Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/5be80b-3382-4448-a1cc-dca04270b9d5/1/uomIn_ipe477lOia2OW_OlXXl00.roa
File: uomIn_ipe477lOia2OW_OlXXl00.roa (raw, json)
Hash identifier: fouvrynx9hiJN1DgfVXNGkEEJLErQr5bT5G8eETP2DQ=
Subject key identifier: BA:89:88:9F:F8:A9:7B:8E:FB:94:E8:9A:D8:E5:BF:3A:55:D7:97:4D
Certificate issuer: /CN=44a88637498b188fc0bceae0bbf0681761a49d4b
Certificate serial: 018A60ACFDF1B952172802FE5AE3A6ACBD9C
Authority key identifier: 44:A8:86:37:49:8B:18:8F:C0:BC:EA:E0:BB:F0:68:17:61:A4:9D:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RKiGN0mLGI_AvOrgu_BoF2GknUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/5be80b-3382-4448-a1cc-dca04270b9d5/1/uomIn_ipe477lOia2OW_OlXXl00.roa
Signing time: Mon 04 Sep 2023 14:51:04 +0000
ROA not before: Mon 04 Sep 2023 14:51:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6830
IP address blocks: 5.133.166.0/24 maxlen: 24
5.133.165.0/24 maxlen: 24
5.133.162.0/24 maxlen: 24
5.133.164.0/24 maxlen: 24
5.133.167.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:60:ac:fd:f1:b9:52:17:28:02:fe:5a:e3:a6:ac:bd:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44a88637498b188fc0bceae0bbf0681761a49d4b
Validity
Not Before: Sep 4 14:51:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ba89889ff8a97b8efb94e89ad8e5bf3a55d7974d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:7b:e7:ca:1f:4b:ce:ac:f0:35:d8:dc:64:98:
a9:ff:dd:cf:0e:e1:ed:cb:cf:ba:2d:e3:05:f0:bf:
75:12:ec:94:b1:91:f5:30:9b:ee:a4:b9:83:35:5c:
a7:50:fa:a8:68:a7:95:51:7c:62:d8:8e:99:ff:ae:
8c:42:2a:86:51:13:3b:4e:8e:c6:b9:c8:91:15:59:
ff:eb:b2:4a:14:03:aa:ab:8a:76:38:94:31:c7:95:
44:b2:f1:ec:86:35:c9:b7:fb:92:29:4f:2a:0d:95:
ae:8a:e6:c8:00:04:42:41:27:93:61:92:bc:45:26:
d4:26:b7:03:0d:a2:56:ae:dc:5d:82:c3:94:0b:5d:
dc:a6:c4:01:68:3e:63:02:74:9e:52:da:cb:ed:ea:
56:2a:33:9c:a9:5e:2e:54:57:56:1d:9d:26:af:98:
e3:d1:ba:09:a1:64:a4:0b:c2:6b:65:88:5c:92:ff:
49:bc:97:ce:34:04:6c:fd:3d:16:aa:5b:85:62:df:
66:f0:c1:45:55:b9:da:f3:be:e5:ba:57:95:70:02:
e9:1c:07:6c:0d:e8:a9:77:f4:05:5c:ed:a1:7f:51:
05:48:b0:cc:47:f7:ba:a7:41:1b:61:13:f2:e9:c5:
8a:1d:d3:ad:df:01:18:ee:a9:0b:e4:ef:38:4f:b2:
08:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:89:88:9F:F8:A9:7B:8E:FB:94:E8:9A:D8:E5:BF:3A:55:D7:97:4D
X509v3 Authority Key Identifier:
keyid:44:A8:86:37:49:8B:18:8F:C0:BC:EA:E0:BB:F0:68:17:61:A4:9D:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RKiGN0mLGI_AvOrgu_BoF2GknUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/5be80b-3382-4448-a1cc-dca04270b9d5/1/uomIn_ipe477lOia2OW_OlXXl00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/5be80b-3382-4448-a1cc-dca04270b9d5/1/RKiGN0mLGI_AvOrgu_BoF2GknUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.162.0/24
5.133.164.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:ac:65:92:33:8a:80:b3:1c:d0:fe:33:a4:57:03:02:45:3d:
ee:31:75:f6:27:f5:a3:86:55:d4:c8:de:55:e0:14:47:1d:fe:
ae:52:e8:93:42:66:82:56:96:7d:db:cf:91:8d:85:44:95:fa:
9c:78:d6:cc:df:93:b7:9d:c1:d9:c2:39:4b:91:80:99:b9:a9:
99:a6:be:20:88:0f:b9:1b:4f:d8:c9:8b:b6:10:7f:60:db:14:
33:fb:09:a8:f5:89:a1:50:7a:a6:c8:17:68:c8:f1:69:2e:e3:
f2:8c:47:50:d5:b6:e1:96:86:3b:69:43:a0:c0:46:a3:af:b5:
87:2f:a0:a2:d2:51:3c:c0:90:bc:23:b2:17:57:97:b4:d4:9d:
74:1d:68:c3:11:33:e1:5c:b0:5c:b5:67:3e:56:93:15:e4:ad:
78:ce:e2:a8:c5:a7:13:f6:87:71:6a:1b:d7:44:ba:56:1a:14:
83:1b:c7:7f:03:b7:d6:35:2c:e8:12:8e:de:4a:a9:88:2e:88:
11:24:25:49:81:d2:37:d7:af:08:d1:6e:55:ef:d4:c7:36:8a:
a9:20:2d:ef:13:8c:9e:8c:a6:e7:0f:e7:7d:bc:90:94:81:ad:
dd:ca:98:97:7c:e0:6d:be:b7:27:35:51:a7:fd:72:91:d5:82:
a5:2d:f9:f6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYpgrP3xuVIXKAL+WuOmrL2cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0YTg4NjM3NDk4YjE4OGZjMGJjZWFlMGJiZjA2ODE3NjFh
NDlkNGIwHhcNMjMwOTA0MTQ1MTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTg5ODg5ZmY4YTk3YjhlZmI5NGU4OWFkOGU1YmYzYTU1ZDc5NzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3vnyh9LzqzwNdjcZJip/93PDuHt
y8+6LeMF8L91EuyUsZH1MJvupLmDNVynUPqoaKeVUXxi2I6Z/66MQiqGURM7To7G
uciRFVn/67JKFAOqq4p2OJQxx5VEsvHshjXJt/uSKU8qDZWuiubIAARCQSeTYZK8
RSbUJrcDDaJWrtxdgsOUC13cpsQBaD5jAnSeUtrL7epWKjOcqV4uVFdWHZ0mr5jj
0boJoWSkC8JrZYhckv9JvJfONARs/T0WqluFYt9m8MFFVbna877luleVcALpHAds
Deipd/QFXO2hf1EFSLDMR/e6p0EbYRPy6cWKHdOt3wEY7qkL5O84T7IIpQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLqJiJ/4qXuO+5TomtjlvzpV15dNMB8GA1UdIwQY
MBaAFESohjdJixiPwLzq4LvwaBdhpJ1LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUktpR04wbUxHSV9Bdk9yZ3VfQm9GMkdrblVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS81YmU4MGItMzM4Mi00NDQ4LWExY2Mt
ZGNhMDQyNzBiOWQ1LzEvdW9tSW5faXBlNDc3bE9pYTJPV19PbFhYbDAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS81YmU4MGItMzM4Mi00NDQ4LWExY2MtZGNhMDQyNzBiOWQ1
LzEvUktpR04wbUxHSV9Bdk9yZ3VfQm9GMkdrblVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABYWiAwQC
BYWkMA0GCSqGSIb3DQEBCwUAA4IBAQAsrGWSM4qAsxzQ/jOkVwMCRT3uMXX2J/Wj
hlXUyN5V4BRHHf6uUuiTQmaCVpZ928+RjYVElfqceNbM35O3ncHZwjlLkYCZuamZ
pr4giA+5G0/YyYu2EH9g2xQz+wmo9YmhUHqmyBdoyPFpLuPyjEdQ1bbhloY7aUOg
wEajr7WHL6Ci0lE8wJC8I7IXV5e01J10HWjDETPhXLBctWc+VpMV5K14zuKoxacT
9odxahvXRLpWGhSDG8d/A7fWNSzoEo7eSqmILogRJCVJgdI3168I0W5V79THNoqp
IC3vE4yejKbnD+d9vJCUga3dypiXfOBtvrcnNVGn/XKR1YKlLfn2
-----END CERTIFICATE-----
Generated at Sun Apr 13 01:43:37 2025 by rpki-client