTMzMWMzZDY5NDVmMzA2MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALrKlLATSPjyRlv9TvJU2foaMNMmKj0NNvhJ9cd5PxX/kxum
UmzJCY01IRDUBgWhIS2iN1bMguPEhG2ieSkzARYi0mQ2fBoheyZ9uwbM5kC3R/Mb
TbhCkjCVT3nBOTK9H6p0f77/+kQZGPGorq27k6oGvNlMGKKfo8eUOue1OZOK+274
wDyEuTgrS9DTclEkMlnnfTyQdiFMiU9AzWFH4nCXrVDn7HsRjwbmIy1U6ZH8TZMl
Fxj2WViKyaa6DbV6rzFajNLVk8q31jq5Y2LhIayhzr0u1baw7DwlzSoPcXyCH7UW
SiyBtVIvVvks1/7yxTE2HMBHet4yPI1J3HC3xs0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBS662BE/LHSWNfOSjujMcPWlF8wYTAfBgNVHSMEGDAWgBROfMg3HtJLrPZ6
youQLO5wavxiSzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RueklOeDdTUzZ6MmVzcUxrQ3p1Y0dyOFlrcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGQvMGI0Y2RmLWI0ODYtNGE1OC04MDBkLThlZDVhNzlkZTgzNS8x
L3V1dGdSUHl4MGxqWHprbzdvekhEMXBSZk1HRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGQv
MGI0Y2RmLWI0ODYtNGE1OC04MDBkLThlZDVhNzlkZTgzNS8xL1RueklOeDdTUzZ6
MmVzcUxrQ3p1Y0dyOFlrcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAlQnxDANBAIAAjAHAwUDKgnuADAN
BgkqhkiG9w0BAQsFAAOCAQEACl/9kFq3fUrpC8b3hlxrnhGosCzwEuqv6rS3AzAc
L1bB7xx4Sv+j9RKkSkpfhMI2lU5OGLgJ6Jw+dg0XReLf89rh559AIaYG1a2YtjSN
a+79rDVcswdcnOGq5jV+Lu2J9tKdXt1MtXQhl7XEEuzrXTvTmWgwjiC2BResNqK3
7jKL1prEZRHQXYm3lIwVc4QeBh2f86T7Hz6qm3qeE2QaXhYTF2j+t6NgdE344O2R
ZSqnW13qgXbShZuFxSx5uCpsRvj8dAA2nxW17mTGZeu+CUFnnwjcc22mBMobe3QY
BO5tE61zSrD7+u2Q6XQFuNO9q4ewMDrWXatn8vGWvOVoHw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:29:02 2025 by rpki-client