Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/uzVQnwPo66ojUlh9MsPaAwiq8gc.roa
File: uzVQnwPo66ojUlh9MsPaAwiq8gc.roa (raw, json)
Hash identifier: p+qYh1B8E/f2GbYxm5F6GMMNpzSzX0sWq1dXijT0piw=
Subject key identifier: BB:35:50:9F:03:E8:EB:AA:23:52:58:7D:32:C3:DA:03:08:AA:F2:07
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01894A7AD83FDD542B3EE7312DDE4EF091BE
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/uzVQnwPo66ojUlh9MsPaAwiq8gc.roa
Signing time: Wed 12 Jul 2023 14:21:52 +0000
ROA not before: Wed 12 Jul 2023 14:21:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206509
IP address blocks: 81.168.0.0/17 maxlen: 17
109.176.0.0/16 maxlen: 16
81.5.128.0/18 maxlen: 18
82.152.0.0/15 maxlen: 15
213.152.32.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:4a:7a:d8:3f:dd:54:2b:3e:e7:31:2d:de:4e:f0:91:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 12 14:21:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb35509f03e8ebaa2352587d32c3da0308aaf207
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:ff:37:27:4d:99:0c:a1:f3:00:68:0e:2b:0e:
14:28:54:d9:29:7e:39:63:d8:de:55:64:c2:28:af:
ab:b1:2d:6e:fe:74:ed:25:6b:dd:27:b9:28:0d:44:
dc:40:2b:23:49:11:9b:a9:d3:95:a8:7d:7a:36:92:
58:f8:45:9d:80:2f:4d:dc:17:c6:cc:ad:4a:5e:ea:
5e:8d:2a:c5:3a:c5:a0:fa:c6:22:42:41:e2:5f:60:
85:ce:70:b1:f6:40:c3:e7:a8:5e:ae:6e:40:76:7d:
cb:cb:a5:e5:9f:63:3f:b2:9e:fb:80:33:67:65:7c:
4e:5e:74:da:d9:9e:51:ad:3f:0f:43:0d:67:c3:3c:
d0:87:35:a1:b7:66:5f:9e:5e:d3:dc:f4:28:c0:19:
1f:6b:20:c6:93:12:40:80:87:e4:9a:5f:fe:bb:32:
63:87:4e:6b:ac:3b:0a:78:08:15:81:7c:ff:56:53:
5a:6b:6b:c5:f8:18:46:63:1d:d0:bb:ef:33:4c:48:
79:12:32:e0:46:7b:80:e1:2c:76:51:52:a9:45:df:
a7:cc:a2:a4:3b:21:a8:c0:54:3b:3a:6b:a4:db:59:
91:12:f4:af:45:d5:ab:ea:70:4f:0b:e7:ed:e1:e3:
ba:a6:ce:7a:f6:c7:9f:f6:62:64:20:f2:c6:44:b2:
d0:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:35:50:9F:03:E8:EB:AA:23:52:58:7D:32:C3:DA:03:08:AA:F2:07
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/uzVQnwPo66ojUlh9MsPaAwiq8gc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.128.0/18
81.168.0.0/17
82.152.0.0/15
109.176.0.0/16
213.152.32.0/19
Signature Algorithm: sha256WithRSAEncryption
34:af:7c:97:4b:f1:ba:51:e5:3e:64:ab:c5:f6:98:bc:e6:1f:
fa:9e:33:bd:50:b4:ec:7c:ff:80:98:54:b4:aa:cf:e7:e7:4a:
99:1b:eb:22:b9:66:51:48:96:d3:50:40:cc:14:59:70:cc:98:
3b:06:af:61:fc:d8:10:6d:9d:55:c2:5f:9b:f4:2f:59:3d:57:
6d:c7:ad:9b:2f:72:e9:cd:5f:a5:48:4a:82:17:0e:da:3c:b4:
8a:24:8a:c4:59:6b:5e:73:6a:e6:29:56:be:37:e2:9d:a8:8c:
f8:ad:42:e3:08:7e:f4:fc:49:87:5e:07:db:71:93:17:ca:bf:
c6:97:ea:47:19:ad:d3:4e:47:aa:4c:3d:5f:d4:69:08:4f:7f:
86:47:ea:d5:c9:71:7c:f5:4c:13:f7:72:ec:0a:c0:c6:2c:f3:
cc:35:f6:99:88:1f:75:b5:79:16:39:83:3a:ae:86:98:fd:56:
3f:6e:9b:58:43:f3:68:23:13:71:ac:8c:0c:c8:71:aa:36:93:
6c:e0:4f:10:02:50:df:04:c6:21:be:3c:94:d0:b2:51:4b:5c:
ea:db:50:08:69:62:34:92:d9:8b:6f:0d:09:a5:0a:c6:34:b3:
26:48:93:4f:d0:42:71:07:14:fb:7e:83:76:a8:6c:fd:25:d0:
78:3a:b5:8e
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYlKetg/3VQrPucxLd5O8JG+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzEyMTQyMTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjM1NTA5ZjAzZThlYmFhMjM1MjU4N2QzMmMzZGEwMzA4YWFmMjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiP83J02ZDKHzAGgOKw4UKFTZKX45
Y9jeVWTCKK+rsS1u/nTtJWvdJ7koDUTcQCsjSRGbqdOVqH16NpJY+EWdgC9N3BfG
zK1KXupejSrFOsWg+sYiQkHiX2CFznCx9kDD56herm5Adn3Ly6Xln2M/sp77gDNn
ZXxOXnTa2Z5RrT8PQw1nwzzQhzWht2Zfnl7T3PQowBkfayDGkxJAgIfkml/+uzJj
h05rrDsKeAgVgXz/VlNaa2vF+BhGYx3Qu+8zTEh5EjLgRnuA4Sx2UVKpRd+nzKKk
OyGowFQ7Omuk21mREvSvRdWr6nBPC+ft4eO6ps569sef9mJkIPLGRLLQLQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFLs1UJ8D6OuqI1JYfTLD2gMIqvIHMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdXpWUW53UG82Nm9qVWxoOU1zUGFBd2lxOGdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcAwQGUQWAAwQH
UagAAwMBUpgDAwBtsAMEBdWYIDANBgkqhkiG9w0BAQsFAAOCAQEANK98l0vxulHl
PmSrxfaYvOYf+p4zvVC07Hz/gJhUtKrP5+dKmRvrIrlmUUiW01BAzBRZcMyYOwav
YfzYEG2dVcJfm/QvWT1Xbcetmy9y6c1fpUhKghcO2jy0iiSKxFlrXnNq5ilWvjfi
naiM+K1C4wh+9PxJh14H23GTF8q/xpfqRxmt005Hqkw9X9RpCE9/hkfq1clxfPVM
E/dy7ArAxizzzDX2mYgfdbV5FjmDOq6GmP1WP26bWEPzaCMTcayMDMhxqjaTbOBP
EAJQ3wTGIb48lNCyUUtc6ttQCGliNJLZi28NCaUKxjSzJkiTT9BCcQcU+36Ddqhs
/SXQeDq1jg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:12:39 2025 by rpki-client