Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/d20b8c-9fac-41f7-9e79-c410062d4d52/1/UVMUe-NeIJyB6IYH89yCL-V47WE.roa
File: UVMUe-NeIJyB6IYH89yCL-V47WE.roa (raw, json)
Hash identifier: voX2BgYt6k/yWCyq9Bp0REuSw6XQ1b4xqM1chpYhvHs=
Subject key identifier: 51:53:14:7B:E3:5E:20:9C:81:E8:86:07:F3:DC:82:2F:E5:78:ED:61
Certificate issuer: /CN=89927787472a7cbdd97dfdb4f53b74efb3bbbc5b
Certificate serial: 01856CA5D6153BED90FCF06E790F649707A5
Authority key identifier: 89:92:77:87:47:2A:7C:BD:D9:7D:FD:B4:F5:3B:74:EF:B3:BB:BC:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iZJ3h0cqfL3Zff209Tt077O7vFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/d20b8c-9fac-41f7-9e79-c410062d4d52/1/UVMUe-NeIJyB6IYH89yCL-V47WE.roa
Signing time: Sun 01 Jan 2023 09:24:45 +0000
ROA not before: Sun 01 Jan 2023 09:24:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201129
IP address blocks: 2001:67c:2d84::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:a5:d6:15:3b:ed:90:fc:f0:6e:79:0f:64:97:07:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89927787472a7cbdd97dfdb4f53b74efb3bbbc5b
Validity
Not Before: Jan 1 09:24:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5153147be35e209c81e88607f3dc822fe578ed61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:51:6e:48:90:a1:7e:6b:33:8c:de:ee:a7:b1:
f4:d2:21:9f:bf:6a:c8:cb:df:40:5e:e0:6d:6e:58:
39:d1:ca:aa:a9:4a:1a:ae:00:42:d2:8b:5b:1c:ef:
c3:4b:2d:41:55:3e:28:fd:56:01:47:eb:bb:65:30:
9f:2d:12:a5:94:39:83:ca:a7:88:28:d3:40:21:16:
84:c7:80:03:1f:b6:94:10:97:46:b5:13:17:c5:01:
6d:a1:ef:48:16:b4:c2:63:28:54:a7:6e:3f:59:e3:
0c:67:9b:a9:70:c3:f0:5b:75:d1:62:0e:bf:c3:03:
3a:c8:ae:bd:13:cb:f1:22:ae:f4:36:b9:a3:d9:c5:
65:b2:3e:5b:1f:f4:68:30:02:60:67:3a:af:95:20:
c4:6d:9c:cd:95:e1:b2:ee:3e:50:e0:40:95:cb:a0:
71:02:ea:aa:b9:4d:b2:fa:2d:02:f0:f9:90:8e:29:
ea:e4:f8:8d:31:30:ad:5e:32:92:fe:fd:55:cd:ce:
d0:4f:98:67:cc:d8:1a:2f:31:51:ea:89:ac:5a:0f:
19:66:fe:df:31:f2:fd:aa:7c:55:b1:76:2d:e4:b7:
85:41:1c:3e:11:6e:b7:8f:0b:7e:ce:19:cd:a9:af:
7e:78:67:86:1e:86:ff:92:63:f2:91:c4:d3:37:af:
23:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:53:14:7B:E3:5E:20:9C:81:E8:86:07:F3:DC:82:2F:E5:78:ED:61
X509v3 Authority Key Identifier:
keyid:89:92:77:87:47:2A:7C:BD:D9:7D:FD:B4:F5:3B:74:EF:B3:BB:BC:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iZJ3h0cqfL3Zff209Tt077O7vFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/d20b8c-9fac-41f7-9e79-c410062d4d52/1/UVMUe-NeIJyB6IYH89yCL-V47WE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/d20b8c-9fac-41f7-9e79-c410062d4d52/1/iZJ3h0cqfL3Zff209Tt077O7vFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2d84::/48
Signature Algorithm: sha256WithRSAEncryption
03:c5:92:e0:cd:4c:e1:a2:8e:07:3e:fe:e5:24:22:d3:87:9a:
82:7e:37:2c:ef:9f:e4:2c:87:f7:9a:6f:3d:ef:0e:e3:88:ec:
5a:fb:96:22:04:2e:be:f2:6b:b8:22:ba:2a:c8:dc:95:6e:37:
54:40:06:b0:9e:06:57:08:4b:8a:d8:07:87:74:9f:7c:4b:d0:
6f:47:da:b5:3e:f0:83:df:f5:bb:58:f2:af:10:c6:aa:ed:38:
12:bb:5e:04:b1:4e:7b:a7:60:7b:44:dd:2d:fe:d3:3e:23:9f:
53:66:9e:c1:3c:90:c8:e7:de:d8:4b:4b:42:9a:af:d5:89:86:
23:51:38:ba:21:78:67:62:1f:6d:45:0a:56:3e:10:db:ea:09:
cb:e3:be:2f:a4:ff:fd:ec:26:7c:e0:64:c6:3d:5c:11:b9:ad:
17:40:49:32:19:d5:0f:08:68:c9:bf:8e:d6:27:dd:d4:86:cc:
71:8a:bf:f0:04:ef:1f:f0:52:59:7e:7b:d5:c0:b9:b1:18:6e:
02:6d:82:7d:55:16:40:c1:c7:99:48:dd:8a:8b:4f:00:5a:8d:
ab:e5:11:26:17:83:b9:e6:c2:10:5b:94:79:aa:fd:9b:1e:2a:
de:b2:f5:a7:2b:7b:7e:01:c6:ec:74:46:81:ea:a5:6c:88:2d:
af:4b:29:1e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVspdYVO+2Q/PBueQ9klwelMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5OTI3Nzg3NDcyYTdjYmRkOTdkZmRiNGY1M2I3NGVmYjNi
YmJjNWIwHhcNMjMwMTAxMDkyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTUzMTQ3YmUzNWUyMDljODFlODg2MDdmM2RjODIyZmU1NzhlZDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylFuSJChfmszjN7up7H00iGfv2rI
y99AXuBtblg50cqqqUoargBC0otbHO/DSy1BVT4o/VYBR+u7ZTCfLRKllDmDyqeI
KNNAIRaEx4ADH7aUEJdGtRMXxQFtoe9IFrTCYyhUp24/WeMMZ5upcMPwW3XRYg6/
wwM6yK69E8vxIq70Nrmj2cVlsj5bH/RoMAJgZzqvlSDEbZzNleGy7j5Q4ECVy6Bx
AuqquU2y+i0C8PmQjinq5PiNMTCtXjKS/v1Vzc7QT5hnzNgaLzFR6omsWg8ZZv7f
MfL9qnxVsXYt5LeFQRw+EW63jwt+zhnNqa9+eGeGHob/kmPykcTTN68j2wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFFTFHvjXiCcgeiGB/Pcgi/leO1hMB8GA1UdIwQY
MBaAFImSd4dHKny92X39tPU7dO+zu7xbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVpKM2gwY3FmTDNaZmYyMDlUdDA3N083dkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9kMjBiOGMtOWZhYy00MWY3LTllNzkt
YzQxMDA2MmQ0ZDUyLzEvVVZNVWUtTmVJSnlCNklZSDg5eUNMLVY0N1dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9kMjBiOGMtOWZhYy00MWY3LTllNzktYzQxMDA2MmQ0ZDUy
LzEvaVpKM2gwY3FmTDNaZmYyMDlUdDA3N083dkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfC2E
MA0GCSqGSIb3DQEBCwUAA4IBAQADxZLgzUzhoo4HPv7lJCLTh5qCfjcs75/kLIf3
mm897w7jiOxa+5YiBC6+8mu4IroqyNyVbjdUQAawngZXCEuK2AeHdJ98S9BvR9q1
PvCD3/W7WPKvEMaq7TgSu14EsU57p2B7RN0t/tM+I59TZp7BPJDI597YS0tCmq/V
iYYjUTi6IXhnYh9tRQpWPhDb6gnL474vpP/97CZ84GTGPVwRua0XQEkyGdUPCGjJ
v47WJ93Uhsxxir/wBO8f8FJZfnvVwLmxGG4CbYJ9VRZAwceZSN2Ki08AWo2r5REm
F4O55sIQW5R5qv2bHiresvWnK3t+AcbsdEaB6qVsiC2vSyke
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:32 2025 by rpki-client