Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/b9e6df-da8f-4491-8fe4-5245b135221b/1/ua5PpsmCUN9_trs3I3Or8SMvaT4.roa
File: ua5PpsmCUN9_trs3I3Or8SMvaT4.roa (raw, json)
Hash identifier: Ae3y9b8NoVDnW5hXgWcy2OoOVQxq51sf/vPJpGmCza0=
Subject key identifier: B9:AE:4F:A6:C9:82:50:DF:7F:B6:BB:37:23:73:AB:F1:23:2F:69:3E
Certificate issuer: /CN=28851c6fc6eb3816e116c8a4a851d0d178c90f31
Certificate serial: 01857082A5017F87991A10B32741DB881DF7
Authority key identifier: 28:85:1C:6F:C6:EB:38:16:E1:16:C8:A4:A8:51:D0:D1:78:C9:0F:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KIUcb8brOBbhFsikqFHQ0XjJDzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/b9e6df-da8f-4491-8fe4-5245b135221b/1/ua5PpsmCUN9_trs3I3Or8SMvaT4.roa
Signing time: Mon 02 Jan 2023 03:24:48 +0000
ROA not before: Mon 02 Jan 2023 03:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6939
IP address blocks: 188.241.145.0/24 maxlen: 24
2a00:a900:7afe::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:a5:01:7f:87:99:1a:10:b3:27:41:db:88:1d:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28851c6fc6eb3816e116c8a4a851d0d178c90f31
Validity
Not Before: Jan 2 03:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b9ae4fa6c98250df7fb6bb372373abf1232f693e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:03:8b:e5:e4:5e:26:ac:b5:89:4c:4b:d7:c0:
73:5a:ec:2f:3f:80:c8:df:2b:56:db:23:91:af:29:
1f:0a:97:cc:ba:59:a0:7b:ae:6f:c4:0d:36:ec:a6:
c0:41:62:d9:e8:80:fa:ca:ed:0b:2d:8d:28:56:ec:
c1:60:62:d2:4a:ad:61:0f:9c:87:9b:3b:00:ff:b8:
9d:ce:f6:78:a5:4c:a2:2b:52:a5:08:d1:d6:89:01:
5b:31:2e:79:08:ef:a1:61:52:86:f1:48:db:99:88:
d9:97:96:4d:5f:c7:ee:c6:39:0a:f9:e4:69:6c:36:
10:9e:9d:00:a4:f0:76:bc:0c:ae:24:87:22:25:ef:
0b:b2:e9:0a:5d:bf:3d:e6:89:9e:ad:09:38:7b:76:
b8:dd:d4:1a:2e:0b:82:be:43:fe:ef:33:85:40:78:
ea:a4:3f:7e:f1:1a:5c:c9:49:a2:6e:60:7d:e1:1d:
1c:07:ff:8b:ca:fc:3f:3b:b4:62:4d:e5:7f:9e:29:
9b:03:d9:c6:88:2f:d6:8a:ac:aa:a5:21:98:d3:72:
d3:e5:3d:c6:86:60:0f:5f:e0:71:c4:98:65:a3:f1:
76:9b:b9:45:80:38:f2:0b:a7:5c:4a:df:82:f5:dd:
26:4f:e9:64:a3:49:ad:5c:1d:90:f3:22:6d:a0:de:
49:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:AE:4F:A6:C9:82:50:DF:7F:B6:BB:37:23:73:AB:F1:23:2F:69:3E
X509v3 Authority Key Identifier:
keyid:28:85:1C:6F:C6:EB:38:16:E1:16:C8:A4:A8:51:D0:D1:78:C9:0F:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KIUcb8brOBbhFsikqFHQ0XjJDzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b9e6df-da8f-4491-8fe4-5245b135221b/1/ua5PpsmCUN9_trs3I3Or8SMvaT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b9e6df-da8f-4491-8fe4-5245b135221b/1/KIUcb8brOBbhFsikqFHQ0XjJDzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.241.145.0/24
IPv6:
2a00:a900:7afe::/48
Signature Algorithm: sha256WithRSAEncryption
b6:f6:44:9d:a6:dc:4c:21:4c:82:95:10:f6:9b:42:23:fb:d7:
ad:56:75:e4:18:e4:3c:ff:9b:1f:ab:9b:c7:6b:12:70:51:bc:
62:e1:b8:67:d7:a0:d5:53:14:09:1f:dc:fe:5d:9e:b6:e3:dd:
32:c6:d8:25:43:b2:9a:85:fe:02:5f:c0:9f:c9:4e:07:8b:ad:
34:53:84:c7:6f:39:6c:e2:94:e7:7c:5b:1e:64:5b:13:89:f0:
c8:c0:bf:30:af:b9:50:5f:90:61:11:28:cb:1a:5a:29:aa:31:
f6:ee:de:5d:2f:d8:94:34:b6:1a:34:93:77:c5:d7:2c:0b:bc:
8f:71:9b:5e:39:18:45:83:50:e9:b6:c9:e7:d8:2e:ba:8f:98:
7c:4a:7a:ee:9f:d7:9e:f3:84:fe:b8:1e:5b:b1:f3:7a:7c:06:
64:c1:03:06:f2:fb:e6:fe:a2:67:c5:e9:57:7d:fa:74:7a:f5:
aa:db:99:6b:69:af:16:cc:e7:06:a4:35:a6:53:e4:a8:e5:b2:
90:86:5b:38:67:bc:0a:68:c0:20:66:7a:d0:4d:9f:6c:d1:60:
d0:b7:34:fb:1a:ca:ae:18:b3:a9:4b:68:7b:17:96:e7:bc:5e:
c3:38:c1:1b:a2:62:3b:51:d5:9e:2c:e4:7e:53:e4:cf:6d:7f:
aa:42:60:c4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVwgqUBf4eZGhCzJ0HbiB33MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ODUxYzZmYzZlYjM4MTZlMTE2YzhhNGE4NTFkMGQxNzhj
OTBmMzEwHhcNMjMwMTAyMDMyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWFlNGZhNmM5ODI1MGRmN2ZiNmJiMzcyMzczYWJmMTIzMmY2OTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAggOL5eReJqy1iUxL18BzWuwvP4DI
3ytW2yORrykfCpfMulmge65vxA027KbAQWLZ6ID6yu0LLY0oVuzBYGLSSq1hD5yH
mzsA/7idzvZ4pUyiK1KlCNHWiQFbMS55CO+hYVKG8UjbmYjZl5ZNX8fuxjkK+eRp
bDYQnp0ApPB2vAyuJIciJe8LsukKXb895omerQk4e3a43dQaLguCvkP+7zOFQHjq
pD9+8RpcyUmibmB94R0cB/+Lyvw/O7RiTeV/nimbA9nGiC/WiqyqpSGY03LT5T3G
hmAPX+BxxJhlo/F2m7lFgDjyC6dcSt+C9d0mT+lko0mtXB2Q8yJtoN5JtwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLmuT6bJglDff7a7NyNzq/EjL2k+MB8GA1UdIwQY
MBaAFCiFHG/G6zgW4RbIpKhR0NF4yQ8xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0lVY2I4YnJPQmJoRnNpa3FGSFEwWGpKRHpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9iOWU2ZGYtZGE4Zi00NDkxLThmZTQt
NTI0NWIxMzUyMjFiLzEvdWE1UHBzbUNVTjlfdHJzM0kzT3I4U012YVQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9iOWU2ZGYtZGE4Zi00NDkxLThmZTQtNTI0NWIxMzUyMjFi
LzEvS0lVY2I4YnJPQmJoRnNpa3FGSFEwWGpKRHpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAvPGRMA8E
AgACMAkDBwAqAKkAev4wDQYJKoZIhvcNAQELBQADggEBALb2RJ2m3EwhTIKVEPab
QiP7161WdeQY5Dz/mx+rm8drEnBRvGLhuGfXoNVTFAkf3P5dnrbj3TLG2CVDspqF
/gJfwJ/JTgeLrTRThMdvOWzilOd8Wx5kWxOJ8MjAvzCvuVBfkGERKMsaWimqMfbu
3l0v2JQ0tho0k3fF1ywLvI9xm145GEWDUOm2yefYLrqPmHxKeu6f157zhP64Hlux
83p8BmTBAwby++b+omfF6Vd9+nR69arbmWtprxbM5wakNaZT5KjlspCGWzhnvApo
wCBmetBNn2zRYNC3NPsayq4Ys6lLaHsXlue8XsM4wRuiYjtR1Z4s5H5T5M9tf6pC
YMQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:41 2025 by rpki-client