Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/f5a8b1-6e22-4961-b38b-fe01eec40ec1/1/U2QNLbbInqWe-IvNx5R0Nm3uwdY.roa
File: U2QNLbbInqWe-IvNx5R0Nm3uwdY.roa (raw, json)
Hash identifier: F8Phmu4bfAk26OLX3rfXtnFez1gFiMDEG0+J+PIJvzg=
Subject key identifier: 53:64:0D:2D:B6:C8:9E:A5:9E:F8:8B:CD:C7:94:74:36:6D:EE:C1:D6
Certificate issuer: /CN=3bfc6431f5333b6ddd31e83b69682d8e8ee06fc1
Certificate serial: 0183409F7ADB8A93AF8FA2F6644391DB934B
Authority key identifier: 3B:FC:64:31:F5:33:3B:6D:DD:31:E8:3B:69:68:2D:8E:8E:E0:6F:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O_xkMfUzO23dMeg7aWgtjo7gb8E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/f5a8b1-6e22-4961-b38b-fe01eec40ec1/1/U2QNLbbInqWe-IvNx5R0Nm3uwdY.roa
Signing time: Thu 15 Sep 2022 10:08:56 +0000
ROA not before: Thu 15 Sep 2022 10:08:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29423
IP address blocks: 185.241.32.0/22 maxlen: 24
185.102.92.0/22 maxlen: 24
2a06:2380::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:40:9f:7a:db:8a:93:af:8f:a2:f6:64:43:91:db:93:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bfc6431f5333b6ddd31e83b69682d8e8ee06fc1
Validity
Not Before: Sep 15 10:08:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=53640d2db6c89ea59ef88bcdc79474366deec1d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d9:c4:e4:16:6b:80:ec:d4:ee:23:1d:55:a6:
1a:c0:af:8f:0b:1f:e8:61:78:93:5a:14:b7:68:bb:
37:78:b5:ae:86:b1:47:73:34:8e:5d:07:7e:95:4b:
20:a8:d1:93:db:3d:da:f7:e7:69:ce:58:38:4e:2e:
c2:ae:0a:a3:83:c9:33:2c:5e:60:4a:8f:4d:d1:d2:
2c:cd:04:08:c7:5c:6f:63:08:c1:16:76:94:82:dd:
f3:28:f7:55:71:6c:8a:c5:7b:b7:87:a5:9a:61:4e:
e3:bf:66:17:a6:1c:7f:d5:f1:58:bc:74:f9:c7:d2:
24:81:fa:7b:5d:f0:97:06:5b:4e:9f:c3:ac:7b:22:
23:ac:4d:c4:7a:42:83:8c:47:ac:b3:28:b7:ba:61:
2c:3d:79:cd:79:a5:b8:37:ff:b5:ca:80:7d:a1:cd:
63:2b:f1:90:10:49:a2:06:7d:60:03:09:52:6a:fe:
ea:e1:2d:d8:40:2c:c0:e2:3b:3b:b7:af:b2:3b:4b:
31:22:d7:ef:d1:c0:21:8e:57:6d:da:c3:9c:97:89:
0b:3b:34:12:65:fe:49:73:4f:43:f4:fe:94:10:22:
82:0a:d4:c6:ab:4d:95:b0:12:1e:cb:64:99:d5:a2:
9a:33:85:fd:c1:b6:7c:4f:93:d0:8d:48:41:be:2f:
a2:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:64:0D:2D:B6:C8:9E:A5:9E:F8:8B:CD:C7:94:74:36:6D:EE:C1:D6
X509v3 Authority Key Identifier:
keyid:3B:FC:64:31:F5:33:3B:6D:DD:31:E8:3B:69:68:2D:8E:8E:E0:6F:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O_xkMfUzO23dMeg7aWgtjo7gb8E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/f5a8b1-6e22-4961-b38b-fe01eec40ec1/1/U2QNLbbInqWe-IvNx5R0Nm3uwdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/f5a8b1-6e22-4961-b38b-fe01eec40ec1/1/O_xkMfUzO23dMeg7aWgtjo7gb8E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.102.92.0/22
185.241.32.0/22
IPv6:
2a06:2380::/29
Signature Algorithm: sha256WithRSAEncryption
3c:3a:60:05:e1:86:c9:d9:3d:20:2b:15:10:91:62:4e:0b:86:
04:d1:14:09:99:e4:af:7d:1d:32:fc:f4:86:0a:53:d6:37:7f:
24:4b:48:7f:ce:85:88:b7:0b:d4:fe:14:a4:73:0e:2f:0b:4c:
94:f8:e2:60:3e:fa:d9:a7:c7:11:48:37:a5:87:21:b0:76:85:
34:d0:64:2a:ae:d2:ac:60:08:d3:63:b0:fa:b3:93:49:16:29:
ed:1e:9b:02:f5:6d:c9:30:ba:2d:87:19:22:c2:6e:9c:74:7e:
54:df:d0:fb:20:1e:6f:31:19:57:03:65:78:42:29:20:9e:d9:
cb:61:24:6c:3c:5a:ae:20:c9:32:89:0e:ee:3d:19:e7:ee:11:
66:65:a8:5a:df:35:af:7e:54:98:1b:dd:a1:9f:fb:71:e5:fb:
50:31:48:ad:c1:3e:50:cd:30:07:14:c3:13:b8:4a:79:2d:bb:
02:a0:71:a8:03:b2:3d:49:02:4c:60:f2:91:66:a1:d3:26:4a:
d6:0e:a2:3b:86:09:a4:c4:a7:f2:4e:1c:10:4e:41:84:65:36:
b2:81:90:5a:77:84:2e:55:65:32:47:d3:9e:99:a6:2a:7b:20:
bf:0a:61:34:13:e3:43:36:28:87:4d:ab:48:dd:9a:d5:52:14:
16:de:96:7d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYNAn3rbipOvj6L2ZEOR25NLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZmM2NDMxZjUzMzNiNmRkZDMxZTgzYjY5NjgyZDhlOGVl
MDZmYzEwHhcNMjIwOTE1MTAwODU2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzY0MGQyZGI2Yzg5ZWE1OWVmODhiY2RjNzk0NzQzNjZkZWVjMWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtnE5BZrgOzU7iMdVaYawK+PCx/o
YXiTWhS3aLs3eLWuhrFHczSOXQd+lUsgqNGT2z3a9+dpzlg4Ti7Crgqjg8kzLF5g
So9N0dIszQQIx1xvYwjBFnaUgt3zKPdVcWyKxXu3h6WaYU7jv2YXphx/1fFYvHT5
x9Ikgfp7XfCXBltOn8OseyIjrE3EekKDjEessyi3umEsPXnNeaW4N/+1yoB9oc1j
K/GQEEmiBn1gAwlSav7q4S3YQCzA4js7t6+yO0sxItfv0cAhjldt2sOcl4kLOzQS
Zf5Jc09D9P6UECKCCtTGq02VsBIey2SZ1aKaM4X9wbZ8T5PQjUhBvi+iVQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFNkDS22yJ6lnviLzceUdDZt7sHWMB8GA1UdIwQY
MBaAFDv8ZDH1Mztt3THoO2loLY6O4G/BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT194a01mVXpPMjNkTWVnN2FXZ3RqbzdnYjhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9mNWE4YjEtNmUyMi00OTYxLWIzOGIt
ZmUwMWVlYzQwZWMxLzEvVTJRTkxiYklucVdlLUl2Tng1UjBObTN1d2RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9mNWE4YjEtNmUyMi00OTYxLWIzOGItZmUwMWVlYzQwZWMx
LzEvT194a01mVXpPMjNkTWVnN2FXZ3RqbzdnYjhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuWZcAwQC
ufEgMA0EAgACMAcDBQMqBiOAMA0GCSqGSIb3DQEBCwUAA4IBAQA8OmAF4YbJ2T0g
KxUQkWJOC4YE0RQJmeSvfR0y/PSGClPWN38kS0h/zoWItwvU/hSkcw4vC0yU+OJg
PvrZp8cRSDelhyGwdoU00GQqrtKsYAjTY7D6s5NJFintHpsC9W3JMLothxkiwm6c
dH5U39D7IB5vMRlXA2V4QikgntnLYSRsPFquIMkyiQ7uPRnn7hFmZaha3zWvflSY
G92hn/tx5ftQMUitwT5QzTAHFMMTuEp5LbsCoHGoA7I9SQJMYPKRZqHTJkrWDqI7
hgmkxKfyThwQTkGEZTaygZBad4QuVWUyR9OemaYqeyC/CmE0E+NDNiiHTatI3ZrV
UhQW3pZ9
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:17 2025 by rpki-client