Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/e10abe-4148-451b-94f5-f95c6097a50d/1/U5piwimIR4_q3rc6cUSci5uEuDM.roa
File: U5piwimIR4_q3rc6cUSci5uEuDM.roa (raw, json)
Hash identifier: wnk+U4qW5A/5cO5OC57lg+Hw9aR0Zq8hogQie+J78Gk=
Subject key identifier: 53:9A:62:C2:29:88:47:8F:EA:DE:B7:3A:71:44:9C:8B:9B:84:B8:33
Certificate issuer: /CN=cef38f48568833a5f7157eef59787833a01f53f5
Certificate serial: 0188D90F46CA6E9FB18BA3017AAC4B61346B
Authority key identifier: CE:F3:8F:48:56:88:33:A5:F7:15:7E:EF:59:78:78:33:A0:1F:53:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvOPSFaIM6X3FX7vWXh4M6AfU_U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/e10abe-4148-451b-94f5-f95c6097a50d/1/U5piwimIR4_q3rc6cUSci5uEuDM.roa
Signing time: Tue 20 Jun 2023 13:47:16 +0000
ROA not before: Tue 20 Jun 2023 13:47:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200428
IP address blocks: 185.92.60.0/22 maxlen: 22
2a05:ef40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d9:0f:46:ca:6e:9f:b1:8b:a3:01:7a:ac:4b:61:34:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cef38f48568833a5f7157eef59787833a01f53f5
Validity
Not Before: Jun 20 13:47:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=539a62c22988478feadeb73a71449c8b9b84b833
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:6f:ad:26:7b:8f:54:d8:78:00:20:ea:45:e1:
bc:6c:d3:17:6d:05:ea:72:a5:7f:f2:7c:75:3f:83:
82:8f:36:8c:ab:f0:61:9d:ae:1b:7e:56:94:6a:19:
85:e1:6a:f6:b4:10:82:7f:55:cc:d0:c6:dc:8e:8e:
02:57:d5:20:21:5f:98:57:d6:5e:01:a7:3e:c7:d4:
63:91:c0:72:09:c7:4f:eb:c5:a0:a0:e4:2d:ac:6d:
e6:16:d6:ce:bb:43:bb:04:0b:60:9b:d7:3c:dd:1e:
40:ca:66:b4:a6:18:31:2f:16:5a:27:fb:49:73:d9:
a8:3e:5b:54:19:94:d7:a1:4d:91:2b:93:dd:b4:40:
97:21:bc:04:a6:24:60:9c:17:e6:cb:a6:ba:9d:91:
16:27:f5:67:02:57:8f:ac:88:a1:b7:a3:60:3c:2b:
7c:fc:d2:08:32:84:ac:b8:b5:10:30:4f:bf:b5:de:
5c:c7:99:de:4b:f4:d2:5f:00:93:d1:7d:09:cc:e5:
50:42:50:3e:0c:65:a0:cf:8f:06:3d:4f:0d:b7:10:
74:31:56:1b:6f:b5:b9:68:2d:fe:fd:33:03:8d:a4:
2e:a1:3a:27:03:a9:24:93:1b:e9:db:23:68:68:fc:
e9:03:93:c2:81:10:b2:20:4c:a0:f9:f6:9e:ff:5e:
3c:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:9A:62:C2:29:88:47:8F:EA:DE:B7:3A:71:44:9C:8B:9B:84:B8:33
X509v3 Authority Key Identifier:
keyid:CE:F3:8F:48:56:88:33:A5:F7:15:7E:EF:59:78:78:33:A0:1F:53:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvOPSFaIM6X3FX7vWXh4M6AfU_U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/e10abe-4148-451b-94f5-f95c6097a50d/1/U5piwimIR4_q3rc6cUSci5uEuDM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/e10abe-4148-451b-94f5-f95c6097a50d/1/zvOPSFaIM6X3FX7vWXh4M6AfU_U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.92.60.0/22
IPv6:
2a05:ef40::/29
Signature Algorithm: sha256WithRSAEncryption
29:ca:5c:3c:e8:27:5e:8f:b6:df:40:fe:a1:79:77:ad:a7:18:
dc:73:57:b6:20:ef:15:bb:4b:e1:9c:47:9c:1c:6c:de:26:87:
b2:ff:b1:30:6c:e5:7c:63:1f:3a:ff:fd:ea:28:d6:c8:4b:46:
50:66:d4:df:ed:72:1b:93:6f:29:0d:d2:e9:f7:af:10:37:55:
d0:95:61:ab:e1:40:9c:e4:86:07:15:71:12:63:46:73:4d:5a:
4f:f9:96:f1:fb:f2:fa:32:aa:5f:2a:7d:af:34:2f:46:4e:e9:
96:69:68:74:c1:23:dd:d8:eb:95:2b:53:91:55:95:96:93:e3:
38:b0:b4:50:0d:a9:ee:92:c2:e4:ca:6c:90:51:3c:34:96:8c:
c5:b7:91:95:e2:4f:45:54:82:72:20:40:6c:d3:43:dd:d7:af:
34:69:3c:1f:e3:40:cf:58:c9:a1:56:75:da:d5:46:94:a4:fe:
8c:e8:83:60:91:b8:cb:86:d3:eb:41:6c:e3:9d:5e:47:64:b3:
61:e4:5e:dd:9d:41:2a:8a:21:37:e8:f6:c2:46:9a:91:70:9e:
e8:6c:29:fe:6a:14:49:ab:1e:0f:2d:06:4d:54:88:ba:b5:c6:
2c:a5:73:fc:00:3a:2e:e6:23:41:81:5d:7b:06:11:ad:dd:61:
09:55:f6:7c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYjZD0bKbp+xi6MBeqxLYTRrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlZjM4ZjQ4NTY4ODMzYTVmNzE1N2VlZjU5Nzg3ODMzYTAx
ZjUzZjUwHhcNMjMwNjIwMTM0NzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzlhNjJjMjI5ODg0NzhmZWFkZWI3M2E3MTQ0OWM4YjliODRiODMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAum+tJnuPVNh4ACDqReG8bNMXbQXq
cqV/8nx1P4OCjzaMq/Bhna4bflaUahmF4Wr2tBCCf1XM0Mbcjo4CV9UgIV+YV9Ze
Aac+x9RjkcByCcdP68WgoOQtrG3mFtbOu0O7BAtgm9c83R5Ayma0phgxLxZaJ/tJ
c9moPltUGZTXoU2RK5PdtECXIbwEpiRgnBfmy6a6nZEWJ/VnAlePrIiht6NgPCt8
/NIIMoSsuLUQME+/td5cx5neS/TSXwCT0X0JzOVQQlA+DGWgz48GPU8NtxB0MVYb
b7W5aC3+/TMDjaQuoTonA6kkkxvp2yNoaPzpA5PCgRCyIEyg+fae/1480wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFOaYsIpiEeP6t63OnFEnIubhLgzMB8GA1UdIwQY
MBaAFM7zj0hWiDOl9xV+71l4eDOgH1P1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenZPUFNGYUlNNlgzRlg3dldYaDRNNkFmVV9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9lMTBhYmUtNDE0OC00NTFiLTk0ZjUt
Zjk1YzYwOTdhNTBkLzEvVTVwaXdpbUlSNF9xM3JjNmNVU2NpNXVFdURNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9lMTBhYmUtNDE0OC00NTFiLTk0ZjUtZjk1YzYwOTdhNTBk
LzEvenZPUFNGYUlNNlgzRlg3dldYaDRNNkFmVV9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVw8MA0E
AgACMAcDBQMqBe9AMA0GCSqGSIb3DQEBCwUAA4IBAQApylw86Cdej7bfQP6heXet
pxjcc1e2IO8Vu0vhnEecHGzeJoey/7EwbOV8Yx86//3qKNbIS0ZQZtTf7XIbk28p
DdLp968QN1XQlWGr4UCc5IYHFXESY0ZzTVpP+Zbx+/L6MqpfKn2vNC9GTumWaWh0
wSPd2OuVK1ORVZWWk+M4sLRQDanuksLkymyQUTw0lozFt5GV4k9FVIJyIEBs00Pd
1680aTwf40DPWMmhVnXa1UaUpP6M6INgkbjLhtPrQWzjnV5HZLNh5F7dnUEqiiE3
6PbCRpqRcJ7obCn+ahRJqx4PLQZNVIi6tcYspXP8ADou5iNBgV17BhGt3WEJVfZ8
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:39:38 2025 by rpki-client