Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/d520db-bdf8-4f27-8dff-8c130e6841db/1/UbnQowS4K7PCrvUWqhi753ySqbw.roa
File: UbnQowS4K7PCrvUWqhi753ySqbw.roa (raw, json)
Hash identifier: 7aO40Os5PDN8KjKdhaRyGxJXPlQv2QHB9pqFZkL5rjs=
Subject key identifier: 51:B9:D0:A3:04:B8:2B:B3:C2:AE:F5:16:AA:18:BB:E7:7C:92:A9:BC
Certificate issuer: /CN=2ce2995058b3de9aed23a61f7fb7b5b7b193984a
Certificate serial: 01856CEF2B7EDBD47D66820E41D02A6BC691
Authority key identifier: 2C:E2:99:50:58:B3:DE:9A:ED:23:A6:1F:7F:B7:B5:B7:B1:93:98:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LOKZUFiz3prtI6Yff7e1t7GTmEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/d520db-bdf8-4f27-8dff-8c130e6841db/1/UbnQowS4K7PCrvUWqhi753ySqbw.roa
Signing time: Sun 01 Jan 2023 10:44:51 +0000
ROA not before: Sun 01 Jan 2023 10:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29267
IP address blocks: 195.85.211.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ef:2b:7e:db:d4:7d:66:82:0e:41:d0:2a:6b:c6:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ce2995058b3de9aed23a61f7fb7b5b7b193984a
Validity
Not Before: Jan 1 10:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=51b9d0a304b82bb3c2aef516aa18bbe77c92a9bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:ae:6c:03:c8:07:06:3f:d1:80:29:a8:cd:66:
01:b0:e1:ff:85:e3:81:b4:fc:6b:8f:84:a4:20:65:
bc:49:7c:1a:30:1d:1b:2d:6a:9b:d5:ac:1a:1c:d9:
69:18:a9:82:95:c9:37:f5:35:96:b1:f9:a8:a6:b7:
8e:73:e4:36:48:7e:54:ec:a2:0b:e2:fc:d0:44:96:
78:b9:9d:47:54:b6:27:d8:25:c1:53:e1:80:33:68:
35:35:ee:f7:cf:08:58:ca:3b:5d:51:e8:47:f6:4e:
d4:39:1d:f5:cf:6b:ef:76:7f:e8:08:d4:90:66:36:
b4:7f:02:8d:0b:06:07:67:88:5c:2a:86:8b:1c:39:
e9:01:4e:84:e3:43:13:9e:d4:74:2e:f8:ff:4a:25:
d3:01:55:87:8b:2f:da:47:32:e9:1e:88:30:93:93:
ec:32:98:17:40:fd:92:9a:9d:6f:03:73:6a:99:2d:
fc:a6:35:6f:27:42:d8:85:a5:97:7f:36:4d:24:c9:
0c:3f:e2:07:3c:2b:9f:d1:0e:a3:c3:a6:7e:24:2a:
0c:2d:76:df:f5:d8:9d:d8:ca:8d:5c:50:03:92:46:
7c:3c:8b:de:1c:38:76:e5:e1:50:b9:00:cb:f8:2f:
d4:d9:c3:3c:41:d2:83:9b:4b:70:89:8e:45:f9:61:
df:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:B9:D0:A3:04:B8:2B:B3:C2:AE:F5:16:AA:18:BB:E7:7C:92:A9:BC
X509v3 Authority Key Identifier:
keyid:2C:E2:99:50:58:B3:DE:9A:ED:23:A6:1F:7F:B7:B5:B7:B1:93:98:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LOKZUFiz3prtI6Yff7e1t7GTmEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/d520db-bdf8-4f27-8dff-8c130e6841db/1/UbnQowS4K7PCrvUWqhi753ySqbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/d520db-bdf8-4f27-8dff-8c130e6841db/1/LOKZUFiz3prtI6Yff7e1t7GTmEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.85.211.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:d0:a2:58:a8:f4:d6:c0:25:ac:00:01:40:d0:38:ca:a5:05:
42:53:46:01:e5:17:86:53:1c:5f:78:98:74:56:2f:c0:cd:98:
d2:72:ea:9b:33:0c:48:14:80:6b:b0:7b:16:3f:e2:ff:24:7d:
5f:2d:cd:04:c7:d1:69:c5:ef:4a:f6:1f:50:ff:48:95:e8:78:
50:bc:55:82:dc:f0:54:36:1f:10:6a:9c:f1:26:0c:df:d8:89:
c0:3f:ca:f1:c1:29:1f:cb:c9:03:d9:ee:b7:77:02:5b:23:4c:
ab:41:2d:42:7b:4e:d3:ef:19:75:8c:fe:61:75:30:2e:ce:59:
40:d5:0f:23:75:44:da:93:ba:c6:ad:0f:18:e9:5e:13:8e:31:
6c:57:d1:27:39:84:a7:fc:9f:b8:80:32:4f:c1:46:a9:34:d2:
df:bd:7b:0d:45:41:05:52:04:33:57:c0:9d:b2:50:c4:4e:0e:
72:cb:91:d8:06:fd:dc:f5:07:75:d1:ac:7f:9a:ec:02:7b:b3:
19:ba:53:1a:7b:16:10:fa:93:fc:55:70:ed:50:da:3a:90:56:
e0:2c:ba:84:27:24:a1:23:95:69:02:02:93:7a:26:4c:5e:ca:
ea:54:96:d6:f7:a7:a6:fd:62:4e:9e:2d:b9:fc:40:f6:65:3e:
28:27:d6:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs7yt+29R9ZoIOQdAqa8aRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjZTI5OTUwNThiM2RlOWFlZDIzYTYxZjdmYjdiNWI3YjE5
Mzk4NGEwHhcNMjMwMTAxMTA0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWI5ZDBhMzA0YjgyYmIzYzJhZWY1MTZhYTE4YmJlNzdjOTJhOWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3K5sA8gHBj/RgCmozWYBsOH/heOB
tPxrj4SkIGW8SXwaMB0bLWqb1awaHNlpGKmClck39TWWsfmopreOc+Q2SH5U7KIL
4vzQRJZ4uZ1HVLYn2CXBU+GAM2g1Ne73zwhYyjtdUehH9k7UOR31z2vvdn/oCNSQ
Zja0fwKNCwYHZ4hcKoaLHDnpAU6E40MTntR0Lvj/SiXTAVWHiy/aRzLpHogwk5Ps
MpgXQP2Smp1vA3NqmS38pjVvJ0LYhaWXfzZNJMkMP+IHPCuf0Q6jw6Z+JCoMLXbf
9did2MqNXFADkkZ8PIveHDh25eFQuQDL+C/U2cM8QdKDm0twiY5F+WHf7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFG50KMEuCuzwq71FqoYu+d8kqm8MB8GA1UdIwQY
MBaAFCzimVBYs96a7SOmH3+3tbexk5hKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTE9LWlVGaXozcHJ0STZZZmY3ZTF0N0dUbUVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9kNTIwZGItYmRmOC00ZjI3LThkZmYt
OGMxMzBlNjg0MWRiLzEvVWJuUW93UzRLN1BDcnZVV3FoaTc1M3lTcWJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9kNTIwZGItYmRmOC00ZjI3LThkZmYtOGMxMzBlNjg0MWRi
LzEvTE9LWlVGaXozcHJ0STZZZmY3ZTF0N0dUbUVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw1XTMA0G
CSqGSIb3DQEBCwUAA4IBAQB60KJYqPTWwCWsAAFA0DjKpQVCU0YB5ReGUxxfeJh0
Vi/AzZjScuqbMwxIFIBrsHsWP+L/JH1fLc0Ex9Fpxe9K9h9Q/0iV6HhQvFWC3PBU
Nh8QapzxJgzf2InAP8rxwSkfy8kD2e63dwJbI0yrQS1Ce07T7xl1jP5hdTAuzllA
1Q8jdUTak7rGrQ8Y6V4TjjFsV9EnOYSn/J+4gDJPwUapNNLfvXsNRUEFUgQzV8Cd
slDETg5yy5HYBv3c9Qd10ax/muwCe7MZulMaexYQ+pP8VXDtUNo6kFbgLLqEJySh
I5VpAgKTeiZMXsrqVJbW96em/WJOni25/ED2ZT4oJ9Zb
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:30 2025 by rpki-client