Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/UhphTQ9Nb5nqa66T65W6uEp3cDo.roa
File: UhphTQ9Nb5nqa66T65W6uEp3cDo.roa (raw, json)
Hash identifier: SwZt41dYpzRf11kkO4WHW+hnMZUMMht958Bx+yleffw=
Subject key identifier: 52:1A:61:4D:0F:4D:6F:99:EA:6B:AE:93:EB:95:BA:B8:4A:77:70:3A
Certificate issuer: /CN=0a81fe9059f6820bc18ad5802f2f1fca77d254b7
Certificate serial: 0186979CE23764C8E83802272E14CE363A61
Authority key identifier: 0A:81:FE:90:59:F6:82:0B:C1:8A:D5:80:2F:2F:1F:CA:77:D2:54:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CoH-kFn2ggvBitWALy8fynfSVLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/UhphTQ9Nb5nqa66T65W6uEp3cDo.roa
Signing time: Tue 28 Feb 2023 10:41:26 +0000
ROA not before: Tue 28 Feb 2023 10:41:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198560
IP address blocks: 91.236.128.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:97:9c:e2:37:64:c8:e8:38:02:27:2e:14:ce:36:3a:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a81fe9059f6820bc18ad5802f2f1fca77d254b7
Validity
Not Before: Feb 28 10:41:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=521a614d0f4d6f99ea6bae93eb95bab84a77703a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:1a:42:a2:be:08:ab:42:c8:aa:2a:7d:4d:5b:
06:10:a8:95:4c:fd:b8:53:84:53:ac:5c:5f:f8:d6:
f3:19:3e:f3:42:4f:16:35:5f:e4:b6:e9:c4:a3:7a:
d4:ae:60:f7:8d:1d:6e:a8:cd:42:f0:6f:eb:bd:1d:
54:1e:84:17:7a:8d:d5:f7:4c:af:5f:22:b3:b4:a8:
91:ad:f9:75:cf:6d:68:bc:26:1d:0f:31:3e:39:57:
8f:0e:2a:cb:eb:20:a5:e7:8c:b8:4b:9c:7c:13:ee:
32:a4:98:bc:8c:47:05:38:e0:26:8a:ff:20:cf:b7:
0c:77:39:13:eb:f6:48:44:3a:58:88:39:4c:a9:3e:
dc:30:3b:65:39:de:63:ec:b2:e8:6f:96:a8:59:7a:
37:aa:eb:24:fc:18:64:17:5e:9a:ca:a6:9f:67:68:
9a:af:72:ef:96:d7:4e:43:b9:c3:f3:8c:08:e9:8f:
b8:5a:9f:04:1c:e5:24:b6:52:96:04:9f:7d:fe:3d:
7e:96:28:de:78:c6:49:e6:a6:59:2a:88:5e:03:69:
e6:62:3d:c9:44:b5:79:9e:d7:0f:9d:69:a8:2b:4b:
ba:ae:b4:7f:75:79:c7:ed:6d:b9:79:84:e2:a9:a9:
d4:2e:ac:a4:ff:a5:c4:78:b8:ee:e2:6a:81:89:1a:
15:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:1A:61:4D:0F:4D:6F:99:EA:6B:AE:93:EB:95:BA:B8:4A:77:70:3A
X509v3 Authority Key Identifier:
keyid:0A:81:FE:90:59:F6:82:0B:C1:8A:D5:80:2F:2F:1F:CA:77:D2:54:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CoH-kFn2ggvBitWALy8fynfSVLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/UhphTQ9Nb5nqa66T65W6uEp3cDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/CoH-kFn2ggvBitWALy8fynfSVLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.236.128.0/24
Signature Algorithm: sha256WithRSAEncryption
35:c5:35:07:6e:d1:bc:ad:8f:82:e4:29:95:fe:90:5d:5f:11:
c1:cb:34:04:5d:4e:51:db:c3:a1:2f:a9:6e:36:1a:14:7b:9c:
b9:16:91:fc:64:82:2f:6d:d5:11:7b:fa:83:a3:82:e2:bb:04:
4e:43:7a:60:32:4f:fb:23:fc:f4:37:83:35:f6:6e:dd:0e:24:
2c:45:8a:65:16:52:51:a8:ee:c2:f7:92:6a:00:46:1b:da:95:
68:14:b5:92:4e:e5:b9:37:5d:60:d5:0b:b9:f2:5e:9f:e3:80:
3a:f6:f0:b2:d9:8e:83:2a:29:8e:a1:a7:99:b3:28:8a:c2:99:
36:67:c9:99:39:f4:13:b0:ab:04:0e:14:eb:0f:9e:87:5b:61:
2e:3d:c2:ad:1a:e9:83:c9:4f:c0:38:c1:2f:a4:77:04:7e:d6:
cc:aa:72:1f:aa:68:62:cb:bc:d7:de:aa:24:ba:fc:2c:57:73:
d7:9d:4d:d7:a8:98:1a:1c:9c:75:a2:25:72:94:42:b9:d5:d2:
a1:1c:db:32:e8:20:2e:2d:2d:de:eb:69:5e:b5:18:a7:26:2d:
fd:f3:54:41:7f:9a:15:08:a3:65:89:cd:3a:aa:8f:87:96:f6:
1f:aa:7f:b4:20:e7:d8:58:6f:91:6a:6b:c4:31:b7:13:39:b5:
10:5d:be:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaXnOI3ZMjoOAInLhTONjphMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhODFmZTkwNTlmNjgyMGJjMThhZDU4MDJmMmYxZmNhNzdk
MjU0YjcwHhcNMjMwMjI4MTA0MTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjFhNjE0ZDBmNGQ2Zjk5ZWE2YmFlOTNlYjk1YmFiODRhNzc3MDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRpCor4Iq0LIqip9TVsGEKiVTP24
U4RTrFxf+NbzGT7zQk8WNV/ktunEo3rUrmD3jR1uqM1C8G/rvR1UHoQXeo3V90yv
XyKztKiRrfl1z21ovCYdDzE+OVePDirL6yCl54y4S5x8E+4ypJi8jEcFOOAmiv8g
z7cMdzkT6/ZIRDpYiDlMqT7cMDtlOd5j7LLob5aoWXo3qusk/BhkF16ayqafZ2ia
r3LvltdOQ7nD84wI6Y+4Wp8EHOUktlKWBJ99/j1+lijeeMZJ5qZZKoheA2nmYj3J
RLV5ntcPnWmoK0u6rrR/dXnH7W25eYTiqanULqyk/6XEeLju4mqBiRoV3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFIaYU0PTW+Z6muuk+uVurhKd3A6MB8GA1UdIwQY
MBaAFAqB/pBZ9oILwYrVgC8vH8p30lS3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ29ILWtGbjJnZ3ZCaXRXQUx5OGZ5bmZTVkxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC80OTg0ZGYtNmRiMi00ZTBhLTkxZjgt
YmYwNWFjYzgyYmQxLzEvVWhwaFRROU5iNW5xYTY2VDY1VzZ1RXAzY0RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC80OTg0ZGYtNmRiMi00ZTBhLTkxZjgtYmYwNWFjYzgyYmQx
LzEvQ29ILWtGbjJnZ3ZCaXRXQUx5OGZ5bmZTVkxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+yAMA0G
CSqGSIb3DQEBCwUAA4IBAQA1xTUHbtG8rY+C5CmV/pBdXxHByzQEXU5R28OhL6lu
NhoUe5y5FpH8ZIIvbdURe/qDo4LiuwROQ3pgMk/7I/z0N4M19m7dDiQsRYplFlJR
qO7C95JqAEYb2pVoFLWSTuW5N11g1Qu58l6f44A69vCy2Y6DKimOoaeZsyiKwpk2
Z8mZOfQTsKsEDhTrD56HW2EuPcKtGumDyU/AOMEvpHcEftbMqnIfqmhiy7zX3qok
uvwsV3PXnU3XqJgaHJx1oiVylEK51dKhHNsy6CAuLS3e62letRinJi3981RBf5oV
CKNlic06qo+HlvYfqn+0IOfYWG+RamvEMbcTObUQXb42
-----END CERTIFICATE-----
Generated at Sun Apr 13 01:32:48 2025 by rpki-client