Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/821dc2-6766-4988-b777-03532140ef52/1/UKw1XzU3I_8Izp4oVUV0SvVR_JA.roa
File: UKw1XzU3I_8Izp4oVUV0SvVR_JA.roa (raw, json)
Hash identifier: 4+hK0jTvJ0j8D9TxEeKGhDOFfgbd5PZxvs66+PMxaAc=
Subject key identifier: 50:AC:35:5F:35:37:23:FF:08:CE:9E:28:55:45:74:4A:F5:51:FC:90
Certificate issuer: /CN=7d0213e3e7ebe6170a3600a8e3ae64ed962c0e36
Certificate serial: 0185713095AF586CF83D5EBFF1DD09017925
Authority key identifier: 7D:02:13:E3:E7:EB:E6:17:0A:36:00:A8:E3:AE:64:ED:96:2C:0E:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQIT4-fr5hcKNgCo465k7ZYsDjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/821dc2-6766-4988-b777-03532140ef52/1/UKw1XzU3I_8Izp4oVUV0SvVR_JA.roa
Signing time: Mon 02 Jan 2023 06:34:47 +0000
ROA not before: Mon 02 Jan 2023 06:34:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204099
IP address blocks: 185.29.90.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:30:95:af:58:6c:f8:3d:5e:bf:f1:dd:09:01:79:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d0213e3e7ebe6170a3600a8e3ae64ed962c0e36
Validity
Not Before: Jan 2 06:34:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=50ac355f353723ff08ce9e285545744af551fc90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:25:b8:48:fe:b4:dd:ca:01:1b:ef:78:dd:b4:
62:24:75:ac:5e:17:8b:31:a9:30:8a:dc:fd:69:00:
eb:6e:6e:4d:f5:9b:c3:2d:e9:50:27:0b:a1:7a:5a:
82:a3:6a:88:19:31:0f:14:35:3c:98:4d:9a:8f:e0:
7e:d9:ee:43:75:57:a9:e3:58:5c:44:98:74:64:12:
85:9e:5d:75:39:0c:8d:81:a4:e6:85:bd:81:6c:8f:
18:fe:da:f4:0b:41:2b:21:f8:31:b5:0c:e4:73:f4:
1a:f4:c4:03:a1:c9:b6:ca:a5:0c:63:10:ae:d5:ec:
a0:32:86:cd:e8:f7:e6:bd:64:e0:52:5d:78:d1:17:
95:d5:75:ba:58:57:c0:a5:54:36:1d:cd:dd:39:9f:
a7:d5:8c:d7:8b:98:66:24:ad:81:7d:7b:4a:d5:9e:
d6:be:8f:c2:91:d9:da:e8:7b:64:da:2e:89:ae:ab:
aa:9a:ba:8b:43:c1:1f:af:ca:10:f9:2d:23:c7:aa:
26:e9:9e:ad:50:6a:8e:1e:64:59:7f:51:99:6b:ed:
81:fe:d0:81:49:fd:aa:ff:49:42:d5:92:19:f1:ff:
f9:64:22:93:0e:ae:dc:1b:fc:9a:f1:44:ec:f9:f3:
bd:e0:fb:5c:a0:28:d4:fa:f9:4c:ad:b0:f3:b6:d4:
90:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:AC:35:5F:35:37:23:FF:08:CE:9E:28:55:45:74:4A:F5:51:FC:90
X509v3 Authority Key Identifier:
keyid:7D:02:13:E3:E7:EB:E6:17:0A:36:00:A8:E3:AE:64:ED:96:2C:0E:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQIT4-fr5hcKNgCo465k7ZYsDjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/821dc2-6766-4988-b777-03532140ef52/1/UKw1XzU3I_8Izp4oVUV0SvVR_JA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/821dc2-6766-4988-b777-03532140ef52/1/fQIT4-fr5hcKNgCo465k7ZYsDjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.29.90.0/23
Signature Algorithm: sha256WithRSAEncryption
bd:d6:03:aa:2a:dd:d1:14:67:9a:0f:97:6e:43:5e:eb:84:c5:
00:3f:36:ac:d9:48:be:8b:f2:91:05:dc:15:8c:41:46:31:68:
3a:3e:ba:ba:e1:6f:99:2c:a1:c1:6d:9d:f0:eb:23:8d:2a:09:
15:c7:de:70:45:6b:d2:88:16:33:d2:6f:b3:8a:23:5d:89:af:
11:60:f0:e7:88:08:f9:af:54:33:fa:59:1e:bd:e9:66:b7:94:
ad:7f:30:91:0f:54:57:a5:9d:18:8b:3b:91:fb:ff:2e:03:fb:
b3:e8:75:49:37:1e:46:91:08:3d:2a:c2:0b:54:c6:10:a3:17:
f4:ec:b0:cd:e2:43:ce:4b:a6:01:5a:2e:a6:b8:c3:4c:3c:79:
bd:39:0c:7a:ad:3e:ba:39:98:e6:2d:a1:b8:ae:e6:60:f6:a5:
08:0a:b7:48:11:ea:f0:18:38:9e:c0:30:22:05:df:99:33:11:
67:8c:a9:70:77:91:ca:28:15:f9:a8:eb:7a:10:9e:92:a1:80:
7b:a0:42:3d:19:cc:43:a4:dd:f1:bf:b2:24:79:d0:5b:71:f7:
6c:3e:d0:aa:f4:7d:e4:19:b1:62:70:d8:03:14:6d:92:ac:1c:
6a:1d:dc:df:ad:cc:d5:4f:71:d8:1c:ac:0d:c8:41:2b:b1:7c:
12:15:6a:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxMJWvWGz4PV6/8d0JAXklMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDIxM2UzZTdlYmU2MTcwYTM2MDBhOGUzYWU2NGVkOTYy
YzBlMzYwHhcNMjMwMTAyMDYzNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGFjMzU1ZjM1MzcyM2ZmMDhjZTllMjg1NTQ1NzQ0YWY1NTFmYzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhCW4SP603coBG+943bRiJHWsXheL
Makwitz9aQDrbm5N9ZvDLelQJwuhelqCo2qIGTEPFDU8mE2aj+B+2e5DdVep41hc
RJh0ZBKFnl11OQyNgaTmhb2BbI8Y/tr0C0ErIfgxtQzkc/Qa9MQDocm2yqUMYxCu
1eygMobN6PfmvWTgUl140ReV1XW6WFfApVQ2Hc3dOZ+n1YzXi5hmJK2BfXtK1Z7W
vo/Ckdna6Htk2i6JrquqmrqLQ8Efr8oQ+S0jx6om6Z6tUGqOHmRZf1GZa+2B/tCB
Sf2q/0lC1ZIZ8f/5ZCKTDq7cG/ya8UTs+fO94PtcoCjU+vlMrbDzttSQAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFCsNV81NyP/CM6eKFVFdEr1UfyQMB8GA1UdIwQY
MBaAFH0CE+Pn6+YXCjYAqOOuZO2WLA42MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFJVDQtZnI1aGNLTmdDbzQ2NWs3WllzRGpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy84MjFkYzItNjc2Ni00OTg4LWI3Nzct
MDM1MzIxNDBlZjUyLzEvVUt3MVh6VTNJXzhJenA0b1ZVVjBTdlZSX0pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy84MjFkYzItNjc2Ni00OTg4LWI3NzctMDM1MzIxNDBlZjUy
LzEvZlFJVDQtZnI1aGNLTmdDbzQ2NWs3WllzRGpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuR1aMA0G
CSqGSIb3DQEBCwUAA4IBAQC91gOqKt3RFGeaD5duQ17rhMUAPzas2Ui+i/KRBdwV
jEFGMWg6Prq64W+ZLKHBbZ3w6yONKgkVx95wRWvSiBYz0m+ziiNdia8RYPDniAj5
r1Qz+lkevelmt5StfzCRD1RXpZ0YizuR+/8uA/uz6HVJNx5GkQg9KsILVMYQoxf0
7LDN4kPOS6YBWi6muMNMPHm9OQx6rT66OZjmLaG4ruZg9qUICrdIEerwGDiewDAi
Bd+ZMxFnjKlwd5HKKBX5qOt6EJ6SoYB7oEI9GcxDpN3xv7IkedBbcfdsPtCq9H3k
GbFicNgDFG2SrBxqHdzfrczVT3HYHKwNyEErsXwSFWrw
-----END CERTIFICATE-----
Generated at Wed Apr 23 11:37:03 2025 by rpki-client