Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/UEBSlYxQfhpdrxBQw2A0xtd_B9U.roa
File: UEBSlYxQfhpdrxBQw2A0xtd_B9U.roa (raw, json)
Hash identifier: jyQ8irqDTnnsOdnDEOK16REVUDw8e+ZAg/KnJV4DeGM=
Subject key identifier: 50:40:52:95:8C:50:7E:1A:5D:AF:10:50:C3:60:34:C6:D7:7F:07:D5
Certificate issuer: /CN=64d4e8723450d0a710c32d90ffea18529104e538
Certificate serial: 018770D17A0C6169A7BCA5D44A80B6043776
Authority key identifier: 64:D4:E8:72:34:50:D0:A7:10:C3:2D:90:FF:EA:18:52:91:04:E5:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/UEBSlYxQfhpdrxBQw2A0xtd_B9U.roa
Signing time: Tue 11 Apr 2023 14:56:29 +0000
ROA not before: Tue 11 Apr 2023 14:56:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48031
IP address blocks: 195.211.40.0/23 maxlen: 23
91.226.212.0/23 maxlen: 23
176.103.48.0/20 maxlen: 20
91.217.90.0/23 maxlen: 23
91.207.60.0/23 maxlen: 23
193.169.86.0/23 maxlen: 23
2001:678:334::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:70:d1:7a:0c:61:69:a7:bc:a5:d4:4a:80:b6:04:37:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64d4e8723450d0a710c32d90ffea18529104e538
Validity
Not Before: Apr 11 14:56:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=504052958c507e1a5daf1050c36034c6d77f07d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:b2:6e:23:9a:da:f8:b4:09:ad:9b:f3:4a:e9:
a6:ae:9b:e0:4f:de:c3:b1:88:7f:5a:36:b1:d6:87:
19:db:a5:fe:a6:28:b4:9f:45:2f:93:11:31:61:c7:
99:71:f7:96:ea:39:01:a2:19:b1:4f:dd:7d:ec:23:
b7:44:c5:28:1f:b3:37:84:6a:f0:29:4a:9f:2a:69:
24:6e:d3:b6:82:0e:e2:63:76:c0:11:e7:b4:56:58:
9b:ca:bc:e8:e3:ae:36:98:19:86:f4:22:0b:e7:aa:
b9:fe:e0:94:a4:46:b0:34:d2:d4:ae:d4:fb:fc:d6:
96:8e:2e:65:fc:ee:c1:ef:aa:f6:56:a7:af:88:48:
0c:fe:d9:b7:ac:08:51:6a:0c:b3:93:36:77:15:d0:
3d:2d:72:a9:f7:05:e3:63:45:d2:dd:a0:eb:9b:fc:
ef:98:09:29:c1:a4:90:81:8e:ed:22:42:86:da:20:
63:17:40:91:9b:fd:f9:9e:d0:11:93:45:c8:78:d6:
cf:ec:62:6c:f2:02:8d:1e:00:18:fa:ca:9a:b4:b5:
5d:67:79:ae:9d:1f:6b:e1:c4:4c:cc:25:a2:cb:3d:
59:26:b8:a2:7f:98:69:8e:e5:98:2a:b8:45:fe:0a:
f8:c2:34:9f:f5:af:40:cc:de:56:f4:84:1b:cb:9e:
7e:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:40:52:95:8C:50:7E:1A:5D:AF:10:50:C3:60:34:C6:D7:7F:07:D5
X509v3 Authority Key Identifier:
keyid:64:D4:E8:72:34:50:D0:A7:10:C3:2D:90:FF:EA:18:52:91:04:E5:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/UEBSlYxQfhpdrxBQw2A0xtd_B9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.60.0/23
91.217.90.0/23
91.226.212.0/23
176.103.48.0/20
193.169.86.0/23
195.211.40.0/23
IPv6:
2001:678:334::/48
Signature Algorithm: sha256WithRSAEncryption
88:b9:3c:9c:e7:e3:00:d3:7a:84:eb:cf:d0:c0:b8:92:2b:a7:
b2:fd:f2:00:01:4d:70:d6:00:b7:d1:a1:d3:27:75:0e:c6:74:
36:d5:b4:67:0f:ec:ef:dd:00:06:15:1d:04:d1:b3:1e:05:e9:
8f:11:ab:06:1f:96:e9:77:80:cf:d4:66:5f:83:2b:62:32:bb:
36:89:a5:b2:06:03:d0:e0:a1:b1:e8:ab:80:63:d6:47:b2:4e:
33:f0:8d:9f:41:a0:e4:28:d7:a1:11:70:43:18:d8:33:d6:e4:
92:0b:9b:0d:09:90:99:df:6c:5b:90:7d:96:c4:8f:7f:27:4b:
61:23:2b:86:26:57:7b:9a:eb:23:15:69:f4:2e:ca:ee:39:47:
32:db:bf:5e:31:18:59:c8:ce:e8:91:eb:26:3c:e9:60:fd:7d:
36:c1:2b:eb:13:98:ac:6c:5b:d4:89:e0:d5:58:b3:e4:c0:60:
c2:ee:35:6b:bb:2f:ca:9e:c7:7f:8d:04:cc:9a:20:21:ed:60:
be:a7:fa:96:37:56:0e:e5:66:4b:44:32:e0:17:62:b9:de:82:
82:c4:3c:a1:a5:19:38:4a:c8:17:4d:2e:34:fa:8c:f2:b7:eb:
97:98:3b:6e:cf:b2:ea:e9:59:7a:8d:ed:35:91:1b:83:ae:e5:
dc:82:5f:50
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYdw0XoMYWmnvKXUSoC2BDd2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZDRlODcyMzQ1MGQwYTcxMGMzMmQ5MGZmZWExODUyOTEw
NGU1MzgwHhcNMjMwNDExMTQ1NjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDQwNTI5NThjNTA3ZTFhNWRhZjEwNTBjMzYwMzRjNmQ3N2YwN2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLJuI5ra+LQJrZvzSummrpvgT97D
sYh/Wjax1ocZ26X+pii0n0UvkxExYceZcfeW6jkBohmxT9197CO3RMUoH7M3hGrw
KUqfKmkkbtO2gg7iY3bAEee0Vlibyrzo4642mBmG9CIL56q5/uCUpEawNNLUrtT7
/NaWji5l/O7B76r2VqeviEgM/tm3rAhRagyzkzZ3FdA9LXKp9wXjY0XS3aDrm/zv
mAkpwaSQgY7tIkKG2iBjF0CRm/35ntARk0XIeNbP7GJs8gKNHgAY+sqatLVdZ3mu
nR9r4cRMzCWiyz1ZJriif5hpjuWYKrhF/gr4wjSf9a9AzN5W9IQby55+AQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFFBAUpWMUH4aXa8QUMNgNMbXfwfVMB8GA1UdIwQY
MBaAFGTU6HI0UNCnEMMtkP/qGFKRBOU4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk5Ub2NqUlEwS2NRd3kyUV8tb1lVcEVFNVRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8yMzEwYjEtOTZhMS00OGU0LWFhNzIt
NDIyYWVkM2E3NzAyLzEvVUVCU2xZeFFmaHBkcnhCUXcyQTB4dGRfQjlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8yMzEwYjEtOTZhMS00OGU0LWFhNzItNDIyYWVkM2E3NzAy
LzEvWk5Ub2NqUlEwS2NRd3kyUV8tb1lVcEVFNVRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQBW888AwQB
W9laAwQBW+LUAwQEsGcwAwQBwalWAwQBw9MoMA8EAgACMAkDBwAgAQZ4AzQwDQYJ
KoZIhvcNAQELBQADggEBAIi5PJzn4wDTeoTrz9DAuJIrp7L98gABTXDWALfRodMn
dQ7GdDbVtGcP7O/dAAYVHQTRsx4F6Y8RqwYflul3gM/UZl+DK2IyuzaJpbIGA9Dg
obHoq4Bj1keyTjPwjZ9BoOQo16ERcEMY2DPW5JILmw0JkJnfbFuQfZbEj38nS2Ej
K4YmV3ua6yMVafQuyu45RzLbv14xGFnIzuiR6yY86WD9fTbBK+sTmKxsW9SJ4NVY
s+TAYMLuNWu7L8qex3+NBMyaICHtYL6n+pY3Vg7lZktEMuAXYrnegoLEPKGlGThK
yBdNLjT6jPK365eYO27PsurpWXqN7TWRG4Ou5dyCX1A=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:38:29 2025 by rpki-client