Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/Uk78wvegmXuJAHQrcxYjzT43gXY.roa
File: Uk78wvegmXuJAHQrcxYjzT43gXY.roa (raw, json)
Hash identifier: i7yA43p31yR8enWWlwptEGui/RJf0lzKZutGlMXY6Sw=
Subject key identifier: 52:4E:FC:C2:F7:A0:99:7B:89:00:74:2B:73:16:23:CD:3E:37:81:76
Certificate issuer: /CN=b630b73b51cbc5380dd4adb3d5aaff4d7a334c5e
Certificate serial: 018775D451D7DF2DDBAC5B1B9B50077FF4DA
Authority key identifier: B6:30:B7:3B:51:CB:C5:38:0D:D4:AD:B3:D5:AA:FF:4D:7A:33:4C:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tjC3O1HLxTgN1K2z1ar_TXozTF4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/Uk78wvegmXuJAHQrcxYjzT43gXY.roa
Signing time: Wed 12 Apr 2023 14:17:41 +0000
ROA not before: Wed 12 Apr 2023 14:17:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47952
IP address blocks: 91.194.52.0/24 maxlen: 24
91.194.54.0/24 maxlen: 24
185.201.213.0/24 maxlen: 24
185.201.212.0/24 maxlen: 24
185.201.214.0/24 maxlen: 24
185.201.215.0/24 maxlen: 24
2a0a:c4c0:1::/48 maxlen: 48
2a0a:c4c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:75:d4:51:d7:df:2d:db:ac:5b:1b:9b:50:07:7f:f4:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b630b73b51cbc5380dd4adb3d5aaff4d7a334c5e
Validity
Not Before: Apr 12 14:17:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=524efcc2f7a0997b8900742b731623cd3e378176
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ad:67:d4:40:29:49:d9:3e:c2:4e:37:b1:3f:
87:5a:11:a1:e4:85:08:e7:f8:f2:14:1f:14:b0:39:
be:8f:ea:c0:4b:bb:f6:49:9f:0b:49:2c:46:f9:3f:
ab:4a:20:e1:8e:7a:e8:1e:59:4e:56:71:6b:63:77:
a1:e6:52:40:45:a8:92:56:66:63:07:3f:4e:b9:7f:
42:18:0a:21:80:bc:54:b8:66:86:75:53:8c:00:40:
57:0b:5f:1b:bd:92:7e:e9:dd:58:a5:c2:86:7b:99:
a5:84:57:23:7f:5b:b4:ae:d0:7a:80:5f:fc:19:73:
41:bd:2f:d4:4a:d1:46:21:44:81:42:c6:05:be:9a:
20:0e:50:87:0f:c2:a8:4a:79:9c:bf:0e:c3:95:16:
c8:27:4f:9e:7d:77:63:1b:23:3c:5c:84:97:66:39:
e4:da:43:a5:19:e9:b2:d2:79:eb:15:9c:c3:5d:19:
0b:57:c5:05:57:be:08:4b:51:08:d4:df:be:6e:48:
28:a1:b1:52:c1:cf:fc:5c:6b:87:25:73:c7:32:df:
ac:0e:a7:dc:1b:66:4f:d6:bf:c7:d9:26:47:f0:8c:
84:71:95:15:6f:c9:46:0f:b6:da:d3:85:3f:e8:ee:
11:ec:2f:a2:99:da:3e:05:62:12:03:67:5e:c0:ee:
bd:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:4E:FC:C2:F7:A0:99:7B:89:00:74:2B:73:16:23:CD:3E:37:81:76
X509v3 Authority Key Identifier:
keyid:B6:30:B7:3B:51:CB:C5:38:0D:D4:AD:B3:D5:AA:FF:4D:7A:33:4C:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tjC3O1HLxTgN1K2z1ar_TXozTF4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/Uk78wvegmXuJAHQrcxYjzT43gXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/tjC3O1HLxTgN1K2z1ar_TXozTF4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.52.0/24
91.194.54.0/24
185.201.212.0/22
IPv6:
2a0a:c4c0::/47
Signature Algorithm: sha256WithRSAEncryption
6a:16:89:f0:4f:7c:ec:5b:23:00:41:8f:4c:ed:2d:95:fc:9f:
94:98:c5:ad:76:53:6d:25:f0:9b:f6:86:eb:1d:7c:cf:d5:c7:
8e:92:22:eb:7c:42:46:c6:58:98:26:c6:9c:61:e5:70:17:45:
18:44:c4:cc:87:f8:8a:81:77:ed:23:4f:24:72:6e:c0:20:1a:
d7:b7:b0:07:de:ee:1f:1e:f9:62:a2:4e:30:4e:94:97:44:cb:
d3:4d:15:28:af:78:bf:a4:d3:ae:c2:06:19:ae:bb:bb:60:d1:
49:b7:43:4b:76:2f:aa:46:9c:04:d5:29:54:a7:9d:a2:4b:ec:
a1:40:6d:53:ea:2a:08:13:c7:3a:d8:38:0c:6d:97:93:bf:d7:
2e:b7:cc:02:66:ad:d1:9b:46:46:79:d0:b0:32:19:c5:cf:8d:
25:90:98:9a:80:bd:93:5c:b9:ce:bd:e7:85:c9:f2:50:f4:99:
89:7b:9e:bb:64:08:7c:28:b4:b0:92:71:2e:07:d4:63:84:d8:
3d:38:c2:e3:dc:6c:3d:cc:e3:83:29:da:e8:95:ee:95:4f:76:
09:ed:96:08:82:b4:54:a7:ef:22:c9:b2:bf:c3:41:e3:47:aa:
d4:c9:e9:f3:d7:11:38:22:b0:08:bb:e2:c5:80:74:2d:ba:29:
d4:81:de:74
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYd11FHX3y3brFsbm1AHf/TaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2MzBiNzNiNTFjYmM1MzgwZGQ0YWRiM2Q1YWFmZjRkN2Ez
MzRjNWUwHhcNMjMwNDEyMTQxNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjRlZmNjMmY3YTA5OTdiODkwMDc0MmI3MzE2MjNjZDNlMzc4MTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwa1n1EApSdk+wk43sT+HWhGh5IUI
5/jyFB8UsDm+j+rAS7v2SZ8LSSxG+T+rSiDhjnroHllOVnFrY3eh5lJARaiSVmZj
Bz9OuX9CGAohgLxUuGaGdVOMAEBXC18bvZJ+6d1YpcKGe5mlhFcjf1u0rtB6gF/8
GXNBvS/UStFGIUSBQsYFvpogDlCHD8KoSnmcvw7DlRbIJ0+efXdjGyM8XISXZjnk
2kOlGemy0nnrFZzDXRkLV8UFV74IS1EI1N++bkgoobFSwc/8XGuHJXPHMt+sDqfc
G2ZP1r/H2SZH8IyEcZUVb8lGD7ba04U/6O4R7C+imdo+BWISA2dewO69RQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFFJO/ML3oJl7iQB0K3MWI80+N4F2MB8GA1UdIwQY
MBaAFLYwtztRy8U4DdSts9Wq/016M0xeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGpDM08xSEx4VGdOMUsyejFhcl9UWG96VEY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC80NzQ4YzctY2Q5ZS00MDFlLWE4YTQt
MGQ0OGU2ODk1ZjEyLzEvVWs3OHd2ZWdtWHVKQUhRcmN4WWp6VDQzZ1hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC80NzQ4YzctY2Q5ZS00MDFlLWE4YTQtMGQ0OGU2ODk1ZjEy
LzEvdGpDM08xSEx4VGdOMUsyejFhcl9UWG96VEY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAW8I0AwQA
W8I2AwQCucnUMA8EAgACMAkDBwEqCsTAAAAwDQYJKoZIhvcNAQELBQADggEBAGoW
ifBPfOxbIwBBj0ztLZX8n5SYxa12U20l8Jv2husdfM/Vx46SIut8QkbGWJgmxpxh
5XAXRRhExMyH+IqBd+0jTyRybsAgGte3sAfe7h8e+WKiTjBOlJdEy9NNFSiveL+k
067CBhmuu7tg0Um3Q0t2L6pGnATVKVSnnaJL7KFAbVPqKggTxzrYOAxtl5O/1y63
zAJmrdGbRkZ50LAyGcXPjSWQmJqAvZNcuc6954XJ8lD0mYl7nrtkCHwotLCScS4H
1GOE2D04wuPcbD3M44Mp2uiV7pVPdgntlgiCtFSn7yLJsr/DQeNHqtTJ6fPXETgi
sAi74sWAdC26KdSB3nQ=
-----END CERTIFICATE-----
Generated at Thu Apr 17 07:09:55 2025 by rpki-client