Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/8dd051-e2e7-496c-a9d0-fa266bb72f73/1/uFZ9jzUPy5hIIB1QhfGNr0e8rOg.roa
File: uFZ9jzUPy5hIIB1QhfGNr0e8rOg.roa (raw, json)
Hash identifier: E2B22Mmr9AA9KtUNLUeyRCSsRJc8gXB/sZ7u8WUkRm0=
Subject key identifier: B8:56:7D:8F:35:0F:CB:98:48:20:1D:50:85:F1:8D:AF:47:BC:AC:E8
Certificate issuer: /CN=61a14553cacf103274d433e6b268066e01541b25
Certificate serial: 01856C41174257B39D9314D8F2C22DEDA2DE
Authority key identifier: 61:A1:45:53:CA:CF:10:32:74:D4:33:E6:B2:68:06:6E:01:54:1B:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YaFFU8rPEDJ01DPmsmgGbgFUGyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/8dd051-e2e7-496c-a9d0-fa266bb72f73/1/uFZ9jzUPy5hIIB1QhfGNr0e8rOg.roa
Signing time: Sun 01 Jan 2023 07:34:43 +0000
ROA not before: Sun 01 Jan 2023 07:34:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15576
IP address blocks: 94.176.192.0/23 maxlen: 23
91.198.79.0/24 maxlen: 24
2a05:9040::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:41:17:42:57:b3:9d:93:14:d8:f2:c2:2d:ed:a2:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61a14553cacf103274d433e6b268066e01541b25
Validity
Not Before: Jan 1 07:34:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b8567d8f350fcb9848201d5085f18daf47bcace8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:5e:5b:a2:fb:30:4e:88:3f:f1:79:ff:88:fc:
48:de:c8:7c:69:ae:7d:92:8f:cc:3f:e0:da:7b:b9:
bf:c7:95:26:28:b6:79:da:02:ec:01:98:5d:c8:50:
21:7c:1a:dd:85:d7:74:00:f2:37:88:2b:6b:8d:c7:
7a:e3:24:63:d2:55:e9:9e:53:d1:22:ad:c6:4e:61:
6e:13:07:b7:ad:77:6c:8d:29:4d:e1:83:e4:3d:16:
cf:7f:61:3c:d7:cf:29:c7:42:83:ea:22:c1:3d:45:
41:8e:63:f7:b3:11:9b:9d:60:4b:fb:66:43:f8:cc:
92:18:5e:d6:64:2f:9f:01:c6:3a:9d:11:35:a9:b2:
79:d3:11:9e:34:ab:2b:fd:29:5d:77:fa:7b:37:6b:
0d:f2:c3:d4:a3:a4:6c:87:67:8b:5c:9f:e4:f9:2a:
c1:75:c8:7e:33:ef:8e:57:ef:10:ca:04:88:d9:b2:
a1:29:6e:b8:fb:22:98:5a:0c:1f:43:97:c7:67:f8:
82:70:b9:f2:60:0d:5b:43:d7:eb:34:51:1f:88:0f:
07:ba:ca:d8:7e:bf:a4:fc:c5:fc:ca:67:5b:54:26:
5d:16:6d:51:5d:7d:2f:34:c5:3c:8f:74:0a:f8:f0:
c7:1b:5f:e9:02:0e:12:64:1e:44:f3:20:0d:7d:ef:
0e:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:56:7D:8F:35:0F:CB:98:48:20:1D:50:85:F1:8D:AF:47:BC:AC:E8
X509v3 Authority Key Identifier:
keyid:61:A1:45:53:CA:CF:10:32:74:D4:33:E6:B2:68:06:6E:01:54:1B:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YaFFU8rPEDJ01DPmsmgGbgFUGyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8dd051-e2e7-496c-a9d0-fa266bb72f73/1/uFZ9jzUPy5hIIB1QhfGNr0e8rOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8dd051-e2e7-496c-a9d0-fa266bb72f73/1/YaFFU8rPEDJ01DPmsmgGbgFUGyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.79.0/24
94.176.192.0/23
IPv6:
2a05:9040::/29
Signature Algorithm: sha256WithRSAEncryption
4e:26:dd:35:6f:dc:cb:1f:dc:ec:30:82:16:7d:a1:6a:94:9c:
0a:5b:b7:22:e2:1d:c5:63:f5:1e:4d:bc:02:28:6b:7c:fa:a5:
e2:e6:dc:c1:44:a3:bc:67:ef:57:3d:a6:96:4e:f1:ce:85:3b:
f2:c5:4b:98:7f:f1:be:1d:c5:5a:54:b0:10:10:7f:43:4f:9a:
96:fd:f1:ec:90:dc:ba:24:c5:07:44:5e:c3:75:f5:f5:4a:4e:
45:0a:88:e6:33:17:bf:4e:83:ec:e1:a6:e3:0e:02:cd:a7:f4:
49:21:cd:68:ef:00:e8:d2:a2:78:9c:20:cc:fe:d6:df:c8:ba:
c7:b5:bd:03:bf:7d:f3:0d:99:94:70:ef:8b:d8:d5:31:1d:fb:
1f:aa:af:22:14:11:0b:83:4b:73:c7:be:1a:23:66:38:e8:6d:
3d:93:cb:7a:4b:96:9d:14:c5:d8:2e:44:8f:52:cd:55:90:43:
10:f8:50:12:0a:aa:44:1b:77:25:1e:f9:3d:82:8f:fc:85:df:
92:c1:9e:7c:b3:de:ea:1d:f4:4b:d8:a0:71:cb:8b:2e:2e:ca:
c5:93:ba:22:be:4e:82:b6:4b:02:59:91:a6:71:2a:5d:54:a1:
79:1f:3e:14:94:39:7b:9a:02:14:0b:09:fc:2d:de:95:11:02:
77:3b:ae:bd
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVsQRdCV7OdkxTY8sIt7aLeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYTE0NTUzY2FjZjEwMzI3NGQ0MzNlNmIyNjgwNjZlMDE1
NDFiMjUwHhcNMjMwMTAxMDczNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODU2N2Q4ZjM1MGZjYjk4NDgyMDFkNTA4NWYxOGRhZjQ3YmNhY2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj15bovswTog/8Xn/iPxI3sh8aa59
ko/MP+Dae7m/x5UmKLZ52gLsAZhdyFAhfBrdhdd0API3iCtrjcd64yRj0lXpnlPR
Iq3GTmFuEwe3rXdsjSlN4YPkPRbPf2E8188px0KD6iLBPUVBjmP3sxGbnWBL+2ZD
+MySGF7WZC+fAcY6nRE1qbJ50xGeNKsr/Sldd/p7N2sN8sPUo6Rsh2eLXJ/k+SrB
dch+M++OV+8QygSI2bKhKW64+yKYWgwfQ5fHZ/iCcLnyYA1bQ9frNFEfiA8HusrY
fr+k/MX8ymdbVCZdFm1RXX0vNMU8j3QK+PDHG1/pAg4SZB5E8yANfe8O/QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLhWfY81D8uYSCAdUIXxja9HvKzoMB8GA1UdIwQY
MBaAFGGhRVPKzxAydNQz5rJoBm4BVBslMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWFGRlU4clBFREowMURQbXNtZ0diZ0ZVR3lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC84ZGQwNTEtZTJlNy00OTZjLWE5ZDAt
ZmEyNjZiYjcyZjczLzEvdUZaOWp6VVB5NWhJSUIxUWhmR05yMGU4ck9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC84ZGQwNTEtZTJlNy00OTZjLWE5ZDAtZmEyNjZiYjcyZjcz
LzEvWWFGRlU4clBFREowMURQbXNtZ0diZ0ZVR3lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW8ZPAwQB
XrDAMA0EAgACMAcDBQMqBZBAMA0GCSqGSIb3DQEBCwUAA4IBAQBOJt01b9zLH9zs
MIIWfaFqlJwKW7ci4h3FY/UeTbwCKGt8+qXi5tzBRKO8Z+9XPaaWTvHOhTvyxUuY
f/G+HcVaVLAQEH9DT5qW/fHskNy6JMUHRF7DdfX1Sk5FCojmMxe/ToPs4abjDgLN
p/RJIc1o7wDo0qJ4nCDM/tbfyLrHtb0Dv33zDZmUcO+L2NUxHfsfqq8iFBELg0tz
x74aI2Y46G09k8t6S5adFMXYLkSPUs1VkEMQ+FASCqpEG3clHvk9go/8hd+SwZ58
s97qHfRL2KBxy4suLsrFk7oivk6CtksCWZGmcSpdVKF5Hz4UlDl7mgIUCwn8Ld6V
EQJ3O669
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:08 2025 by rpki-client