Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/72fb45-30c7-4a53-a2db-b4c9e2b0d156/1/USQzVMh-p5T5ycFTFJrzEzD9GDA.roa
File: USQzVMh-p5T5ycFTFJrzEzD9GDA.roa (raw, json)
Hash identifier: s/AZsenB3s+uWnGK7UW7gPRMvLRrAFnX8ysV5pPvGUI=
Subject key identifier: 51:24:33:54:C8:7E:A7:94:F9:C9:C1:53:14:9A:F3:13:30:FD:18:30
Certificate issuer: /CN=0b35acbf30559668ea18ea3f10b297ee64c8e493
Certificate serial: 018571F0EE6D93BDF4C56710617ACFBF2D69
Authority key identifier: 0B:35:AC:BF:30:55:96:68:EA:18:EA:3F:10:B2:97:EE:64:C8:E4:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CzWsvzBVlmjqGOo_ELKX7mTI5JM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/72fb45-30c7-4a53-a2db-b4c9e2b0d156/1/USQzVMh-p5T5ycFTFJrzEzD9GDA.roa
Signing time: Mon 02 Jan 2023 10:04:53 +0000
ROA not before: Mon 02 Jan 2023 10:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212886
IP address blocks: 193.107.76.0/22 maxlen: 22
2a09:99c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f0:ee:6d:93:bd:f4:c5:67:10:61:7a:cf:bf:2d:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b35acbf30559668ea18ea3f10b297ee64c8e493
Validity
Not Before: Jan 2 10:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=51243354c87ea794f9c9c153149af31330fd1830
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:90:67:6b:e3:b3:7f:98:15:61:5d:a9:db:57:
67:46:6c:44:29:b9:83:b1:39:fb:3c:bf:ea:ef:64:
40:9c:41:31:4a:d9:47:c6:4c:9e:20:be:0d:ad:7d:
51:a2:56:d9:f1:1f:45:29:0e:2c:e5:16:cc:5a:96:
df:45:ea:87:2e:4f:e0:55:24:34:cf:63:a9:08:ac:
2e:5d:74:e6:8f:3c:c8:2b:e8:dd:78:6a:97:a7:f4:
b9:83:c0:a7:e0:83:5f:43:9f:19:e4:6a:b1:c2:68:
07:53:f3:2f:d1:2f:6b:b5:e4:34:cf:1b:88:54:5b:
a7:ad:fe:1d:5f:bd:0b:56:c6:7f:ae:a2:9e:5d:42:
7f:98:ec:11:3d:00:1e:db:a7:ba:46:bc:58:07:21:
ed:f0:da:6f:cd:24:da:3f:ec:0e:da:54:88:6c:65:
81:2b:b8:9a:57:80:c2:0d:e5:01:a4:72:65:67:83:
44:50:2e:06:77:5d:4b:84:5d:6c:f9:17:0c:9d:d1:
7c:5a:dd:d7:aa:2a:c7:36:f5:5b:f4:b4:34:55:b8:
86:a0:e0:74:22:00:0d:e5:53:b8:d4:ee:15:7e:54:
8a:e0:2f:78:c4:da:ad:d3:ba:7b:ec:6a:e4:5b:48:
df:c3:02:76:ee:54:3a:2a:52:3b:2d:0b:bd:cf:e5:
aa:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:24:33:54:C8:7E:A7:94:F9:C9:C1:53:14:9A:F3:13:30:FD:18:30
X509v3 Authority Key Identifier:
keyid:0B:35:AC:BF:30:55:96:68:EA:18:EA:3F:10:B2:97:EE:64:C8:E4:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CzWsvzBVlmjqGOo_ELKX7mTI5JM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/72fb45-30c7-4a53-a2db-b4c9e2b0d156/1/USQzVMh-p5T5ycFTFJrzEzD9GDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/72fb45-30c7-4a53-a2db-b4c9e2b0d156/1/CzWsvzBVlmjqGOo_ELKX7mTI5JM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.107.76.0/22
IPv6:
2a09:99c0::/48
Signature Algorithm: sha256WithRSAEncryption
5a:0a:dc:3f:d2:7c:15:98:6f:bc:f3:72:bf:ce:74:9d:72:1b:
e4:a2:bc:7f:1d:4c:94:bc:f3:d1:5a:0f:15:09:31:73:51:3f:
74:59:fe:7e:bd:17:27:ea:a0:6d:a5:3e:54:31:1d:9e:46:f6:
4a:27:63:13:d8:03:ed:d9:1d:4f:ea:b7:4e:55:63:0f:d9:50:
c7:bc:b8:6d:8a:85:92:a9:a5:b6:e0:7c:01:fa:c1:3e:4c:6e:
48:f0:64:c7:4e:d4:8f:52:a8:6e:db:0f:f3:66:56:03:8a:6c:
e9:9a:34:1e:4a:d3:6e:e8:0a:0f:1c:a5:28:05:69:d5:d2:3d:
81:21:4f:33:71:df:a6:07:a3:11:90:3d:6b:44:11:75:9d:fd:
37:32:3c:9a:3e:7e:8d:8d:b0:4c:f3:a8:86:a1:3b:1a:34:24:
cf:9e:e4:60:35:57:22:0f:58:08:49:b7:5d:ac:e6:77:8f:82:
7d:8b:5e:ab:b2:d0:18:18:f9:53:6d:ea:26:a4:12:e5:2b:ef:
1e:65:5a:8f:af:7d:07:1f:a8:7d:24:0c:95:00:da:26:a7:5a:
9e:ba:56:17:88:3b:42:a5:b3:98:9e:2a:8d:d5:e1:72:20:16:
91:ae:a7:87:31:f0:5e:60:1f:0d:b8:3f:0b:40:14:a3:09:c3:
c2:57:63:cf
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVx8O5tk730xWcQYXrPvy1pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMzVhY2JmMzA1NTk2NjhlYTE4ZWEzZjEwYjI5N2VlNjRj
OGU0OTMwHhcNMjMwMTAyMTAwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTI0MzM1NGM4N2VhNzk0ZjljOWMxNTMxNDlhZjMxMzMwZmQxODMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgZBna+Ozf5gVYV2p21dnRmxEKbmD
sTn7PL/q72RAnEExStlHxkyeIL4NrX1RolbZ8R9FKQ4s5RbMWpbfReqHLk/gVSQ0
z2OpCKwuXXTmjzzIK+jdeGqXp/S5g8Cn4INfQ58Z5GqxwmgHU/Mv0S9rteQ0zxuI
VFunrf4dX70LVsZ/rqKeXUJ/mOwRPQAe26e6RrxYByHt8NpvzSTaP+wO2lSIbGWB
K7iaV4DCDeUBpHJlZ4NEUC4Gd11LhF1s+RcMndF8Wt3XqirHNvVb9LQ0VbiGoOB0
IgAN5VO41O4VflSK4C94xNqt07p77GrkW0jfwwJ27lQ6KlI7LQu9z+WqSQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFEkM1TIfqeU+cnBUxSa8xMw/RgwMB8GA1UdIwQY
MBaAFAs1rL8wVZZo6hjqPxCyl+5kyOSTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3pXc3Z6QlZsbWpxR09vX0VMS1g3bVRJNUpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC83MmZiNDUtMzBjNy00YTUzLWEyZGIt
YjRjOWUyYjBkMTU2LzEvVVNRelZNaC1wNVQ1eWNGVEZKcnpFekQ5R0RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC83MmZiNDUtMzBjNy00YTUzLWEyZGItYjRjOWUyYjBkMTU2
LzEvQ3pXc3Z6QlZsbWpxR09vX0VMS1g3bVRJNUpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCwWtMMA8E
AgACMAkDBwAqCZnAAAAwDQYJKoZIhvcNAQELBQADggEBAFoK3D/SfBWYb7zzcr/O
dJ1yG+SivH8dTJS889FaDxUJMXNRP3RZ/n69FyfqoG2lPlQxHZ5G9konYxPYA+3Z
HU/qt05VYw/ZUMe8uG2KhZKppbbgfAH6wT5MbkjwZMdO1I9SqG7bD/NmVgOKbOma
NB5K027oCg8cpSgFadXSPYEhTzNx36YHoxGQPWtEEXWd/TcyPJo+fo2NsEzzqIah
Oxo0JM+e5GA1VyIPWAhJt12s5nePgn2LXquy0BgY+VNt6iakEuUr7x5lWo+vfQcf
qH0kDJUA2ianWp66VheIO0Kls5ieKo3V4XIgFpGup4cx8F5gHw24PwtAFKMJw8JX
Y88=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:09 2025 by rpki-client