Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/Ue7lqAkKf9bEwO67eeNbCW4VQjg.roa
File: Ue7lqAkKf9bEwO67eeNbCW4VQjg.roa (raw, json)
Hash identifier: pcoNWrt3Y+rj133xtp4kZAUCpGjQCte9sYgiH/RtJ8E=
Subject key identifier: 51:EE:E5:A8:09:0A:7F:D6:C4:C0:EE:BB:79:E3:5B:09:6E:15:42:38
Certificate issuer: /CN=b35002ba088d5bd09c1553dced5b0bf3907ff736
Certificate serial: 018CB1D642FD4B2D38311FD81C2465A91AD1
Authority key identifier: B3:50:02:BA:08:8D:5B:D0:9C:15:53:DC:ED:5B:0B:F3:90:7F:F7:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s1ACugiNW9CcFVPc7VsL85B_9zY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/Ue7lqAkKf9bEwO67eeNbCW4VQjg.roa
Signing time: Thu 28 Dec 2023 19:10:58 +0000
ROA not before: Thu 28 Dec 2023 19:10:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48108
IP address blocks: 176.116.0.0/24 maxlen: 24
94.247.137.0/24 maxlen: 24
146.19.84.0/24 maxlen: 24
185.235.230.0/24 maxlen: 24
31.222.227.0/24 maxlen: 24
2001:678:e30::/48 maxlen: 48
2a11:8481::/32 maxlen: 32
2a0a:2e80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b1:d6:42:fd:4b:2d:38:31:1f:d8:1c:24:65:a9:1a:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b35002ba088d5bd09c1553dced5b0bf3907ff736
Validity
Not Before: Dec 28 19:10:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=51eee5a8090a7fd6c4c0eebb79e35b096e154238
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:a0:40:45:52:c9:b2:0f:bb:04:e3:1f:a7:50:
90:4f:dd:c8:7d:37:70:3c:59:23:37:ee:9c:6b:45:
ec:58:d0:38:78:1f:21:67:4d:7c:a5:bc:1c:db:ef:
8e:67:28:bc:bd:ec:06:17:01:25:38:8e:1e:a1:d3:
98:f7:51:b0:b5:74:70:76:fb:fe:e4:ec:d5:51:2f:
fa:19:2e:2e:7c:de:73:07:c6:51:bd:5c:84:dd:0e:
3a:b3:2e:cb:53:d0:6d:0b:df:23:be:d8:0d:d3:ca:
c1:c4:87:43:de:b9:b6:27:92:6d:92:62:6a:9b:c7:
d7:52:0a:36:6d:7f:f0:1e:0d:ea:b1:64:29:46:d1:
88:59:8e:40:38:71:3e:ad:1a:7b:96:db:a5:8d:07:
a1:63:02:b3:5f:8b:b1:3d:e2:48:01:be:a0:4e:0a:
87:3d:65:33:9a:31:3f:6d:e2:f4:f8:c1:50:82:c3:
38:f8:04:f8:f3:04:57:04:e1:76:c9:90:f2:19:7c:
2d:62:21:f0:f4:ac:2c:6c:8e:da:3a:59:24:ea:c8:
2b:64:99:30:02:f1:80:e6:38:69:e5:02:4e:3f:d4:
00:ec:5d:22:56:2c:de:86:4d:d9:fe:e4:72:0c:b7:
6d:48:1c:d5:90:22:0f:f9:b5:91:ad:4d:d5:4a:bc:
21:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:EE:E5:A8:09:0A:7F:D6:C4:C0:EE:BB:79:E3:5B:09:6E:15:42:38
X509v3 Authority Key Identifier:
keyid:B3:50:02:BA:08:8D:5B:D0:9C:15:53:DC:ED:5B:0B:F3:90:7F:F7:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s1ACugiNW9CcFVPc7VsL85B_9zY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/Ue7lqAkKf9bEwO67eeNbCW4VQjg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/s1ACugiNW9CcFVPc7VsL85B_9zY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.227.0/24
94.247.137.0/24
146.19.84.0/24
176.116.0.0/24
185.235.230.0/24
IPv6:
2001:678:e30::/48
2a0a:2e80::/32
2a11:8481::/32
Signature Algorithm: sha256WithRSAEncryption
6e:87:05:4a:dd:f9:3e:81:e1:8d:58:1b:1a:90:fb:24:92:26:
0b:d9:7c:1f:fd:a7:cf:a7:88:57:42:82:2a:24:1f:99:2c:19:
fc:c1:38:f1:2c:b1:59:18:4d:0d:f6:72:28:40:34:07:8e:7b:
1a:8e:38:60:98:a0:a7:94:36:c0:b4:e0:63:18:df:d0:cd:a3:
01:96:3e:6b:d4:44:49:e7:c3:28:fd:a1:d7:bf:98:18:00:b1:
8c:f1:2f:4a:a5:1c:96:74:6f:5a:87:e9:d9:16:7e:69:20:04:
dc:d2:57:dd:76:04:72:76:78:54:d3:7f:b6:a5:4a:9a:f6:f3:
0b:81:38:68:0f:c2:28:b7:85:ce:05:37:ea:f6:7b:1c:fa:7f:
64:cc:2d:d7:cc:91:07:79:cd:96:19:13:16:4e:34:3e:59:35:
de:ea:e3:21:8c:a5:58:8e:92:30:f1:bd:4a:4a:a6:d9:86:00:
e4:0d:b5:93:91:7e:58:11:19:d4:08:e3:d2:d0:da:36:d6:a2:
39:f8:dc:8d:87:b8:4c:ae:e7:be:49:6a:36:5b:e5:dd:78:36:
47:29:0c:72:43:68:2a:31:f2:ac:77:3d:ca:2d:1b:d7:41:69:
2e:e4:2d:e7:6a:15:ba:4d:3e:31:1e:7b:32:49:a0:f8:9a:6b:
41:bc:63:9f
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAYyx1kL9Sy04MR/YHCRlqRrRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNTAwMmJhMDg4ZDViZDA5YzE1NTNkY2VkNWIwYmYzOTA3
ZmY3MzYwHhcNMjMxMjI4MTkxMDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWVlZTVhODA5MGE3ZmQ2YzRjMGVlYmI3OWUzNWIwOTZlMTU0MjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6BARVLJsg+7BOMfp1CQT93IfTdw
PFkjN+6ca0XsWNA4eB8hZ018pbwc2++OZyi8vewGFwElOI4eodOY91GwtXRwdvv+
5OzVUS/6GS4ufN5zB8ZRvVyE3Q46sy7LU9BtC98jvtgN08rBxIdD3rm2J5JtkmJq
m8fXUgo2bX/wHg3qsWQpRtGIWY5AOHE+rRp7ltuljQehYwKzX4uxPeJIAb6gTgqH
PWUzmjE/beL0+MFQgsM4+AT48wRXBOF2yZDyGXwtYiHw9KwsbI7aOlkk6sgrZJkw
AvGA5jhp5QJOP9QA7F0iVizehk3Z/uRyDLdtSBzVkCIP+bWRrU3VSrwh3wIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFFHu5agJCn/WxMDuu3njWwluFUI4MB8GA1UdIwQY
MBaAFLNQAroIjVvQnBVT3O1bC/OQf/c2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczFBQ3VnaU5XOUNjRlZQYzdWc0w4NUJfOXpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9mZTRiMDYtZmMyZS00YmNiLTg3N2Ut
YWYxZWYxZDdhZmI4LzEvVWU3bHFBa0tmOWJFd082N2VlTmJDVzRWUWpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9mZTRiMDYtZmMyZS00YmNiLTg3N2UtYWYxZWYxZDdhZmI4
LzEvczFBQ3VnaU5XOUNjRlZQYzdWc0w4NUJfOXpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTAkBAIAATAeAwQAH97jAwQA
XveJAwQAkhNUAwQAsHQAAwQAuevmMB0EAgACMBcDBwAgAQZ4DjADBQAqCi6AAwUA
KhGEgTANBgkqhkiG9w0BAQsFAAOCAQEAbocFSt35PoHhjVgbGpD7JJImC9l8H/2n
z6eIV0KCKiQfmSwZ/ME48SyxWRhNDfZyKEA0B457Go44YJigp5Q2wLTgYxjf0M2j
AZY+a9RESefDKP2h17+YGACxjPEvSqUclnRvWofp2RZ+aSAE3NJX3XYEcnZ4VNN/
tqVKmvbzC4E4aA/CKLeFzgU36vZ7HPp/ZMwt18yRB3nNlhkTFk40Plk13urjIYyl
WI6SMPG9Skqm2YYA5A21k5F+WBEZ1Ajj0tDaNtaiOfjcjYe4TK7nvklqNlvl3Xg2
RykMckNoKjHyrHc9yi0b10FpLuQt52oVuk0+MR57Mkmg+JprQbxjnw==
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:54:43 2025 by rpki-client