Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/e13b1c-7553-42cf-b8c5-ca10a488c715/1/cUPgIcarLpG44lFA3pvd7GrvxNI.roa
File: cUPgIcarLpG44lFA3pvd7GrvxNI.roa (raw, json)
Hash identifier: BnGeZ628PLCvuaX5Iibe06IuQ0eCzwDvbc4RFD3kvHw=
Subject key identifier: 71:43:E0:21:C6:AB:2E:91:B8:E2:51:40:DE:9B:DD:EC:6A:EF:C4:D2
Certificate issuer: /CN=8f9be82475d25808e214e9a5ca2791347c11dab6
Certificate serial: 0FA97140
Authority key identifier: 8F:9B:E8:24:75:D2:58:08:E2:14:E9:A5:CA:27:91:34:7C:11:DA:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j5voJHXSWAjiFOmlyieRNHwR2rY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/e13b1c-7553-42cf-b8c5-ca10a488c715/1/cUPgIcarLpG44lFA3pvd7GrvxNI.roa
Signing time: Sat 01 Jan 2022 09:00:46 +0000
ROA not before: Sat 01 Jan 2022 09:00:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198794
IP address blocks: 91.239.100.0/24 maxlen: 24
2001:67c:28a4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 262762816 (0xfa97140)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f9be82475d25808e214e9a5ca2791347c11dab6
Validity
Not Before: Jan 1 09:00:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7143e021c6ab2e91b8e25140de9bddec6aefc4d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:d5:0e:b4:52:2e:2c:57:e5:9a:8f:fb:6c:3d:
e2:b4:2e:bf:a7:e2:d6:ff:30:dc:3a:23:ed:4e:59:
b1:30:db:03:02:2d:14:53:cd:95:95:7e:00:dd:64:
35:cd:3f:f5:0e:95:80:c1:3b:e3:fc:05:9e:76:23:
43:b5:7b:87:71:13:6a:ca:10:6f:44:5e:95:b0:03:
80:89:07:3d:91:b1:f4:6c:d4:90:db:6d:cd:b2:78:
22:84:87:41:44:8f:1b:0c:77:74:1d:18:ab:89:f3:
66:2e:43:e1:f9:11:8b:80:6b:85:57:d0:2a:d3:a7:
0d:9c:3a:4c:67:a2:a1:42:19:a2:5f:04:28:67:87:
3c:42:55:f3:ac:50:f8:74:5a:cd:41:60:40:d1:cc:
7d:89:4d:16:fc:6f:fa:0f:34:f4:5e:77:31:10:23:
4d:28:9e:34:50:56:26:17:de:b3:5f:ba:ba:5e:46:
24:a6:78:d5:6a:db:29:61:2b:28:95:94:ac:39:40:
f2:0e:0f:d1:4e:05:9c:88:13:16:01:5e:31:d7:5d:
82:d8:17:0a:4a:6a:5d:61:15:d1:5b:42:14:99:7d:
ed:95:f6:22:53:7e:09:75:c5:7a:8a:0a:d8:42:cf:
e4:99:c8:88:f8:8a:28:58:19:a2:0e:08:10:06:b7:
d5:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:43:E0:21:C6:AB:2E:91:B8:E2:51:40:DE:9B:DD:EC:6A:EF:C4:D2
X509v3 Authority Key Identifier:
keyid:8F:9B:E8:24:75:D2:58:08:E2:14:E9:A5:CA:27:91:34:7C:11:DA:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j5voJHXSWAjiFOmlyieRNHwR2rY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/e13b1c-7553-42cf-b8c5-ca10a488c715/1/cUPgIcarLpG44lFA3pvd7GrvxNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/e13b1c-7553-42cf-b8c5-ca10a488c715/1/j5voJHXSWAjiFOmlyieRNHwR2rY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.100.0/24
IPv6:
2001:67c:28a4::/48
Signature Algorithm: sha256WithRSAEncryption
ad:f7:88:d3:60:68:e6:68:40:cc:f9:31:b5:86:ca:4b:89:0c:
86:12:28:1e:55:7e:61:7b:c7:b2:8f:c4:ea:eb:e5:b5:cc:0f:
d3:ec:a8:aa:a7:8f:62:0b:79:6a:63:22:80:d7:1e:ab:93:90:
6e:f3:9e:d3:6d:4d:77:67:2d:31:46:eb:a8:cc:15:2a:f5:ba:
31:95:e6:55:1e:37:18:c1:c3:aa:18:19:33:63:8d:85:26:5d:
7a:c4:f8:2f:49:39:f3:d3:4f:cc:fc:8b:1f:f0:35:db:67:e4:
e2:f4:84:46:3b:cf:f2:e7:6e:da:0c:95:0b:e1:c8:58:f5:7b:
fd:69:be:dd:5e:b6:7d:3c:73:b9:e3:54:77:28:1e:64:1f:0a:
25:f2:59:1a:a9:bf:43:7c:92:e2:c3:ab:3f:37:10:0a:6f:d8:
bb:94:27:98:6a:ad:9d:ec:f2:05:91:c4:72:ff:3d:30:d5:34:
08:9b:94:63:66:14:02:b9:5b:76:2e:5e:a4:0b:e5:98:34:e1:
2c:4f:2e:3d:d0:ac:35:67:19:be:b6:f0:78:34:b2:b3:3b:5e:
2e:85:66:f2:75:50:41:a6:88:9a:09:ba:c5:86:a8:ea:75:4f:
d3:ba:9c:3d:fe:89:7e:a9:36:37:8d:c5:23:1f:a3:4a:f3:51:
81:8e:ca:d3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIED6lxQDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZjliZTgyNDc1ZDI1ODA4ZTIxNGU5YTVjYTI3OTEzNDdjMTFkYWI2MB4XDTIyMDEw
MTA5MDA0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzE0M2UwMjFjNmFi
MmU5MWI4ZTI1MTQwZGU5YmRkZWM2YWVmYzRkMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANvVDrRSLixX5ZqP+2w94rQuv6fi1v8w3Doj7U5ZsTDbAwIt
FFPNlZV+AN1kNc0/9Q6VgME74/wFnnYjQ7V7h3ETasoQb0RelbADgIkHPZGx9GzU
kNttzbJ4IoSHQUSPGwx3dB0Yq4nzZi5D4fkRi4BrhVfQKtOnDZw6TGeioUIZol8E
KGeHPEJV86xQ+HRazUFgQNHMfYlNFvxv+g809F53MRAjTSieNFBWJhfes1+6ul5G
JKZ41WrbKWErKJWUrDlA8g4P0U4FnIgTFgFeMdddgtgXCkpqXWEV0VtCFJl97ZX2
IlN+CXXFeooK2ELP5JnIiPiKKFgZog4IEAa31RkCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBRxQ+AhxqsukbjiUUDem93sau/E0jAfBgNVHSMEGDAWgBSPm+gkddJYCOIU
6aXKJ5E0fBHatjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2o1dm9KSFhTV0FqaUZPbWx5aWVSTkh3UjJyWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTYvZTEzYjFjLTc1NTMtNDJjZi1iOGM1LWNhMTBhNDg4YzcxNS8x
L2NVUGdJY2FyTHBHNDRsRkEzcHZkN0dydnhOSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTYv
ZTEzYjFjLTc1NTMtNDJjZi1iOGM1LWNhMTBhNDg4YzcxNS8xL2o1dm9KSFhTV0Fq
aUZPbWx5aWVSTkh3UjJyWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAFvvZDAPBAIAAjAJAwcAIAEGfCik
MA0GCSqGSIb3DQEBCwUAA4IBAQCt94jTYGjmaEDM+TG1hspLiQyGEigeVX5he8ey
j8Tq6+W1zA/T7Kiqp49iC3lqYyKA1x6rk5Bu857TbU13Zy0xRuuozBUq9boxleZV
HjcYwcOqGBkzY42FJl16xPgvSTnz00/M/Isf8DXbZ+Ti9IRGO8/y527aDJUL4chY
9Xv9ab7dXrZ9PHO541R3KB5kHwol8lkaqb9DfJLiw6s/NxAKb9i7lCeYaq2d7PIF
kcRy/z0w1TQIm5RjZhQCuVt2Ll6kC+WYNOEsTy490Kw1Zxm+tvB4NLKzO14uhWby
dVBBpoiaCbrFhqjqdU/Tupw9/ol+qTY3jcUjH6NK81GBjsrT
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:32 2025 by rpki-client