Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/a80dbf-5cb4-4e26-adaf-68fe08622614/1/UIKusWIcJFle7pURTu0glyFza7o.roa
File: UIKusWIcJFle7pURTu0glyFza7o.roa (raw, json)
Hash identifier: nrUONuU/+UeX7kHjxhesIJgLvywbZdaXnIuTTcPWdl0=
Subject key identifier: 50:82:AE:B1:62:1C:24:59:5E:EE:95:11:4E:ED:20:97:21:73:6B:BA
Certificate issuer: /CN=b0a4fc2af38af5b4f5861e27fd007e624b5f9b02
Certificate serial: 018584F932E03290CA2CF58CC69D64B42889
Authority key identifier: B0:A4:FC:2A:F3:8A:F5:B4:F5:86:1E:27:FD:00:7E:62:4B:5F:9B:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sKT8KvOK9bT1hh4n_QB-YktfmwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/a80dbf-5cb4-4e26-adaf-68fe08622614/1/UIKusWIcJFle7pURTu0glyFza7o.roa
Signing time: Fri 06 Jan 2023 02:46:41 +0000
ROA not before: Fri 06 Jan 2023 02:46:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208306
IP address blocks: 176.222.63.0/24 maxlen: 24
176.222.61.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:84:f9:32:e0:32:90:ca:2c:f5:8c:c6:9d:64:b4:28:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0a4fc2af38af5b4f5861e27fd007e624b5f9b02
Validity
Not Before: Jan 6 02:46:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5082aeb1621c24595eee95114eed209721736bba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:6b:b8:ef:43:34:a3:dd:c3:50:b9:d6:da:38:
49:7c:d9:b2:e0:12:fc:14:cd:d8:dd:59:d9:82:a4:
0e:44:93:f3:38:c8:88:cb:84:e7:05:4f:63:4b:4e:
cc:c2:fa:0b:b5:d8:67:1e:fe:51:c3:cf:c9:81:01:
5e:1a:2f:db:b3:cd:9b:c4:93:4c:4b:49:54:63:74:
3d:4c:b2:0c:d9:81:bc:fa:b9:09:df:bb:58:d3:7d:
f9:5f:e6:c9:ad:b9:bc:5d:3f:a2:2d:a2:5c:c7:2e:
39:1c:31:1b:b6:c9:48:7a:12:e1:15:be:8a:b4:21:
c9:b3:17:6e:c2:b5:e7:9f:fe:cf:01:3e:21:ca:ba:
3e:c2:cf:e8:a6:f6:dc:f2:16:a5:d6:43:d9:2b:84:
1e:0b:c2:03:8a:f2:99:d2:cc:ff:73:d0:c4:ac:e0:
ef:79:d9:e5:c6:f4:b0:c1:bb:cd:76:30:e7:ff:6a:
97:c7:36:e4:a0:fe:78:f3:8d:a2:85:ab:9a:8f:61:
20:9a:5b:c2:33:e8:95:c7:ac:8a:8b:e5:e5:51:fb:
27:23:88:ff:c0:26:4a:ed:82:e9:b3:b0:2d:12:36:
ae:62:22:d5:a3:cd:47:aa:9b:bb:f7:d9:87:7d:ab:
d9:aa:d4:95:4c:08:08:63:1b:1a:f9:7b:86:c9:3f:
f4:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:82:AE:B1:62:1C:24:59:5E:EE:95:11:4E:ED:20:97:21:73:6B:BA
X509v3 Authority Key Identifier:
keyid:B0:A4:FC:2A:F3:8A:F5:B4:F5:86:1E:27:FD:00:7E:62:4B:5F:9B:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sKT8KvOK9bT1hh4n_QB-YktfmwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/a80dbf-5cb4-4e26-adaf-68fe08622614/1/UIKusWIcJFle7pURTu0glyFza7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/a80dbf-5cb4-4e26-adaf-68fe08622614/1/sKT8KvOK9bT1hh4n_QB-YktfmwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.222.61.0/24
176.222.63.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:6e:9a:82:8c:28:be:da:cb:d9:6e:41:6a:dd:5a:e7:7c:2e:
30:57:91:f3:b7:43:53:8f:f8:4d:53:9c:bc:a6:22:a8:f5:ee:
2f:55:f1:84:41:44:c3:f0:ce:f7:31:8e:9d:42:46:b0:5a:97:
7c:55:11:ce:3c:01:0c:be:e2:f7:7e:32:40:2a:ca:31:99:ad:
2f:8c:1f:45:2d:da:ee:ab:0d:dd:be:26:6c:32:f3:9d:8a:5a:
95:fa:6f:41:d8:19:9b:5e:fb:6f:b3:dc:71:ff:2f:48:34:b2:
2c:10:9c:d9:0d:84:61:a3:29:8b:8b:27:b5:27:ee:04:88:34:
a7:9e:2b:2f:ac:77:50:37:f2:ec:41:93:2f:d5:08:d3:58:ef:
b7:d3:fd:cd:fd:35:96:66:bf:f1:7e:3b:7c:66:9d:83:a3:cc:
ba:7a:b7:38:e4:09:cd:ff:12:a0:e5:9a:f7:51:45:7b:65:c8:
aa:fc:5c:99:97:60:8c:7c:dc:b5:3b:4b:18:a2:41:a5:78:6a:
f8:6a:a9:00:59:04:7e:04:2e:c1:14:22:0d:47:2c:ed:a0:f4:
a7:53:70:fa:d5:cb:56:a2:41:ec:01:0c:e3:ee:cf:be:3d:f4:
f7:58:22:74:97:03:21:0a:ad:2a:f7:24:71:67:62:14:57:3f:
77:69:90:de
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYWE+TLgMpDKLPWMxp1ktCiJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYTRmYzJhZjM4YWY1YjRmNTg2MWUyN2ZkMDA3ZTYyNGI1
ZjliMDIwHhcNMjMwMTA2MDI0NjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDgyYWViMTYyMWMyNDU5NWVlZTk1MTE0ZWVkMjA5NzIxNzM2YmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGu470M0o93DULnW2jhJfNmy4BL8
FM3Y3VnZgqQORJPzOMiIy4TnBU9jS07MwvoLtdhnHv5Rw8/JgQFeGi/bs82bxJNM
S0lUY3Q9TLIM2YG8+rkJ37tY0335X+bJrbm8XT+iLaJcxy45HDEbtslIehLhFb6K
tCHJsxduwrXnn/7PAT4hyro+ws/opvbc8hal1kPZK4QeC8IDivKZ0sz/c9DErODv
ednlxvSwwbvNdjDn/2qXxzbkoP54842ihauaj2EgmlvCM+iVx6yKi+XlUfsnI4j/
wCZK7YLps7AtEjauYiLVo81Hqpu799mHfavZqtSVTAgIYxsa+XuGyT/0mQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFCCrrFiHCRZXu6VEU7tIJchc2u6MB8GA1UdIwQY
MBaAFLCk/CrzivW09YYeJ/0AfmJLX5sCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0tUOEt2T0s5YlQxaGg0bl9RQi1Za3RmbXdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9hODBkYmYtNWNiNC00ZTI2LWFkYWYt
NjhmZTA4NjIyNjE0LzEvVUlLdXNXSWNKRmxlN3BVUlR1MGdseUZ6YTdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9hODBkYmYtNWNiNC00ZTI2LWFkYWYtNjhmZTA4NjIyNjE0
LzEvc0tUOEt2T0s5YlQxaGg0bl9RQi1Za3RmbXdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsN49AwQA
sN4/MA0GCSqGSIb3DQEBCwUAA4IBAQAKbpqCjCi+2svZbkFq3VrnfC4wV5Hzt0NT
j/hNU5y8piKo9e4vVfGEQUTD8M73MY6dQkawWpd8VRHOPAEMvuL3fjJAKsoxma0v
jB9FLdruqw3dviZsMvOdilqV+m9B2BmbXvtvs9xx/y9INLIsEJzZDYRhoymLiye1
J+4EiDSnnisvrHdQN/LsQZMv1QjTWO+30/3N/TWWZr/xfjt8Zp2Do8y6erc45AnN
/xKg5Zr3UUV7Zciq/FyZl2CMfNy1O0sYokGleGr4aqkAWQR+BC7BFCINRyztoPSn
U3D61ctWokHsAQzj7s++PfT3WCJ0lwMhCq0q9yRxZ2IUVz93aZDe
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:00 2025 by rpki-client