Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/772d2f-d1ae-47df-b67e-15ca753fa510/1/U6jfFiX_wqvS3OZXD4NM5tcsu6Q.roa
File: U6jfFiX_wqvS3OZXD4NM5tcsu6Q.roa (raw, json)
Hash identifier: V99pybuS7iQLa2Er2GQZ/SX98PYR9m7E23U43fPqkLc=
Subject key identifier: 53:A8:DF:16:25:FF:C2:AB:D2:DC:E6:57:0F:83:4C:E6:D7:2C:BB:A4
Certificate issuer: /CN=447b65f9f87aa8f740d5a17a72e6f8bc1e5d888f
Certificate serial: 01856D5CFD703E31CF53C921B33A88E04D12
Authority key identifier: 44:7B:65:F9:F8:7A:A8:F7:40:D5:A1:7A:72:E6:F8:BC:1E:5D:88:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RHtl-fh6qPdA1aF6cub4vB5diI8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/772d2f-d1ae-47df-b67e-15ca753fa510/1/U6jfFiX_wqvS3OZXD4NM5tcsu6Q.roa
Signing time: Sun 01 Jan 2023 12:44:48 +0000
ROA not before: Sun 01 Jan 2023 12:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29238
IP address blocks: 79.98.112.0/24 maxlen: 24
79.98.113.0/24 maxlen: 24
79.98.112.0/21 maxlen: 21
79.98.115.0/24 maxlen: 24
79.98.114.0/24 maxlen: 24
185.66.128.0/22 maxlen: 22
217.21.144.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:5c:fd:70:3e:31:cf:53:c9:21:b3:3a:88:e0:4d:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=447b65f9f87aa8f740d5a17a72e6f8bc1e5d888f
Validity
Not Before: Jan 1 12:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53a8df1625ffc2abd2dce6570f834ce6d72cbba4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:e6:59:10:44:bd:49:47:71:fa:85:7a:31:ba:
44:ac:a0:f1:51:26:5b:c6:c6:a6:bf:ca:fa:15:30:
5c:60:d9:68:0a:43:da:88:32:ed:13:47:44:99:97:
0e:6d:a1:f2:0b:5d:cf:c7:dd:1b:66:e5:bd:ea:02:
7b:30:58:8e:76:80:61:ad:ee:0e:0c:fa:1c:5e:17:
2d:cb:dd:c7:e9:89:76:2f:47:ae:04:c7:0b:6a:37:
43:b0:89:28:88:53:a8:15:d4:80:e2:d2:b5:62:48:
d1:9f:97:8c:61:9d:42:de:fd:00:27:df:b2:58:ba:
9d:0a:fc:79:09:ea:ea:2e:a0:8f:2e:58:30:6b:33:
4d:16:d8:75:9a:4c:14:39:d5:e3:6b:06:d2:77:9b:
1b:1c:f7:76:ab:40:a4:bb:e7:08:f7:92:71:8d:a1:
92:d9:bb:6c:19:c1:69:77:d1:cd:e5:34:9a:25:63:
21:fe:a7:d7:a1:60:15:c5:06:ab:31:82:cb:de:ce:
30:6d:05:50:c5:f4:fe:d8:38:df:26:d1:c4:61:59:
75:30:10:70:8c:cb:6d:44:00:2b:4b:be:f3:ac:a1:
52:56:45:b4:15:94:a7:46:b3:e7:1a:f7:5a:21:64:
52:1f:da:34:40:ed:1d:f8:c5:c1:f8:91:d3:30:37:
13:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:A8:DF:16:25:FF:C2:AB:D2:DC:E6:57:0F:83:4C:E6:D7:2C:BB:A4
X509v3 Authority Key Identifier:
keyid:44:7B:65:F9:F8:7A:A8:F7:40:D5:A1:7A:72:E6:F8:BC:1E:5D:88:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RHtl-fh6qPdA1aF6cub4vB5diI8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/772d2f-d1ae-47df-b67e-15ca753fa510/1/U6jfFiX_wqvS3OZXD4NM5tcsu6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/772d2f-d1ae-47df-b67e-15ca753fa510/1/RHtl-fh6qPdA1aF6cub4vB5diI8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.112.0/21
185.66.128.0/22
217.21.144.0/20
Signature Algorithm: sha256WithRSAEncryption
5e:d0:24:ff:f9:2a:35:77:dc:f7:19:99:1e:a2:48:59:ed:be:
38:93:eb:2c:b5:fe:d3:71:af:36:b4:f9:d7:83:85:82:79:f5:
06:8a:a4:0b:46:37:97:80:72:7f:86:65:7f:51:dd:a4:8e:9a:
52:c2:ae:3e:28:9c:9f:f2:1d:5c:43:89:f0:22:01:35:81:9b:
d9:d8:f3:cc:7b:ec:dc:1b:c7:62:ed:a8:9e:73:83:f0:32:59:
c0:e8:08:4c:32:fb:71:af:0b:7b:e0:54:dd:92:0b:67:3b:83:
37:7c:9c:70:45:eb:b5:77:29:73:4d:58:03:90:0a:47:0f:73:
d1:ae:d8:5a:24:31:c0:14:61:b7:b2:68:11:a3:30:3a:a8:90:
14:8f:9a:2c:af:6a:dc:d8:b2:19:97:20:82:8b:f7:64:32:57:
79:51:db:04:49:66:be:d5:8c:cf:66:36:54:c1:44:88:b9:22:
eb:92:e9:76:dd:30:19:fa:26:76:85:4a:1d:c6:b1:b9:a1:3b:
e1:64:69:97:25:aa:fa:d7:2f:cd:01:26:a0:86:4f:14:d4:f3:
1e:9e:d6:01:d7:73:ca:2a:e0:f9:9c:d9:23:e7:85:34:dd:e7:
2c:4a:ef:87:38:2e:72:98:b0:c8:c2:eb:9b:2f:85:db:52:98:
5d:8d:0f:60
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtXP1wPjHPU8khszqI4E0SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0N2I2NWY5Zjg3YWE4Zjc0MGQ1YTE3YTcyZTZmOGJjMWU1
ZDg4OGYwHhcNMjMwMTAxMTI0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2E4ZGYxNjI1ZmZjMmFiZDJkY2U2NTcwZjgzNGNlNmQ3MmNiYmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueZZEES9SUdx+oV6MbpErKDxUSZb
xsamv8r6FTBcYNloCkPaiDLtE0dEmZcObaHyC13Px90bZuW96gJ7MFiOdoBhre4O
DPocXhcty93H6Yl2L0euBMcLajdDsIkoiFOoFdSA4tK1YkjRn5eMYZ1C3v0AJ9+y
WLqdCvx5CerqLqCPLlgwazNNFth1mkwUOdXjawbSd5sbHPd2q0Cku+cI95JxjaGS
2btsGcFpd9HN5TSaJWMh/qfXoWAVxQarMYLL3s4wbQVQxfT+2DjfJtHEYVl1MBBw
jMttRAArS77zrKFSVkW0FZSnRrPnGvdaIWRSH9o0QO0d+MXB+JHTMDcTgwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFOo3xYl/8Kr0tzmVw+DTObXLLukMB8GA1UdIwQY
MBaAFER7Zfn4eqj3QNWhenLm+LweXYiPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkh0bC1maDZxUGRBMWFGNmN1YjR2QjVkaUk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC83NzJkMmYtZDFhZS00N2RmLWI2N2Ut
MTVjYTc1M2ZhNTEwLzEvVTZqZkZpWF93cXZTM09aWEQ0Tk01dGNzdTZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC83NzJkMmYtZDFhZS00N2RmLWI2N2UtMTVjYTc1M2ZhNTEw
LzEvUkh0bC1maDZxUGRBMWFGNmN1YjR2QjVkaUk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDT2JwAwQC
uUKAAwQE2RWQMA0GCSqGSIb3DQEBCwUAA4IBAQBe0CT/+So1d9z3GZkeokhZ7b44
k+sstf7Tca82tPnXg4WCefUGiqQLRjeXgHJ/hmV/Ud2kjppSwq4+KJyf8h1cQ4nw
IgE1gZvZ2PPMe+zcG8di7aiec4PwMlnA6AhMMvtxrwt74FTdkgtnO4M3fJxwReu1
dylzTVgDkApHD3PRrthaJDHAFGG3smgRozA6qJAUj5osr2rc2LIZlyCCi/dkMld5
UdsESWa+1YzPZjZUwUSIuSLrkul23TAZ+iZ2hUodxrG5oTvhZGmXJar61y/NASag
hk8U1PMentYB13PKKuD5nNkj54U03ecsSu+HOC5ymLDIwuubL4XbUphdjQ9g
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:36 2025 by rpki-client