Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/127684-5afe-4f18-b95d-3072503d8607/1/UMt_fhYQ3Dc1JtHPIwL6mR1vZDQ.roa
File: UMt_fhYQ3Dc1JtHPIwL6mR1vZDQ.roa (raw, json)
Hash identifier: XLoRR1GRIL+vdSAH6wO49R8WdwlJuVCFsx7zi4L7ptM=
Subject key identifier: 50:CB:7F:7E:16:10:DC:37:35:26:D1:CF:23:02:FA:99:1D:6F:64:34
Certificate issuer: /CN=9ff33d4f3ac0a887840a284cdc1abeb7dd642f01
Certificate serial: 01853A88FF29FC4897713393D77D6AC891E0
Authority key identifier: 9F:F3:3D:4F:3A:C0:A8:87:84:0A:28:4C:DC:1A:BE:B7:DD:64:2F:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n_M9TzrAqIeECihM3Bq-t91kLwE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/127684-5afe-4f18-b95d-3072503d8607/1/UMt_fhYQ3Dc1JtHPIwL6mR1vZDQ.roa
Signing time: Thu 22 Dec 2022 15:52:14 +0000
ROA not before: Thu 22 Dec 2022 15:52:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24971
IP address blocks: 92.63.56.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3a:88:ff:29:fc:48:97:71:33:93:d7:7d:6a:c8:91:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ff33d4f3ac0a887840a284cdc1abeb7dd642f01
Validity
Not Before: Dec 22 15:52:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=50cb7f7e1610dc373526d1cf2302fa991d6f6434
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:7f:47:90:86:dc:a7:c8:24:31:41:53:77:13:
62:9d:56:d4:04:21:07:dc:e8:81:f2:9b:e2:c9:b5:
98:ab:f9:2b:de:1c:67:e8:df:33:ca:14:72:ca:d6:
f4:e1:00:dc:18:3e:99:55:e1:2c:d7:cf:40:47:65:
94:13:7f:d4:9a:00:44:82:82:d6:fc:91:f5:aa:d0:
62:87:03:3f:27:88:82:dd:86:53:87:41:d6:b8:1c:
fc:b0:55:00:7c:33:f8:f0:43:76:80:a8:8f:b2:35:
36:94:6a:bd:f4:72:5a:7c:e1:22:68:28:d7:00:40:
df:40:76:6e:80:51:a4:46:ed:6e:ba:b2:bd:09:18:
7a:bf:55:24:74:ca:c3:55:29:b4:86:98:77:55:24:
43:f3:c2:1c:97:f6:49:c2:8f:10:c7:47:75:5a:c4:
ea:08:ba:22:57:e8:29:f2:14:ad:a0:32:ac:74:93:
c6:7d:26:24:0b:0a:e5:b2:be:75:fc:4c:f4:c4:53:
03:53:91:7e:ba:fc:18:83:25:c1:4a:0f:5a:7a:90:
53:f2:d8:da:e5:04:3d:23:8b:3f:8c:0e:70:43:d6:
11:9d:b9:88:d6:37:34:3a:dc:5d:e9:b1:26:5b:57:
75:52:43:34:5b:20:1c:1f:c7:41:78:2d:f0:5a:57:
c9:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:CB:7F:7E:16:10:DC:37:35:26:D1:CF:23:02:FA:99:1D:6F:64:34
X509v3 Authority Key Identifier:
keyid:9F:F3:3D:4F:3A:C0:A8:87:84:0A:28:4C:DC:1A:BE:B7:DD:64:2F:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n_M9TzrAqIeECihM3Bq-t91kLwE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/127684-5afe-4f18-b95d-3072503d8607/1/UMt_fhYQ3Dc1JtHPIwL6mR1vZDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/127684-5afe-4f18-b95d-3072503d8607/1/n_M9TzrAqIeECihM3Bq-t91kLwE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.63.56.0/22
Signature Algorithm: sha256WithRSAEncryption
94:ec:ab:43:e0:20:26:8b:37:91:7a:03:83:56:61:ab:d4:e7:
d3:05:c6:d7:03:0c:0c:82:cf:52:a5:cd:49:b7:c1:d8:40:17:
c1:a6:dd:8d:21:94:fe:6c:67:ec:bc:9d:0a:48:a2:f7:a3:80:
7e:0f:c2:f7:28:08:32:79:ed:e1:b1:23:0b:4b:97:b0:bc:44:
0d:6f:a6:e7:4a:fe:e4:ea:f1:3f:80:14:b2:7d:8c:64:34:1e:
86:7b:21:3b:03:40:87:d1:39:f4:77:a0:5c:13:cc:15:08:cc:
d4:cd:55:ae:78:19:b7:91:fd:83:b3:4b:a4:f0:8e:ed:a5:a6:
fd:07:01:ea:3b:c0:6d:d8:c9:ba:69:04:d1:0d:b7:4e:99:2e:
bc:9e:eb:d0:1b:9e:07:e2:c4:0f:6b:30:f8:85:f6:67:47:9e:
ff:ea:db:9f:c8:48:74:9c:1d:a6:23:9c:a3:45:a9:db:58:0c:
4d:3d:2f:c4:47:ea:b4:40:4c:37:cd:bc:1d:c2:ba:31:29:9a:
1d:3e:20:3e:42:32:6f:ba:49:ba:16:c1:23:86:2c:a1:97:b9:
98:da:cc:aa:92:b2:2b:dd:53:24:c5:be:85:4a:dc:b8:a0:a7:
29:36:f2:61:73:9b:3e:55:cc:69:ea:d5:89:a1:31:9f:bc:e4:
b8:b0:e9:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYU6iP8p/EiXcTOT131qyJHgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmZjMzZDRmM2FjMGE4ODc4NDBhMjg0Y2RjMWFiZWI3ZGQ2
NDJmMDEwHhcNMjIxMjIyMTU1MjE0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGNiN2Y3ZTE2MTBkYzM3MzUyNmQxY2YyMzAyZmE5OTFkNmY2NDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk39HkIbcp8gkMUFTdxNinVbUBCEH
3OiB8pviybWYq/kr3hxn6N8zyhRyytb04QDcGD6ZVeEs189AR2WUE3/UmgBEgoLW
/JH1qtBihwM/J4iC3YZTh0HWuBz8sFUAfDP48EN2gKiPsjU2lGq99HJafOEiaCjX
AEDfQHZugFGkRu1uurK9CRh6v1UkdMrDVSm0hph3VSRD88Icl/ZJwo8Qx0d1WsTq
CLoiV+gp8hStoDKsdJPGfSYkCwrlsr51/Ez0xFMDU5F+uvwYgyXBSg9aepBT8tja
5QQ9I4s/jA5wQ9YRnbmI1jc0Otxd6bEmW1d1UkM0WyAcH8dBeC3wWlfJBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFDLf34WENw3NSbRzyMC+pkdb2Q0MB8GA1UdIwQY
MBaAFJ/zPU86wKiHhAooTNwavrfdZC8BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbl9NOVR6ckFxSWVFQ2loTTNCcS10OTFrTHdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8xMjc2ODQtNWFmZS00ZjE4LWI5NWQt
MzA3MjUwM2Q4NjA3LzEvVU10X2ZoWVEzRGMxSnRIUEl3TDZtUjF2WkRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8xMjc2ODQtNWFmZS00ZjE4LWI5NWQtMzA3MjUwM2Q4NjA3
LzEvbl9NOVR6ckFxSWVFQ2loTTNCcS10OTFrTHdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXD84MA0G
CSqGSIb3DQEBCwUAA4IBAQCU7KtD4CAmizeRegODVmGr1OfTBcbXAwwMgs9Spc1J
t8HYQBfBpt2NIZT+bGfsvJ0KSKL3o4B+D8L3KAgyee3hsSMLS5ewvEQNb6bnSv7k
6vE/gBSyfYxkNB6GeyE7A0CH0Tn0d6BcE8wVCMzUzVWueBm3kf2Ds0uk8I7tpab9
BwHqO8Bt2Mm6aQTRDbdOmS68nuvQG54H4sQPazD4hfZnR57/6tufyEh0nB2mI5yj
RanbWAxNPS/ER+q0QEw3zbwdwroxKZodPiA+QjJvukm6FsEjhiyhl7mY2syqkrIr
3VMkxb6FSty4oKcpNvJhc5s+Vcxp6tWJoTGfvOS4sOmu
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:58:42 2025 by rpki-client