Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/175260-8f9a-4b7f-b011-4c2647a58967/1/UsziUQlJ5xyqLocSwrvqO1Pxj4U.roa
File: UsziUQlJ5xyqLocSwrvqO1Pxj4U.roa (raw, json)
Hash identifier: X4LBx2qoqFpKlqFxan2ien+PlR2NIbiqm7YP823sPBU=
Subject key identifier: 52:CC:E2:51:09:49:E7:1C:AA:2E:87:12:C2:BB:EA:3B:53:F1:8F:85
Certificate issuer: /CN=13349545ab8bfd265273e8d4843b98bf0b4148f2
Certificate serial: 093CA947
Authority key identifier: 13:34:95:45:AB:8B:FD:26:52:73:E8:D4:84:3B:98:BF:0B:41:48:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EzSVRauL_SZSc-jUhDuYvwtBSPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/175260-8f9a-4b7f-b011-4c2647a58967/1/UsziUQlJ5xyqLocSwrvqO1Pxj4U.roa
Signing time: Sat 01 Jan 2022 13:54:57 +0000
ROA not before: Sat 01 Jan 2022 13:54:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50563
IP address blocks: 152.89.182.0/23 maxlen: 23
152.89.182.0/24 maxlen: 24
152.89.180.0/24 maxlen: 24
152.89.180.0/23 maxlen: 23
152.89.180.0/22 maxlen: 22
152.89.183.0/24 maxlen: 24
152.89.181.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154970439 (0x93ca947)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13349545ab8bfd265273e8d4843b98bf0b4148f2
Validity
Not Before: Jan 1 13:54:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=52cce2510949e71caa2e8712c2bbea3b53f18f85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:00:da:06:56:bf:12:ee:af:92:fd:99:13:c3:
a6:9f:36:5f:7d:30:e4:a0:0b:75:79:41:86:5c:a5:
29:c8:b5:47:ee:74:4c:02:1b:6a:6b:b8:69:75:04:
35:68:11:a6:20:cf:e2:d8:5e:74:d6:e4:d6:2b:43:
e9:b2:62:0e:ae:19:14:3a:8e:73:84:e8:26:c2:86:
58:10:fb:60:87:18:69:88:13:38:27:da:3a:06:0f:
0d:fd:dc:c4:dc:f9:2a:b5:85:79:3e:75:51:3c:c8:
00:e6:2f:f2:66:22:b4:35:41:cc:55:2d:05:0b:c8:
8a:5f:ba:c6:b0:0d:da:b7:0e:4e:93:3c:ed:23:bd:
f1:f4:54:a7:19:a0:a1:ba:56:5e:c7:24:e4:1e:3a:
96:ca:41:6d:27:da:2a:6c:f1:64:04:33:52:d0:94:
ed:16:99:38:dc:d6:84:aa:b9:ad:c3:88:30:bc:f4:
b9:3a:97:a8:96:fa:b8:7b:fe:d1:98:be:ab:90:1c:
cd:59:f8:45:e8:db:79:b7:2d:18:45:58:42:82:4c:
1d:93:44:3a:3e:dc:ba:a1:66:26:53:c1:d1:68:51:
30:81:56:9b:36:b2:c4:42:32:03:d7:cb:45:b7:bb:
dd:47:ff:ea:d2:35:e2:88:78:fc:1b:68:87:8f:d5:
3f:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:CC:E2:51:09:49:E7:1C:AA:2E:87:12:C2:BB:EA:3B:53:F1:8F:85
X509v3 Authority Key Identifier:
keyid:13:34:95:45:AB:8B:FD:26:52:73:E8:D4:84:3B:98:BF:0B:41:48:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EzSVRauL_SZSc-jUhDuYvwtBSPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/175260-8f9a-4b7f-b011-4c2647a58967/1/UsziUQlJ5xyqLocSwrvqO1Pxj4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/175260-8f9a-4b7f-b011-4c2647a58967/1/EzSVRauL_SZSc-jUhDuYvwtBSPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.180.0/22
Signature Algorithm: sha256WithRSAEncryption
90:4b:e4:80:7b:4b:cf:d8:74:f8:e5:e3:ab:7b:b7:58:44:5c:
3f:c2:f3:13:22:83:a6:40:8e:a1:ec:bb:c2:d6:30:78:14:59:
02:e6:b2:91:25:94:2b:a1:63:78:28:03:58:da:de:29:7f:9f:
7c:6d:79:00:d3:45:d3:22:9e:35:4e:a7:f0:a2:98:2d:7c:57:
74:7e:64:43:04:bc:9b:87:4d:25:66:95:f2:17:79:09:30:a0:
6c:58:93:03:2f:af:ba:ce:01:1a:42:b2:3d:04:6d:28:73:7b:
4d:06:a6:f1:89:3c:d6:c3:05:70:61:5b:1c:d8:98:ba:d5:1f:
7d:ba:d9:4b:2b:de:33:76:74:ca:32:71:ba:15:f7:62:8d:b4:
6d:44:f1:5c:df:ec:cd:cc:33:76:6d:62:00:7d:f7:b8:c2:cc:
76:a6:8a:8d:39:af:4f:22:fa:8d:01:54:0d:20:38:71:d1:a2:
f6:64:ac:bb:e3:61:ef:b3:98:38:bb:02:61:1b:25:0c:cf:d4:
b8:70:5e:0d:05:ab:8a:38:0f:bb:c4:77:80:0e:3b:11:f6:31:
f9:2f:d6:8d:94:f9:8d:f8:92:12:c2:5b:e4:b2:ec:a5:c9:84:
97:1a:45:b6:52:cc:4f:4d:2d:f4:27:8e:e1:08:fc:d7:90:4e:
43:6d:a7:d7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECTypRzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MzM0OTU0NWFiOGJmZDI2NTI3M2U4ZDQ4NDNiOThiZjBiNDE0OGYyMB4XDTIyMDEw
MTEzNTQ1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTJjY2UyNTEwOTQ5
ZTcxY2FhMmU4NzEyYzJiYmVhM2I1M2YxOGY4NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALoA2gZWvxLur5L9mRPDpp82X30w5KALdXlBhlylKci1R+50
TAIbamu4aXUENWgRpiDP4thedNbk1itD6bJiDq4ZFDqOc4ToJsKGWBD7YIcYaYgT
OCfaOgYPDf3cxNz5KrWFeT51UTzIAOYv8mYitDVBzFUtBQvIil+6xrAN2rcOTpM8
7SO98fRUpxmgobpWXsck5B46lspBbSfaKmzxZAQzUtCU7RaZONzWhKq5rcOIMLz0
uTqXqJb6uHv+0Zi+q5AczVn4RejbebctGEVYQoJMHZNEOj7cuqFmJlPB0WhRMIFW
mzayxEIyA9fLRbe73Uf/6tI14oh4/Btoh4/VPyECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRSzOJRCUnnHKouhxLCu+o7U/GPhTAfBgNVHSMEGDAWgBQTNJVFq4v9JlJz
6NSEO5i/C0FI8jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0V6U1ZSYXVMX1NaU2MtalVoRHVZdnd0QlNQSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODUvMTc1MjYwLThmOWEtNGI3Zi1iMDExLTRjMjY0N2E1ODk2Ny8x
L1VzemlVUWxKNXh5cUxvY1N3cnZxTzFQeGo0VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODUv
MTc1MjYwLThmOWEtNGI3Zi1iMDExLTRjMjY0N2E1ODk2Ny8xL0V6U1ZSYXVMX1Na
U2MtalVoRHVZdnd0QlNQSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAphZtDANBgkqhkiG9w0BAQsFAAOC
AQEAkEvkgHtLz9h0+OXjq3u3WERcP8LzEyKDpkCOoey7wtYweBRZAuaykSWUK6Fj
eCgDWNreKX+ffG15ANNF0yKeNU6n8KKYLXxXdH5kQwS8m4dNJWaV8hd5CTCgbFiT
Ay+vus4BGkKyPQRtKHN7TQam8Yk81sMFcGFbHNiYutUffbrZSyveM3Z0yjJxuhX3
Yo20bUTxXN/szcwzdm1iAH33uMLMdqaKjTmvTyL6jQFUDSA4cdGi9mSsu+Nh77OY
OLsCYRslDM/UuHBeDQWrijgPu8R3gA47EfYx+S/WjZT5jfiSEsJb5LLspcmElxpF
tlLMT00t9CeO4Qj815BOQ22n1w==
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:04:36 2025 by rpki-client