Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/UGcOzaa-AyFLD5fOqXuCLZaJSuI.roa
File: UGcOzaa-AyFLD5fOqXuCLZaJSuI.roa (raw, json)
Hash identifier: O9IiDO88klFXjRx/OYqdZAtRDRp7F+Dt/Jh0CEPtNUM=
Subject key identifier: 50:67:0E:CD:A6:BE:03:21:4B:0F:97:CE:A9:7B:82:2D:96:89:4A:E2
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0189D0A4F5D1364C444A027B3A02F2C97F78
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/UGcOzaa-AyFLD5fOqXuCLZaJSuI.roa
Signing time: Mon 07 Aug 2023 15:36:59 +0000
ROA not before: Mon 07 Aug 2023 15:36:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 140155
IP address blocks: 109.176.252.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d0:a4:f5:d1:36:4c:44:4a:02:7b:3a:02:f2:c9:7f:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 7 15:36:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=50670ecda6be03214b0f97cea97b822d96894ae2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:57:39:5d:e6:d0:64:76:da:5a:de:91:cd:29:
7e:39:f3:70:54:c8:15:d8:6f:0b:96:20:b3:51:ee:
57:c9:b5:92:a7:0a:f7:47:1d:80:04:0d:17:55:3e:
4b:b4:09:31:ee:c6:b0:c6:d3:0d:02:bf:96:25:6b:
74:63:cb:2d:b0:50:7d:d0:33:f9:5e:b6:6f:63:0d:
24:e6:8e:8a:7f:bc:38:40:01:48:6b:a2:53:c5:0b:
c7:d0:00:27:7b:fe:cd:3e:a8:59:94:fb:80:9f:9b:
c8:f9:3a:12:a0:7e:97:4e:e8:98:5c:2f:86:78:3c:
cf:1a:bd:fb:58:fd:1f:52:45:ea:ef:10:17:58:f5:
26:97:af:2d:70:1d:1e:17:57:3c:e8:51:40:b3:da:
3b:35:29:ff:72:06:1c:ac:e5:6f:ea:3f:b3:72:e5:
37:91:44:18:fc:45:e9:90:28:61:a1:91:26:b2:bb:
aa:f3:24:53:eb:e8:52:7f:63:47:67:01:53:d1:37:
ec:2f:b2:c9:2c:b6:4b:19:d8:6d:48:9b:d1:ae:a6:
da:39:c1:c6:a6:77:8e:d4:e8:75:db:39:91:7f:7a:
5f:26:c4:85:37:6d:32:aa:0d:96:fb:da:7b:00:da:
6b:ba:9c:a7:0a:82:f2:53:26:e2:4e:bc:7b:f9:91:
e3:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:67:0E:CD:A6:BE:03:21:4B:0F:97:CE:A9:7B:82:2D:96:89:4A:E2
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/UGcOzaa-AyFLD5fOqXuCLZaJSuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.176.252.0/24
Signature Algorithm: sha256WithRSAEncryption
57:d3:f5:e3:92:13:9d:b4:2e:93:64:89:d1:85:96:db:76:6f:
b3:c5:1d:54:2e:32:81:bd:2e:ef:2f:b6:75:2d:e7:13:86:67:
e8:b3:67:14:e2:3a:fa:68:a0:51:11:7d:b3:8f:70:f3:7d:9a:
b2:52:53:34:9c:8c:aa:7c:40:ac:f8:52:6f:aa:ad:7c:88:b4:
e8:76:67:67:c0:29:69:66:5c:71:a0:30:15:a6:84:07:ef:d3:
d5:9a:85:ad:15:a1:19:44:61:84:f0:b4:92:97:c8:77:f7:2e:
43:da:8f:3f:f5:36:67:f1:d8:1c:77:79:ce:b1:7d:b0:ea:63:
9a:cb:01:21:08:bd:c5:dd:11:c9:b2:c6:13:c8:a3:e2:db:42:
8e:4a:41:59:1e:fa:dc:c1:a5:89:ad:89:a0:c1:97:e7:84:0c:
68:4a:31:ae:ca:4a:a9:5d:ff:15:f3:8a:7f:2d:58:ea:15:4d:
f0:ef:69:92:a1:f7:fd:3b:8e:f0:d8:8d:1a:d7:a3:21:67:e1:
33:f7:1e:5b:a9:4a:52:2a:dd:5f:bb:5c:4b:74:45:e7:ab:76:
a4:24:e3:23:60:5e:0a:93:a5:16:46:be:69:c1:e1:18:a7:9d:
22:79:d3:3a:c8:a2:84:18:10:72:15:f3:b0:d0:3e:d7:2c:96:
ae:a5:90:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnQpPXRNkxESgJ7OgLyyX94MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODA3MTUzNjU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDY3MGVjZGE2YmUwMzIxNGIwZjk3Y2VhOTdiODIyZDk2ODk0YWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1c5XebQZHbaWt6RzSl+OfNwVMgV
2G8LliCzUe5XybWSpwr3Rx2ABA0XVT5LtAkx7sawxtMNAr+WJWt0Y8stsFB90DP5
XrZvYw0k5o6Kf7w4QAFIa6JTxQvH0AAne/7NPqhZlPuAn5vI+ToSoH6XTuiYXC+G
eDzPGr37WP0fUkXq7xAXWPUml68tcB0eF1c86FFAs9o7NSn/cgYcrOVv6j+zcuU3
kUQY/EXpkChhoZEmsruq8yRT6+hSf2NHZwFT0TfsL7LJLLZLGdhtSJvRrqbaOcHG
pneO1Oh12zmRf3pfJsSFN20yqg2W+9p7ANprupynCoLyUybiTrx7+ZHjiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFBnDs2mvgMhSw+Xzql7gi2WiUriMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvVUdjT3phYS1BeUZMRDVmT3FYdUNMWmFKU3VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbbD8MA0G
CSqGSIb3DQEBCwUAA4IBAQBX0/XjkhOdtC6TZInRhZbbdm+zxR1ULjKBvS7vL7Z1
LecThmfos2cU4jr6aKBREX2zj3DzfZqyUlM0nIyqfECs+FJvqq18iLTodmdnwClp
ZlxxoDAVpoQH79PVmoWtFaEZRGGE8LSSl8h39y5D2o8/9TZn8dgcd3nOsX2w6mOa
ywEhCL3F3RHJssYTyKPi20KOSkFZHvrcwaWJrYmgwZfnhAxoSjGuykqpXf8V84p/
LVjqFU3w72mSoff9O47w2I0a16MhZ+Ez9x5bqUpSKt1fu1xLdEXnq3akJOMjYF4K
k6UWRr5pweEYp50iedM6yKKEGBByFfOw0D7XLJaupZD8
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:23:03 2025 by rpki-client