Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/1922c9-4949-4055-a66e-15d32709bd0f/1/pUPfw4_YnEQk0xESLdvkT3cpHyI.roa
File: pUPfw4_YnEQk0xESLdvkT3cpHyI.roa (raw, json)
Hash identifier: 8v/1MCN1iq8l+lqxckLT1B3Z19KjPN9YU0FwkGLjtEg=
Subject key identifier: A5:43:DF:C3:8F:D8:9C:44:24:D3:11:12:2D:DB:E4:4F:77:29:1F:22
Certificate issuer: /CN=1a5a22dbc8dbd2d7248deaff47e3390f77fb4b0b
Certificate serial: 1A2A1AAA
Authority key identifier: 1A:5A:22:DB:C8:DB:D2:D7:24:8D:EA:FF:47:E3:39:0F:77:FB:4B:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gloi28jb0tckjer_R-M5D3f7Sws.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/1922c9-4949-4055-a66e-15d32709bd0f/1/pUPfw4_YnEQk0xESLdvkT3cpHyI.roa
Signing time: Sat 01 Jan 2022 15:59:51 +0000
ROA not before: Sat 01 Jan 2022 15:59:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3292
IP address blocks: 80.73.48.0/20 maxlen: 20
95.130.64.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 438966954 (0x1a2a1aaa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a5a22dbc8dbd2d7248deaff47e3390f77fb4b0b
Validity
Not Before: Jan 1 15:59:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a543dfc38fd89c4424d311122ddbe44f77291f22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:38:be:56:6b:8b:fd:8d:1c:78:b9:0e:4a:17:
c9:b7:fd:1a:82:77:a5:ef:ba:e5:dd:0f:33:ba:e5:
56:6d:c4:f7:2c:06:30:77:b7:19:e5:77:f2:6f:0a:
6a:bf:79:23:79:36:6f:2d:36:fc:7e:48:17:2e:f8:
8d:85:70:6e:03:56:4a:2e:cb:00:f2:92:1c:d1:af:
42:ea:d6:de:55:7e:ae:ce:cf:1f:34:b0:1f:d8:36:
16:50:5a:63:04:df:8d:e0:f4:04:96:bc:30:86:17:
2a:d9:3a:d7:bb:17:5b:c5:83:0a:3b:48:fd:14:26:
d8:91:d3:6f:c6:95:56:2b:06:69:98:50:b3:4d:e7:
17:6a:56:5c:bc:97:67:6b:78:3f:c2:58:2b:d6:30:
09:87:f6:41:19:0e:f7:21:12:9a:9d:00:00:88:f0:
cd:dc:28:14:1f:c1:8f:ae:eb:97:50:3c:c7:36:fa:
e0:f5:95:b4:7f:be:57:ae:e5:f6:ff:c3:d8:02:ec:
21:0f:07:90:6a:2a:92:7b:e3:b4:a1:97:ff:7e:2c:
db:2e:17:7c:c3:3f:a4:a8:70:ef:ac:cc:84:8f:63:
7e:c5:6b:96:57:a8:5e:3f:d1:2b:ee:89:72:6e:8e:
b5:f7:41:8f:2b:06:d2:c1:41:44:a4:b6:9d:ba:c2:
e9:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:43:DF:C3:8F:D8:9C:44:24:D3:11:12:2D:DB:E4:4F:77:29:1F:22
X509v3 Authority Key Identifier:
keyid:1A:5A:22:DB:C8:DB:D2:D7:24:8D:EA:FF:47:E3:39:0F:77:FB:4B:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gloi28jb0tckjer_R-M5D3f7Sws.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/1922c9-4949-4055-a66e-15d32709bd0f/1/pUPfw4_YnEQk0xESLdvkT3cpHyI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/1922c9-4949-4055-a66e-15d32709bd0f/1/Gloi28jb0tckjer_R-M5D3f7Sws.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.73.48.0/20
95.130.64.0/21
Signature Algorithm: sha256WithRSAEncryption
5d:7e:28:8c:a2:80:0a:b1:c3:e3:73:70:6a:80:e9:0d:27:d0:
8c:40:03:87:04:60:d9:33:b5:44:23:43:0d:ae:8c:86:79:6a:
9a:86:fe:73:e4:80:14:41:05:fc:cf:06:51:6b:66:52:24:6a:
02:61:6b:f7:90:0d:fe:34:37:a7:6c:13:b0:43:77:dd:a3:54:
d2:cf:3e:f8:be:49:bc:44:b6:51:79:47:5d:c6:e5:c2:52:2b:
a6:a1:40:e8:c5:9c:3c:5c:24:83:55:16:e3:63:81:f3:a0:63:
6a:05:45:39:bc:df:89:24:c0:d6:f2:2c:ad:7b:cd:93:0d:2d:
eb:90:3e:60:7d:07:e7:66:b9:03:4b:97:ce:67:85:ce:e1:7e:
11:8d:0f:f4:6d:33:64:8c:71:cb:5d:ea:b0:3a:05:46:63:11:
8d:6f:61:45:d5:44:b9:d9:95:70:ef:2d:b5:c6:aa:ea:d0:c9:
18:ec:8c:74:a0:00:c1:25:e3:06:14:8e:95:e3:e6:d7:49:1f:
74:94:3d:e1:92:bc:9b:b8:21:4b:56:f2:4c:b7:02:16:e3:bd:
3d:e1:79:83:9a:08:bd:4b:06:ac:3b:99:0b:62:cc:07:71:7d:
db:74:c8:1c:67:7a:c0:78:67:18:36:26:90:c9:eb:b9:75:24:
fd:cd:7f:6e
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEGioaqjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YTVhMjJkYmM4ZGJkMmQ3MjQ4ZGVhZmY0N2UzMzkwZjc3ZmI0YjBiMB4XDTIyMDEw
MTE1NTk1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTU0M2RmYzM4ZmQ4
OWM0NDI0ZDMxMTEyMmRkYmU0NGY3NzI5MWYyMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKw4vlZri/2NHHi5DkoXybf9GoJ3pe+65d0PM7rlVm3E9ywG
MHe3GeV38m8Kar95I3k2by02/H5IFy74jYVwbgNWSi7LAPKSHNGvQurW3lV+rs7P
HzSwH9g2FlBaYwTfjeD0BJa8MIYXKtk617sXW8WDCjtI/RQm2JHTb8aVVisGaZhQ
s03nF2pWXLyXZ2t4P8JYK9YwCYf2QRkO9yESmp0AAIjwzdwoFB/Bj67rl1A8xzb6
4PWVtH++V67l9v/D2ALsIQ8HkGoqknvjtKGX/34s2y4XfMM/pKhw76zMhI9jfsVr
lleoXj/RK+6Jcm6OtfdBjysG0sFBRKS2nbrC6f0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSlQ9/Dj9icRCTTERIt2+RPdykfIjAfBgNVHSMEGDAWgBQaWiLbyNvS1ySN
6v9H4zkPd/tLCzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dsb2kyOGpiMHRja2plcl9SLU01RDNmN1N3cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzkvMTkyMmM5LTQ5NDktNDA1NS1hNjZlLTE1ZDMyNzA5YmQwZi8x
L3BVUGZ3NF9ZbkVRazB4RVNMZHZrVDNjcEh5SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzkv
MTkyMmM5LTQ5NDktNDA1NS1hNjZlLTE1ZDMyNzA5YmQwZi8xL0dsb2kyOGpiMHRj
a2plcl9SLU01RDNmN1N3cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEBFBJMAMEA1+CQDANBgkqhkiG9w0B
AQsFAAOCAQEAXX4ojKKACrHD43NwaoDpDSfQjEADhwRg2TO1RCNDDa6Mhnlqmob+
c+SAFEEF/M8GUWtmUiRqAmFr95AN/jQ3p2wTsEN33aNU0s8++L5JvES2UXlHXcbl
wlIrpqFA6MWcPFwkg1UW42OB86BjagVFObzfiSTA1vIsrXvNkw0t65A+YH0H52a5
A0uXzmeFzuF+EY0P9G0zZIxxy13qsDoFRmMRjW9hRdVEudmVcO8ttcaq6tDJGOyM
dKAAwSXjBhSOlePm10kfdJQ94ZK8m7ghS1byTLcCFuO9PeF5g5oIvUsGrDuZC2LM
B3F923TIHGd6wHhnGDYmkMnruXUk/c1/bg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:17 2025 by rpki-client