Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/3d3b56-e4e1-4c07-99e6-2fdfe3507a2f/1/ujY2jZncn8v9V7BHol3dl9fTlqo.roa
File: ujY2jZncn8v9V7BHol3dl9fTlqo.roa (raw, json)
Hash identifier: 0lzlsHxn+A1IlG9cyP4HY0Jp3Bxi5BBIOX6ETBo8CFQ=
Subject key identifier: BA:36:36:8D:99:DC:9F:CB:FD:57:B0:47:A2:5D:DD:97:D7:D3:96:AA
Certificate issuer: /CN=52bab6d360e93d98fce9e7888e564bd464e89e8a
Certificate serial: 0291A7
Authority key identifier: 52:BA:B6:D3:60:E9:3D:98:FC:E9:E7:88:8E:56:4B:D4:64:E8:9E:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Urq202DpPZj86eeIjlZL1GTonoo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/3d3b56-e4e1-4c07-99e6-2fdfe3507a2f/1/ujY2jZncn8v9V7BHol3dl9fTlqo.roa
Signing time: Wed 06 Apr 2022 05:55:05 +0000
ROA not before: Wed 06 Apr 2022 05:55:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35322
IP address blocks: 193.239.230.0/23 maxlen: 23
91.192.140.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 168359 (0x291a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52bab6d360e93d98fce9e7888e564bd464e89e8a
Validity
Not Before: Apr 6 05:55:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ba36368d99dc9fcbfd57b047a25ddd97d7d396aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:a5:88:52:75:c6:b5:e3:0d:4e:c3:4f:d7:94:
06:08:92:2d:76:f9:9e:55:20:8f:4a:47:29:c1:2f:
8c:06:bc:fa:54:51:a5:5b:d1:02:45:fb:25:82:64:
35:e4:49:9b:fe:58:ef:2e:fc:86:d5:fc:a4:1e:de:
52:e6:f2:29:b1:28:ad:2d:90:d8:fd:be:c1:99:8a:
fa:04:5c:00:73:1d:66:0b:e0:54:83:17:6f:e1:17:
fa:b0:42:0f:dd:78:6d:5f:71:e7:38:cc:02:8b:a3:
6c:7c:25:24:80:b8:7b:e3:10:fb:c0:9f:d2:58:97:
25:84:9b:8a:11:e9:0e:d5:6d:73:59:d2:84:ad:f8:
75:3c:1c:a5:b6:7f:ee:96:53:82:25:52:d6:e6:fa:
bd:6d:9b:a3:6c:6a:d8:b0:6a:c4:17:86:20:64:92:
e5:83:4d:1c:be:db:ce:66:64:21:92:97:0d:ec:7e:
91:96:d1:8f:98:46:fe:17:b9:ed:42:1e:2f:e3:6f:
37:fa:0b:9e:a4:f1:8a:5c:b5:d6:19:ca:b8:a8:b5:
71:8f:3e:68:84:6c:40:a6:fc:69:b1:2c:5d:6d:56:
b2:9d:70:4e:4c:58:87:22:5b:0e:eb:52:f3:f7:5e:
ea:84:9f:fd:b8:17:47:df:91:b4:e5:97:60:3b:d9:
9d:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:36:36:8D:99:DC:9F:CB:FD:57:B0:47:A2:5D:DD:97:D7:D3:96:AA
X509v3 Authority Key Identifier:
keyid:52:BA:B6:D3:60:E9:3D:98:FC:E9:E7:88:8E:56:4B:D4:64:E8:9E:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Urq202DpPZj86eeIjlZL1GTonoo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/3d3b56-e4e1-4c07-99e6-2fdfe3507a2f/1/ujY2jZncn8v9V7BHol3dl9fTlqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/3d3b56-e4e1-4c07-99e6-2fdfe3507a2f/1/Urq202DpPZj86eeIjlZL1GTonoo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.192.140.0/22
193.239.230.0/23
Signature Algorithm: sha256WithRSAEncryption
6d:e2:07:e6:0b:29:68:8b:41:d1:50:f3:87:69:1b:11:88:ef:
36:08:19:4d:3c:9d:3a:e4:d2:a1:23:dd:4b:9f:d5:92:8b:4a:
4e:3c:0c:b5:53:be:dc:7a:12:bc:74:ef:18:ff:14:de:26:32:
69:c3:0b:d0:84:90:96:3e:01:5b:4a:df:7d:3b:20:7e:d5:06:
8b:3b:db:3e:19:99:82:9f:3b:97:86:6a:0b:49:c1:e0:70:a6:
1a:7a:02:50:8b:eb:53:02:79:f5:7f:63:93:03:63:a2:86:cf:
2e:c7:1f:03:29:f2:cf:d0:72:81:7e:15:8c:6f:e4:9a:52:69:
c6:ed:21:84:d8:fc:d7:ee:91:1c:3d:22:bc:29:e5:5a:a8:96:
70:5b:1b:9a:cf:26:7e:f8:5d:4c:23:f7:25:8b:88:9c:8c:c2:
ad:46:60:b0:ee:d2:f7:0a:c7:12:3d:e0:ba:83:ae:ba:72:21:
5b:66:6d:1e:f5:88:5a:11:f0:07:ae:c8:41:38:8a:26:4a:7f:
15:db:07:4d:c9:18:39:dc:ad:39:7f:e6:03:d9:4d:10:4a:74:
e5:c8:71:d3:31:86:f6:e9:02:4a:94:6a:28:fa:4c:f9:94:ee:
58:17:7a:10:27:1d:88:ac:ca:48:e8:51:95:6e:1b:8e:b7:2c:
28:4f:d1:a4
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIDApGnMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDUy
YmFiNmQzNjBlOTNkOThmY2U5ZTc4ODhlNTY0YmQ0NjRlODllOGEwHhcNMjIwNDA2
MDU1NTA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhiYTM2MzY4ZDk5ZGM5
ZmNiZmQ1N2IwNDdhMjVkZGQ5N2Q3ZDM5NmFhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA3qWIUnXGteMNTsNP15QGCJItdvmeVSCPSkcpwS+MBrz6VFGl
W9ECRfslgmQ15Emb/ljvLvyG1fykHt5S5vIpsSitLZDY/b7BmYr6BFwAcx1mC+BU
gxdv4Rf6sEIP3XhtX3HnOMwCi6NsfCUkgLh74xD7wJ/SWJclhJuKEekO1W1zWdKE
rfh1PByltn/ullOCJVLW5vq9bZujbGrYsGrEF4YgZJLlg00cvtvOZmQhkpcN7H6R
ltGPmEb+F7ntQh4v4283+guepPGKXLXWGcq4qLVxjz5ohGxApvxpsSxdbVaynXBO
TFiHIlsO61Lz917qhJ/9uBdH35G05ZdgO9mdZwIDAQABo4ICDzCCAgswHQYDVR0O
BBYEFLo2No2Z3J/L/VewR6Jd3ZfX05aqMB8GA1UdIwQYMBaAFFK6ttNg6T2Y/Onn
iI5WS9Rk6J6KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
VXJxMjAyRHBQWmo4NmVlSWpsWkwxR1Rvbm9vLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC82Yi8zZDNiNTYtZTRlMS00YzA3LTk5ZTYtMmZkZmUzNTA3YTJmLzEv
dWpZMmpabmNuOHY5VjdCSG9sM2RsOWZUbHFvLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8z
ZDNiNTYtZTRlMS00YzA3LTk5ZTYtMmZkZmUzNTA3YTJmLzEvVXJxMjAyRHBQWmo4
NmVlSWpsWkwxR1Rvbm9vLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUG
CCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW8CMAwQBwe/mMA0GCSqGSIb3DQEB
CwUAA4IBAQBt4gfmCyloi0HRUPOHaRsRiO82CBlNPJ065NKhI91Ln9WSi0pOPAy1
U77cehK8dO8Y/xTeJjJpwwvQhJCWPgFbSt99OyB+1QaLO9s+GZmCnzuXhmoLScHg
cKYaegJQi+tTAnn1f2OTA2Oihs8uxx8DKfLP0HKBfhWMb+SaUmnG7SGE2PzX7pEc
PSK8KeVaqJZwWxuazyZ++F1MI/cli4icjMKtRmCw7tL3CscSPeC6g666ciFbZm0e
9YhaEfAHrshBOIomSn8V2wdNyRg53K05f+YD2U0QSnTlyHHTMYb26QJKlGoo+kz5
lO5YF3oQJx2IrMpI6FGVbhuOtywoT9Gk
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:51:19 2025 by rpki-client