Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/uvm_S5twAvLVv08Z_4zQrm5sPGE.roa
File: uvm_S5twAvLVv08Z_4zQrm5sPGE.roa (raw, json)
Hash identifier: URZ4OOfRYdLRMt/ZxaE/f1Id14Inq1rPB4rXLs/EHCQ=
Subject key identifier: BA:F9:BF:4B:9B:70:02:F2:D5:BF:4F:19:FF:8C:D0:AE:6E:6C:3C:61
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018AD576CD2847A26881499AA5701EEF455E
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/uvm_S5twAvLVv08Z_4zQrm5sPGE.roa
Signing time: Wed 27 Sep 2023 07:07:27 +0000
ROA not before: Wed 27 Sep 2023 07:07:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 89.213.42.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d5:76:cd:28:47:a2:68:81:49:9a:a5:70:1e:ef:45:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 27 07:07:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=baf9bf4b9b7002f2d5bf4f19ff8cd0ae6e6c3c61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:e2:27:5e:71:09:aa:9b:86:50:59:1b:7a:19:
be:8b:51:97:b6:41:14:9b:bd:f3:2a:24:5c:35:48:
64:aa:b4:eb:ef:1a:aa:ad:46:0e:9b:19:3a:12:63:
76:a1:cd:59:51:74:fe:80:6d:67:85:23:e4:8d:84:
48:d5:e0:a8:27:02:e9:51:ee:5b:5e:17:a8:2d:3e:
89:94:8b:66:d1:8d:b8:8d:cf:a6:3c:e0:d0:be:8c:
a0:83:a8:e7:8f:01:db:9f:32:29:99:51:7e:54:6a:
28:ce:af:17:42:2e:63:73:5b:d0:fc:81:d4:ea:18:
92:6d:d4:f1:bd:20:eb:11:e3:0a:66:e5:13:62:c9:
04:33:d0:e6:da:b0:3b:13:14:f2:d6:11:6d:47:c1:
d9:c1:00:b9:ba:dd:f3:1d:9e:11:66:3b:37:25:84:
aa:a9:43:f3:18:d6:04:fa:35:9b:79:18:e1:bc:91:
f8:a2:bf:ea:4d:09:47:3b:1a:e4:38:43:31:8f:a4:
95:21:22:70:06:54:73:06:75:54:e6:2a:27:9e:5f:
55:6d:13:90:0a:6b:90:d6:5f:b6:6a:4e:9d:bb:98:
2b:2f:f5:1f:35:ef:76:c3:dc:5c:00:71:f8:27:ac:
e2:54:5f:5b:07:c4:9d:9e:1a:ce:26:29:68:3b:93:
41:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:F9:BF:4B:9B:70:02:F2:D5:BF:4F:19:FF:8C:D0:AE:6E:6C:3C:61
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/uvm_S5twAvLVv08Z_4zQrm5sPGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.42.0/24
Signature Algorithm: sha256WithRSAEncryption
74:ef:96:d5:b4:df:2d:45:d7:fa:9d:dc:7b:45:5d:96:a0:b7:
37:ce:c6:72:13:c2:35:91:49:2b:48:ef:4e:b7:9b:85:d5:09:
2d:14:bd:82:8a:3c:c3:48:ef:c0:c2:38:38:0c:0c:7f:c9:de:
db:af:fa:60:25:75:23:d6:4e:0b:d4:b3:e5:b2:e2:38:e8:ed:
55:c5:b9:47:c5:1d:13:84:be:da:c8:7a:f0:5b:88:be:b6:c8:
65:43:6f:e5:d4:f8:f8:71:ce:04:78:03:84:36:07:f7:a2:bc:
dd:c2:f3:f9:0f:50:76:5b:31:ba:ca:aa:a0:ef:04:09:f7:bf:
2b:db:99:03:0b:24:85:08:af:37:72:e5:ec:5a:a0:9b:ba:66:
4f:4d:65:ba:07:23:6f:a2:e2:89:49:51:fc:17:7a:9c:82:24:
c7:e6:fe:36:6f:10:58:ee:32:82:cc:c8:d9:f0:9b:4a:1b:3e:
d7:24:30:f3:59:da:16:e4:29:4f:10:c6:9f:9a:b3:40:5e:38:
a8:18:26:4e:23:48:9c:68:5d:bb:d4:1d:3a:46:3d:38:40:78:
25:84:b9:ed:f3:b4:d5:87:dd:04:ba:a4:23:ed:b4:64:3e:09:
16:29:b1:8e:52:42:30:7e:50:e9:10:44:82:67:96:fa:eb:d2:
c6:f5:7d:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrVds0oR6JogUmapXAe70VeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwOTI3MDcwNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWY5YmY0YjliNzAwMmYyZDViZjRmMTlmZjhjZDBhZTZlNmMzYzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOInXnEJqpuGUFkbehm+i1GXtkEU
m73zKiRcNUhkqrTr7xqqrUYOmxk6EmN2oc1ZUXT+gG1nhSPkjYRI1eCoJwLpUe5b
XheoLT6JlItm0Y24jc+mPODQvoygg6jnjwHbnzIpmVF+VGoozq8XQi5jc1vQ/IHU
6hiSbdTxvSDrEeMKZuUTYskEM9Dm2rA7ExTy1hFtR8HZwQC5ut3zHZ4RZjs3JYSq
qUPzGNYE+jWbeRjhvJH4or/qTQlHOxrkOEMxj6SVISJwBlRzBnVU5ionnl9VbROQ
CmuQ1l+2ak6du5grL/UfNe92w9xcAHH4J6ziVF9bB8SdnhrOJiloO5NBkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLr5v0ubcALy1b9PGf+M0K5ubDxhMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdXZtX1M1dHdBdkxWdjA4Wl80elFybTVzUEdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdUqMA0G
CSqGSIb3DQEBCwUAA4IBAQB075bVtN8tRdf6ndx7RV2WoLc3zsZyE8I1kUkrSO9O
t5uF1QktFL2CijzDSO/Awjg4DAx/yd7br/pgJXUj1k4L1LPlsuI46O1VxblHxR0T
hL7ayHrwW4i+tshlQ2/l1Pj4cc4EeAOENgf3orzdwvP5D1B2WzG6yqqg7wQJ978r
25kDCySFCK83cuXsWqCbumZPTWW6ByNvouKJSVH8F3qcgiTH5v42bxBY7jKCzMjZ
8JtKGz7XJDDzWdoW5ClPEMafmrNAXjioGCZOI0icaF271B06Rj04QHglhLnt87TV
h90EuqQj7bRkPgkWKbGOUkIwflDpEESCZ5b669LG9X1p
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:31:27 2025 by rpki-client