Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/c40875-061a-42df-9c6d-87a6845f66f9/1/1-UpZvvU-02JDXLqPh5kOEXp3H48.roa
File: 1-UpZvvU-02JDXLqPh5kOEXp3H48.roa (raw, json)
Hash identifier: VSQGuuOK8LrUVzusFFYkO7qMi1SB3e0hPbg9p+Mujt4=
Subject key identifier: F9:4A:59:BE:F5:3E:D3:62:43:5C:BA:8F:87:99:0E:11:7A:77:1F:8F
Certificate issuer: /CN=7229b039cf8aaf141d6e6d616e7c169089cbcb32
Certificate serial: 018571F0E256C2DB13CDA22912243977D6D3
Authority key identifier: 72:29:B0:39:CF:8A:AF:14:1D:6E:6D:61:6E:7C:16:90:89:CB:CB:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cimwOc-KrxQdbm1hbnwWkInLyzI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/c40875-061a-42df-9c6d-87a6845f66f9/1/1-UpZvvU-02JDXLqPh5kOEXp3H48.roa
Signing time: Mon 02 Jan 2023 10:04:49 +0000
ROA not before: Mon 02 Jan 2023 10:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60805
IP address blocks: 91.240.240.0/24 maxlen: 24
2001:67c:1734::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f0:e2:56:c2:db:13:cd:a2:29:12:24:39:77:d6:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7229b039cf8aaf141d6e6d616e7c169089cbcb32
Validity
Not Before: Jan 2 10:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f94a59bef53ed362435cba8f87990e117a771f8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:dc:2b:f0:14:a5:29:d2:3d:71:9c:79:c5:ff:
7f:d3:59:a3:4a:ec:fb:3d:ae:fe:c8:2e:dc:77:3b:
91:5b:23:89:c2:e4:c4:b8:cd:89:ce:80:a2:9e:84:
20:53:54:fb:0d:36:16:e0:3f:d6:10:88:6d:7f:82:
d8:03:82:35:82:60:83:25:d1:2c:b8:43:f9:97:fc:
00:f8:37:cf:a7:e5:8b:11:5e:e9:67:52:f9:13:f0:
ee:6f:4a:47:d6:ef:48:e4:8f:be:3c:d8:06:85:9a:
60:ec:df:4f:a5:58:53:c4:ed:4e:44:66:ac:23:6d:
a9:24:08:15:6c:57:a8:17:2b:43:d8:ba:6d:a5:44:
77:e8:d8:35:71:cf:2f:c6:e7:36:e3:d6:22:32:e6:
f3:9e:41:41:90:09:1b:0c:ab:b4:32:e8:1b:42:b6:
6a:f2:00:47:7a:43:95:91:12:76:0d:7a:03:d7:59:
39:37:d1:ac:0a:9f:68:ad:07:4d:80:17:c4:dc:8e:
1f:dc:d1:c6:9e:6a:15:ec:e3:5c:d7:36:fb:2a:48:
43:33:e2:09:b4:05:15:fa:3f:4a:6a:22:5b:2b:e0:
76:42:b9:2d:00:b8:00:71:3a:e4:be:9b:5e:91:59:
82:25:59:d4:4e:8e:ac:e5:bb:40:b0:e8:84:d1:95:
08:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:4A:59:BE:F5:3E:D3:62:43:5C:BA:8F:87:99:0E:11:7A:77:1F:8F
X509v3 Authority Key Identifier:
keyid:72:29:B0:39:CF:8A:AF:14:1D:6E:6D:61:6E:7C:16:90:89:CB:CB:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cimwOc-KrxQdbm1hbnwWkInLyzI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/c40875-061a-42df-9c6d-87a6845f66f9/1/1-UpZvvU-02JDXLqPh5kOEXp3H48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/c40875-061a-42df-9c6d-87a6845f66f9/1/cimwOc-KrxQdbm1hbnwWkInLyzI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.240.0/24
IPv6:
2001:67c:1734::/48
Signature Algorithm: sha256WithRSAEncryption
b6:3b:8b:f7:c2:6d:3e:df:f7:37:af:80:30:f9:d0:9d:07:23:
6e:13:b5:fb:18:a7:45:d2:53:37:59:72:db:36:7c:23:4b:b7:
36:1e:45:15:44:84:0c:bd:bb:3e:6a:26:7c:32:29:75:01:f5:
d9:26:8b:38:7c:3f:d0:e8:ef:de:4a:e3:89:ac:5a:7e:92:ec:
76:7f:e0:f3:63:41:3b:c6:63:cc:f4:5d:57:e3:74:36:4f:09:
f9:63:6f:01:ed:89:a9:dc:0d:eb:99:de:df:fa:7d:15:0e:fc:
b3:0b:d7:d1:98:a3:6b:64:62:12:49:ac:69:20:28:f8:12:58:
f2:f6:18:03:bd:d2:ad:bb:aa:8a:2a:2c:38:a7:16:75:08:be:
c7:c5:cf:96:8e:5b:d2:e0:01:70:36:24:48:12:bb:4f:17:48:
a7:e3:36:55:5f:7c:b8:30:1b:00:36:7d:6b:08:97:ca:47:fd:
ed:3f:3c:24:8a:c5:a2:bf:16:79:97:44:77:c6:bc:78:b9:8d:
aa:00:a0:06:d2:66:9f:46:cd:10:63:9a:83:ff:ad:c2:d4:3c:
40:9f:a6:6c:5e:fe:d2:92:34:74:d9:02:7f:b0:8b:90:d9:5b:
ff:72:1f:80:d7:c6:54:69:c2:bc:a7:ea:b7:32:ea:53:e4:12:
94:90:3d:24
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVx8OJWwtsTzaIpEiQ5d9bTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMjliMDM5Y2Y4YWFmMTQxZDZlNmQ2MTZlN2MxNjkwODlj
YmNiMzIwHhcNMjMwMTAyMTAwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTRhNTliZWY1M2VkMzYyNDM1Y2JhOGY4Nzk5MGUxMTdhNzcxZjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAktwr8BSlKdI9cZx5xf9/01mjSuz7
Pa7+yC7cdzuRWyOJwuTEuM2JzoCinoQgU1T7DTYW4D/WEIhtf4LYA4I1gmCDJdEs
uEP5l/wA+DfPp+WLEV7pZ1L5E/Dub0pH1u9I5I++PNgGhZpg7N9PpVhTxO1ORGas
I22pJAgVbFeoFytD2LptpUR36Ng1cc8vxuc249YiMubznkFBkAkbDKu0MugbQrZq
8gBHekOVkRJ2DXoD11k5N9GsCp9orQdNgBfE3I4f3NHGnmoV7ONc1zb7KkhDM+IJ
tAUV+j9KaiJbK+B2QrktALgAcTrkvptekVmCJVnUTo6s5btAsOiE0ZUIbQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPlKWb71PtNiQ1y6j4eZDhF6dx+PMB8GA1UdIwQY
MBaAFHIpsDnPiq8UHW5tYW58FpCJy8syMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2ltd09jLUtyeFFkYm0xaGJud1drSW5MeXpJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9jNDA4NzUtMDYxYS00MmRmLTljNmQt
ODdhNjg0NWY2NmY5LzEvMS1VcFp2dlUtMDJKRFhMcVBoNWtPRVhwM0g0OC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTMvYzQwODc1LTA2MWEtNDJkZi05YzZkLTg3YTY4NDVmNjZm
OS8xL2NpbXdPYy1LcnhRZGJtMWhibndXa0luTHl6SS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAFvw8DAP
BAIAAjAJAwcAIAEGfBc0MA0GCSqGSIb3DQEBCwUAA4IBAQC2O4v3wm0+3/c3r4Aw
+dCdByNuE7X7GKdF0lM3WXLbNnwjS7c2HkUVRIQMvbs+aiZ8Mil1AfXZJos4fD/Q
6O/eSuOJrFp+kux2f+DzY0E7xmPM9F1X43Q2Twn5Y28B7Ymp3A3rmd7f+n0VDvyz
C9fRmKNrZGISSaxpICj4Eljy9hgDvdKtu6qKKiw4pxZ1CL7Hxc+WjlvS4AFwNiRI
ErtPF0in4zZVX3y4MBsANn1rCJfKR/3tPzwkisWivxZ5l0R3xrx4uY2qAKAG0maf
Rs0QY5qD/63C1DxAn6ZsXv7SkjR02QJ/sIuQ2Vv/ch+A18ZUacK8p+q3MupT5BKU
kD0k
-----END CERTIFICATE-----
Generated at Thu Mar 13 21:15:14 2025 by rpki-client