Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/934ef8-0cb5-4c59-9b8b-8bdf98c0c8f0/1/UoQi9_rsyYu2Okcnsx1t9sLIBzw.roa
File: UoQi9_rsyYu2Okcnsx1t9sLIBzw.roa (raw, json)
Hash identifier: eFJ6jggcBolYGEJaBmGMUkKveiW5vfQSdWuMhLcshY4=
Subject key identifier: 52:84:22:F7:FA:EC:C9:8B:B6:3A:47:27:B3:1D:6D:F6:C2:C8:07:3C
Certificate issuer: /CN=130793e24a67201f7d52b656686f43dade3a1392
Certificate serial: 0C73E39E
Authority key identifier: 13:07:93:E2:4A:67:20:1F:7D:52:B6:56:68:6F:43:DA:DE:3A:13:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EweT4kpnIB99UrZWaG9D2t46E5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/934ef8-0cb5-4c59-9b8b-8bdf98c0c8f0/1/UoQi9_rsyYu2Okcnsx1t9sLIBzw.roa
Signing time: Sat 01 Jan 2022 07:59:39 +0000
ROA not before: Sat 01 Jan 2022 07:59:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49855
IP address blocks: 185.98.240.0/22 maxlen: 22
91.202.40.0/22 maxlen: 22
31.24.144.0/21 maxlen: 21
109.69.64.0/21 maxlen: 21
2a02:16d0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 208921502 (0xc73e39e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=130793e24a67201f7d52b656686f43dade3a1392
Validity
Not Before: Jan 1 07:59:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=528422f7faecc98bb63a4727b31d6df6c2c8073c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:fe:78:42:09:53:fb:ad:1f:41:6c:79:d8:e5:
5a:51:7a:ae:7b:98:24:45:da:cc:85:5e:09:a7:7f:
2f:b0:ab:b2:d8:78:1c:21:c6:62:f0:52:1e:fb:fc:
f2:b4:fa:94:3b:7d:55:38:85:82:6a:c8:0c:39:3a:
83:2f:1e:3f:0f:c4:2f:3f:db:c2:6a:07:47:d3:40:
33:b1:55:04:b0:06:7b:d2:eb:79:52:51:f4:d9:fc:
db:91:5f:2e:35:24:2e:06:58:da:6e:34:79:e8:29:
4f:34:ef:5d:d5:d4:19:57:bb:eb:cd:38:2a:fa:b9:
b3:51:0d:44:d8:3d:16:bb:48:ee:ef:35:79:c4:15:
5a:b9:2c:e7:bf:11:5b:94:ff:fa:b2:06:a7:cd:8f:
c7:da:1a:79:ad:07:31:34:e3:c0:d4:3a:cf:2a:cc:
a5:14:c4:89:f4:db:d3:b0:b9:71:cf:39:3b:f4:2f:
a3:e6:32:0a:f4:02:cd:cc:0f:78:30:f8:d6:76:26:
03:3a:06:6c:e1:c1:28:d2:7c:26:23:b1:58:31:aa:
6e:31:8b:f8:73:32:b4:6e:81:3a:77:26:70:04:87:
3a:11:d1:da:f0:cf:93:93:7a:3d:4a:5a:9c:54:f0:
98:b0:a0:5f:2f:ad:4d:ee:88:85:c3:9f:3e:23:7a:
0c:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:84:22:F7:FA:EC:C9:8B:B6:3A:47:27:B3:1D:6D:F6:C2:C8:07:3C
X509v3 Authority Key Identifier:
keyid:13:07:93:E2:4A:67:20:1F:7D:52:B6:56:68:6F:43:DA:DE:3A:13:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EweT4kpnIB99UrZWaG9D2t46E5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/934ef8-0cb5-4c59-9b8b-8bdf98c0c8f0/1/UoQi9_rsyYu2Okcnsx1t9sLIBzw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/934ef8-0cb5-4c59-9b8b-8bdf98c0c8f0/1/EweT4kpnIB99UrZWaG9D2t46E5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.144.0/21
91.202.40.0/22
109.69.64.0/21
185.98.240.0/22
IPv6:
2a02:16d0::/32
Signature Algorithm: sha256WithRSAEncryption
47:ed:13:63:fd:3e:da:ba:1d:67:77:6a:ca:b2:dc:b6:fa:8f:
b6:1d:5e:35:72:9c:87:d8:5a:3c:19:2a:71:06:6d:f5:ec:31:
a3:b6:4f:90:81:b0:6c:60:70:b2:67:15:70:67:eb:d2:fb:ef:
59:96:93:0c:43:dd:b6:51:4e:1d:b3:14:92:ba:14:68:50:2e:
32:2d:9b:f7:5e:94:0f:28:9f:de:94:a7:69:55:a5:e9:83:2a:
30:3d:7c:9e:23:64:76:de:4b:4f:1e:a7:85:64:74:b4:97:fe:
af:ad:4e:48:0f:fe:66:95:a8:c4:bc:54:cc:95:88:8a:93:1a:
e7:6e:54:13:31:66:8c:b6:10:08:38:58:6a:34:7d:ef:2b:51:
a9:24:6b:00:ca:f3:20:9a:93:12:02:8a:f2:e3:9e:eb:15:e0:
cf:5a:c5:8d:7e:43:7b:f6:e1:2a:f6:58:ba:a3:d9:07:83:dc:
f0:5f:6a:7c:6e:55:d8:d4:7a:ae:34:04:38:e7:42:77:bd:70:
2d:ff:09:24:0f:fa:a3:6f:ea:3b:42:fd:31:2b:27:96:3b:dd:
be:07:e8:3e:1c:58:1c:c7:34:0e:ad:10:3b:b4:4f:8f:80:f5:
b2:c8:e4:0a:a8:36:66:a8:0a:bd:aa:de:ad:29:31:13:00:5e:
82:51:19:1c
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEDHPjnjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MzA3OTNlMjRhNjcyMDFmN2Q1MmI2NTY2ODZmNDNkYWRlM2ExMzkyMB4XDTIyMDEw
MTA3NTkzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTI4NDIyZjdmYWVj
Yzk4YmI2M2E0NzI3YjMxZDZkZjZjMmM4MDczYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKj+eEIJU/utH0FsedjlWlF6rnuYJEXazIVeCad/L7Crsth4
HCHGYvBSHvv88rT6lDt9VTiFgmrIDDk6gy8ePw/ELz/bwmoHR9NAM7FVBLAGe9Lr
eVJR9Nn825FfLjUkLgZY2m40eegpTzTvXdXUGVe76804Kvq5s1ENRNg9FrtI7u81
ecQVWrks578RW5T/+rIGp82Px9oaea0HMTTjwNQ6zyrMpRTEifTb07C5cc85O/Qv
o+YyCvQCzcwPeDD41nYmAzoGbOHBKNJ8JiOxWDGqbjGL+HMytG6BOncmcASHOhHR
2vDPk5N6PUpanFTwmLCgXy+tTe6IhcOfPiN6DGUCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBRShCL3+uzJi7Y6RyezHW32wsgHPDAfBgNVHSMEGDAWgBQTB5PiSmcgH31S
tlZob0Pa3joTkjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0V3ZVQ0a3BuSUI5OVVyWldhRzlEMnQ0NkU1SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTIvOTM0ZWY4LTBjYjUtNGM1OS05YjhiLThiZGY5OGMwYzhmMC8x
L1VvUWk5X3JzeVl1Mk9rY25zeDF0OXNMSUJ6dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTIv
OTM0ZWY4LTBjYjUtNGM1OS05YjhiLThiZGY5OGMwYzhmMC8xL0V3ZVQ0a3BuSUI5
OVVyWldhRzlEMnQ0NkU1SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAx8YkAMEAlvKKAMEA21FQAMEArli
8DANBAIAAjAHAwUAKgIW0DANBgkqhkiG9w0BAQsFAAOCAQEAR+0TY/0+2rodZ3dq
yrLctvqPth1eNXKch9haPBkqcQZt9ewxo7ZPkIGwbGBwsmcVcGfr0vvvWZaTDEPd
tlFOHbMUkroUaFAuMi2b916UDyif3pSnaVWl6YMqMD18niNkdt5LTx6nhWR0tJf+
r61OSA/+ZpWoxLxUzJWIipMa525UEzFmjLYQCDhYajR97ytRqSRrAMrzIJqTEgKK
8uOe6xXgz1rFjX5De/bhKvZYuqPZB4Pc8F9qfG5V2NR6rjQEOOdCd71wLf8JJA/6
o2/qO0L9MSsnljvdvgfoPhxYHMc0Dq0QO7RPj4D1ssjkCqg2ZqgKvarerSkxEwBe
glEZHA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:53 2025 by rpki-client