Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/cbcac6-abeb-4a38-8ccc-b5972709bb02/1/Uj-oDJj8ctQ3J8YWMaPKHz53YNM.roa
File: Uj-oDJj8ctQ3J8YWMaPKHz53YNM.roa (raw, json)
Hash identifier: iKTA2XCWdkKRC1hQ/j4ocNUf2ideJ5po9MnabSdwBgQ=
Subject key identifier: 52:3F:A8:0C:98:FC:72:D4:37:27:C6:16:31:A3:CA:1F:3E:77:60:D3
Certificate issuer: /CN=5eba57e1707e43b2fa97fceb078a5d460e56c1bf
Certificate serial: 052B5898
Authority key identifier: 5E:BA:57:E1:70:7E:43:B2:FA:97:FC:EB:07:8A:5D:46:0E:56:C1:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XrpX4XB-Q7L6l_zrB4pdRg5Wwb8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/cbcac6-abeb-4a38-8ccc-b5972709bb02/1/Uj-oDJj8ctQ3J8YWMaPKHz53YNM.roa
Signing time: Sat 01 Jan 2022 00:50:38 +0000
ROA not before: Sat 01 Jan 2022 00:50:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16027
IP address blocks: 193.168.160.0/22 maxlen: 22
217.71.64.0/20 maxlen: 20
217.71.69.0/24 maxlen: 24
217.71.67.0/24 maxlen: 24
217.71.68.0/24 maxlen: 24
217.71.73.0/24 maxlen: 24
217.71.78.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86726808 (0x52b5898)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5eba57e1707e43b2fa97fceb078a5d460e56c1bf
Validity
Not Before: Jan 1 00:50:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=523fa80c98fc72d43727c61631a3ca1f3e7760d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:63:5d:30:50:6d:a7:16:f5:35:23:ae:7d:3f:
57:95:3f:15:3a:f9:4e:9d:23:7e:00:a2:be:21:2a:
b9:0e:d4:0d:7e:5d:f8:60:cc:58:80:8e:14:2a:65:
c8:b8:0f:c2:7a:a8:9e:9c:be:95:9e:c0:9d:94:c0:
f2:89:66:2d:e2:b7:93:ac:f0:f8:da:c2:26:99:e2:
41:34:f6:f0:d7:e2:92:c5:c0:dc:49:fe:92:5a:4a:
37:32:f0:77:fd:19:c9:1b:be:ba:a8:26:4e:0f:45:
50:34:c2:2d:d5:d6:57:b7:0a:03:1a:06:50:a4:c5:
43:23:0f:fb:4b:54:0c:da:57:07:0e:84:af:b0:a1:
a9:21:0c:7d:1b:b6:4f:fb:ed:9b:46:a2:8c:29:7d:
0b:d6:ff:12:99:c5:59:43:f3:bd:9a:bf:ab:3b:81:
8b:a4:b4:51:08:e9:2a:16:c6:04:f2:c3:d9:b5:a3:
1b:2d:bd:f0:02:e7:91:25:01:f8:01:81:b1:62:84:
f0:d2:f7:aa:9f:cb:9b:95:c3:22:11:4d:12:62:b8:
cf:c0:91:42:1b:70:8c:01:cd:83:20:a6:c4:7a:f8:
e4:e9:80:14:d6:17:22:ce:bf:18:78:b0:48:71:60:
ea:6c:a0:95:20:c0:fc:f0:24:ee:22:ca:20:d6:be:
41:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:3F:A8:0C:98:FC:72:D4:37:27:C6:16:31:A3:CA:1F:3E:77:60:D3
X509v3 Authority Key Identifier:
keyid:5E:BA:57:E1:70:7E:43:B2:FA:97:FC:EB:07:8A:5D:46:0E:56:C1:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XrpX4XB-Q7L6l_zrB4pdRg5Wwb8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/cbcac6-abeb-4a38-8ccc-b5972709bb02/1/Uj-oDJj8ctQ3J8YWMaPKHz53YNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/cbcac6-abeb-4a38-8ccc-b5972709bb02/1/XrpX4XB-Q7L6l_zrB4pdRg5Wwb8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.168.160.0/22
217.71.64.0/20
Signature Algorithm: sha256WithRSAEncryption
96:d0:98:e1:6f:a7:24:df:36:92:10:3d:55:a9:2a:a1:12:08:
2a:da:75:0f:36:f2:ba:d2:c3:ab:78:c0:c3:7e:f2:69:e0:c2:
66:7f:17:e7:05:8d:0e:f3:39:9e:24:af:2b:8e:9a:0f:a7:bc:
b7:d6:67:b3:64:6b:7d:ed:26:b5:ab:19:ce:ac:1a:ed:cb:c5:
85:a3:f0:51:65:20:1a:b3:46:04:cd:2d:50:7e:68:cb:b7:19:
22:a1:c1:82:6f:65:53:b1:85:60:04:64:5b:20:59:29:35:18:
d0:8a:ca:fb:b6:ce:67:aa:14:c3:38:27:36:c4:02:85:74:82:
72:11:17:32:88:e1:15:b0:be:03:27:79:16:d6:b3:b0:22:a5:
9c:69:91:a2:40:6a:90:de:93:76:62:af:f7:55:16:ba:2c:6c:
e2:d4:59:1a:12:5f:d9:2c:22:67:ee:e2:35:49:a7:58:21:38:
b5:71:ee:e3:f6:66:00:7f:d6:2f:9b:07:45:b5:cf:1c:d0:c6:
a0:26:b2:fc:74:bc:2a:87:36:45:ad:dd:e1:56:e1:25:b2:04:
13:8d:3c:a3:37:c3:e6:7e:28:9e:e0:a1:6f:42:d8:5c:07:ea:
10:40:95:66:13:b5:07:3d:07:5e:98:e0:4f:4f:e1:c0:6f:90:
36:d5:37:0b
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBStYmDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZWJhNTdlMTcwN2U0M2IyZmE5N2ZjZWIwNzhhNWQ0NjBlNTZjMWJmMB4XDTIyMDEw
MTAwNTAzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTIzZmE4MGM5OGZj
NzJkNDM3MjdjNjE2MzFhM2NhMWYzZTc3NjBkMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKJjXTBQbacW9TUjrn0/V5U/FTr5Tp0jfgCiviEquQ7UDX5d
+GDMWICOFCplyLgPwnqonpy+lZ7AnZTA8olmLeK3k6zw+NrCJpniQTT28NfiksXA
3En+klpKNzLwd/0ZyRu+uqgmTg9FUDTCLdXWV7cKAxoGUKTFQyMP+0tUDNpXBw6E
r7ChqSEMfRu2T/vtm0aijCl9C9b/EpnFWUPzvZq/qzuBi6S0UQjpKhbGBPLD2bWj
Gy298ALnkSUB+AGBsWKE8NL3qp/Lm5XDIhFNEmK4z8CRQhtwjAHNgyCmxHr45OmA
FNYXIs6/GHiwSHFg6myglSDA/PAk7iLKINa+QdkCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRSP6gMmPxy1DcnxhYxo8ofPndg0zAfBgNVHSMEGDAWgBReulfhcH5DsvqX
/OsHil1GDlbBvzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hycFg0WEItUTdMNmxfenJCNHBkUmc1V3diOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmMvY2JjYWM2LWFiZWItNGEzOC04Y2NjLWI1OTcyNzA5YmIwMi8x
L1VqLW9ESmo4Y3RRM0o4WVdNYVBLSHo1M1lOTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmMv
Y2JjYWM2LWFiZWItNGEzOC04Y2NjLWI1OTcyNzA5YmIwMi8xL1hycFg0WEItUTdM
NmxfenJCNHBkUmc1V3diOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAsGooAMEBNlHQDANBgkqhkiG9w0B
AQsFAAOCAQEAltCY4W+nJN82khA9VakqoRIIKtp1DzbyutLDq3jAw37yaeDCZn8X
5wWNDvM5niSvK46aD6e8t9Zns2Rrfe0mtasZzqwa7cvFhaPwUWUgGrNGBM0tUH5o
y7cZIqHBgm9lU7GFYARkWyBZKTUY0IrK+7bOZ6oUwzgnNsQChXSCchEXMojhFbC+
Ayd5FtazsCKlnGmRokBqkN6TdmKv91UWuixs4tRZGhJf2SwiZ+7iNUmnWCE4tXHu
4/ZmAH/WL5sHRbXPHNDGoCay/HS8Koc2Ra3d4VbhJbIEE408ozfD5n4onuChb0LY
XAfqEECVZhO1Bz0HXpjgT0/hwG+QNtU3Cw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:32 2025 by rpki-client